@paybond/kit 0.12.0 → 0.12.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (107) hide show
  1. package/dist/agent/evidence.d.ts +10 -0
  2. package/dist/agent/evidence.js +16 -0
  3. package/dist/agent/index.d.ts +1 -1
  4. package/dist/agent/index.js +1 -1
  5. package/dist/agent/interceptor.js +4 -0
  6. package/dist/agent/receipt-client.d.ts +16 -1
  7. package/dist/agent/run.d.ts +3 -0
  8. package/dist/agent/run.js +1 -1
  9. package/dist/agent-mandate.d.ts +103 -0
  10. package/dist/agent-mandate.js +423 -0
  11. package/dist/agent-receipt-external-attestations.d.ts +27 -0
  12. package/dist/agent-receipt-external-attestations.js +61 -0
  13. package/dist/agent-receipt-pdf-export.d.ts +43 -0
  14. package/dist/agent-receipt-pdf-export.js +109 -0
  15. package/dist/agent-receipt-prevalidate.d.ts +7 -0
  16. package/dist/agent-receipt-prevalidate.js +63 -0
  17. package/dist/agent-receipt.d.ts +21 -1
  18. package/dist/agent-receipt.js +63 -4
  19. package/dist/cli/command-spec.js +50 -1
  20. package/dist/cli/commands/dev.js +10 -3
  21. package/dist/cli/commands/setup.js +19 -1
  22. package/dist/cli/commands/shopify.d.ts +53 -0
  23. package/dist/cli/commands/shopify.js +808 -0
  24. package/dist/cli/help.d.ts +1 -1
  25. package/dist/cli/help.js +13 -3
  26. package/dist/cli/router.js +15 -1
  27. package/dist/commerce-binding.d.ts +59 -0
  28. package/dist/commerce-binding.js +129 -0
  29. package/dist/doctor-completion.d.ts +16 -0
  30. package/dist/doctor-completion.js +157 -1
  31. package/dist/index.d.ts +27 -2
  32. package/dist/index.js +43 -7
  33. package/dist/mcp-server.d.ts +1 -0
  34. package/dist/mcp-server.js +28 -9
  35. package/dist/policy/presets.d.ts +1 -1
  36. package/dist/policy/presets.js +1 -0
  37. package/dist/project-init.d.ts +1 -1
  38. package/dist/project-init.js +1 -0
  39. package/dist/protocol-receipt.d.ts +129 -0
  40. package/dist/protocol-receipt.js +620 -0
  41. package/dist/shopify/checkout.d.ts +29 -0
  42. package/dist/shopify/checkout.js +79 -0
  43. package/dist/shopify/evidence.d.ts +13 -0
  44. package/dist/shopify/evidence.js +85 -0
  45. package/dist/shopify/index.d.ts +8 -0
  46. package/dist/shopify/index.js +6 -0
  47. package/dist/shopify/instrument.d.ts +61 -0
  48. package/dist/shopify/instrument.js +52 -0
  49. package/dist/shopify/order.d.ts +8 -0
  50. package/dist/shopify/order.js +110 -0
  51. package/dist/shopify/types.d.ts +82 -0
  52. package/dist/shopify/types.js +4 -0
  53. package/dist/solutions/catalog.d.ts +1 -1
  54. package/dist/solutions/catalog.js +1 -1
  55. package/dist/stripe-commerce/evidence.d.ts +13 -0
  56. package/dist/stripe-commerce/evidence.js +164 -0
  57. package/dist/stripe-commerce/index.d.ts +3 -0
  58. package/dist/stripe-commerce/index.js +2 -0
  59. package/dist/stripe-commerce/metadata.d.ts +11 -0
  60. package/dist/stripe-commerce/metadata.js +34 -0
  61. package/dist/stripe-commerce/types.d.ts +38 -0
  62. package/dist/stripe-commerce/types.js +1 -0
  63. package/dist/template-init.d.ts +1 -1
  64. package/dist/template-init.js +6 -1
  65. package/package.json +1 -1
  66. package/policy/presets/stripe-commerce.yaml +19 -0
  67. package/solutions/stripe-commerce.json +19 -0
  68. package/templates/manifest.json +82 -10
  69. package/templates/openai-shopping-agent/package-lock.json +10 -10
  70. package/templates/openai-shopping-agent/src/paybond.config.ts +1 -1
  71. package/templates/paybond-aws-operator/package-lock.json +7 -7
  72. package/templates/paybond-aws-operator/src/paybond.config.ts +1 -1
  73. package/templates/paybond-claude-agents-demo/package-lock.json +7 -7
  74. package/templates/paybond-claude-agents-demo/src/paybond.config.ts +1 -1
  75. package/templates/paybond-mastra-travel-agent/package-lock.json +30 -30
  76. package/templates/paybond-mastra-travel-agent/src/paybond.config.ts +1 -1
  77. package/templates/paybond-mcp-coding-agent/package-lock.json +7 -7
  78. package/templates/paybond-mcp-coding-agent/src/paybond.config.ts +1 -1
  79. package/templates/paybond-openai-agents-demo/package-lock.json +10 -10
  80. package/templates/paybond-openai-agents-demo/src/paybond.config.ts +1 -1
  81. package/templates/paybond-procurement-agent/package-lock.json +7 -7
  82. package/templates/paybond-procurement-agent/src/paybond.config.ts +1 -1
  83. package/templates/paybond-shopify-shopping-agent/.env.example +3 -0
  84. package/templates/paybond-shopify-shopping-agent/.github/workflows/smoke.yml +20 -0
  85. package/templates/paybond-shopify-shopping-agent/LICENSE +201 -0
  86. package/templates/paybond-shopify-shopping-agent/README.md +29 -0
  87. package/templates/paybond-shopify-shopping-agent/package-lock.json +223 -0
  88. package/templates/paybond-shopify-shopping-agent/package.json +20 -0
  89. package/templates/paybond-shopify-shopping-agent/paybond.policy.yaml +22 -0
  90. package/templates/paybond-shopify-shopping-agent/src/index.ts +54 -0
  91. package/templates/paybond-shopify-shopping-agent/src/paybond.config.ts +51 -0
  92. package/templates/paybond-shopify-shopping-agent/tsconfig.json +13 -0
  93. package/templates/paybond-stripe-agent-demo/.env.example +9 -0
  94. package/templates/paybond-stripe-agent-demo/.github/workflows/smoke.yml +20 -0
  95. package/templates/paybond-stripe-agent-demo/LICENSE +201 -0
  96. package/templates/paybond-stripe-agent-demo/README.md +50 -0
  97. package/templates/paybond-stripe-agent-demo/package-lock.json +223 -0
  98. package/templates/paybond-stripe-agent-demo/package.json +20 -0
  99. package/templates/paybond-stripe-agent-demo/paybond.policy.yaml +22 -0
  100. package/templates/paybond-stripe-agent-demo/src/charge-customer.ts +237 -0
  101. package/templates/paybond-stripe-agent-demo/src/index.ts +78 -0
  102. package/templates/paybond-stripe-agent-demo/src/paybond.config.ts +51 -0
  103. package/templates/paybond-stripe-agent-demo/tsconfig.json +13 -0
  104. package/templates/paybond-travel-agent/package-lock.json +13 -13
  105. package/templates/paybond-travel-agent/src/paybond.config.ts +1 -1
  106. package/templates/paybond-vercel-shopping-agent/package-lock.json +7 -7
  107. package/templates/paybond-vercel-shopping-agent/src/paybond.config.ts +1 -1
package/dist/index.js CHANGED
@@ -4,6 +4,7 @@
4
4
  */
5
5
  import { buildSignedCreateIntentBody, buildSignedCreateIntentBodyWithPolicyBinding, } from "./principal-intent.js";
6
6
  import { signPayeeEvidenceBinding } from "./payee-evidence.js";
7
+ import { PAYBOND_AGENT_RECEIPT_ATTESTATIONS_HEADER, PAYBOND_AGENT_RECEIPT_SOURCE_RUN_HEADER, } from "./agent-receipt.js";
7
8
  import { PaybondAgentRunFacade, createPaybondAgentCallable, PaybondInstrumentBuilder, createGuardedAgent, createGuardedAgentRunner, createPaybondAgent, createPaybondToolRegistry, instrumentPaybondAgent, instrumentPaybondClaudeAgents, instrumentPaybondLangGraph, instrumentPaybondMCP, instrumentPaybondOpenAI, instrumentPaybondVercel, resolveAgentPolicySource, wrapPaybondTools, } from "./agent/index.js";
8
9
  import { GatewayAgentRunTraceReporter, } from "./agent/gateway-trace-reporter.js";
9
10
  import { fetchWithGatewayRetries, gatewayRetryDelayMs, shouldRetryGatewayResponse, } from "./gateway-retry.js";
@@ -934,6 +935,14 @@ export class GatewayHarborClient {
934
935
  return gatewayMutationHeaders(proof, {
935
936
  ...(headers ?? {}),
936
937
  ...(options?.idempotencyKey?.trim() ? { "idempotency-key": options.idempotencyKey.trim() } : {}),
938
+ ...(options?.agentReceiptAttestations !== undefined
939
+ ? {
940
+ [PAYBOND_AGENT_RECEIPT_ATTESTATIONS_HEADER]: JSON.stringify(options.agentReceiptAttestations),
941
+ }
942
+ : {}),
943
+ ...(options?.agentReceiptSourceRunId?.trim()
944
+ ? { [PAYBOND_AGENT_RECEIPT_SOURCE_RUN_HEADER]: options.agentReceiptSourceRunId.trim() }
945
+ : {}),
937
946
  });
938
947
  }
939
948
  async verifyCapability(input) {
@@ -2202,7 +2211,14 @@ function gatewayMutationHeaders(recognitionProof, headers) {
2202
2211
  function encodeRecognitionProofHeader(proof) {
2203
2212
  return Buffer.from(JSON.stringify(proof), "utf8").toString("base64url");
2204
2213
  }
2205
- async function resolveGatewayTenantId(gatewayBaseUrl, apiKey, principalPath, maxRetries, expectedEnvironment) {
2214
+ function readPrincipalEnvironment(actualRaw) {
2215
+ const actual = typeof actualRaw === "string" ? actualRaw.trim() : "";
2216
+ if (actual === "live" || actual === "sandbox") {
2217
+ return actual;
2218
+ }
2219
+ return null;
2220
+ }
2221
+ async function resolveGatewayPrincipal(gatewayBaseUrl, apiKey, principalPath, maxRetries, expectedEnvironment) {
2206
2222
  const base = normalizeBase(gatewayBaseUrl);
2207
2223
  const path = principalPath.startsWith("/") ? principalPath : `/${principalPath}`;
2208
2224
  const url = `${base}${path}`;
@@ -2246,10 +2262,14 @@ async function resolveGatewayTenantId(gatewayBaseUrl, apiKey, principalPath, max
2246
2262
  });
2247
2263
  }
2248
2264
  assertExpectedEnvironment("gateway principal", body.environment, expected, text);
2249
- return tenant;
2265
+ return { tenantId: tenant, environment: readPrincipalEnvironment(body.environment) };
2250
2266
  }
2251
2267
  throw lastErr instanceof Error ? lastErr : new Error(String(lastErr));
2252
2268
  }
2269
+ async function resolveGatewayTenantId(gatewayBaseUrl, apiKey, principalPath, maxRetries, expectedEnvironment) {
2270
+ const principal = await resolveGatewayPrincipal(gatewayBaseUrl, apiKey, principalPath, maxRetries, expectedEnvironment);
2271
+ return principal.tenantId;
2272
+ }
2253
2273
  /**
2254
2274
  * Read-only tenant-bound Signal session for one service-account API key.
2255
2275
  */
@@ -2446,7 +2466,14 @@ export class Paybond {
2446
2466
  audit;
2447
2467
  agentRun;
2448
2468
  agent;
2449
- constructor(harbor, guardrails, signal, fraud, a2a, protocol, audit) {
2469
+ /**
2470
+ * Deployment environment this session is bound to, as reported by the gateway principal
2471
+ * (`"live"` or `"sandbox"`), or `null` when the gateway did not report one. Server-derived —
2472
+ * prefer this over the client-supplied `expectedEnvironment` hint when gating environment-sensitive
2473
+ * behavior (for example, refusing live Stripe secrets in a sandbox-only demo).
2474
+ */
2475
+ environment;
2476
+ constructor(harbor, guardrails, signal, fraud, a2a, protocol, audit, environment) {
2450
2477
  this.harbor = harbor;
2451
2478
  this.guardrails = guardrails;
2452
2479
  this.signal = signal;
@@ -2457,12 +2484,14 @@ export class Paybond {
2457
2484
  this.audit = audit;
2458
2485
  this.agentRun = new PaybondAgentRunFacade(this);
2459
2486
  this.agent = createPaybondAgentCallable(protocol, (input) => createPaybondAgent(this, input));
2487
+ this.environment = environment;
2460
2488
  }
2461
2489
  /** Open a tenant-bound hosted Paybond session from a service-account API key. */
2462
2490
  static async open(init) {
2463
2491
  const gatewayBaseUrl = defaultGatewayBaseUrl(init.gatewayBaseUrl);
2464
2492
  const maxRetries = Math.max(1, init.maxRetries ?? 3);
2465
- const tenantId = await resolveGatewayTenantId(gatewayBaseUrl, init.apiKey, init.principalPath ?? DEFAULT_PRINCIPAL_PATH, maxRetries, init.expectedEnvironment);
2493
+ const principal = await resolveGatewayPrincipal(gatewayBaseUrl, init.apiKey, init.principalPath ?? DEFAULT_PRINCIPAL_PATH, maxRetries, init.expectedEnvironment);
2494
+ const tenantId = principal.tenantId;
2466
2495
  const harbor = new GatewayHarborClient(gatewayBaseUrl, tenantId, {
2467
2496
  staticGatewayBearerToken: init.apiKey,
2468
2497
  maxRetries,
@@ -2491,7 +2520,7 @@ export class Paybond {
2491
2520
  staticGatewayBearerToken: init.apiKey,
2492
2521
  maxRetries,
2493
2522
  }));
2494
- return new Paybond(harbor, guardrails, signal, fraud, a2a, protocol, audit);
2523
+ return new Paybond(harbor, guardrails, signal, fraud, a2a, protocol, audit, principal.environment);
2495
2524
  }
2496
2525
  /** Reserved for future HTTP client cleanup; safe to call after work completes. */
2497
2526
  async aclose() {
@@ -2569,6 +2598,9 @@ export { artifactsDigest, evidenceSignBytesV1, signPayeeEvidenceBinding, } from
2569
2598
  export { AGENT_RECOGNITION_GATEWAY_VERIFIER_ID, AGENT_RECOGNITION_PROOF_KIND_V1, AGENT_RECOGNITION_PURPOSE_CREATE, AGENT_RECOGNITION_PURPOSE_FUND, AGENT_RECOGNITION_PURPOSE_EVIDENCE_SUBMIT, newAgentRecognitionRequestEnvelope, signAgentRecognitionProofV1, signHarborCreateRecognitionProof, signHarborFundRecognitionProof, signHarborEvidenceSubmitRecognitionProof, signHarborSettlementConfirmRecognitionProof, } from "./agent-recognition.js";
2570
2599
  export { executeFundWithX402, buildX402FundRequestEnvelope, PaybondX402FundingFailedError, PaybondX402FundingPendingError, } from "./x402-funding.js";
2571
2600
  export { executeFundWithMpp, executeFundWithMppCharge, executeFundWithMppSession, buildMppFundRequestEnvelope, parsePaymentAuthChallenge, selectMppChargeChallenge, selectMppSessionChallenge, PaybondMppFundingFailedError, PaybondMppFundingPendingError, } from "./mpp-funding.js";
2601
+ export { buildPaybondStripeMetadata, assertNotStripeFundingWebhook, mapStripeToolResultToEvidence, STRIPE_COMMERCE_MAPPER_VERSION, PAYBOND_STRIPE_METADATA_TENANT_ID_KEY, PAYBOND_STRIPE_METADATA_INTENT_ID_KEY, PAYBOND_STRIPE_METADATA_RAIL_KEY, } from "./stripe-commerce/index.js";
2602
+ export { PAYBOND_UCP_AGENT_PROFILE_URL, PAYBOND_SHOPIFY_UCP_VERSION, SHOPIFY_COMMERCE_MAPPER_VERSION, assertNotShopifyFundingWebhook, createCheckoutWithBinding, createGuardedShopifyCheckoutHandler, getOrder, instrumentShopifyCheckout, mapShopifyToolResultToEvidence, mergeBindingIntoCheckoutPayload, toUcpCheckoutLineItems, } from "./shopify/index.js";
2603
+ export { normalizeCommerceBinding, encodeCommerceBindingToStripeMetadata, decodeCommerceBindingFromStripeMetadata, encodeCommerceBindingToShopifyNoteAttributes, decodeCommerceBindingFromShopifyNoteAttributes, PAYBOND_COMMERCE_BINDING_TENANT_ID_KEY, PAYBOND_COMMERCE_BINDING_INTENT_ID_KEY, } from "./commerce-binding.js";
2572
2604
  export { validateCompletionEvidence, } from "./completion-validate-evidence.js";
2573
2605
  export { completionSchemaDigestHex, computeVendorContractDigests, verifyVendorContract, verifyCatalogVendorContracts, } from "./completion-contract-digest.js";
2574
2606
  export { contractSnapshotForPreset, mapVendorEvidenceToCanonical, resolveCompletionPreset, } from "./completion-resolve.js";
@@ -2577,5 +2609,9 @@ export { PaybondAudit, PaybondAuditExports, GatewayAuditExportsClient, parseAudi
2577
2609
  export { PaybondPolicy, composePolicyLayers, composeBundledPresetDefault, domain, guardrails, paybondPolicyPresets, resolveComposedPresetDocument, } from "./policy/index.js";
2578
2610
  export { getSolutionSmokeDefaults, isKnownSolutionId, listSolutionIds, loadSolutionManifest, paybondSolutionPresets, } from "./solutions/index.js";
2579
2611
  export { appendDirectHarborPaymentAuthorization, formatPaymentAuthorizationValue, PAYBOND_PAYMENT_AUTHORIZATION_HEADER, PAYMENT_TRANSPORT_RESPONSE_HEADERS, paymentAuthorizationGatewayHeader, readFundPaymentTransportHeaders, } from "./payment-transport.js";
2580
- export { AGENT_RECEIPT_KIND_V1, AGENT_RECEIPT_SCHEMA_VERSION, AGENT_RECEIPT_SCOPE_ACTION, AGENT_RECEIPT_SCOPE_INTENT_TERMINAL, AGENT_RECEIPT_SIGNING_ALGORITHM_ED25519, AGENT_RECEIPT_VERSION_V1, AGENT_RECEIPT_WELL_KNOWN_PATH, actionReceiptId, canonicalAgentReceiptBytes, configHashSha256Hex, promptHashSha256Hex, valueDigestSha256Hex, verifyAgentReceiptV1, } from "./agent-receipt.js";
2581
- export { AGENT_RECEIPT_EXTERNAL_SOURCE_SEP2828, AGENT_RECEIPT_EXTERNAL_SOURCE_X402, partnerRecordDigestSha256Hex, resolveExternalAttestations, sep2828RecordsToExternalAttestations, x402ReceiptToExternalAttestations, } from "./agent-receipt-external-attestations.js";
2612
+ export { AGENT_RECEIPT_KIND_V1, AGENT_RECEIPT_SCHEMA_VERSION, AGENT_RECEIPT_SCOPE_ACTION, AGENT_RECEIPT_SCOPE_INTENT_TERMINAL, AGENT_RECEIPT_SIGNING_ALGORITHM_ED25519, AGENT_RECEIPT_VERSION_V1, AGENT_RECEIPT_SIGNING_KEYS_WELL_KNOWN_PATH, AGENT_RECEIPT_WELL_KNOWN_PATH, PAYBOND_AGENT_RECEIPT_ATTESTATIONS_HEADER, PAYBOND_AGENT_RECEIPT_SOURCE_RUN_HEADER, actionReceiptId, attachOperatorAttestationV1, canonicalAgentReceiptBytes, configHashSha256Hex, promptHashSha256Hex, valueDigestSha256Hex, verifyAgentReceiptV1, verifyAgentReceiptV1FromJSON, } from "./agent-receipt.js";
2613
+ export { FORBIDDEN_AGENT_RECEIPT_FIELDS, parseAgentReceiptJSON, validateAgentReceiptJSON, } from "./agent-receipt-prevalidate.js";
2614
+ export { AGENT_RECEIPT_EXTERNAL_SOURCE_AP2, AGENT_RECEIPT_EXTERNAL_SOURCE_SEP2828, AGENT_RECEIPT_EXTERNAL_SOURCE_X402, partnerRecordDigestSha256Hex, protocolAuthorizationReceiptToExternalAttestations, protocolSettlementReceiptToExternalAttestations, resolveExternalAttestations, sep2828RecordsToExternalAttestations, signedMandateToExternalAttestations, x402ReceiptToExternalAttestations, } from "./agent-receipt-external-attestations.js";
2615
+ export { AGENT_RECEIPT_PDF_EXPORT_DERIVED_VIEW_LABEL, AGENT_RECEIPT_PDF_EXPORT_MANIFEST_KIND, AGENT_RECEIPT_PDF_EXPORT_MANIFEST_SCHEMA_VERSION, FORBIDDEN_PDF_EXPORT_MANIFEST_FIELDS, gateAgentReceiptPDFExport, parseAgentReceiptPDFExportManifestJSON, validateAgentReceiptPDFExportManifestJSON, } from "./agent-receipt-pdf-export.js";
2616
+ export { AGENT_AUTHORIZATION_KIND_PRINCIPAL, AGENT_AUTHORIZATION_KIND_TENANT, AGENT_MANDATE_KIND_V1, AGENT_MANDATE_SCHEMA_VERSION, AGENT_MANDATE_SIGNING_ALGORITHM_ED25519_SHA256, CONSTRAINT_REFERENCE_KIND_POLICY, CONSTRAINT_REFERENCE_KIND_PREDICATE, HUMAN_PRESENCE_MODE_HUMAN_NOT_PRESENT, HUMAN_PRESENCE_MODE_HUMAN_PRESENT, agentMandateDigestSha256Hex, canonicalAgentMandateJsonBytes, normalizeAgentMandateV1, signAgentMandateV1, verifySignedAgentMandateV1, } from "./agent-mandate.js";
2617
+ export { PROTOCOL_AUTHORIZATION_RECEIPT_KIND_V1, PROTOCOL_RECEIPT_SCHEMA_VERSION, PROTOCOL_RECEIPT_SIGNING_ALGORITHM_ED25519_SHA256, PROTOCOL_RECEIPT_STATUS_AUTHORIZED, PROTOCOL_RECEIPT_VERSION_V1, PROTOCOL_SETTLEMENT_RECEIPT_KIND_V1, PROTOCOL_SOURCE_ACP, PROTOCOL_SOURCE_AP2, PROTOCOL_SOURCE_UCP, normalizeProtocolAuthorizationReceiptV1, normalizeProtocolSettlementReceiptV1, signProtocolAuthorizationReceiptV1, signProtocolSettlementReceiptV1, verifyProtocolAuthorizationReceiptV1, verifyProtocolSettlementReceiptV1, } from "./protocol-receipt.js";
@@ -49,6 +49,7 @@ export declare class PaybondMCPServer {
49
49
  uri: string;
50
50
  mimeType: string;
51
51
  text: string;
52
+ _meta?: Record<string, unknown>;
52
53
  }>;
53
54
  listTools(): Array<Record<string, unknown>>;
54
55
  callTool(name: string, args?: Record<string, unknown>): Promise<MCPCallToolResult>;
@@ -11,10 +11,11 @@ import { MCP_TOOL_ALLOWLIST_ENV, MCP_TOOL_POLICY_ENV, mergeMcpToolPolicy, parseM
11
11
  import { MCP_EVIDENCE_POLICY_ENV, McpEvidenceValidationGate, completionEvidenceValidationOk, extractHarborEvidenceValidationInput, extractSandboxGuardrailValidationInput, parseMcpEvidencePolicy, } from "./mcp-evidence-policy.js";
12
12
  import { McpCapabilityTokenCache, mcpToolStoresCapabilityToken, parseMcpCapabilityTokenCacheConfig, } from "./mcp-capability-token-cache.js";
13
13
  import { createMcpPolicyGatewayAdapter, McpPolicyReloadGate, parseMcpPolicyReloadConfig, } from "./mcp-policy-reload.js";
14
+ import { verifyAgentReceiptV1FromJSON } from "./agent-receipt.js";
14
15
  import { agentReceiptResourceTemplateDefinition, agentReceiptResourceUri, MCP_AGENT_RECEIPT_RESOURCE_MIME_TYPE, parseAgentReceiptResourceUri, } from "./mcp-receipt-resource.js";
15
16
  import { DEFAULT_PAYBOND_GATEWAY_BASE_URL, GatewayFraudClient, GatewaySignalClient, } from "./index.js";
16
17
  const SERVER_NAME = "Paybond MCP";
17
- const SERVER_VERSION = "0.12.0";
18
+ const SERVER_VERSION = "0.12.1";
18
19
  const MCP_PROTOCOL_VERSION = "2025-11-25";
19
20
  const DEFAULT_PRINCIPAL_PATH = "/v1/auth/principal";
20
21
  const DEFAULT_RECOGNITION_VERIFIER_ID = "paybond-gateway";
@@ -919,10 +920,23 @@ export class PaybondMCPServer {
919
920
  async readResource(uri) {
920
921
  const receiptId = parseAgentReceiptResourceUri(uri);
921
922
  const receipt = await this.runtime.getAgentReceiptV1(receiptId);
923
+ let verified;
924
+ try {
925
+ verified = await verifyAgentReceiptV1FromJSON(receipt);
926
+ }
927
+ catch (err) {
928
+ throw new Error(`agent receipt verification failed for ${receiptId}: ${formatError(err)}`);
929
+ }
922
930
  return {
923
931
  uri: agentReceiptResourceUri(receiptId),
924
932
  mimeType: MCP_AGENT_RECEIPT_RESOURCE_MIME_TYPE,
925
933
  text: JSON.stringify(receipt, null, 2),
934
+ _meta: {
935
+ verification: {
936
+ valid: true,
937
+ message_digest: verified.message_digest_sha256_hex,
938
+ },
939
+ },
926
940
  };
927
941
  }
928
942
  listTools() {
@@ -1054,14 +1068,19 @@ export class PaybondMCPServer {
1054
1068
  case "resources/read": {
1055
1069
  const params = ensureObject(message.params, "resources/read params");
1056
1070
  const uri = stringArg(params.uri, "uri");
1057
- const contents = await this.readResource(uri);
1058
- return {
1059
- jsonrpc: "2.0",
1060
- id: message.id,
1061
- result: {
1062
- contents: [contents],
1063
- },
1064
- };
1071
+ try {
1072
+ const contents = await this.readResource(uri);
1073
+ return {
1074
+ jsonrpc: "2.0",
1075
+ id: message.id,
1076
+ result: {
1077
+ contents: [contents],
1078
+ },
1079
+ };
1080
+ }
1081
+ catch (err) {
1082
+ return responseError(message.id, -32000, formatError(err));
1083
+ }
1065
1084
  }
1066
1085
  case "tools/call": {
1067
1086
  const params = ensureObject(message.params, "tools/call params");
@@ -1,7 +1,7 @@
1
1
  import type { LayeredPolicyPresetId } from "./compose.js";
2
2
  import { type PaybondPolicyDocumentV1 } from "./schema.js";
3
3
  export type { LayeredPolicyPresetId };
4
- declare const KNOWN_POLICY_PRESET_IDS: readonly ["travel", "shopping", "saas", "aws", "read-only", "strict"];
4
+ declare const KNOWN_POLICY_PRESET_IDS: readonly ["travel", "shopping", "saas", "aws", "stripe-commerce", "read-only", "strict"];
5
5
  export type PolicyPresetId = (typeof KNOWN_POLICY_PRESET_IDS)[number];
6
6
  /** True when `value` is a bundled vertical policy preset id (not a file path). */
7
7
  export declare function isKnownPolicyPresetId(value: string): value is PolicyPresetId;
@@ -10,6 +10,7 @@ const KNOWN_POLICY_PRESET_IDS = [
10
10
  "shopping",
11
11
  "saas",
12
12
  "aws",
13
+ "stripe-commerce",
13
14
  "read-only",
14
15
  "strict",
15
16
  ];
@@ -1,7 +1,7 @@
1
1
  import type { PolicyPresetId } from "./policy/presets.js";
2
2
  import { type SolutionId } from "./solutions/catalog.js";
3
3
  export type ProjectInitSolution = SolutionId | "mcp-server";
4
- export type ProjectInitFramework = "openai" | "langgraph" | "mcp" | "generic";
4
+ export type ProjectInitFramework = "openai" | "langgraph" | "mcp" | "generic" | "shopify";
5
5
  export type ProjectInitLanguage = "typescript" | "python";
6
6
  export type ProjectInitOptions = {
7
7
  cwd: string;
@@ -33,6 +33,7 @@ const FRAMEWORK_ALIASES = {
33
33
  langgraph: "langgraph",
34
34
  mcp: "mcp",
35
35
  generic: "generic",
36
+ shopify: "shopify",
36
37
  };
37
38
  function usage() {
38
39
  return [
@@ -0,0 +1,129 @@
1
+ /**
2
+ * Local verification for protocol-v2 authorization and settlement receipts.
3
+ *
4
+ * Canonical JSON matches the Go gateway `protocolAuthorizationReceiptCanonicalV1` /
5
+ * `protocolSettlementReceiptCanonicalV1` marshalers (fixed struct field order, signing
6
+ * fields stripped, RFC3339Nano UTC timestamps, HTML-safe `\u` escapes), not Kit's generic
7
+ * JCS-style `normalizeJson`. Ported from `go/gateway/internal/protocolv2/receipt.go`.
8
+ */
9
+ import { type AgentMandateAgentIdentity, type AgentMandateAuthorization, type AgentMandateConstraintReference, type AgentMandateSettlementRailPolicy, type AgentMandateSpendCeiling } from "./agent-mandate.js";
10
+ export declare const PROTOCOL_RECEIPT_SCHEMA_VERSION = 1;
11
+ export declare const PROTOCOL_RECEIPT_VERSION_V1 = "1";
12
+ export declare const PROTOCOL_RECEIPT_SIGNING_ALGORITHM_ED25519_SHA256 = "ed25519-sha256-json-v1";
13
+ export declare const PROTOCOL_AUTHORIZATION_RECEIPT_KIND_V1 = "paybond.protocol_authorization_receipt_v1";
14
+ export declare const PROTOCOL_SETTLEMENT_RECEIPT_KIND_V1 = "paybond.protocol_settlement_receipt_v1";
15
+ export declare const PROTOCOL_RECEIPT_STATUS_AUTHORIZED = "authorized";
16
+ /** Default protocol source (AP2-aligned) for imported mandates and exported receipts. */
17
+ export declare const PROTOCOL_SOURCE_AP2 = "ap2";
18
+ /** Stripe Agentic Commerce Protocol (ACP) source identifier for partner receipts. */
19
+ export declare const PROTOCOL_SOURCE_ACP = "acp";
20
+ /** Stripe Unified Commerce Protocol (UCP) source identifier for partner receipts. */
21
+ export declare const PROTOCOL_SOURCE_UCP = "ucp";
22
+ /** Partner transport metadata for imported mandates and exported receipts. */
23
+ export type ProtocolTransportBindingV1 = {
24
+ source_protocol: string;
25
+ partner_platform?: string;
26
+ external_authorization_id?: string;
27
+ request_id?: string;
28
+ };
29
+ /** Signed acknowledgement emitted after accepting a partner mandate binding. */
30
+ export type ProtocolAuthorizationReceiptV1 = {
31
+ schema_version: number;
32
+ kind: string;
33
+ receipt_version: string;
34
+ receipt_id: string;
35
+ issued_at: string;
36
+ status: string;
37
+ intent_id: string;
38
+ tenant_id: string;
39
+ verifier_id: string;
40
+ transport_binding: ProtocolTransportBindingV1;
41
+ mandate_digest_sha256_hex: string;
42
+ imported_mandate_signing_public_key_ed25519_hex: string;
43
+ authorization: AgentMandateAuthorization;
44
+ agent: AgentMandateAgentIdentity;
45
+ allowed_actions: string[];
46
+ allowed_tools: string[];
47
+ spend_ceiling: AgentMandateSpendCeiling;
48
+ settlement: AgentMandateSettlementRailPolicy;
49
+ constraint: AgentMandateConstraintReference;
50
+ expires_at: string;
51
+ nonce: string;
52
+ human_presence_mode: string;
53
+ signing_algorithm: string;
54
+ message_digest_sha256_hex: string;
55
+ signing_public_key_ed25519_hex: string;
56
+ ed25519_signature_hex: string;
57
+ };
58
+ /** Signed terminal outcome artifact for a Harbor intent bound to a partner mandate. */
59
+ export type ProtocolSettlementReceiptV1 = {
60
+ schema_version: number;
61
+ kind: string;
62
+ receipt_version: string;
63
+ receipt_id: string;
64
+ issued_at: string;
65
+ intent_id: string;
66
+ tenant_id: string;
67
+ verifier_id: string;
68
+ transport_binding: ProtocolTransportBindingV1;
69
+ authorization_receipt_id: string;
70
+ mandate_digest_sha256_hex: string;
71
+ harbor_state: string;
72
+ predicate_passed?: boolean;
73
+ settlement_rail: string;
74
+ settlement_mode: string;
75
+ principal_did: string;
76
+ payee_did: string;
77
+ currency: string;
78
+ amount_cents: number;
79
+ terminal_observed_at: string;
80
+ signing_algorithm: string;
81
+ message_digest_sha256_hex: string;
82
+ signing_public_key_ed25519_hex: string;
83
+ ed25519_signature_hex: string;
84
+ };
85
+ type ProtocolAuthorizationReceiptInput = ProtocolAuthorizationReceiptV1 | Record<string, unknown>;
86
+ type ProtocolSettlementReceiptInput = ProtocolSettlementReceiptV1 | Record<string, unknown>;
87
+ /**
88
+ * Validates and canonicalizes an authorization receipt for hashing and signing.
89
+ *
90
+ * Signing fields are lower/trim-normalized but not recomputed here.
91
+ *
92
+ * @throws When structure or field values are invalid.
93
+ */
94
+ export declare function normalizeProtocolAuthorizationReceiptV1(input: ProtocolAuthorizationReceiptInput): ProtocolAuthorizationReceiptV1;
95
+ /**
96
+ * Validates and canonicalizes a settlement receipt for hashing and signing.
97
+ *
98
+ * @throws When structure or field values are invalid.
99
+ */
100
+ export declare function normalizeProtocolSettlementReceiptV1(input: ProtocolSettlementReceiptInput): ProtocolSettlementReceiptV1;
101
+ /**
102
+ * Validates, canonicalizes, and signs an authorization receipt with
103
+ * Ed25519-over-SHA-256(canonical JSON).
104
+ *
105
+ * @param signingSeed - 32-byte Ed25519 seed (noble private key).
106
+ */
107
+ export declare function signProtocolAuthorizationReceiptV1(signingSeed: Uint8Array, input: ProtocolAuthorizationReceiptInput): ProtocolAuthorizationReceiptV1;
108
+ /**
109
+ * Validates, canonicalizes, and signs a settlement receipt with
110
+ * Ed25519-over-SHA-256(canonical JSON).
111
+ *
112
+ * @param signingSeed - 32-byte Ed25519 seed (noble private key).
113
+ */
114
+ export declare function signProtocolSettlementReceiptV1(signingSeed: Uint8Array, input: ProtocolSettlementReceiptInput): ProtocolSettlementReceiptV1;
115
+ /**
116
+ * Checks structure, canonical digest recompute, and detached Ed25519 signature.
117
+ *
118
+ * @returns The normalized authorization receipt on success.
119
+ * @throws When structure, digest, or signature verification fails.
120
+ */
121
+ export declare function verifyProtocolAuthorizationReceiptV1(input: ProtocolAuthorizationReceiptInput): ProtocolAuthorizationReceiptV1;
122
+ /**
123
+ * Checks structure, canonical digest recompute, and detached Ed25519 signature.
124
+ *
125
+ * @returns The normalized settlement receipt on success.
126
+ * @throws When structure, digest, or signature verification fails.
127
+ */
128
+ export declare function verifyProtocolSettlementReceiptV1(input: ProtocolSettlementReceiptInput): ProtocolSettlementReceiptV1;
129
+ export {};