@paybond/kit 0.11.11 → 0.12.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (52) hide show
  1. package/completion-presets/catalog.json +10 -5
  2. package/completion-presets/catalog.sha256 +1 -1
  3. package/dist/agent/index.d.ts +2 -1
  4. package/dist/agent/index.js +1 -0
  5. package/dist/agent/interceptor.d.ts +9 -0
  6. package/dist/agent/interceptor.js +177 -1
  7. package/dist/agent/receipt-client.d.ts +49 -0
  8. package/dist/agent/receipt-client.js +45 -0
  9. package/dist/agent/registry.js +1 -0
  10. package/dist/agent/run.d.ts +2 -0
  11. package/dist/agent/run.js +52 -0
  12. package/dist/agent/types.d.ts +70 -0
  13. package/dist/agent-receipt-external-attestations.d.ts +29 -0
  14. package/dist/agent-receipt-external-attestations.js +124 -0
  15. package/dist/agent-receipt.d.ts +134 -0
  16. package/dist/agent-receipt.js +580 -0
  17. package/dist/audit/exports.d.ts +15 -1
  18. package/dist/audit/exports.js +55 -8
  19. package/dist/audit/index.d.ts +2 -2
  20. package/dist/audit/wire.d.ts +12 -0
  21. package/dist/audit/wire.js +13 -1
  22. package/dist/cli/command-spec.js +4 -2
  23. package/dist/cli/commands/discovery.js +17 -6
  24. package/dist/cli/help.d.ts +1 -1
  25. package/dist/cli/help.js +3 -3
  26. package/dist/completion-catalog-digest.d.ts +1 -1
  27. package/dist/completion-catalog-digest.js +1 -1
  28. package/dist/index.d.ts +83 -7
  29. package/dist/index.js +180 -13
  30. package/dist/mcp-receipt-resource.d.ts +10 -0
  31. package/dist/mcp-receipt-resource.js +32 -0
  32. package/dist/mcp-server.d.ts +6 -0
  33. package/dist/mcp-server.js +62 -1
  34. package/dist/mpp-commercial.d.ts +19 -0
  35. package/dist/mpp-commercial.js +34 -0
  36. package/dist/mpp-funding.d.ts +71 -0
  37. package/dist/mpp-funding.js +192 -0
  38. package/dist/payment-transport.d.ts +30 -0
  39. package/dist/payment-transport.js +56 -0
  40. package/dist/policy/intent-spec.js +2 -0
  41. package/dist/principal-intent.d.ts +1 -1
  42. package/dist/principal-intent.js +4 -1
  43. package/package.json +1 -1
  44. package/templates/openai-shopping-agent/package-lock.json +7 -7
  45. package/templates/paybond-aws-operator/package-lock.json +4 -4
  46. package/templates/paybond-claude-agents-demo/package-lock.json +7 -7
  47. package/templates/paybond-mastra-travel-agent/package-lock.json +10 -10
  48. package/templates/paybond-mcp-coding-agent/package-lock.json +4 -4
  49. package/templates/paybond-openai-agents-demo/package-lock.json +7 -7
  50. package/templates/paybond-procurement-agent/package-lock.json +4 -4
  51. package/templates/paybond-travel-agent/package-lock.json +7 -7
  52. package/templates/paybond-vercel-shopping-agent/package-lock.json +4 -4
package/dist/index.js CHANGED
@@ -4,16 +4,18 @@
4
4
  */
5
5
  import { buildSignedCreateIntentBody, buildSignedCreateIntentBodyWithPolicyBinding, } from "./principal-intent.js";
6
6
  import { signPayeeEvidenceBinding } from "./payee-evidence.js";
7
- import { PaybondAgentRunFacade, PaybondInstrumentBuilder, createGuardedAgent, createGuardedAgentRunner, createPaybondAgent, createPaybondToolRegistry, instrumentPaybondAgent, instrumentPaybondClaudeAgents, instrumentPaybondLangGraph, instrumentPaybondMCP, instrumentPaybondOpenAI, instrumentPaybondVercel, resolveAgentPolicySource, wrapPaybondTools, } from "./agent/index.js";
7
+ import { PaybondAgentRunFacade, createPaybondAgentCallable, PaybondInstrumentBuilder, createGuardedAgent, createGuardedAgentRunner, createPaybondAgent, createPaybondToolRegistry, instrumentPaybondAgent, instrumentPaybondClaudeAgents, instrumentPaybondLangGraph, instrumentPaybondMCP, instrumentPaybondOpenAI, instrumentPaybondVercel, resolveAgentPolicySource, wrapPaybondTools, } from "./agent/index.js";
8
8
  import { GatewayAgentRunTraceReporter, } from "./agent/gateway-trace-reporter.js";
9
9
  import { fetchWithGatewayRetries, gatewayRetryDelayMs, shouldRetryGatewayResponse, } from "./gateway-retry.js";
10
10
  import { PaybondAudit, PaybondAuditExports } from "./audit/index.js";
11
+ import { formatPaymentAuthorizationValue, paymentAuthorizationGatewayHeader, readFundPaymentTransportHeaders, } from "./payment-transport.js";
11
12
  import { parsePolicyRemoteValidateResponse, policyValidateQueryString, } from "./policy/validate-remote.js";
12
13
  import { parsePolicyEffectiveResolveResponse, } from "./policy/load-effective.js";
13
14
  import { paybondPolicyPresets } from "./policy/policy-api.js";
14
15
  import { paybondSolutionPresets } from "./solutions/api.js";
15
16
  import { requireSecureGatewayUrl } from "./gateway-url.js";
16
17
  import { executeFundWithX402, } from "./x402-funding.js";
18
+ import { executeFundWithMppCharge, executeFundWithMppSession, } from "./mpp-funding.js";
17
19
  function parseVerifyCapabilityBody(body, expectedTenant, expectedIntentId) {
18
20
  const tenant = String(body.tenant ?? "");
19
21
  const intentId = String(body.intent_id ?? "");
@@ -83,6 +85,12 @@ function verifyCapabilityPayload(input) {
83
85
  payload.approval_token = input.approvalToken.trim();
84
86
  if (input.idempotencyKey?.trim())
85
87
  payload.idempotency_key = input.idempotencyKey.trim();
88
+ if (input.modelFamily?.trim())
89
+ payload.model_family = input.modelFamily.trim();
90
+ if (input.configHashHex?.trim())
91
+ payload.config_hash_hex = input.configHashHex.trim().toLowerCase();
92
+ if (input.promptHashHex?.trim())
93
+ payload.prompt_hash_hex = input.promptHashHex.trim().toLowerCase();
86
94
  return payload;
87
95
  }
88
96
  export const DEFAULT_PAYBOND_GATEWAY_BASE_URL = "https://api.paybond.ai";
@@ -469,7 +477,7 @@ export class HarborClient {
469
477
  }
470
478
  throw lastErr instanceof Error ? lastErr : new Error(String(lastErr));
471
479
  }
472
- async fetchWithRetries(url, init, { retryBody, retryBodyText, }) {
480
+ async fetchWithRetries(url, init, { retryBody, retryBodyText, appendAuthorization, } = {}) {
473
481
  let lastErr;
474
482
  for (let attempt = 0; attempt < this.maxRetries; attempt++) {
475
483
  let res;
@@ -479,6 +487,9 @@ export class HarborClient {
479
487
  for (const [k, v] of Object.entries(auth)) {
480
488
  headers.set(k, v);
481
489
  }
490
+ for (const value of appendAuthorization ?? []) {
491
+ headers.append("authorization", value);
492
+ }
482
493
  res = await fetch(url, { ...init, headers });
483
494
  }
484
495
  catch (e) {
@@ -600,11 +611,18 @@ export class HarborClient {
600
611
  if (options?.paymentSignature?.trim()) {
601
612
  headers["payment-signature"] = options.paymentSignature.trim();
602
613
  }
614
+ const appendAuthorization = options?.paymentAuthorization?.trim() !== undefined &&
615
+ options.paymentAuthorization.trim() !== ""
616
+ ? [formatPaymentAuthorizationValue(options.paymentAuthorization)]
617
+ : undefined;
603
618
  const res = await this.fetchWithRetries(url, {
604
619
  method: "POST",
605
620
  headers,
606
621
  body: "",
607
- }, { retryBodyText: "" });
622
+ }, {
623
+ retryBodyText: "",
624
+ appendAuthorization,
625
+ });
608
626
  const text = await res.text();
609
627
  if (![200, 202, 402].includes(res.status)) {
610
628
  throw new HarborHttpError(`Harbor fund intent HTTP ${res.status}: ${text}`, {
@@ -614,6 +632,7 @@ export class HarborClient {
614
632
  });
615
633
  }
616
634
  const body = assertJSONObject(JSON.parse(text));
635
+ const transport = readFundPaymentTransportHeaders(res.headers);
617
636
  const tenant = String(body.tenant ?? "");
618
637
  if (tenant !== this.tenantId) {
619
638
  throw new Error(`fund tenant mismatch: client=${this.tenantId} harbor=${tenant}`);
@@ -636,6 +655,9 @@ export class HarborClient {
636
655
  statusCode: res.status,
637
656
  paymentRequired: res.headers.get("payment-required") ?? undefined,
638
657
  paymentResponse: res.headers.get("payment-response") ?? undefined,
658
+ wwwAuthenticate: transport.wwwAuthenticate,
659
+ paymentReceipt: transport.paymentReceipt,
660
+ cacheControl: transport.cacheControl,
639
661
  intentId: echoedIntentId,
640
662
  tenant,
641
663
  state: body.state,
@@ -996,9 +1018,13 @@ export class GatewayHarborClient {
996
1018
  return JSON.parse(text);
997
1019
  }
998
1020
  async fundIntent(intentId, options) {
999
- const { res, text, url } = await this.postJSON(`/harbor/intents/${encodeURIComponent(intentId)}/fund`, {}, this.mutationHeaders("fundIntent", options, {
1021
+ const paymentHeaders = {
1000
1022
  ...(options.paymentSignature?.trim() ? { "payment-signature": options.paymentSignature.trim() } : {}),
1001
- }));
1023
+ ...(options.paymentAuthorization?.trim()
1024
+ ? paymentAuthorizationGatewayHeader(options.paymentAuthorization)
1025
+ : {}),
1026
+ };
1027
+ const { res, text, url } = await this.postJSON(`/harbor/intents/${encodeURIComponent(intentId)}/fund`, {}, this.mutationHeaders("fundIntent", options, paymentHeaders));
1002
1028
  if (![200, 202, 402].includes(res.status)) {
1003
1029
  throw new HarborHttpError(`Gateway Harbor fund intent HTTP ${res.status}: ${text}`, {
1004
1030
  statusCode: res.status,
@@ -1006,12 +1032,16 @@ export class GatewayHarborClient {
1006
1032
  bodyText: text,
1007
1033
  });
1008
1034
  }
1035
+ const transport = readFundPaymentTransportHeaders(res.headers);
1009
1036
  return parseFundIntentResponse(assertJSONObject(JSON.parse(text)), {
1010
1037
  tenantId: this.tenantId,
1011
1038
  intentId,
1012
1039
  statusCode: res.status,
1013
1040
  paymentRequired: res.headers.get("payment-required") ?? undefined,
1014
1041
  paymentResponse: res.headers.get("payment-response") ?? undefined,
1042
+ wwwAuthenticate: transport.wwwAuthenticate,
1043
+ paymentReceipt: transport.paymentReceipt,
1044
+ cacheControl: transport.cacheControl,
1015
1045
  source: "gateway",
1016
1046
  });
1017
1047
  }
@@ -1159,7 +1189,7 @@ export class PaybondGuardrails {
1159
1189
  }
1160
1190
  }
1161
1191
  const DEFAULT_PRINCIPAL_PATH = "/v1/auth/principal";
1162
- const SETTLEMENT_RAIL_VALUES = new Set(["stripe_connect", "stripe_ach_debit", "x402_usdc_base"]);
1192
+ const SETTLEMENT_RAIL_VALUES = new Set(["stripe_connect", "stripe_ach_debit", "stripe_mpp", "x402_usdc_base"]);
1163
1193
  const FRAUD_REVIEW_EVENT_TYPES = new Set([
1164
1194
  "review_open_requested",
1165
1195
  "appeal_requested",
@@ -1211,6 +1241,9 @@ function parseFundIntentResponse(body, init) {
1211
1241
  statusCode: init.statusCode,
1212
1242
  paymentRequired: init.paymentRequired,
1213
1243
  paymentResponse: init.paymentResponse,
1244
+ wwwAuthenticate: init.wwwAuthenticate,
1245
+ paymentReceipt: init.paymentReceipt,
1246
+ cacheControl: init.cacheControl,
1214
1247
  intentId: echoedIntentId,
1215
1248
  tenant,
1216
1249
  state: body.state,
@@ -1360,6 +1393,9 @@ function parseIntentFundingResult(value) {
1360
1393
  settlementRail: readSettlementRailValue(body.settlement_rail, "funding.settlement_rail"),
1361
1394
  harborFundEndpoint: readOptionalString("harbor_fund_endpoint"),
1362
1395
  status: readOptionalString("status"),
1396
+ intent: readOptionalString("intent"),
1397
+ method: readOptionalString("method"),
1398
+ challengeId: readOptionalString("challenge_id"),
1363
1399
  paymentSessionId: readOptionalString("payment_session_id"),
1364
1400
  paymentUrl: readOptionalString("payment_url"),
1365
1401
  stripePaymentIntentId: readOptionalString("stripe_payment_intent_id"),
@@ -1375,6 +1411,17 @@ function parseIntentFundingResult(value) {
1375
1411
  bankName: readOptionalString("bank_name"),
1376
1412
  asset: readOptionalString("asset"),
1377
1413
  network: readOptionalString("network"),
1414
+ settlementAsset: readOptionalString("settlement_asset"),
1415
+ settlementNetwork: readOptionalString("settlement_network"),
1416
+ channelId: readOptionalString("channel_id"),
1417
+ sessionProtocol: readOptionalString("session_protocol"),
1418
+ depositAmountBaseUnits: readOptionalString("deposit_amount_base_units"),
1419
+ acceptedCumulativeBaseUnits: readOptionalString("accepted_cumulative_base_units"),
1420
+ pendingCumulativeBaseUnits: readOptionalString("pending_cumulative_base_units"),
1421
+ descriptorHash: readOptionalString("descriptor_hash"),
1422
+ lastVoucherAt: readOptionalString("last_voucher_at"),
1423
+ lastSettleTxHash: readOptionalString("last_settle_tx_hash"),
1424
+ channelStatus: readOptionalString("channel_status"),
1378
1425
  authorizationId: readOptionalString("authorization_id"),
1379
1426
  captureId: readOptionalString("capture_id"),
1380
1427
  voidId: readOptionalString("void_id"),
@@ -2050,6 +2097,80 @@ export class GatewayProtocolClient {
2050
2097
  }
2051
2098
  return assertJSONObject(JSON.parse(text));
2052
2099
  }
2100
+ async getAgentReceiptV1ByID(receiptId) {
2101
+ const enc = encodeURIComponent(receiptId);
2102
+ const url = `${this.base}protocol/v2/agent-receipts/${enc}`;
2103
+ const res = await this.fetchWithRetries(url, {
2104
+ method: "GET",
2105
+ headers: this.headers(),
2106
+ });
2107
+ const text = await res.text();
2108
+ if (!res.ok) {
2109
+ const parsed = parseGatewayErrorEnvelope(text);
2110
+ throw new ProtocolHttpError(protocolHTTPErrorMessage("agent receipt", res.status, text), {
2111
+ statusCode: res.status,
2112
+ url,
2113
+ bodyText: text,
2114
+ errorCode: parsed.errorCode,
2115
+ errorMessage: parsed.errorMessage,
2116
+ });
2117
+ }
2118
+ const body = assertJSONObject(JSON.parse(text));
2119
+ if (String(body.receipt_id ?? "").trim() !== receiptId) {
2120
+ throw new Error(`agent receipt mismatch: requested=${receiptId} gateway=${String(body.receipt_id ?? "")}`);
2121
+ }
2122
+ if (String(body.tenant_id ?? "").trim() !== this.tenantId) {
2123
+ throw new Error(`agent receipt tenant mismatch: client=${this.tenantId} gateway=${String(body.tenant_id ?? "")}`);
2124
+ }
2125
+ return body;
2126
+ }
2127
+ async getAgentReceiptV1ByIntentToolCall(init) {
2128
+ const params = new URLSearchParams({
2129
+ intent_id: init.intentId,
2130
+ tool_call_id: init.toolCallId,
2131
+ });
2132
+ const url = `${this.base}protocol/v2/agent-receipts?${params.toString()}`;
2133
+ const res = await this.fetchWithRetries(url, {
2134
+ method: "GET",
2135
+ headers: this.headers(),
2136
+ });
2137
+ const text = await res.text();
2138
+ if (!res.ok) {
2139
+ const parsed = parseGatewayErrorEnvelope(text);
2140
+ throw new ProtocolHttpError(protocolHTTPErrorMessage("agent receipt lookup", res.status, text), {
2141
+ statusCode: res.status,
2142
+ url,
2143
+ bodyText: text,
2144
+ errorCode: parsed.errorCode,
2145
+ errorMessage: parsed.errorMessage,
2146
+ });
2147
+ }
2148
+ const body = assertJSONObject(JSON.parse(text));
2149
+ if (String(body.tenant_id ?? "").trim() !== this.tenantId) {
2150
+ throw new Error(`agent receipt tenant mismatch: client=${this.tenantId} gateway=${String(body.tenant_id ?? "")}`);
2151
+ }
2152
+ return body;
2153
+ }
2154
+ async verifyAgentReceiptV1(receipt) {
2155
+ const url = `${this.base}protocol/v2/agent-receipts/verify`;
2156
+ const res = await this.fetchWithRetries(url, {
2157
+ method: "POST",
2158
+ headers: this.headers({ "content-type": "application/json" }),
2159
+ body: JSON.stringify(receipt),
2160
+ });
2161
+ const text = await res.text();
2162
+ if (!res.ok) {
2163
+ const parsed = parseGatewayErrorEnvelope(text);
2164
+ throw new ProtocolHttpError(protocolHTTPErrorMessage("agent receipt verify", res.status, text), {
2165
+ statusCode: res.status,
2166
+ url,
2167
+ bodyText: text,
2168
+ errorCode: parsed.errorCode,
2169
+ errorMessage: parsed.errorMessage,
2170
+ });
2171
+ }
2172
+ return assertJSONObject(JSON.parse(text));
2173
+ }
2053
2174
  async createHarborIntent(init) {
2054
2175
  return this.postJSON("/harbor/intents", init.body, gatewayMutationHeaders(init.recognitionProof, {
2055
2176
  ...(init.idempotencyKey?.trim() ? { "idempotency-key": init.idempotencyKey.trim() } : {}),
@@ -2217,6 +2338,7 @@ export class PaybondIntents {
2217
2338
  async fund(params) {
2218
2339
  return this.harbor.fundIntent(params.intentId, {
2219
2340
  paymentSignature: params.paymentSignature,
2341
+ paymentAuthorization: params.paymentAuthorization,
2220
2342
  idempotencyKey: params.idempotencyKey,
2221
2343
  recognitionProof: params.recognitionProof,
2222
2344
  });
@@ -2242,6 +2364,52 @@ export class PaybondIntents {
2242
2364
  }),
2243
2365
  });
2244
2366
  }
2367
+ /**
2368
+ * One-shot Stripe MPP charge fund flow: create Payment Auth credentials from 402 challenges,
2369
+ * retry with `paymentAuthorization`, and poll until funded.
2370
+ *
2371
+ * MPP wallet and SPT secrets stay app-owned — pass injectable `createPaymentCredential` and
2372
+ * `issueRecognitionProof` callbacks.
2373
+ */
2374
+ async fundWithMppCharge(params) {
2375
+ const { intentId, recognitionProof, createPaymentCredential, issueRecognitionProof, pollOptions, idempotencyKey, } = params;
2376
+ return executeFundWithMppCharge({
2377
+ intentId,
2378
+ recognitionProof,
2379
+ createPaymentCredential,
2380
+ issueRecognitionProof,
2381
+ pollOptions,
2382
+ fund: ({ recognitionProof: proof, paymentAuthorization }) => this.fund({
2383
+ intentId,
2384
+ recognitionProof: proof,
2385
+ paymentAuthorization,
2386
+ idempotencyKey,
2387
+ }),
2388
+ });
2389
+ }
2390
+ /**
2391
+ * Tempo MPP session fund flow: open a session channel deposit via Payment Auth credentials,
2392
+ * retry with `paymentAuthorization`, and poll until the intent is funded.
2393
+ *
2394
+ * MPP wallet and SPT secrets stay app-owned — pass injectable `createPaymentCredential` and
2395
+ * `issueRecognitionProof` callbacks.
2396
+ */
2397
+ async fundWithMppSession(params) {
2398
+ const { intentId, recognitionProof, createPaymentCredential, issueRecognitionProof, pollOptions, idempotencyKey, } = params;
2399
+ return executeFundWithMppSession({
2400
+ intentId,
2401
+ recognitionProof,
2402
+ createPaymentCredential,
2403
+ issueRecognitionProof,
2404
+ pollOptions,
2405
+ fund: ({ recognitionProof: proof, paymentAuthorization }) => this.fund({
2406
+ intentId,
2407
+ recognitionProof: proof,
2408
+ paymentAuthorization,
2409
+ idempotencyKey,
2410
+ }),
2411
+ });
2412
+ }
2245
2413
  /**
2246
2414
  * Sign payee evidence and POST it. `payeeSigningSeed` must be 32 bytes.
2247
2415
  */
@@ -2277,6 +2445,7 @@ export class Paybond {
2277
2445
  intents;
2278
2446
  audit;
2279
2447
  agentRun;
2448
+ agent;
2280
2449
  constructor(harbor, guardrails, signal, fraud, a2a, protocol, audit) {
2281
2450
  this.harbor = harbor;
2282
2451
  this.guardrails = guardrails;
@@ -2287,6 +2456,7 @@ export class Paybond {
2287
2456
  this.intents = new PaybondIntents(harbor);
2288
2457
  this.audit = audit;
2289
2458
  this.agentRun = new PaybondAgentRunFacade(this);
2459
+ this.agent = createPaybondAgentCallable(protocol, (input) => createPaybondAgent(this, input));
2290
2460
  }
2291
2461
  /** Open a tenant-bound hosted Paybond session from a service-account API key. */
2292
2462
  static async open(init) {
@@ -2373,13 +2543,6 @@ export class Paybond {
2373
2543
  instrumentMCP(input) {
2374
2544
  return instrumentPaybondMCP(this, input);
2375
2545
  }
2376
- /**
2377
- * Opinionated quickstart: resolve named policy presets (for example `travel`) or file paths,
2378
- * then instrument tools for the selected framework.
2379
- */
2380
- agent(input) {
2381
- return createPaybondAgent(this, input);
2382
- }
2383
2546
  /** Wrap tools for an existing bound run without reloading policy. */
2384
2547
  wrapTools(run, tools, options) {
2385
2548
  return wrapPaybondTools(run, tools, options);
@@ -2405,6 +2568,7 @@ export { buildSignedCreateIntentBody, buildSignedCreateIntentBodyWithPolicyBindi
2405
2568
  export { artifactsDigest, evidenceSignBytesV1, signPayeeEvidenceBinding, } from "./payee-evidence.js";
2406
2569
  export { AGENT_RECOGNITION_GATEWAY_VERIFIER_ID, AGENT_RECOGNITION_PROOF_KIND_V1, AGENT_RECOGNITION_PURPOSE_CREATE, AGENT_RECOGNITION_PURPOSE_FUND, AGENT_RECOGNITION_PURPOSE_EVIDENCE_SUBMIT, newAgentRecognitionRequestEnvelope, signAgentRecognitionProofV1, signHarborCreateRecognitionProof, signHarborFundRecognitionProof, signHarborEvidenceSubmitRecognitionProof, signHarborSettlementConfirmRecognitionProof, } from "./agent-recognition.js";
2407
2570
  export { executeFundWithX402, buildX402FundRequestEnvelope, PaybondX402FundingFailedError, PaybondX402FundingPendingError, } from "./x402-funding.js";
2571
+ export { executeFundWithMpp, executeFundWithMppCharge, executeFundWithMppSession, buildMppFundRequestEnvelope, parsePaymentAuthChallenge, selectMppChargeChallenge, selectMppSessionChallenge, PaybondMppFundingFailedError, PaybondMppFundingPendingError, } from "./mpp-funding.js";
2408
2572
  export { validateCompletionEvidence, } from "./completion-validate-evidence.js";
2409
2573
  export { completionSchemaDigestHex, computeVendorContractDigests, verifyVendorContract, verifyCatalogVendorContracts, } from "./completion-contract-digest.js";
2410
2574
  export { contractSnapshotForPreset, mapVendorEvidenceToCanonical, resolveCompletionPreset, } from "./completion-resolve.js";
@@ -2412,3 +2576,6 @@ export { PaybondAgentRun, PaybondAgentRunBindError, PaybondAgentRunFacade, Paybo
2412
2576
  export { PaybondAudit, PaybondAuditExports, GatewayAuditExportsClient, parseAuditExportList, parseAuditExportJobGet, verifyAuditManifest, verifyAuditBundleLocal, } from "./audit/index.js";
2413
2577
  export { PaybondPolicy, composePolicyLayers, composeBundledPresetDefault, domain, guardrails, paybondPolicyPresets, resolveComposedPresetDocument, } from "./policy/index.js";
2414
2578
  export { getSolutionSmokeDefaults, isKnownSolutionId, listSolutionIds, loadSolutionManifest, paybondSolutionPresets, } from "./solutions/index.js";
2579
+ export { appendDirectHarborPaymentAuthorization, formatPaymentAuthorizationValue, PAYBOND_PAYMENT_AUTHORIZATION_HEADER, PAYMENT_TRANSPORT_RESPONSE_HEADERS, paymentAuthorizationGatewayHeader, readFundPaymentTransportHeaders, } from "./payment-transport.js";
2580
+ export { AGENT_RECEIPT_KIND_V1, AGENT_RECEIPT_SCHEMA_VERSION, AGENT_RECEIPT_SCOPE_ACTION, AGENT_RECEIPT_SCOPE_INTENT_TERMINAL, AGENT_RECEIPT_SIGNING_ALGORITHM_ED25519, AGENT_RECEIPT_VERSION_V1, AGENT_RECEIPT_WELL_KNOWN_PATH, actionReceiptId, canonicalAgentReceiptBytes, configHashSha256Hex, promptHashSha256Hex, valueDigestSha256Hex, verifyAgentReceiptV1, } from "./agent-receipt.js";
2581
+ export { AGENT_RECEIPT_EXTERNAL_SOURCE_SEP2828, AGENT_RECEIPT_EXTERNAL_SOURCE_X402, partnerRecordDigestSha256Hex, resolveExternalAttestations, sep2828RecordsToExternalAttestations, x402ReceiptToExternalAttestations, } from "./agent-receipt-external-attestations.js";
@@ -0,0 +1,10 @@
1
+ /** MCP resource URI helpers for tenant-bound agent receipt handoff. */
2
+ export declare const MCP_AGENT_RECEIPT_RESOURCE_SCHEME = "paybond";
3
+ export declare const MCP_AGENT_RECEIPT_RESOURCE_HOST = "receipt";
4
+ export declare const MCP_AGENT_RECEIPT_RESOURCE_URI_TEMPLATE = "paybond://receipt/{receipt_id}";
5
+ export declare const MCP_AGENT_RECEIPT_RESOURCE_MIME_TYPE = "application/json";
6
+ /** Parse `paybond://receipt/{receipt_id}` into a canonical receipt id. */
7
+ export declare function parseAgentReceiptResourceUri(uri: string): string;
8
+ /** Build the MCP resource URI for one signed agent receipt id. */
9
+ export declare function agentReceiptResourceUri(receiptId: string): string;
10
+ export declare function agentReceiptResourceTemplateDefinition(): Record<string, unknown>;
@@ -0,0 +1,32 @@
1
+ /** MCP resource URI helpers for tenant-bound agent receipt handoff. */
2
+ export const MCP_AGENT_RECEIPT_RESOURCE_SCHEME = "paybond";
3
+ export const MCP_AGENT_RECEIPT_RESOURCE_HOST = "receipt";
4
+ export const MCP_AGENT_RECEIPT_RESOURCE_URI_TEMPLATE = "paybond://receipt/{receipt_id}";
5
+ export const MCP_AGENT_RECEIPT_RESOURCE_MIME_TYPE = "application/json";
6
+ const RECEIPT_URI_RE = /^paybond:\/\/receipt\/([0-9a-f]{64}|[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})$/i;
7
+ /** Parse `paybond://receipt/{receipt_id}` into a canonical receipt id. */
8
+ export function parseAgentReceiptResourceUri(uri) {
9
+ const trimmed = uri.trim();
10
+ const match = RECEIPT_URI_RE.exec(trimmed);
11
+ if (!match) {
12
+ throw new Error(`unsupported resource URI ${trimmed}; expected ${MCP_AGENT_RECEIPT_RESOURCE_URI_TEMPLATE}`);
13
+ }
14
+ return match[1].toLowerCase();
15
+ }
16
+ /** Build the MCP resource URI for one signed agent receipt id. */
17
+ export function agentReceiptResourceUri(receiptId) {
18
+ const normalized = receiptId.trim().toLowerCase();
19
+ if (!RECEIPT_URI_RE.test(`paybond://receipt/${normalized}`)) {
20
+ throw new Error("receipt_id must be a lowercase SHA-256 hex digest or canonical UUID");
21
+ }
22
+ return `paybond://receipt/${normalized}`;
23
+ }
24
+ export function agentReceiptResourceTemplateDefinition() {
25
+ return {
26
+ uriTemplate: MCP_AGENT_RECEIPT_RESOURCE_URI_TEMPLATE,
27
+ name: "paybond_agent_receipt",
28
+ title: "Paybond Agent Receipt",
29
+ description: "Signed paybond.agent_receipt_v1 JSON fetched tenant-bound from Gateway GET /protocol/v2/agent-receipts/{receipt_id}.",
30
+ mimeType: MCP_AGENT_RECEIPT_RESOURCE_MIME_TYPE,
31
+ };
32
+ }
@@ -44,6 +44,12 @@ export declare class PaybondMCPServer {
44
44
  private readonly toolPolicy;
45
45
  private initialized;
46
46
  constructor(settings: PaybondMCPSettings);
47
+ listResourceTemplates(): Array<Record<string, unknown>>;
48
+ readResource(uri: string): Promise<{
49
+ uri: string;
50
+ mimeType: string;
51
+ text: string;
52
+ }>;
47
53
  listTools(): Array<Record<string, unknown>>;
48
54
  callTool(name: string, args?: Record<string, unknown>): Promise<MCPCallToolResult>;
49
55
  handleMessage(message: JSONRPCRequest): Promise<JSONRPCResponse | null>;
@@ -11,9 +11,10 @@ import { MCP_TOOL_ALLOWLIST_ENV, MCP_TOOL_POLICY_ENV, mergeMcpToolPolicy, parseM
11
11
  import { MCP_EVIDENCE_POLICY_ENV, McpEvidenceValidationGate, completionEvidenceValidationOk, extractHarborEvidenceValidationInput, extractSandboxGuardrailValidationInput, parseMcpEvidencePolicy, } from "./mcp-evidence-policy.js";
12
12
  import { McpCapabilityTokenCache, mcpToolStoresCapabilityToken, parseMcpCapabilityTokenCacheConfig, } from "./mcp-capability-token-cache.js";
13
13
  import { createMcpPolicyGatewayAdapter, McpPolicyReloadGate, parseMcpPolicyReloadConfig, } from "./mcp-policy-reload.js";
14
+ import { agentReceiptResourceTemplateDefinition, agentReceiptResourceUri, MCP_AGENT_RECEIPT_RESOURCE_MIME_TYPE, parseAgentReceiptResourceUri, } from "./mcp-receipt-resource.js";
14
15
  import { DEFAULT_PAYBOND_GATEWAY_BASE_URL, GatewayFraudClient, GatewaySignalClient, } from "./index.js";
15
16
  const SERVER_NAME = "Paybond MCP";
16
- const SERVER_VERSION = "0.11.11";
17
+ const SERVER_VERSION = "0.12.0";
17
18
  const MCP_PROTOCOL_VERSION = "2025-11-25";
18
19
  const DEFAULT_PRINCIPAL_PATH = "/v1/auth/principal";
19
20
  const DEFAULT_RECOGNITION_VERIFIER_ID = "paybond-gateway";
@@ -846,6 +847,22 @@ class PaybondMCPRuntime {
846
847
  "x-tenant-id": await this.tenantId(),
847
848
  });
848
849
  }
850
+ async getAgentReceiptV1(receiptId) {
851
+ const normalized = receiptId.trim().toLowerCase();
852
+ const body = await this.gateway.getJSON(`/protocol/v2/agent-receipts/${encodeURIComponent(normalized)}`, {
853
+ "x-tenant-id": await this.tenantId(),
854
+ });
855
+ const expectedTenant = await this.tenantId();
856
+ const echoedTenant = String(body.tenant_id ?? "").trim();
857
+ if (echoedTenant !== expectedTenant) {
858
+ throw new Error(`tenant mismatch: expected=${expectedTenant} gateway=${echoedTenant}`);
859
+ }
860
+ const echoedReceipt = String(body.receipt_id ?? "").trim().toLowerCase();
861
+ if (echoedReceipt !== normalized) {
862
+ throw new Error(`receipt mismatch: requested=${normalized} gateway=${echoedReceipt}`);
863
+ }
864
+ return body;
865
+ }
849
866
  async createHarborIntent(init) {
850
867
  return this.gateway.postJSON("/harbor/intents", init.body, gatewayMutationHeaders(await this.tenantId(), init.recognitionProof, optionalMutationHeaders(init.idempotencyKey)));
851
868
  }
@@ -896,6 +913,18 @@ export class PaybondMCPServer {
896
913
  this.runtime = new PaybondMCPRuntime(settings);
897
914
  this.tools = this.buildTools(settings).filter((tool) => toolAllowedByPolicy(tool.name, tool.annotations, this.toolPolicy));
898
915
  }
916
+ listResourceTemplates() {
917
+ return [agentReceiptResourceTemplateDefinition()];
918
+ }
919
+ async readResource(uri) {
920
+ const receiptId = parseAgentReceiptResourceUri(uri);
921
+ const receipt = await this.runtime.getAgentReceiptV1(receiptId);
922
+ return {
923
+ uri: agentReceiptResourceUri(receiptId),
924
+ mimeType: MCP_AGENT_RECEIPT_RESOURCE_MIME_TYPE,
925
+ text: JSON.stringify(receipt, null, 2),
926
+ };
927
+ }
899
928
  listTools() {
900
929
  return this.tools.map((tool) => ({
901
930
  name: tool.name,
@@ -973,6 +1002,10 @@ export class PaybondMCPServer {
973
1002
  tools: {
974
1003
  listChanged: false,
975
1004
  },
1005
+ resources: {
1006
+ subscribe: false,
1007
+ listChanged: false,
1008
+ },
976
1009
  },
977
1010
  serverInfo: {
978
1011
  name: SERVER_NAME,
@@ -1002,6 +1035,34 @@ export class PaybondMCPServer {
1002
1035
  tools: this.listTools(),
1003
1036
  },
1004
1037
  };
1038
+ case "resources/list":
1039
+ return {
1040
+ jsonrpc: "2.0",
1041
+ id: message.id,
1042
+ result: {
1043
+ resources: [],
1044
+ },
1045
+ };
1046
+ case "resources/templates/list":
1047
+ return {
1048
+ jsonrpc: "2.0",
1049
+ id: message.id,
1050
+ result: {
1051
+ resourceTemplates: this.listResourceTemplates(),
1052
+ },
1053
+ };
1054
+ case "resources/read": {
1055
+ const params = ensureObject(message.params, "resources/read params");
1056
+ const uri = stringArg(params.uri, "uri");
1057
+ const contents = await this.readResource(uri);
1058
+ return {
1059
+ jsonrpc: "2.0",
1060
+ id: message.id,
1061
+ result: {
1062
+ contents: [contents],
1063
+ },
1064
+ };
1065
+ }
1005
1066
  case "tools/call": {
1006
1067
  const params = ensureObject(message.params, "tools/call params");
1007
1068
  const name = stringArg(params.name, "name");
@@ -0,0 +1,19 @@
1
+ /**
2
+ * MPP commercial denomination helpers for Paybond MVP.
3
+ *
4
+ * Paybond intent commercial fields remain USD-denominated (`amount_cents`, `currency`).
5
+ * Tempo session deposits use USDC base units (6 decimals): `amount_cents * 10_000`.
6
+ */
7
+ import type { SettlementRail } from "./principal-intent.js";
8
+ /** USDC uses 6 decimal places; one USD cent maps to 10_000 base units. */
9
+ export declare const USDC_BASE_UNITS_PER_USD_CENT = 10000;
10
+ /** Rails that require USD-denominated commercial intent fields for MVP. */
11
+ export declare const USD_DENOMINATED_SETTLEMENT_RAILS: Set<SettlementRail>;
12
+ /**
13
+ * Rejects non-USD intents on rails that remain USD-denominated for MVP.
14
+ */
15
+ export declare function validateUsdDenominatedSettlement(settlementRail: SettlementRail, currency: string): void;
16
+ /**
17
+ * Converts Paybond USD cents to Tempo USDC base units.
18
+ */
19
+ export declare function usdCentsToUsdcBaseUnits(amountCents: number): bigint;
@@ -0,0 +1,34 @@
1
+ /**
2
+ * MPP commercial denomination helpers for Paybond MVP.
3
+ *
4
+ * Paybond intent commercial fields remain USD-denominated (`amount_cents`, `currency`).
5
+ * Tempo session deposits use USDC base units (6 decimals): `amount_cents * 10_000`.
6
+ */
7
+ /** USDC uses 6 decimal places; one USD cent maps to 10_000 base units. */
8
+ export const USDC_BASE_UNITS_PER_USD_CENT = 10_000;
9
+ /** Rails that require USD-denominated commercial intent fields for MVP. */
10
+ export const USD_DENOMINATED_SETTLEMENT_RAILS = new Set([
11
+ "x402_usdc_base",
12
+ "stripe_ach_debit",
13
+ "stripe_mpp",
14
+ ]);
15
+ /**
16
+ * Rejects non-USD intents on rails that remain USD-denominated for MVP.
17
+ */
18
+ export function validateUsdDenominatedSettlement(settlementRail, currency) {
19
+ if (!USD_DENOMINATED_SETTLEMENT_RAILS.has(settlementRail)) {
20
+ return;
21
+ }
22
+ if (currency.trim().toLowerCase() !== "usd") {
23
+ throw new Error(`currency must be usd when settlementRail is ${settlementRail} until multi-currency policy is defined`);
24
+ }
25
+ }
26
+ /**
27
+ * Converts Paybond USD cents to Tempo USDC base units.
28
+ */
29
+ export function usdCentsToUsdcBaseUnits(amountCents) {
30
+ if (!Number.isInteger(amountCents) || amountCents < 0) {
31
+ throw new Error("amountCents must be a non-negative integer");
32
+ }
33
+ return BigInt(amountCents) * BigInt(USDC_BASE_UNITS_PER_USD_CENT);
34
+ }
@@ -0,0 +1,71 @@
1
+ import type { AgentRecognitionProofV1, FundIntentResult } from "./index.js";
2
+ import { type FundRequestEnvelope, type X402FundPollOptions } from "./x402-funding.js";
3
+ /** Raw `WWW-Authenticate: Payment …` challenge value from Harbor or the gateway. */
4
+ export type PaymentAuthChallenge = string;
5
+ /** Parsed Payment Auth challenge parameters from a `WWW-Authenticate` header value. */
6
+ export type ParsedPaymentAuthChallenge = {
7
+ raw: string;
8
+ id?: string;
9
+ realm?: string;
10
+ method?: string;
11
+ intent?: string;
12
+ request?: string;
13
+ };
14
+ export type MppFundPollOptions = X402FundPollOptions;
15
+ /** Raised when MPP funding cannot complete (missing challenge, terminal rail status, unexpected HTTP). */
16
+ export declare class PaybondMppFundingFailedError extends Error {
17
+ readonly intentId: string;
18
+ readonly lastResult?: FundIntentResult;
19
+ constructor(message: string, init: {
20
+ intentId: string;
21
+ lastResult?: FundIntentResult;
22
+ cause?: unknown;
23
+ });
24
+ }
25
+ /** Raised when polling exhausts `maxAttempts` before Harbor returns a funded capability token. */
26
+ export declare class PaybondMppFundingPendingError extends Error {
27
+ readonly intentId: string;
28
+ readonly lastResult: FundIntentResult;
29
+ readonly attempts: number;
30
+ constructor(message: string, init: {
31
+ intentId: string;
32
+ lastResult: FundIntentResult;
33
+ attempts: number;
34
+ });
35
+ }
36
+ /**
37
+ * Parses a `WWW-Authenticate: Payment …` challenge into structured parameters.
38
+ *
39
+ * @throws Error when the value is empty or does not start with the Payment scheme.
40
+ */
41
+ export declare function parsePaymentAuthChallenge(raw: string): ParsedPaymentAuthChallenge;
42
+ /** Selects the Stripe MPP charge challenge from `WWW-Authenticate` values. */
43
+ export declare function selectMppChargeChallenge(wwwAuthenticate: string[] | undefined): PaymentAuthChallenge;
44
+ /** Selects the Tempo MPP session challenge from `WWW-Authenticate` values. */
45
+ export declare function selectMppSessionChallenge(wwwAuthenticate: string[] | undefined): PaymentAuthChallenge;
46
+ /** Canonical `/fund` request envelope for Gateway `POST /harbor/intents/{intentId}/fund`. */
47
+ export declare function buildMppFundRequestEnvelope(intentId: string): FundRequestEnvelope;
48
+ export type ExecuteFundWithMppParams = {
49
+ intentId: string;
50
+ recognitionProof: AgentRecognitionProofV1 | Record<string, unknown>;
51
+ /** App-owned callback that turns a Payment Auth challenge into a credential token or header value. */
52
+ createPaymentCredential: (challenge: PaymentAuthChallenge) => Promise<string>;
53
+ issueRecognitionProof: (envelope: FundRequestEnvelope) => Promise<AgentRecognitionProofV1 | Record<string, unknown>>;
54
+ pollOptions?: MppFundPollOptions;
55
+ selectChallenge: (wwwAuthenticate: string[] | undefined) => PaymentAuthChallenge;
56
+ fund: (args: {
57
+ recognitionProof: AgentRecognitionProofV1 | Record<string, unknown>;
58
+ paymentAuthorization?: string;
59
+ }) => Promise<FundIntentResult>;
60
+ };
61
+ /**
62
+ * Orchestrate MPP `/fund`: handle 402 Payment Auth challenges, retry with credentials, poll until funded.
63
+ *
64
+ * Wallet and SPT secrets stay app-owned — pass injectable `createPaymentCredential` and
65
+ * `issueRecognitionProof` callbacks; Paybond never stores MPP signing material.
66
+ */
67
+ export declare function executeFundWithMpp(params: ExecuteFundWithMppParams): Promise<FundIntentResult>;
68
+ /** One-shot Stripe MPP charge funding through Payment Auth semantics. */
69
+ export declare function executeFundWithMppCharge(params: Omit<ExecuteFundWithMppParams, "selectChallenge">): Promise<FundIntentResult>;
70
+ /** Tempo MPP session funding through Payment Auth semantics. */
71
+ export declare function executeFundWithMppSession(params: Omit<ExecuteFundWithMppParams, "selectChallenge">): Promise<FundIntentResult>;