@pafi-dev/issuer 0.5.41 → 0.5.43

package/dist/index.js

@@ -570,15 +570,13 @@ var RelayService = class {
     });
   }
   /**
-   * Build an unsigned UserOp for Scenario 2 (Burn/Redeem).
+   * Build an unsigned UserOp for Scenario 2 (Burn/Redeem) — sig-gated
+   * `PointToken.burn(from, amount, deadline, burnerSig)`. Caller
+   * provides a pre-signed `BurnRequest` + sig bytes (typically from
+   * `PTRedeemHandler`).
    *
-   * Two modes:
-   *   - `mode: 'burn'` — direct `PointToken.burn(from, amount)`; only
-   *     usable if the caller (via EIP-7702) is whitelisted as a burner.
-   *     Rare in v1.4; kept for admin/operator tools.
-   *   - `mode: 'burnWithSig'` — `PointToken.burn(from, amount, deadline,
-   *     burnerSig)`. Caller provides a pre-signed `BurnRequest` + sig
-   *     bytes (typically from `PTRedeemHandler`).
+   * Direct burn (no sig) was dropped in v1.4 — every burn now goes
+   * through the issuer-signed `BurnRequest` path.
    */
   async prepareBurn(params) {
     if (!params.pointTokenAddress) {
@@ -590,29 +588,24 @@ var RelayService = class {
         "prepareBurn: batchExecutorAddress required"
       );
     }
+    if (!params.burnRequest || !params.burnerSignature) {
+      throw new RelayError(
+        "ENCODE_FAILED",
+        "prepareBurn: burnRequest + burnerSignature required"
+      );
+    }
     let burnCallData;
     try {
-      if (params.mode === "burnWithSig") {
-        if (!params.burnRequest || !params.burnerSignature) {
-          throw new Error("burnWithSig requires burnRequest + burnerSignature");
-        }
-        burnCallData = encodeFunctionData({
-          abi: POINT_TOKEN_V2_ABI,
-          functionName: "burn",
-          args: [
-            params.burnRequest.from,
-            params.burnRequest.amount,
-            params.burnRequest.deadline,
-            params.burnerSignature
-          ]
-        });
-      } else {
-        burnCallData = encodeFunctionData({
-          abi: POINT_TOKEN_V2_ABI,
-          functionName: "burn",
-          args: [params.userAddress, params.amount]
-        });
-      }
+      burnCallData = encodeFunctionData({
+        abi: POINT_TOKEN_V2_ABI,
+        functionName: "burn",
+        args: [
+          params.burnRequest.from,
+          params.burnRequest.amount,
+          params.burnRequest.deadline,
+          params.burnerSignature
+        ]
+      });
     } catch (err) {
       throw new RelayError(
         "ENCODE_FAILED",
@@ -1069,7 +1062,6 @@ import {
   getMintRequestNonce,
   getPointTokenBalance,
   getReceiverConsentNonce,
-  getTokenName,
   isMinter
 } from "@pafi-dev/core";
 var IssuerApiHandlers = class {
@@ -1086,7 +1078,6 @@ var IssuerApiHandlers = class {
   pafiWebUrl;
   feeManager;
   poolsProvider;
-  claim;
   constructor(config) {
     this.authService = config.authService;
     this.ledger = config.ledger;
@@ -1104,7 +1095,6 @@ var IssuerApiHandlers = class {
     if (config.pafiWebUrl) this.pafiWebUrl = config.pafiWebUrl;
     if (config.feeManager) this.feeManager = config.feeManager;
     if (config.poolsProvider) this.poolsProvider = config.poolsProvider;
-    if (config.claim) this.claim = config.claim;
   }
   // =========================================================================
   // Public handlers (no auth required)
@@ -1238,91 +1228,9 @@ var IssuerApiHandlers = class {
       isMinter: minter
     };
   }
-  /**
-   * `POST /claim`
-   *
-   * Policy gate + ledger lock + MintRequest signing in a single atomic
-   * step. Returns an unsigned UserOp the frontend attaches paymaster data
-   * to and submits via EIP-7702 + Bundler.
-   *
-   * Order of operations:
-   *   1. Validate request fields.
-   *   2. policy.evaluate() — throws if denied; cannot be bypassed.
-   *   3. ledger.lockForMinting() — reserves the balance.
-   *   4. Read on-chain mintRequestNonce + token name in parallel.
-   *   5. relayService.prepareMint() — sign MintRequest + encode UserOp.
-   *   6. On any error after step 3, release the lock before re-throwing.
-   */
-  async handleClaim(userAddress, request) {
-    if (!this.claim) {
-      throw new Error("handleClaim: claim is not configured on this issuer");
-    }
-    if (request.chainId !== this.chainId) {
-      throw new Error(`handleClaim: unsupported chainId ${request.chainId}`);
-    }
-    const pointToken = getAddress5(request.pointTokenAddress);
-    if (!this.supportedTokens.has(pointToken)) {
-      throw new Error(`handleClaim: unsupported pointToken ${pointToken}`);
-    }
-    if (request.amount <= 0n) {
-      throw new Error("handleClaim: amount must be positive");
-    }
-    const nowSecs = BigInt(Math.floor(Date.now() / 1e3));
-    if (request.deadline <= nowSecs) {
-      throw new Error("handleClaim: deadline is in the past");
-    }
-    const { policy, relayService, issuerSignerWallet, batchExecutorAddress } = this.claim;
-    const lockDurationMs = this.claim.lockDurationMs ?? 15 * 60 * 1e3;
-    const normalizedUser = getAddress5(userAddress);
-    const decision = await policy.evaluate({
-      userAddress: normalizedUser,
-      amount: request.amount,
-      pointTokenAddress: pointToken,
-      chainId: this.chainId
-    });
-    if (!decision.approved) {
-      throw new Error(`handleClaim: policy denied \u2014 ${decision.reason ?? "no reason given"}`);
-    }
-    const lockId = await this.ledger.lockForMinting(
-      normalizedUser,
-      request.amount,
-      lockDurationMs,
-      pointToken
-    );
-    try {
-      const [mintRequestNonce, tokenName] = await Promise.all([
-        getMintRequestNonce(this.provider, pointToken, normalizedUser),
-        getTokenName(this.provider, pointToken)
-      ]);
-      const domain = {
-        name: tokenName,
-        verifyingContract: pointToken,
-        chainId: this.chainId
-      };
-      const userOp = await relayService.prepareMint({
-        userAddress: normalizedUser,
-        aaNonce: request.aaNonce,
-        batchExecutorAddress,
-        pointTokenAddress: pointToken,
-        amount: request.amount,
-        issuerSignerWallet,
-        domain,
-        mintRequestNonce,
-        deadline: request.deadline,
-        feeAmount: request.feeAmount,
-        feeRecipient: request.feeRecipient
-      });
-      return {
-        lockId,
-        userOp,
-        expiresInSeconds: Math.floor(lockDurationMs / 1e3)
-      };
-    } catch (err) {
-      await this.ledger.releaseLock(lockId).catch(() => {
-      });
-      throw err;
-    }
-  }
+  // Note: legacy `handleClaim` (sync sponsored-claim returning calls[]) was
+  // removed in 0.5.43 — callers should use `PTClaimHandler` directly or
+  // wire `IssuerApiAdapter.claim()` which composes the full flow.
 };
 
 // src/api/handlers/ptRedeemHandler.ts
@@ -1566,70 +1474,6 @@ var PTRedeemHandler = class {
   }
 };
 
-// src/api/handlers/topUpRedemptionHandler.ts
-import { getAddress as getAddress7 } from "viem";
-import { getPointTokenBalance as getPointTokenBalance3 } from "@pafi-dev/core";
-var TopUpRedemptionError = class extends Error {
-  constructor(code, message) {
-    super(message);
-    this.code = code;
-    this.name = "TopUpRedemptionError";
-  }
-  code;
-};
-var TopUpRedemptionHandler = class {
-  ledger;
-  ptRedeemHandler;
-  provider;
-  pointTokenAddress;
-  constructor(config) {
-    this.ledger = config.ledger;
-    this.ptRedeemHandler = config.ptRedeemHandler;
-    this.provider = config.provider;
-    this.pointTokenAddress = getAddress7(config.pointTokenAddress);
-  }
-  async handle(request) {
-    if (getAddress7(request.authenticatedAddress) !== getAddress7(request.userAddress)) {
-      throw new TopUpRedemptionError(
-        "UNAUTHORIZED",
-        `userAddress (${request.userAddress}) does not match authenticated session (${request.authenticatedAddress})`
-      );
-    }
-    const offChainBalance = await this.ledger.getBalance(
-      request.userAddress,
-      this.pointTokenAddress
-    );
-    if (offChainBalance >= request.requiredAmount) {
-      return { action: "NO_TOP_UP_NEEDED", offChainBalance };
-    }
-    const shortfall = request.requiredAmount - offChainBalance;
-    const onChainBalance = await getPointTokenBalance3(
-      this.provider,
-      this.pointTokenAddress,
-      request.userAddress
-    );
-    if (onChainBalance < shortfall) {
-      return {
-        action: "INSUFFICIENT_ONCHAIN",
-        offChainBalance,
-        onChainBalance,
-        shortfall
-      };
-    }
-    const redeem = await this.ptRedeemHandler.handle({
-      authenticatedAddress: request.authenticatedAddress,
-      userAddress: request.userAddress,
-      amount: shortfall,
-      aaNonce: request.aaNonce
-    });
-    return {
-      action: "TOP_UP_STARTED",
-      shortfall,
-      redeem
-    };
-  }
-};
-
 // src/api/statusHandlers.ts
 var LockNotFoundError = class extends PafiSdkError {
   code = "LOCK_NOT_FOUND";
@@ -1731,7 +1575,7 @@ async function handleRedeemStatus(params) {
 }
 
 // src/api/mobileHandlers.ts
-import { getAddress as getAddress8 } from "viem";
+import { getAddress as getAddress7 } from "viem";
 import {
   ENTRY_POINT_V08,
   parseEip7702DelegatedAddress
@@ -1780,6 +1624,33 @@ function serializeEntryToJsonRpc(entry, signature, variant = "sponsored") {
   );
 }
 
+// src/userop-store/memoryStore.ts
+var MemoryPendingUserOpStore = class {
+  entries = /* @__PURE__ */ new Map();
+  now;
+  constructor(now = () => Date.now()) {
+    this.now = now;
+  }
+  async save(lockId, entry, ttlSeconds) {
+    this.entries.set(lockId, {
+      entry,
+      expiresAt: this.now() + ttlSeconds * 1e3
+    });
+  }
+  async get(lockId) {
+    const hit = this.entries.get(lockId);
+    if (!hit) return null;
+    if (hit.expiresAt <= this.now()) {
+      this.entries.delete(lockId);
+      return null;
+    }
+    return hit.entry;
+  }
+  async delete(lockId) {
+    this.entries.delete(lockId);
+  }
+};
+
 // src/userop-store/prepareUserOp.ts
 import {
   buildUserOpTypedData,
@@ -2001,7 +1872,7 @@ async function handleMobileSubmit(params) {
   if (!entry) {
     throw new PendingUserOpNotFoundError(params.lockId);
   }
-  if (getAddress8(entry.sender) !== getAddress8(params.authenticatedAddress)) {
+  if (getAddress7(entry.sender) !== getAddress7(params.authenticatedAddress)) {
     throw new PendingUserOpForbiddenError(params.lockId);
   }
   const variant = params.variant ?? "sponsored";
@@ -2017,7 +1888,7 @@ async function handleMobileSubmit(params) {
 }
 
 // src/api/handlers/ptClaimHandler.ts
-import { getAddress as getAddress9 } from "viem";
+import { getAddress as getAddress8 } from "viem";
 import {
   decodeBatchExecuteCalls,
   getContractAddresses as getContractAddresses3
@@ -2061,7 +1932,7 @@ var PTClaimHandler = class {
     };
   }
   async handle(request) {
-    if (getAddress9(request.authenticatedAddress) !== getAddress9(request.userAddress)) {
+    if (getAddress8(request.authenticatedAddress) !== getAddress8(request.userAddress)) {
       throw new PTClaimError(
         "VALIDATION_FAILED",
         `userAddress (${request.userAddress}) does not match authenticated session (${request.authenticatedAddress})`
@@ -2594,7 +2465,7 @@ function createSdkErrorMapper(factories) {
 }
 
 // src/api/issuerApiAdapter.ts
-import { getAddress as getAddress10 } from "viem";
+import { getAddress as getAddress9 } from "viem";
 import {
   buildAndSignSponsorAuth,
   computeAuthorizationHash,
@@ -2624,7 +2495,7 @@ var IssuerApiAdapter = class {
   async pools(authenticatedAddress, chainId, pointTokenAddress) {
     const result = await this.cfg.issuerService.api.handlePools(
       authenticatedAddress,
-      { chainId, pointTokenAddress: getAddress10(pointTokenAddress) }
+      { chainId, pointTokenAddress: getAddress9(pointTokenAddress) }
     );
     return { pools: result.pools };
   }
@@ -2633,8 +2504,8 @@ var IssuerApiAdapter = class {
       authenticatedAddress,
       {
         chainId,
-        userAddress: getAddress10(userAddress),
-        pointTokenAddress: getAddress10(pointTokenAddress)
+        userAddress: getAddress9(userAddress),
+        pointTokenAddress: getAddress9(pointTokenAddress)
       }
     );
     return {
@@ -2652,13 +2523,13 @@ var IssuerApiAdapter = class {
       this.cfg.issuerService.api.handleGasFee(),
       this.cfg.issuerService.api.handlePools(authenticatedAddress, {
         chainId,
-        pointTokenAddress: getAddress10(pointTokenAddress)
+        pointTokenAddress: getAddress9(pointTokenAddress)
       })
     ]);
     const quote = await quotePointTokenToUsdt({
       provider: this.cfg.provider,
       chainId,
-      pointTokenAddress: getAddress10(pointTokenAddress),
+      pointTokenAddress: getAddress9(pointTokenAddress),
       pointAmount,
       pools: poolsResult.pools,
       gasFeeUsdt: gasFeeResult.gasFeeUsdt
@@ -2677,8 +2548,13 @@ var IssuerApiAdapter = class {
   }
   // ------------------------------ Action endpoints -------------------------
   async claim(input) {
-    const pointTokenAddress = getAddress10(input.pointTokenAddress);
-    const result = await this.cfg.ptClaimHandler.handle({
+    const ptClaimHandler = this.assertHandler(
+      this.cfg.ptClaimHandler,
+      "ptClaimHandler",
+      "claim"
+    );
+    const pointTokenAddress = getAddress9(input.pointTokenAddress);
+    const result = await ptClaimHandler.handle({
       authenticatedAddress: input.authenticatedAddress,
       userAddress: input.authenticatedAddress,
       amount: input.amount,
@@ -2731,10 +2607,15 @@ var IssuerApiAdapter = class {
     };
   }
   async swap(input) {
-    const result = await this.cfg.swapHandler.handle({
+    const swapHandler = this.assertHandler(
+      this.cfg.swapHandler,
+      "swapHandler",
+      "swap"
+    );
+    const result = await swapHandler.handle({
       userAddress: input.authenticatedAddress,
       chainId: input.chainId,
-      pointTokenAddress: getAddress10(input.pointTokenAddress),
+      pointTokenAddress: getAddress9(input.pointTokenAddress),
       amountIn: input.amountIn,
       aaNonce: input.aaNonce,
       slippageBps: input.slippageBps
@@ -2758,7 +2639,12 @@ var IssuerApiAdapter = class {
     };
   }
   async perpDeposit(input) {
-    const result = await this.cfg.perpHandler.handle({
+    const perpHandler = this.assertHandler(
+      this.cfg.perpHandler,
+      "perpHandler",
+      "perpDeposit"
+    );
+    const result = await perpHandler.handle({
       userAddress: input.authenticatedAddress,
       chainId: input.chainId,
       amount: input.amount,
@@ -2787,8 +2673,13 @@ var IssuerApiAdapter = class {
   }
   // ------------------------------ Mobile endpoints -------------------------
   async claimPrepare(input) {
-    const pointTokenAddress = getAddress10(input.pointTokenAddress);
-    const claimResult = await this.cfg.ptClaimHandler.handle({
+    const ptClaimHandler = this.assertHandler(
+      this.cfg.ptClaimHandler,
+      "ptClaimHandler",
+      "claimPrepare"
+    );
+    const pointTokenAddress = getAddress9(input.pointTokenAddress);
+    const claimResult = await ptClaimHandler.handle({
       authenticatedAddress: input.authenticatedAddress,
       userAddress: input.authenticatedAddress,
       amount: input.amount,
@@ -2833,7 +2724,7 @@ var IssuerApiAdapter = class {
   }
   async redeemPrepare(input) {
     this.assertRedeemHandler();
-    const pointTokenAddress = getAddress10(input.pointTokenAddress);
+    const pointTokenAddress = getAddress9(input.pointTokenAddress);
     const redeemResponse = await this.cfg.ptRedeemHandler.handle({
       userAddress: input.authenticatedAddress,
       authenticatedAddress: input.authenticatedAddress,
@@ -2978,6 +2869,20 @@ var IssuerApiAdapter = class {
       );
     }
   }
+  /**
+   * Narrow an optional handler to non-null and throw a clear error when
+   * the issuer wired the adapter without it. Lets issuers opt out of
+   * flows they don't expose (gg56 ships only mobile claim/redeem, so
+   * `swapHandler` + `perpHandler` aren't constructed).
+   */
+  assertHandler(handler, fieldName, methodName) {
+    if (handler === null || handler === void 0) {
+      throw new Error(
+        `${fieldName} not wired \u2014 IssuerApiAdapter.${methodName}() requires a configured ${fieldName}.`
+      );
+    }
+    return handler;
+  }
 };
 
 // src/pools/subgraphPoolsProvider.ts
@@ -3344,7 +3249,7 @@ function parseBigDecimalTo18(s) {
 }
 
 // src/balance/balanceAggregator.ts
-import { getPointTokenBalance as getPointTokenBalance4 } from "@pafi-dev/core";
+import { getPointTokenBalance as getPointTokenBalance3 } from "@pafi-dev/core";
 var BalanceAggregator = class {
   provider;
   ledger;
@@ -3365,7 +3270,7 @@ var BalanceAggregator = class {
   async getCombinedBalance(user, pointToken) {
     const [offChain, onChain] = await Promise.all([
       this.ledger.getBalance(user, pointToken),
-      getPointTokenBalance4(this.provider, pointToken, user)
+      getPointTokenBalance3(this.provider, pointToken, user)
     ]);
     return {
       offChain,
@@ -3598,7 +3503,7 @@ var PafiBackendClient = class {
 };
 
 // src/config.ts
-import { getAddress as getAddress11 } from "viem";
+import { getAddress as getAddress10 } from "viem";
 import { getContractAddresses as getContractAddresses9 } from "@pafi-dev/core";
 function createIssuerService(config) {
   if (!config.provider) {
@@ -3619,7 +3524,7 @@ function createIssuerService(config) {
       "createIssuerService: at least one of pointTokenAddress / pointTokenAddresses is required"
     );
   }
-  const tokenAddresses = rawAddresses.map((a) => getAddress11(a));
+  const tokenAddresses = rawAddresses.map((a) => getAddress10(a));
   const ledger = config.ledger;
   const sessionStore = config.sessionStore ?? new MemorySessionStore();
   const policy = config.policy ?? new DefaultPolicyEngine({ ledger });
@@ -3688,15 +3593,6 @@ function createIssuerService(config) {
   };
   if (feeManager) handlersConfig.feeManager = feeManager;
   if (config.poolsProvider) handlersConfig.poolsProvider = config.poolsProvider;
-  if (config.claim) {
-    handlersConfig.claim = {
-      policy,
-      relayService,
-      issuerSignerWallet: config.claim.issuerSignerWallet,
-      batchExecutorAddress: config.claim.batchExecutorAddress ?? chainAddresses.batchExecutor,
-      lockDurationMs: config.claim.lockDurationMs
-    };
-  }
   const handlers = new IssuerApiHandlers(handlersConfig);
   if (config.indexer?.autoStart) {
     for (const idx of indexers.values()) {
@@ -3717,7 +3613,7 @@ function createIssuerService(config) {
 }
 
 // src/issuer-state/validator.ts
-import { getAddress as getAddress12 } from "viem";
+import { getAddress as getAddress11 } from "viem";
 import {
   POINT_TOKEN_V2_ABI as POINT_TOKEN_V2_ABI3,
   issuerRegistryGetIssuerFlatAbi,
@@ -3748,7 +3644,7 @@ var IssuerStateValidator = class _IssuerStateValidator {
    */
   invalidate(pointToken) {
     if (pointToken) {
-      const key = getAddress12(pointToken);
+      const key = getAddress11(pointToken);
       this.pointTokenIssuerCache.delete(key);
       this.stateCache.delete(key);
       this.inflight.delete(key);
@@ -3763,7 +3659,7 @@ var IssuerStateValidator = class _IssuerStateValidator {
    * The issuer field is set at `initialize()` and never changes.
    */
   async getIssuerAddressForPointToken(pointToken) {
-    const key = getAddress12(pointToken);
+    const key = getAddress11(pointToken);
     const cached = this.pointTokenIssuerCache.get(key);
     if (cached) return cached;
     const issuer = await this.provider.readContract({
@@ -3771,15 +3667,15 @@ var IssuerStateValidator = class _IssuerStateValidator {
       abi: POINT_TOKEN_V2_ABI3,
       functionName: "issuer"
     });
-    this.pointTokenIssuerCache.set(key, getAddress12(issuer));
-    return getAddress12(issuer);
+    this.pointTokenIssuerCache.set(key, getAddress11(issuer));
+    return getAddress11(issuer);
   }
   /**
    * Read registry record + totalSupply, with 30s cache and in-flight
    * deduplication. Does NOT throw on inactive/missing — returns raw state.
    */
   async getIssuerState(pointToken) {
-    const tokenAddr = getAddress12(pointToken);
+    const tokenAddr = getAddress11(pointToken);
     const now = Date.now();
     const cached = this.stateCache.get(tokenAddr);
     if (cached && cached.expiresAt > now) return cached.value;
@@ -3893,6 +3789,7 @@ export {
   IssuerStateError,
   IssuerStateValidator,
   LockNotFoundError,
+  MemoryPendingUserOpStore,
   MemorySessionStore,
   NonceManager,
   PAFI_ISSUER_SDK_VERSION,
@@ -3913,8 +3810,6 @@ export {
   RelayService,
   SwapError,
   SwapHandler,
-  TopUpRedemptionError,
-  TopUpRedemptionHandler,
   authenticateRequest,
   createIssuerService,
   createNativePtQuoter,