@payai/x402-evm 2.2.4 → 2.3.1

package/dist/cjs/exact/facilitator/index.js

@@ -31,7 +31,7 @@ function isPermit2Payload(payload) {
 }
 
 // src/exact/facilitator/eip3009.ts
-var import_viem = require("viem");
+var import_viem2 = require("viem");
 
 // src/constants.ts
 var authorizationTypes = {
@@ -58,8 +58,7 @@ var permit2WitnessTypes = {
   ],
   Witness: [
     { name: "to", type: "address" },
-    { name: "validAfter", type: "uint256" },
-    { name: "extra", type: "bytes" }
+    { name: "validAfter", type: "uint256" }
   ]
 };
 var eip3009ABI = [
@@ -110,8 +109,36 @@ var eip3009ABI = [
     type: "function"
   }
 ];
+var erc20ApproveAbi = [
+  {
+    type: "function",
+    name: "approve",
+    inputs: [
+      { name: "spender", type: "address" },
+      { name: "amount", type: "uint256" }
+    ],
+    outputs: [{ type: "bool" }],
+    stateMutability: "nonpayable"
+  }
+];
+var erc20AllowanceAbi = [
+  {
+    type: "function",
+    name: "allowance",
+    inputs: [
+      { name: "owner", type: "address" },
+      { name: "spender", type: "address" }
+    ],
+    outputs: [{ type: "uint256" }],
+    stateMutability: "view"
+  }
+];
 var PERMIT2_ADDRESS = "0x000000000022D473030F116dDEE9F6B43aC78BA3";
-var x402ExactPermit2ProxyAddress = "0x4020615294c913F045dc10f0a5cdEbd86c280001";
+var x402ExactPermit2ProxyAddress = "0x402085c248EeA27D92E8b30b2C58ed07f9E20001";
+var permit2WitnessABIComponents = [
+  { name: "to", type: "address", internalType: "address" },
+  { name: "validAfter", type: "uint256", internalType: "uint256" }
+];
 var x402ExactPermit2ProxyABI = [
   {
     type: "function",
@@ -134,13 +161,6 @@ var x402ExactPermit2ProxyABI = [
     outputs: [{ name: "", type: "string", internalType: "string" }],
     stateMutability: "view"
   },
-  {
-    type: "function",
-    name: "initialize",
-    inputs: [{ name: "_permit2", type: "address", internalType: "address" }],
-    outputs: [],
-    stateMutability: "nonpayable"
-  },
   {
     type: "function",
     name: "settle",
@@ -167,12 +187,8 @@ var x402ExactPermit2ProxyABI = [
       {
         name: "witness",
         type: "tuple",
-        internalType: "struct x402BasePermit2Proxy.Witness",
-        components: [
-          { name: "to", type: "address", internalType: "address" },
-          { name: "validAfter", type: "uint256", internalType: "uint256" },
-          { name: "extra", type: "bytes", internalType: "bytes" }
-        ]
+        internalType: "struct x402ExactPermit2Proxy.Witness",
+        components: permit2WitnessABIComponents
       },
       { name: "signature", type: "bytes", internalType: "bytes" }
     ],
@@ -186,7 +202,7 @@ var x402ExactPermit2ProxyABI = [
       {
         name: "permit2612",
         type: "tuple",
-        internalType: "struct x402BasePermit2Proxy.EIP2612Permit",
+        internalType: "struct x402ExactPermit2Proxy.EIP2612Permit",
         components: [
           { name: "value", type: "uint256", internalType: "uint256" },
           { name: "deadline", type: "uint256", internalType: "uint256" },
@@ -217,12 +233,8 @@ var x402ExactPermit2ProxyABI = [
       {
         name: "witness",
         type: "tuple",
-        internalType: "struct x402BasePermit2Proxy.Witness",
-        components: [
-          { name: "to", type: "address", internalType: "address" },
-          { name: "validAfter", type: "uint256", internalType: "uint256" },
-          { name: "extra", type: "bytes", internalType: "bytes" }
-        ]
+        internalType: "struct x402ExactPermit2Proxy.Witness",
+        components: permit2WitnessABIComponents
       },
       { name: "signature", type: "bytes", internalType: "bytes" }
     ],
@@ -231,14 +243,29 @@ var x402ExactPermit2ProxyABI = [
   },
   { type: "event", name: "Settled", inputs: [], anonymous: false },
   { type: "event", name: "SettledWithPermit", inputs: [], anonymous: false },
-  { type: "error", name: "AlreadyInitialized", inputs: [] },
+  { type: "error", name: "InvalidAmount", inputs: [] },
   { type: "error", name: "InvalidDestination", inputs: [] },
   { type: "error", name: "InvalidOwner", inputs: [] },
   { type: "error", name: "InvalidPermit2Address", inputs: [] },
   { type: "error", name: "PaymentTooEarly", inputs: [] },
+  { type: "error", name: "Permit2612AmountMismatch", inputs: [] },
   { type: "error", name: "ReentrancyGuardReentrantCall", inputs: [] }
 ];
 
+// src/utils.ts
+var import_viem = require("viem");
+function getEvmChainId(network) {
+  if (network.startsWith("eip155:")) {
+    const idStr = network.split(":")[1];
+    const chainId = parseInt(idStr, 10);
+    if (isNaN(chainId)) {
+      throw new Error(`Invalid CAIP-2 chain ID: ${network}`);
+    }
+    return chainId;
+  }
+  throw new Error(`Unsupported network format: ${network} (expected eip155:CHAIN_ID)`);
+}
+
 // src/exact/facilitator/eip3009.ts
 async function verifyEIP3009(signer, payload, requirements, eip3009Payload) {
   const payer = eip3009Payload.authorization.from;
@@ -257,7 +284,7 @@ async function verifyEIP3009(signer, payload, requirements, eip3009Payload) {
     };
   }
   const { name, version } = requirements.extra;
-  const erc20Address = (0, import_viem.getAddress)(requirements.asset);
+  const erc20Address = (0, import_viem2.getAddress)(requirements.asset);
   if (payload.accepted.network !== requirements.network) {
     return {
       isValid: false,
@@ -271,7 +298,7 @@ async function verifyEIP3009(signer, payload, requirements, eip3009Payload) {
     domain: {
       name,
       version,
-      chainId: parseInt(requirements.network.split(":")[1]),
+      chainId: getEvmChainId(requirements.network),
       verifyingContract: erc20Address
     },
     message: {
@@ -304,8 +331,8 @@ async function verifyEIP3009(signer, payload, requirements, eip3009Payload) {
       const payerAddress = eip3009Payload.authorization.from;
       const bytecode = await signer.getCode({ address: payerAddress });
       if (!bytecode || bytecode === "0x") {
-        const erc6492Data = (0, import_viem.parseErc6492Signature)(signature);
-        const hasDeploymentInfo = erc6492Data.address && erc6492Data.data && !(0, import_viem.isAddressEqual)(erc6492Data.address, "0x0000000000000000000000000000000000000000");
+        const erc6492Data = (0, import_viem2.parseErc6492Signature)(signature);
+        const hasDeploymentInfo = erc6492Data.address && erc6492Data.data && !(0, import_viem2.isAddressEqual)(erc6492Data.address, "0x0000000000000000000000000000000000000000");
         if (!hasDeploymentInfo) {
           return {
             isValid: false,
@@ -328,7 +355,7 @@ async function verifyEIP3009(signer, payload, requirements, eip3009Payload) {
       };
     }
   }
-  if ((0, import_viem.getAddress)(eip3009Payload.authorization.to) !== (0, import_viem.getAddress)(requirements.payTo)) {
+  if ((0, import_viem2.getAddress)(eip3009Payload.authorization.to) !== (0, import_viem2.getAddress)(requirements.payTo)) {
     return {
       isValid: false,
       invalidReason: "invalid_exact_evm_payload_recipient_mismatch",
@@ -361,15 +388,16 @@ async function verifyEIP3009(signer, payload, requirements, eip3009Payload) {
       return {
         isValid: false,
         invalidReason: "insufficient_funds",
+        invalidMessage: `Insufficient funds to complete the payment. Required: ${requirements.amount} ${requirements.asset}, Available: ${balance.toString()} ${requirements.asset}. Please add funds to your wallet and try again.`,
         payer
       };
     }
   } catch {
   }
-  if (BigInt(eip3009Payload.authorization.value) < BigInt(requirements.amount)) {
+  if (BigInt(eip3009Payload.authorization.value) !== BigInt(requirements.amount)) {
     return {
       isValid: false,
-      invalidReason: "invalid_exact_evm_payload_authorization_value",
+      invalidReason: "invalid_exact_evm_payload_authorization_value_mismatch",
       payer
     };
   }
@@ -392,9 +420,9 @@ async function settleEIP3009(signer, payload, requirements, eip3009Payload, conf
     };
   }
   try {
-    const parseResult = (0, import_viem.parseErc6492Signature)(eip3009Payload.signature);
+    const parseResult = (0, import_viem2.parseErc6492Signature)(eip3009Payload.signature);
     const { signature, address: factoryAddress, data: factoryCalldata } = parseResult;
-    if (config.deployERC4337WithEIP6492 && factoryAddress && factoryCalldata && !(0, import_viem.isAddressEqual)(factoryAddress, "0x0000000000000000000000000000000000000000")) {
+    if (config.deployERC4337WithEIP6492 && factoryAddress && factoryCalldata && !(0, import_viem2.isAddressEqual)(factoryAddress, "0x0000000000000000000000000000000000000000")) {
       const bytecode = await signer.getCode({ address: payer });
       if (!bytecode || bytecode === "0x") {
         const deployTx = await signer.sendTransaction({
@@ -408,14 +436,14 @@ async function settleEIP3009(signer, payload, requirements, eip3009Payload, conf
     const isECDSA = signatureLength === 130;
     let tx;
     if (isECDSA) {
-      const parsedSig = (0, import_viem.parseSignature)(signature);
+      const parsedSig = (0, import_viem2.parseSignature)(signature);
       tx = await signer.writeContract({
-        address: (0, import_viem.getAddress)(requirements.asset),
+        address: (0, import_viem2.getAddress)(requirements.asset),
         abi: eip3009ABI,
         functionName: "transferWithAuthorization",
         args: [
-          (0, import_viem.getAddress)(eip3009Payload.authorization.from),
-          (0, import_viem.getAddress)(eip3009Payload.authorization.to),
+          (0, import_viem2.getAddress)(eip3009Payload.authorization.from),
+          (0, import_viem2.getAddress)(eip3009Payload.authorization.to),
           BigInt(eip3009Payload.authorization.value),
           BigInt(eip3009Payload.authorization.validAfter),
           BigInt(eip3009Payload.authorization.validBefore),
@@ -427,12 +455,12 @@ async function settleEIP3009(signer, payload, requirements, eip3009Payload, conf
       });
     } else {
       tx = await signer.writeContract({
-        address: (0, import_viem.getAddress)(requirements.asset),
+        address: (0, import_viem2.getAddress)(requirements.asset),
         abi: eip3009ABI,
         functionName: "transferWithAuthorization",
         args: [
-          (0, import_viem.getAddress)(eip3009Payload.authorization.from),
-          (0, import_viem.getAddress)(eip3009Payload.authorization.to),
+          (0, import_viem2.getAddress)(eip3009Payload.authorization.from),
+          (0, import_viem2.getAddress)(eip3009Payload.authorization.to),
           BigInt(eip3009Payload.authorization.value),
           BigInt(eip3009Payload.authorization.validAfter),
           BigInt(eip3009Payload.authorization.validBefore),
@@ -469,20 +497,130 @@ async function settleEIP3009(signer, payload, requirements, eip3009Payload, conf
 }
 
 // src/exact/facilitator/permit2.ts
-var import_viem2 = require("viem");
-var erc20AllowanceABI = [
-  {
-    type: "function",
-    name: "allowance",
-    inputs: [
-      { name: "owner", type: "address" },
-      { name: "spender", type: "address" }
-    ],
-    outputs: [{ type: "uint256" }],
-    stateMutability: "view"
+var import_extensions2 = require("@x402/extensions");
+var import_viem4 = require("viem");
+
+// src/exact/facilitator/errors.ts
+var ErrPermit2InvalidSignature = "invalid_permit2_signature";
+var ErrPermit2InvalidAmount = "permit2_invalid_amount";
+var ErrPermit2InvalidDestination = "permit2_invalid_destination";
+var ErrPermit2InvalidOwner = "permit2_invalid_owner";
+var ErrPermit2PaymentTooEarly = "permit2_payment_too_early";
+var ErrPermit2InvalidNonce = "permit2_invalid_nonce";
+var ErrPermit2612AmountMismatch = "permit2_2612_amount_mismatch";
+var ErrErc20ApprovalInvalidFormat = "invalid_erc20_approval_extension_format";
+var ErrErc20ApprovalFromMismatch = "erc20_approval_from_mismatch";
+var ErrErc20ApprovalAssetMismatch = "erc20_approval_asset_mismatch";
+var ErrErc20ApprovalSpenderNotPermit2 = "erc20_approval_spender_not_permit2";
+var ErrErc20ApprovalTxWrongTarget = "erc20_approval_tx_wrong_target";
+var ErrErc20ApprovalTxWrongSelector = "erc20_approval_tx_wrong_selector";
+var ErrErc20ApprovalTxWrongSpender = "erc20_approval_tx_wrong_spender";
+var ErrErc20ApprovalTxInvalidCalldata = "erc20_approval_tx_invalid_calldata";
+var ErrErc20ApprovalTxSignerMismatch = "erc20_approval_tx_signer_mismatch";
+var ErrErc20ApprovalTxInvalidSignature = "erc20_approval_tx_invalid_signature";
+var ErrErc20ApprovalTxParseFailed = "erc20_approval_tx_parse_failed";
+
+// src/exact/facilitator/erc20approval.ts
+var import_viem3 = require("viem");
+var import_extensions = require("@x402/extensions");
+var APPROVE_SELECTOR = "0x095ea7b3";
+async function validateErc20ApprovalForPayment(info, payer, tokenAddress) {
+  if (!(0, import_extensions.validateErc20ApprovalGasSponsoringInfo)(info)) {
+    return {
+      isValid: false,
+      invalidReason: ErrErc20ApprovalInvalidFormat,
+      invalidMessage: "ERC-20 approval extension info failed schema validation"
+    };
   }
-];
-async function verifyPermit2(signer, payload, requirements, permit2Payload) {
+  if ((0, import_viem3.getAddress)(info.from) !== (0, import_viem3.getAddress)(payer)) {
+    return {
+      isValid: false,
+      invalidReason: ErrErc20ApprovalFromMismatch,
+      invalidMessage: `Expected from=${payer}, got ${info.from}`
+    };
+  }
+  if ((0, import_viem3.getAddress)(info.asset) !== tokenAddress) {
+    return {
+      isValid: false,
+      invalidReason: ErrErc20ApprovalAssetMismatch,
+      invalidMessage: `Expected asset=${tokenAddress}, got ${info.asset}`
+    };
+  }
+  if ((0, import_viem3.getAddress)(info.spender) !== (0, import_viem3.getAddress)(PERMIT2_ADDRESS)) {
+    return {
+      isValid: false,
+      invalidReason: ErrErc20ApprovalSpenderNotPermit2,
+      invalidMessage: `Expected spender=${PERMIT2_ADDRESS}, got ${info.spender}`
+    };
+  }
+  try {
+    const serializedTx = info.signedTransaction;
+    const tx = (0, import_viem3.parseTransaction)(serializedTx);
+    if (!tx.to || (0, import_viem3.getAddress)(tx.to) !== tokenAddress) {
+      return {
+        isValid: false,
+        invalidReason: ErrErc20ApprovalTxWrongTarget,
+        invalidMessage: `Transaction targets ${tx.to ?? "null"}, expected ${tokenAddress}`
+      };
+    }
+    const data = tx.data ?? "0x";
+    if (!data.startsWith(APPROVE_SELECTOR)) {
+      return {
+        isValid: false,
+        invalidReason: ErrErc20ApprovalTxWrongSelector,
+        invalidMessage: `Transaction calldata does not start with approve() selector ${APPROVE_SELECTOR}`
+      };
+    }
+    try {
+      const decoded = (0, import_viem3.decodeFunctionData)({
+        abi: erc20ApproveAbi,
+        data
+      });
+      const calldataSpender = (0, import_viem3.getAddress)(decoded.args[0]);
+      if (calldataSpender !== (0, import_viem3.getAddress)(PERMIT2_ADDRESS)) {
+        return {
+          isValid: false,
+          invalidReason: ErrErc20ApprovalTxWrongSpender,
+          invalidMessage: `approve() spender is ${calldataSpender}, expected Permit2 ${PERMIT2_ADDRESS}`
+        };
+      }
+    } catch {
+      return {
+        isValid: false,
+        invalidReason: ErrErc20ApprovalTxInvalidCalldata,
+        invalidMessage: "Failed to decode approve() calldata from the signed transaction"
+      };
+    }
+    try {
+      const recoveredAddress = await (0, import_viem3.recoverTransactionAddress)({
+        serializedTransaction: serializedTx
+      });
+      if ((0, import_viem3.getAddress)(recoveredAddress) !== (0, import_viem3.getAddress)(payer)) {
+        return {
+          isValid: false,
+          invalidReason: ErrErc20ApprovalTxSignerMismatch,
+          invalidMessage: `Transaction signed by ${recoveredAddress}, expected payer ${payer}`
+        };
+      }
+    } catch {
+      return {
+        isValid: false,
+        invalidReason: ErrErc20ApprovalTxInvalidSignature,
+        invalidMessage: "Failed to recover signer from the signed transaction"
+      };
+    }
+  } catch {
+    return {
+      isValid: false,
+      invalidReason: ErrErc20ApprovalTxParseFailed,
+      invalidMessage: "Failed to parse the signed transaction"
+    };
+  }
+  return { isValid: true };
+}
+
+// src/exact/facilitator/permit2.ts
+async function verifyPermit2(signer, payload, requirements, permit2Payload, context) {
   const payer = permit2Payload.permit2Authorization.from;
   if (payload.accepted.scheme !== "exact" || requirements.scheme !== "exact") {
     return {
@@ -498,16 +636,16 @@ async function verifyPermit2(signer, payload, requirements, permit2Payload) {
       payer
     };
   }
-  const chainId = parseInt(requirements.network.split(":")[1]);
-  const tokenAddress = (0, import_viem2.getAddress)(requirements.asset);
-  if ((0, import_viem2.getAddress)(permit2Payload.permit2Authorization.spender) !== (0, import_viem2.getAddress)(x402ExactPermit2ProxyAddress)) {
+  const chainId = getEvmChainId(requirements.network);
+  const tokenAddress = (0, import_viem4.getAddress)(requirements.asset);
+  if ((0, import_viem4.getAddress)(permit2Payload.permit2Authorization.spender) !== (0, import_viem4.getAddress)(x402ExactPermit2ProxyAddress)) {
     return {
       isValid: false,
       invalidReason: "invalid_permit2_spender",
       payer
     };
   }
-  if ((0, import_viem2.getAddress)(permit2Payload.permit2Authorization.witness.to) !== (0, import_viem2.getAddress)(requirements.payTo)) {
+  if ((0, import_viem4.getAddress)(permit2Payload.permit2Authorization.witness.to) !== (0, import_viem4.getAddress)(requirements.payTo)) {
     return {
       isValid: false,
       invalidReason: "invalid_permit2_recipient_mismatch",
@@ -529,14 +667,14 @@ async function verifyPermit2(signer, payload, requirements, permit2Payload) {
       payer
     };
   }
-  if (BigInt(permit2Payload.permit2Authorization.permitted.amount) < BigInt(requirements.amount)) {
+  if (BigInt(permit2Payload.permit2Authorization.permitted.amount) !== BigInt(requirements.amount)) {
     return {
       isValid: false,
-      invalidReason: "permit2_insufficient_amount",
+      invalidReason: "permit2_amount_mismatch",
       payer
     };
   }
-  if ((0, import_viem2.getAddress)(permit2Payload.permit2Authorization.permitted.token) !== tokenAddress) {
+  if ((0, import_viem4.getAddress)(permit2Payload.permit2Authorization.permitted.token) !== tokenAddress) {
     return {
       isValid: false,
       invalidReason: "permit2_token_mismatch",
@@ -553,16 +691,15 @@ async function verifyPermit2(signer, payload, requirements, permit2Payload) {
     },
     message: {
       permitted: {
-        token: (0, import_viem2.getAddress)(permit2Payload.permit2Authorization.permitted.token),
+        token: (0, import_viem4.getAddress)(permit2Payload.permit2Authorization.permitted.token),
         amount: BigInt(permit2Payload.permit2Authorization.permitted.amount)
       },
-      spender: (0, import_viem2.getAddress)(permit2Payload.permit2Authorization.spender),
+      spender: (0, import_viem4.getAddress)(permit2Payload.permit2Authorization.spender),
       nonce: BigInt(permit2Payload.permit2Authorization.nonce),
       deadline: BigInt(permit2Payload.permit2Authorization.deadline),
       witness: {
-        to: (0, import_viem2.getAddress)(permit2Payload.permit2Authorization.witness.to),
-        validAfter: BigInt(permit2Payload.permit2Authorization.witness.validAfter),
-        extra: permit2Payload.permit2Authorization.witness.extra
+        to: (0, import_viem4.getAddress)(permit2Payload.permit2Authorization.witness.to),
+        validAfter: BigInt(permit2Payload.permit2Authorization.witness.validAfter)
       }
     }
   };
@@ -586,21 +723,16 @@ async function verifyPermit2(signer, payload, requirements, permit2Payload) {
       payer
     };
   }
-  try {
-    const allowance = await signer.readContract({
-      address: tokenAddress,
-      abi: erc20AllowanceABI,
-      functionName: "allowance",
-      args: [payer, PERMIT2_ADDRESS]
-    });
-    if (allowance < BigInt(requirements.amount)) {
-      return {
-        isValid: false,
-        invalidReason: "permit2_allowance_required",
-        payer
-      };
-    }
-  } catch {
+  const allowanceResult = await _verifyPermit2Allowance(
+    signer,
+    payload,
+    requirements,
+    payer,
+    tokenAddress,
+    context
+  );
+  if (allowanceResult) {
+    return allowanceResult;
   }
   try {
     const balance = await signer.readContract({
@@ -613,6 +745,7 @@ async function verifyPermit2(signer, payload, requirements, permit2Payload) {
       return {
         isValid: false,
         invalidReason: "insufficient_funds",
+        invalidMessage: `Insufficient funds to complete the payment. Required: ${requirements.amount} ${requirements.asset}, Available: ${balance.toString()} ${requirements.asset}. Please add funds to your wallet and try again.`,
         payer
       };
     }
@@ -624,9 +757,53 @@ async function verifyPermit2(signer, payload, requirements, permit2Payload) {
     payer
   };
 }
-async function settlePermit2(signer, payload, requirements, permit2Payload) {
+async function _verifyPermit2Allowance(signer, payload, requirements, payer, tokenAddress, context) {
+  try {
+    const allowance = await signer.readContract({
+      address: tokenAddress,
+      abi: erc20AllowanceAbi,
+      functionName: "allowance",
+      args: [payer, PERMIT2_ADDRESS]
+    });
+    if (allowance >= BigInt(requirements.amount)) {
+      return null;
+    }
+    const eip2612Info = (0, import_extensions2.extractEip2612GasSponsoringInfo)(payload);
+    if (eip2612Info) {
+      const result = validateEip2612PermitForPayment(eip2612Info, payer, tokenAddress);
+      if (!result.isValid) {
+        return { isValid: false, invalidReason: result.invalidReason, payer };
+      }
+      return null;
+    }
+    const erc20GasSponsorshipExtension = context?.getExtension(
+      import_extensions2.ERC20_APPROVAL_GAS_SPONSORING.key
+    );
+    if (erc20GasSponsorshipExtension) {
+      const erc20Info = (0, import_extensions2.extractErc20ApprovalGasSponsoringInfo)(payload);
+      if (erc20Info) {
+        const result = await validateErc20ApprovalForPayment(erc20Info, payer, tokenAddress);
+        if (!result.isValid) {
+          return { isValid: false, invalidReason: result.invalidReason, payer };
+        }
+        return null;
+      }
+    }
+    return { isValid: false, invalidReason: "permit2_allowance_required", payer };
+  } catch {
+    const eip2612Info = (0, import_extensions2.extractEip2612GasSponsoringInfo)(payload);
+    if (eip2612Info) {
+      const result = validateEip2612PermitForPayment(eip2612Info, payer, tokenAddress);
+      if (!result.isValid) {
+        return { isValid: false, invalidReason: result.invalidReason, payer };
+      }
+    }
+    return null;
+  }
+}
+async function settlePermit2(signer, payload, requirements, permit2Payload, context) {
   const payer = permit2Payload.permit2Authorization.from;
-  const valid = await verifyPermit2(signer, payload, requirements, permit2Payload);
+  const valid = await verifyPermit2(signer, payload, requirements, permit2Payload, context);
   if (!valid.isValid) {
     return {
       success: false,
@@ -636,82 +813,223 @@ async function settlePermit2(signer, payload, requirements, permit2Payload) {
       payer
     };
   }
+  const eip2612Info = (0, import_extensions2.extractEip2612GasSponsoringInfo)(payload);
+  if (eip2612Info) {
+    return _settlePermit2WithEIP2612(signer, payload, permit2Payload, eip2612Info);
+  }
+  const erc20Info = (0, import_extensions2.extractErc20ApprovalGasSponsoringInfo)(payload);
+  if (erc20Info) {
+    const erc20GasSponsorshipExtension = context?.getExtension(
+      import_extensions2.ERC20_APPROVAL_GAS_SPONSORING.key
+    );
+    if (erc20GasSponsorshipExtension?.signer) {
+      return _settlePermit2WithERC20Approval(
+        erc20GasSponsorshipExtension.signer,
+        payload,
+        permit2Payload,
+        erc20Info
+      );
+    }
+  }
+  return _settlePermit2Direct(signer, payload, permit2Payload);
+}
+async function _settlePermit2WithEIP2612(signer, payload, permit2Payload, eip2612Info) {
+  const payer = permit2Payload.permit2Authorization.from;
   try {
+    const { v, r, s } = splitEip2612Signature(eip2612Info.signature);
     const tx = await signer.writeContract({
       address: x402ExactPermit2ProxyAddress,
       abi: x402ExactPermit2ProxyABI,
-      functionName: "settle",
+      functionName: "settleWithPermit",
       args: [
+        {
+          value: BigInt(eip2612Info.amount),
+          deadline: BigInt(eip2612Info.deadline),
+          r,
+          s,
+          v
+        },
         {
           permitted: {
-            token: (0, import_viem2.getAddress)(permit2Payload.permit2Authorization.permitted.token),
+            token: (0, import_viem4.getAddress)(permit2Payload.permit2Authorization.permitted.token),
             amount: BigInt(permit2Payload.permit2Authorization.permitted.amount)
           },
           nonce: BigInt(permit2Payload.permit2Authorization.nonce),
           deadline: BigInt(permit2Payload.permit2Authorization.deadline)
         },
-        (0, import_viem2.getAddress)(payer),
+        (0, import_viem4.getAddress)(payer),
         {
-          to: (0, import_viem2.getAddress)(permit2Payload.permit2Authorization.witness.to),
-          validAfter: BigInt(permit2Payload.permit2Authorization.witness.validAfter),
-          extra: permit2Payload.permit2Authorization.witness.extra
+          to: (0, import_viem4.getAddress)(permit2Payload.permit2Authorization.witness.to),
+          validAfter: BigInt(permit2Payload.permit2Authorization.witness.validAfter)
         },
         permit2Payload.signature
       ]
     });
-    const receipt = await signer.waitForTransactionReceipt({ hash: tx });
-    if (receipt.status !== "success") {
+    return _waitAndReturn(signer, tx, payload, payer);
+  } catch (error) {
+    return _mapSettleError(error, payload, payer);
+  }
+}
+async function _settlePermit2WithERC20Approval(extensionSigner, payload, permit2Payload, erc20Info) {
+  const payer = permit2Payload.permit2Authorization.from;
+  try {
+    const approvalTxHash = await extensionSigner.sendRawTransaction({
+      serializedTransaction: erc20Info.signedTransaction
+    });
+    const approvalReceipt = await extensionSigner.waitForTransactionReceipt({
+      hash: approvalTxHash
+    });
+    if (approvalReceipt.status !== "success") {
       return {
         success: false,
-        errorReason: "invalid_transaction_state",
-        transaction: tx,
+        errorReason: "erc20_approval_tx_failed",
+        transaction: approvalTxHash,
         network: payload.accepted.network,
         payer
       };
     }
-    return {
-      success: true,
-      transaction: tx,
-      network: payload.accepted.network,
-      payer
-    };
+    const tx = await extensionSigner.writeContract({
+      address: x402ExactPermit2ProxyAddress,
+      abi: x402ExactPermit2ProxyABI,
+      functionName: "settle",
+      args: [
+        {
+          permitted: {
+            token: (0, import_viem4.getAddress)(permit2Payload.permit2Authorization.permitted.token),
+            amount: BigInt(permit2Payload.permit2Authorization.permitted.amount)
+          },
+          nonce: BigInt(permit2Payload.permit2Authorization.nonce),
+          deadline: BigInt(permit2Payload.permit2Authorization.deadline)
+        },
+        (0, import_viem4.getAddress)(payer),
+        {
+          to: (0, import_viem4.getAddress)(permit2Payload.permit2Authorization.witness.to),
+          validAfter: BigInt(permit2Payload.permit2Authorization.witness.validAfter)
+        },
+        permit2Payload.signature
+      ]
+    });
+    return _waitAndReturn(extensionSigner, tx, payload, payer);
   } catch (error) {
-    let errorReason = "transaction_failed";
-    if (error instanceof Error) {
-      const message = error.message;
-      if (message.includes("AmountExceedsPermitted")) {
-        errorReason = "permit2_amount_exceeds_permitted";
-      } else if (message.includes("InvalidDestination")) {
-        errorReason = "permit2_invalid_destination";
-      } else if (message.includes("InvalidOwner")) {
-        errorReason = "permit2_invalid_owner";
-      } else if (message.includes("PaymentTooEarly")) {
-        errorReason = "permit2_payment_too_early";
-      } else if (message.includes("InvalidSignature") || message.includes("SignatureExpired")) {
-        errorReason = "permit2_invalid_signature";
-      } else if (message.includes("InvalidNonce")) {
-        errorReason = "permit2_invalid_nonce";
-      } else {
-        errorReason = `transaction_failed: ${message.slice(0, 500)}`;
-      }
-    }
+    return _mapSettleError(error, payload, payer);
+  }
+}
+async function _settlePermit2Direct(signer, payload, permit2Payload) {
+  const payer = permit2Payload.permit2Authorization.from;
+  try {
+    const tx = await signer.writeContract({
+      address: x402ExactPermit2ProxyAddress,
+      abi: x402ExactPermit2ProxyABI,
+      functionName: "settle",
+      args: [
+        {
+          permitted: {
+            token: (0, import_viem4.getAddress)(permit2Payload.permit2Authorization.permitted.token),
+            amount: BigInt(permit2Payload.permit2Authorization.permitted.amount)
+          },
+          nonce: BigInt(permit2Payload.permit2Authorization.nonce),
+          deadline: BigInt(permit2Payload.permit2Authorization.deadline)
+        },
+        (0, import_viem4.getAddress)(payer),
+        {
+          to: (0, import_viem4.getAddress)(permit2Payload.permit2Authorization.witness.to),
+          validAfter: BigInt(permit2Payload.permit2Authorization.witness.validAfter)
+        },
+        permit2Payload.signature
+      ]
+    });
+    return _waitAndReturn(signer, tx, payload, payer);
+  } catch (error) {
+    return _mapSettleError(error, payload, payer);
+  }
+}
+async function _waitAndReturn(signer, tx, payload, payer) {
+  const receipt = await signer.waitForTransactionReceipt({ hash: tx });
+  if (receipt.status !== "success") {
     return {
       success: false,
-      errorReason,
-      transaction: "",
+      errorReason: "invalid_transaction_state",
+      transaction: tx,
       network: payload.accepted.network,
       payer
     };
   }
+  return {
+    success: true,
+    transaction: tx,
+    network: payload.accepted.network,
+    payer
+  };
+}
+function _mapSettleError(error, payload, payer) {
+  let errorReason = "transaction_failed";
+  if (error instanceof Error) {
+    const message = error.message;
+    if (message.includes("Permit2612AmountMismatch")) {
+      errorReason = ErrPermit2612AmountMismatch;
+    } else if (message.includes("InvalidAmount")) {
+      errorReason = ErrPermit2InvalidAmount;
+    } else if (message.includes("InvalidDestination")) {
+      errorReason = ErrPermit2InvalidDestination;
+    } else if (message.includes("InvalidOwner")) {
+      errorReason = ErrPermit2InvalidOwner;
+    } else if (message.includes("PaymentTooEarly")) {
+      errorReason = ErrPermit2PaymentTooEarly;
+    } else if (message.includes("InvalidSignature") || message.includes("SignatureExpired")) {
+      errorReason = ErrPermit2InvalidSignature;
+    } else if (message.includes("InvalidNonce")) {
+      errorReason = ErrPermit2InvalidNonce;
+    } else {
+      errorReason = `transaction_failed: ${message.slice(0, 500)}`;
+    }
+  }
+  return {
+    success: false,
+    errorReason,
+    transaction: "",
+    network: payload.accepted.network,
+    payer
+  };
+}
+function validateEip2612PermitForPayment(info, payer, tokenAddress) {
+  if (!(0, import_extensions2.validateEip2612GasSponsoringInfo)(info)) {
+    return { isValid: false, invalidReason: "invalid_eip2612_extension_format" };
+  }
+  if ((0, import_viem4.getAddress)(info.from) !== (0, import_viem4.getAddress)(payer)) {
+    return { isValid: false, invalidReason: "eip2612_from_mismatch" };
+  }
+  if ((0, import_viem4.getAddress)(info.asset) !== tokenAddress) {
+    return { isValid: false, invalidReason: "eip2612_asset_mismatch" };
+  }
+  if ((0, import_viem4.getAddress)(info.spender) !== (0, import_viem4.getAddress)(PERMIT2_ADDRESS)) {
+    return { isValid: false, invalidReason: "eip2612_spender_not_permit2" };
+  }
+  const now = Math.floor(Date.now() / 1e3);
+  if (BigInt(info.deadline) < BigInt(now + 6)) {
+    return { isValid: false, invalidReason: "eip2612_deadline_expired" };
+  }
+  return { isValid: true };
+}
+function splitEip2612Signature(signature) {
+  const sig = signature.startsWith("0x") ? signature.slice(2) : signature;
+  if (sig.length !== 130) {
+    throw new Error(
+      `invalid EIP-2612 signature length: expected 65 bytes (130 hex chars), got ${sig.length / 2} bytes`
+    );
+  }
+  const r = `0x${sig.slice(0, 64)}`;
+  const s = `0x${sig.slice(64, 128)}`;
+  const v = parseInt(sig.slice(128, 130), 16);
+  return { v, r, s };
 }
 
 // src/exact/facilitator/scheme.ts
 var ExactEvmScheme = class {
   /**
-   * Creates a new ExactEvmFacilitator instance.
+   * Creates a new ExactEvmScheme facilitator instance.
    *
    * @param signer - The EVM signer for facilitator operations
-   * @param config - Optional configuration for the facilitator
+   * @param config - Optional configuration
    */
   constructor(signer, config) {
     this.signer = signer;
@@ -722,53 +1040,51 @@ var ExactEvmScheme = class {
     };
   }
   /**
-   * Get mechanism-specific extra data for the supported kinds endpoint.
-   * For EVM, no extra data is needed.
+   * Returns undefined — EVM has no mechanism-specific extra data.
    *
-   * @param _ - The network identifier (unused for EVM)
-   * @returns undefined (EVM has no extra data)
+   * @param _ - The network identifier (unused)
+   * @returns undefined
    */
   getExtra(_) {
     return void 0;
   }
   /**
-   * Get signer addresses used by this facilitator.
-   * Returns all addresses this facilitator can use for signing/settling transactions.
+   * Returns facilitator wallet addresses for the supported response.
    *
-   * @param _ - The network identifier (unused for EVM, addresses are network-agnostic)
+   * @param _ - The network identifier (unused, addresses are network-agnostic)
    * @returns Array of facilitator wallet addresses
    */
   getSigners(_) {
     return [...this.signer.getAddresses()];
   }
   /**
-   * Verifies a payment payload.
-   * Routes to the appropriate verification logic based on payload type.
+   * Verifies a payment payload. Routes to Permit2 or EIP-3009 based on payload type.
    *
    * @param payload - The payment payload to verify
    * @param requirements - The payment requirements
+   * @param context - Optional facilitator context for extension capabilities
    * @returns Promise resolving to verification response
    */
-  async verify(payload, requirements) {
+  async verify(payload, requirements, context) {
     const rawPayload = payload.payload;
     if (isPermit2Payload(rawPayload)) {
-      return verifyPermit2(this.signer, payload, requirements, rawPayload);
+      return verifyPermit2(this.signer, payload, requirements, rawPayload, context);
     }
     const eip3009Payload = rawPayload;
     return verifyEIP3009(this.signer, payload, requirements, eip3009Payload);
   }
   /**
-   * Settles a payment by executing the transfer.
-   * Routes to the appropriate settlement logic based on payload type.
+   * Settles a payment. Routes to Permit2 or EIP-3009 based on payload type.
    *
    * @param payload - The payment payload to settle
    * @param requirements - The payment requirements
+   * @param context - Optional facilitator context for extension capabilities
    * @returns Promise resolving to settlement response
    */
-  async settle(payload, requirements) {
+  async settle(payload, requirements, context) {
     const rawPayload = payload.payload;
     if (isPermit2Payload(rawPayload)) {
-      return settlePermit2(this.signer, payload, requirements, rawPayload);
+      return settlePermit2(this.signer, payload, requirements, rawPayload, context);
     }
     const eip3009Payload = rawPayload;
     return settleEIP3009(this.signer, payload, requirements, eip3009Payload, this.config);
@@ -776,13 +1092,10 @@ var ExactEvmScheme = class {
 };
 
 // src/exact/v1/facilitator/scheme.ts
-var import_viem5 = require("viem");
-
-// src/utils.ts
-var import_viem4 = require("viem");
+var import_viem6 = require("viem");
 
 // src/exact/v1/client/scheme.ts
-var import_viem3 = require("viem");
+var import_viem5 = require("viem");
 
 // src/v1/index.ts
 var EVM_NETWORK_CHAIN_ID_MAP = {
@@ -802,15 +1115,15 @@ var EVM_NETWORK_CHAIN_ID_MAP = {
   peaq: 3338,
   story: 1514,
   educhain: 41923,
-  "skale-base-sepolia": 324705682
+  "skale-base-sepolia": 324705682,
+  megaeth: 4326,
+  monad: 143
 };
 var NETWORKS = Object.keys(EVM_NETWORK_CHAIN_ID_MAP);
-
-// src/utils.ts
-function getEvmChainId(network) {
+function getEvmChainIdV1(network) {
   const chainId = EVM_NETWORK_CHAIN_ID_MAP[network];
   if (!chainId) {
-    throw new Error(`Unsupported network: ${network}`);
+    throw new Error(`Unsupported v1 network: ${network}`);
   }
   return chainId;
 }
@@ -871,7 +1184,7 @@ var ExactEvmSchemeV12 = class {
     }
     let chainId;
     try {
-      chainId = getEvmChainId(payloadV1.network);
+      chainId = getEvmChainIdV1(payloadV1.network);
     } catch {
       return {
         isValid: false,
@@ -887,7 +1200,7 @@ var ExactEvmSchemeV12 = class {
       };
     }
     const { name, version } = requirements.extra;
-    const erc20Address = (0, import_viem5.getAddress)(requirements.asset);
+    const erc20Address = (0, import_viem6.getAddress)(requirements.asset);
     if (payloadV1.network !== requirements.network) {
       return {
         isValid: false,
@@ -934,8 +1247,8 @@ var ExactEvmSchemeV12 = class {
         const payerAddress = exactEvmPayload.authorization.from;
         const bytecode = await this.signer.getCode({ address: payerAddress });
         if (!bytecode || bytecode === "0x") {
-          const erc6492Data = (0, import_viem5.parseErc6492Signature)(signature);
-          const hasDeploymentInfo = erc6492Data.address && erc6492Data.data && !(0, import_viem5.isAddressEqual)(erc6492Data.address, "0x0000000000000000000000000000000000000000");
+          const erc6492Data = (0, import_viem6.parseErc6492Signature)(signature);
+          const hasDeploymentInfo = erc6492Data.address && erc6492Data.data && !(0, import_viem6.isAddressEqual)(erc6492Data.address, "0x0000000000000000000000000000000000000000");
           if (!hasDeploymentInfo) {
             return {
               isValid: false,
@@ -958,7 +1271,7 @@ var ExactEvmSchemeV12 = class {
         };
       }
     }
-    if ((0, import_viem5.getAddress)(exactEvmPayload.authorization.to) !== (0, import_viem5.getAddress)(requirements.payTo)) {
+    if ((0, import_viem6.getAddress)(exactEvmPayload.authorization.to) !== (0, import_viem6.getAddress)(requirements.payTo)) {
       return {
         isValid: false,
         invalidReason: "invalid_exact_evm_payload_recipient_mismatch",
@@ -991,15 +1304,16 @@ var ExactEvmSchemeV12 = class {
         return {
           isValid: false,
           invalidReason: "insufficient_funds",
+          invalidMessage: `Insufficient funds to complete the payment. Required: ${requirementsV1.maxAmountRequired} ${requirements.asset}, Available: ${balance.toString()} ${requirements.asset}. Please add funds to your wallet and try again.`,
           payer: exactEvmPayload.authorization.from
         };
       }
     } catch {
     }
-    if (BigInt(exactEvmPayload.authorization.value) < BigInt(requirementsV1.maxAmountRequired)) {
+    if (BigInt(exactEvmPayload.authorization.value) !== BigInt(requirementsV1.maxAmountRequired)) {
       return {
         isValid: false,
-        invalidReason: "invalid_exact_evm_payload_authorization_value",
+        invalidReason: "invalid_exact_evm_payload_authorization_value_mismatch",
         payer: exactEvmPayload.authorization.from
       };
     }
@@ -1030,9 +1344,9 @@ var ExactEvmSchemeV12 = class {
       };
     }
     try {
-      const parseResult = (0, import_viem5.parseErc6492Signature)(exactEvmPayload.signature);
+      const parseResult = (0, import_viem6.parseErc6492Signature)(exactEvmPayload.signature);
       const { signature, address: factoryAddress, data: factoryCalldata } = parseResult;
-      if (this.config.deployERC4337WithEIP6492 && factoryAddress && factoryCalldata && !(0, import_viem5.isAddressEqual)(factoryAddress, "0x0000000000000000000000000000000000000000")) {
+      if (this.config.deployERC4337WithEIP6492 && factoryAddress && factoryCalldata && !(0, import_viem6.isAddressEqual)(factoryAddress, "0x0000000000000000000000000000000000000000")) {
         const payerAddress = exactEvmPayload.authorization.from;
         const bytecode = await this.signer.getCode({ address: payerAddress });
         if (!bytecode || bytecode === "0x") {
@@ -1056,14 +1370,14 @@ var ExactEvmSchemeV12 = class {
       const isECDSA = signatureLength === 130;
       let tx;
       if (isECDSA) {
-        const parsedSig = (0, import_viem5.parseSignature)(signature);
+        const parsedSig = (0, import_viem6.parseSignature)(signature);
         tx = await this.signer.writeContract({
-          address: (0, import_viem5.getAddress)(requirements.asset),
+          address: (0, import_viem6.getAddress)(requirements.asset),
           abi: eip3009ABI,
           functionName: "transferWithAuthorization",
           args: [
-            (0, import_viem5.getAddress)(exactEvmPayload.authorization.from),
-            (0, import_viem5.getAddress)(exactEvmPayload.authorization.to),
+            (0, import_viem6.getAddress)(exactEvmPayload.authorization.from),
+            (0, import_viem6.getAddress)(exactEvmPayload.authorization.to),
             BigInt(exactEvmPayload.authorization.value),
             BigInt(exactEvmPayload.authorization.validAfter),
             BigInt(exactEvmPayload.authorization.validBefore),
@@ -1075,12 +1389,12 @@ var ExactEvmSchemeV12 = class {
         });
       } else {
         tx = await this.signer.writeContract({
-          address: (0, import_viem5.getAddress)(requirements.asset),
+          address: (0, import_viem6.getAddress)(requirements.asset),
           abi: eip3009ABI,
           functionName: "transferWithAuthorization",
           args: [
-            (0, import_viem5.getAddress)(exactEvmPayload.authorization.from),
-            (0, import_viem5.getAddress)(exactEvmPayload.authorization.to),
+            (0, import_viem6.getAddress)(exactEvmPayload.authorization.from),
+            (0, import_viem6.getAddress)(exactEvmPayload.authorization.to),
             BigInt(exactEvmPayload.authorization.value),
             BigInt(exactEvmPayload.authorization.validAfter),
             BigInt(exactEvmPayload.authorization.validBefore),