@paybond/kit 0.3.0 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +77 -24
- package/dist/index.d.ts +656 -2
- package/dist/index.js +665 -2
- package/dist/mcp-server.d.ts +50 -0
- package/dist/mcp-server.js +932 -0
- package/package.json +20 -3
package/README.md
CHANGED
|
@@ -1,13 +1,15 @@
|
|
|
1
1
|
# `@paybond/kit`
|
|
2
2
|
|
|
3
|
-
Paybond Kit for TypeScript
|
|
3
|
+
Paybond Kit for TypeScript is the npm package for tenant-bound Paybond integrations. It opens gateway-authenticated Harbor sessions, verifies capability tokens, signs intent and evidence payloads, funds x402 / USDC-on-Base intents, and reads tenant-scoped Signal, fraud, ledger, protocol, and A2A data.
|
|
4
4
|
|
|
5
|
-
Install
|
|
5
|
+
## Install
|
|
6
6
|
|
|
7
7
|
```bash
|
|
8
8
|
npm install @paybond/kit
|
|
9
9
|
```
|
|
10
10
|
|
|
11
|
+
`@paybond/kit` is an ESM-only package for modern Node.js runtimes. Use `import` from a Node ESM / `NodeNext` project or a compatible bundler.
|
|
12
|
+
|
|
11
13
|
## Open source
|
|
12
14
|
|
|
13
15
|
`@paybond/kit` is distributed as open-source software under the Apache 2.0 license. The published npm package includes the full license text in `LICENSE`.
|
|
@@ -17,6 +19,23 @@ npm install @paybond/kit
|
|
|
17
19
|
- Node.js 22+
|
|
18
20
|
- A `paybond_sk_...` service-account API key
|
|
19
21
|
- Reachable Gateway and Harbor base URLs
|
|
22
|
+
- For capability verification: a funded intent id and a capability token minted for that intent
|
|
23
|
+
- For intent creation or evidence submission: 32-byte Ed25519 signing seeds owned by your application
|
|
24
|
+
|
|
25
|
+
Minimal environment for the quick start:
|
|
26
|
+
|
|
27
|
+
```bash
|
|
28
|
+
export PAYBOND_GATEWAY_URL="https://gateway.example.com"
|
|
29
|
+
export PAYBOND_HARBOR_URL="https://harbor.example.com"
|
|
30
|
+
export PAYBOND_API_KEY="paybond_sk_..."
|
|
31
|
+
```
|
|
32
|
+
|
|
33
|
+
Optional, if you want the quick start to verify a capability:
|
|
34
|
+
|
|
35
|
+
```bash
|
|
36
|
+
export PAYBOND_INTENT_ID="00000000-0000-0000-0000-000000000000"
|
|
37
|
+
export PAYBOND_CAPABILITY="base64-biscuit-token"
|
|
38
|
+
```
|
|
20
39
|
|
|
21
40
|
## Tenant isolation
|
|
22
41
|
|
|
@@ -31,22 +50,37 @@ Every session is bound to the tenant realm echoed by gateway-authenticated servi
|
|
|
31
50
|
```ts
|
|
32
51
|
import { Paybond } from "@paybond/kit";
|
|
33
52
|
|
|
53
|
+
function requiredEnv(name: string): string {
|
|
54
|
+
const value = process.env[name];
|
|
55
|
+
if (!value) {
|
|
56
|
+
throw new Error(`missing ${name}`);
|
|
57
|
+
}
|
|
58
|
+
return value;
|
|
59
|
+
}
|
|
60
|
+
|
|
34
61
|
const paybond = await Paybond.open({
|
|
35
|
-
gatewayBaseUrl: "
|
|
36
|
-
apiKey:
|
|
37
|
-
harborBaseUrl: "
|
|
62
|
+
gatewayBaseUrl: requiredEnv("PAYBOND_GATEWAY_URL"),
|
|
63
|
+
apiKey: requiredEnv("PAYBOND_API_KEY"),
|
|
64
|
+
harborBaseUrl: requiredEnv("PAYBOND_HARBOR_URL"),
|
|
38
65
|
});
|
|
39
66
|
|
|
40
67
|
try {
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
68
|
+
console.log("tenant realm:", paybond.harbor.tenantId);
|
|
69
|
+
|
|
70
|
+
const intentId = process.env.PAYBOND_INTENT_ID;
|
|
71
|
+
const capability = process.env.PAYBOND_CAPABILITY;
|
|
72
|
+
if (intentId && capability) {
|
|
73
|
+
const verified = await paybond.harbor.verifyCapability({
|
|
74
|
+
intentId,
|
|
75
|
+
token: capability,
|
|
76
|
+
operation: "payments.capture",
|
|
77
|
+
requestedSpendCents: 18_700,
|
|
78
|
+
});
|
|
79
|
+
|
|
80
|
+
if (!verified.allow) {
|
|
81
|
+
throw new Error(`verify denied: ${verified.code ?? "deny"} ${verified.message ?? ""}`);
|
|
82
|
+
}
|
|
83
|
+
console.log("capability verified:", verified.auditId);
|
|
50
84
|
}
|
|
51
85
|
} finally {
|
|
52
86
|
await paybond.aclose();
|
|
@@ -55,33 +89,52 @@ try {
|
|
|
55
89
|
|
|
56
90
|
## What the package includes
|
|
57
91
|
|
|
92
|
+
Core SDK:
|
|
93
|
+
|
|
58
94
|
- `Paybond.open(...)` for gateway-authenticated, tenant-derived Harbor sessions
|
|
59
95
|
- `HarborClient` for capability verification, intent creation, x402 funding, evidence submission, and ledger reads
|
|
60
|
-
- `
|
|
61
|
-
- `paybond.signal` on `Paybond` sessions opened from one service-account API key
|
|
96
|
+
- `paybond.signal` and `paybond.fraud` on `Paybond` sessions opened from one service-account API key
|
|
62
97
|
- `PaybondIntents` helpers for principal-signed intent creation, x402 funding, and payee-signed evidence submission
|
|
63
|
-
|
|
98
|
+
|
|
99
|
+
Gateway and trust helpers:
|
|
100
|
+
|
|
101
|
+
- `GatewaySignalClient` and `ServiceAccountSignalSession` for tenant-scoped Signal reads and signed portfolio artifacts
|
|
102
|
+
- `GatewayFraudClient` and `ServiceAccountFraudSession` for tenant-scoped fraud assessments, review queues, review events, metrics, and release-gate config
|
|
103
|
+
- Protocol-v2 helpers for mandate verification, replay-safe recognition proof verification, receipt reads, and A2A discovery
|
|
104
|
+
- `paybond-mcp-server` for tenant-bound MCP tool exposure to any MCP-compatible host
|
|
105
|
+
|
|
106
|
+
Agent-facing surfaces are model-provider agnostic. Paybond verifies tool operations and tenant scope, not whether a tool call came from OpenAI, Anthropic, Gemini, a local model, or another runtime.
|
|
107
|
+
|
|
108
|
+
Advanced exports:
|
|
109
|
+
|
|
110
|
+
- Low-level signing helpers for callers that need to pre-build signed request bodies or evidence payloads
|
|
64
111
|
|
|
65
112
|
`allowedTools` values are your own tool or operation names, not a Paybond-owned catalog. Harbor enforces string matching against whatever names you chose when creating the intent.
|
|
66
113
|
|
|
67
114
|
`settlementRail` on intent creation is only a rail request. Stripe destinations and x402 receive addresses stay tenant-owned server-side config and are never supplied by the SDK caller.
|
|
68
115
|
|
|
116
|
+
The protocol-v2 surface is trust-first: signed mandates, recognition proofs, and receipts work across supported settlement adapters instead of treating any single rail as the product boundary.
|
|
117
|
+
|
|
118
|
+
Gateway-backed protocol helpers throw `ProtocolHttpError` with parsed `errorCode` and `errorMessage` fields when the gateway returns a JSON error envelope. Recognition-gated flows surface `unregistered_key`, `revoked_key`, `mandate_agent_key_mismatch`, and `protocol_binding_mismatch` explicitly.
|
|
119
|
+
|
|
69
120
|
## What it does not include
|
|
70
121
|
|
|
71
122
|
- No operator-tier settlement or console workflows
|
|
123
|
+
- No model-provider-specific TypeScript agent wrapper; use the documented app-side wrapper pattern with `PaybondCapabilityBinding`
|
|
124
|
+
- No model-provider-specific MCP wrapper; the MCP server is host-agnostic and works with any MCP-compatible runtime
|
|
72
125
|
|
|
73
126
|
## Docs
|
|
74
127
|
|
|
75
|
-
- Long-form docs:
|
|
76
|
-
-
|
|
77
|
-
- TypeScript
|
|
78
|
-
-
|
|
79
|
-
-
|
|
80
|
-
-
|
|
128
|
+
- Long-form docs: https://paybond.ai/docs/kit
|
|
129
|
+
- TypeScript quickstart: https://paybond.ai/docs/kit/quickstart-typescript
|
|
130
|
+
- TypeScript SDK reference: https://paybond.ai/docs/kit/sdk-reference-typescript
|
|
131
|
+
- MCP server guide: https://paybond.ai/docs/kit/mcp-server
|
|
132
|
+
- Agent runtime tutorial: https://paybond.ai/docs/kit/agent-runtime-tutorial
|
|
133
|
+
- TypeScript example projects: https://paybond.ai/docs/kit/examples-typescript
|
|
81
134
|
|
|
82
135
|
## Release verification
|
|
83
136
|
|
|
84
|
-
|
|
137
|
+
For maintainers working from a source checkout, release verification lives in this package directory:
|
|
85
138
|
|
|
86
139
|
```bash
|
|
87
140
|
npm run verify:release
|