npm - @pafi-dev/issuer - Versions diffs - 0.5.6 → 0.5.7 - Mend

@pafi-dev/issuer 0.5.6 → 0.5.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.cjs CHANGED Viewed

@@ -1300,6 +1300,20 @@ var PTRedeemHandler = class {
   redeemLockDurationMs;
   signatureDeadlineSeconds;
   now;
+  /**
+   * Per-user in-flight nonce guard (single-process only).
+   *
+   * Prevents two concurrent requests from reading the same on-chain
+   * burnRequestNonce before either has completed, which would produce two
+   * signed UserOps with the same nonce — only one succeeds on-chain; the
+   * other leaves an orphaned pending credit and a wasted signer call.
+   *
+   * NOTE: This guard is effective only within a single Node.js process. For
+   * multi-instance deployments (k8s, PM2 cluster), enforce mutual exclusion
+   * via a distributed lock (Redis SETNX / Postgres advisory lock) keyed on
+   * `(userAddress, pointTokenAddress)` BEFORE calling `handle()`.
+   */
+  inFlightNonces = /* @__PURE__ */ new Map();
   constructor(config) {
     if (!config.ledger.reservePendingCredit) {
       throw new PTRedeemError(
@@ -1352,6 +1366,27 @@ var PTRedeemHandler = class {
         `failed to read burnRequestNonces(${request.userAddress}): ${err instanceof Error ? err.message : String(err)}`
       );
     }
+    const userKey = (0, import_viem7.getAddress)(request.userAddress).toLowerCase();
+    let userNonces = this.inFlightNonces.get(userKey);
+    if (!userNonces) {
+      userNonces = /* @__PURE__ */ new Set();
+      this.inFlightNonces.set(userKey, userNonces);
+    }
+    if (userNonces.has(burnNonce)) {
+      throw new PTRedeemError(
+        "NONCE_IN_FLIGHT",
+        `A burn request for nonce ${burnNonce} is already in progress for ${request.userAddress}. Retry after the current request completes.`
+      );
+    }
+    userNonces.add(burnNonce);
+    try {
+      return await this._handleAfterNonceLock(request, burnNonce);
+    } finally {
+      userNonces.delete(burnNonce);
+      if (userNonces.size === 0) this.inFlightNonces.delete(userKey);
+    }
+  }
+  async _handleAfterNonceLock(request, burnNonce) {
     const onChainBalance = await (0, import_core4.getPointTokenBalance)(
       this.provider,
       this.pointTokenAddress,
@@ -1858,6 +1893,40 @@ var PafiBackendClient = class {
     }
     throw lastError;
   }
+  async relayUserOperation(request) {
+    const fetchFn = this.config.fetchImpl ?? fetch;
+    const url = `${this.config.url}/bundler/relay`;
+    let response;
+    try {
+      response = await fetchFn(url, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          Authorization: `Bearer ${this.config.apiKey}`,
+          "X-Issuer-Id": this.config.issuerId
+        },
+        body: JSON.stringify(request)
+      });
+    } catch (err) {
+      throw new PafiBackendError(
+        "NETWORK_ERROR",
+        `Network error: ${err instanceof Error ? err.message : String(err)}`,
+        0
+      );
+    }
+    const text = await response.text();
+    let json = {};
+    try {
+      json = JSON.parse(text);
+    } catch {
+    }
+    if (!response.ok) {
+      const code = json.code ?? "INTERNAL_ERROR";
+      const message = json.message ?? `HTTP ${response.status}`;
+      throw new PafiBackendError(code, message, response.status, json);
+    }
+    return { userOpHash: json.userOpHash };
+  }
   async _doRequest(request) {
     const fetchFn = this.config.fetchImpl ?? fetch;
     const url = `${this.config.url}/paymaster/sponsor`;