@piprail/sdk 1.13.1 → 1.15.0

package/dist/index.d.ts

@@ -84,10 +84,13 @@ interface X402ExactAcceptEntry {
     extra: {
         /** The exact-EVM transfer method. PipRail self-settles EIP-3009 today. */
         assetTransferMethod: 'eip3009';
-        /** EIP-712 domain name of the token (USDC: "USD Coin"; EURC: "EURC"). Read on-chain. */
-        name: string;
-        /** EIP-712 domain version of the token (USDC/EURC: "2"). Read on-chain. */
-        version: string;
+        /** EIP-712 domain name of the token. OPTIONAL per the exact-EVM scheme (only
+         *  `assetTransferMethod` is required) — a foreign rail may omit it. NEVER assumed
+         *  from the symbol (USDC's on-chain name() is "USD Coin", not "USDC"); a PipRail gate
+         *  READS it on-chain, and the PipRail buyer RE-DERIVES it on-chain and ignores this. */
+        name?: string;
+        /** EIP-712 domain version of the token (USDC: "2"). OPTIONAL (see `name`); read/re-derived on-chain. */
+        version?: string;
         /** Confirmations the gate waits for before granting access — mirrors the gate's
          *  `minConfirmations`, so the exact rail honours the same reorg safety as onchain-proof.
          *  A PipRail convenience (standard clients ignore unknown keys). */
@@ -221,13 +224,54 @@ declare const HEADER_RESPONSE_V1 = "x-payment-response";
 declare function buildChallengeHeader(challenge: X402Challenge): string;
 declare function buildReceiptHeader(receipt: X402Receipt): string;
 declare function buildSignatureHeader(signature: X402PaymentSignature): string;
+/**
+ * Build the v2 PAYMENT-SIGNATURE header value for a standard x402 `exact` payment:
+ * base64 of `{ x402Version: 2, accepted, payload }`. `accepted` is the chosen rail
+ * echoed back VERBATIM from the challenge's `accepts[]` (preserving any extra keys a
+ * facilitator needs); `payload` is the EIP-3009 `{ signature, authorization }` the
+ * buyer's EVM driver produced. Chain-agnostic (pure JSON/base64) — the driver owns
+ * the signing, this only frames it for the wire. Round-trips through
+ * {@link parseExactPaymentHeader}. (The `onchain-proof` counterpart is
+ * {@link buildSignatureHeader}; the v1 flat-shape utility is `encodeXPaymentHeader`.)
+ */
+declare function buildExactSignatureHeader(input: {
+    accepted: X402ExactAcceptEntry;
+    payload: ExactPaymentPayload;
+}): string;
 /**
  * Parse the PAYMENT-REQUIRED challenge from a 402 response. Prefers the
  * `payment-required` header, falls back to the JSON body.
  */
 declare function parseChallenge(response: Response): Promise<X402Challenge | null>;
-/** Parse the PAYMENT-RESPONSE receipt header on a 200 settlement. */
+/** Parse the PAYMENT-RESPONSE receipt header on a 200 settlement. Reads the v2
+ *  `payment-response` header, falling back to the v1 `x-payment-response` a foreign
+ *  server may set. Returns a fully-formed {@link X402Receipt} only (a bare foreign
+ *  exact SettleResponse without a `payer` is read by {@link parseSettleResponse}). */
 declare function parseReceipt(response: Response): X402Receipt | null;
+/**
+ * A standard x402 SettleResponse as the BUYER reads it off a settled (non-402)
+ * response. The `success` flag is authoritative: `false` is an EXPLICIT facilitator/
+ * server REJECTION (the buyer must NOT record a spend), `true` is an affirmative
+ * settlement. `transaction` is the on-chain settle tx the facilitator broadcast.
+ */
+interface SettleOutcome {
+    success: boolean;
+    transaction?: string;
+    network?: string;
+    payer?: string;
+    errorReason?: string;
+}
+/**
+ * Read a standard x402 SettleResponse for the BUYER, from the v2 `payment-response`
+ * header (or the v1 `x-payment-response` fallback). Returns `null` when neither
+ * header is present, unparseable, or carries no boolean `success` — i.e. when the
+ * server served the resource WITHOUT echoing a settle result, which the exact buyer
+ * treats as an affirmative 2xx settlement (receipt-less). When a body IS present with
+ * a boolean `success`, that flag is returned verbatim: ONLY an explicit
+ * `success: false` is a rejection. Used by the exact pay path to tell a real
+ * settlement from a phantom one (never record a spend on `success:false`).
+ */
+declare function parseSettleResponse(response: Response): SettleOutcome | null;
 /** Parse a PAYMENT-SIGNATURE header value (server side). */
 declare function parseSignatureHeader(value: string): X402PaymentSignature | null;
 /**
@@ -347,6 +391,11 @@ declare const CHAINS: {
                 decimals: number;
                 symbol: string;
             };
+            EURC: {
+                address: "0x1aBaEA1f7C830bD89Acc67eC4af516284b1bC33c";
+                decimals: number;
+                symbol: string;
+            };
         };
     };
     base: {
@@ -561,7 +610,7 @@ declare const CHAINS: {
                         value: bigint;
                         yParity: number;
                         accessList: viem.AccessList;
-                        authorizationList?: undefined | undefined;
+                        authorizationList? /** EVM chain id, e.g. 5000 for Mantle. */: undefined | undefined;
                         blobVersionedHashes?: undefined | undefined;
                         chainId: number;
                         type: "eip1559";
@@ -570,7 +619,7 @@ declare const CHAINS: {
                         maxFeePerGas: bigint;
                         maxPriorityFeePerGas: bigint;
                         isSystemTx?: undefined | undefined;
-                        mint?: undefined | undefined;
+                        mint? /** Known tokens on this chain (empty for unknown custom chains). */: undefined | undefined;
                         sourceHash?: undefined | undefined;
                     } | {
                         blockHash: `0x${string}` | null;
@@ -682,6 +731,11 @@ declare const CHAINS: {
                 decimals: number;
                 symbol: string;
             };
+            EURC: {
+                address: "0x60a3E35Cc302bFA44Cb288Bc5a4F316Fdb1adb42";
+                decimals: number;
+                symbol: string;
+            };
         };
     };
     arbitrum: {
@@ -965,7 +1019,7 @@ declare const CHAINS: {
                         maxPriorityFeePerGas: bigint;
                         isSystemTx?: undefined | undefined;
                         mint?: undefined | undefined;
-                        sourceHash?: undefined | undefined;
+                        sourceHash? /** Known tokens on this chain (empty for unknown custom chains). */: undefined | undefined;
                     } | {
                         blockHash: `0x${string}` | null;
                         blockNumber: bigint | null;
@@ -1264,6 +1318,11 @@ declare const CHAINS: {
                 decimals: number;
                 symbol: string;
             };
+            EURC: {
+                address: "0xC891EB4cbdEFf6e073e859e987815Ed1505c2ACD";
+                decimals: number;
+                symbol: string;
+            };
         };
     };
     mantle: {
@@ -4118,9 +4177,11 @@ interface ResolvedNetwork {
      * never throws for a transient RPC issue — it falls back to a 'heuristic'
      * constant. `opts.from` (the payer's address) sharpens chains whose fee
      * depends on the sender (notably Tron energy); omit it for a typical estimate.
-     * Payer-side + informational — the gate never calls this.
+     * Payer-side + informational — the gate never calls this. Accepts either rail
+     * shape ({@link X402AnyAccept}): a standard `exact` rail estimates the BUYER's gas
+     * as ~0 (the server/facilitator broadcasts the signed authorization).
      */
-    estimateCost(accept: X402AcceptEntry, opts?: {
+    estimateCost(accept: X402AnyAccept, opts?: {
         from?: string;
     }): Promise<CostEstimate>;
     /**
@@ -4148,6 +4209,32 @@ interface ResolvedNetwork {
         ready: boolean | 'n/a' | 'unknown';
         reason?: RecipientReason;
     }>;
+    /**
+     * OPTIONAL (EVM + EIP-3009 only) — the BUYER counterpart to {@link settleExactSelf}.
+     * Build + EIP-712-sign an EIP-3009 `transferWithAuthorization` for a standard x402
+     * `exact` rail, so a PipRail agent can PAY any standard x402 server (not just PipRail's
+     * own `onchain-proof` gates). The client frames the returned `payload` + `accepted` echo
+     * into the `PAYMENT-SIGNATURE` header and re-requests; the server / merchant-chosen
+     * facilitator BROADCASTS the authorization (the buyer never broadcasts and spends ~0 gas).
+     *
+     * Re-derives the token's EIP-712 domain ON-CHAIN (never trusts the server-supplied
+     * `extra.{name,version}`), generates a CSPRNG 32-byte nonce + current unix time
+     * internally, and signs through the wallet client (bring-your-own JsonRpcAccount safe).
+     * THROWS a typed `PipRailError` (`UnsupportedSchemeError`) when the asset isn't EIP-3009
+     * (USDT/native/plain ERC-20) or the signer is a contract / EIP-1271 / EIP-7702 account.
+     *
+     * The third optional `exact` method (after {@link exactDomain}/{@link settleExactSelf});
+     * optional `?` is the gather gate — non-EVM families omit it, so an `exact` rail is never
+     * gathered/paid on those chains. Returns the signed payload, the chosen-rail echo (the
+     * server's RAW rail, verbatim, so a facilitator's extra keys survive), the payer address,
+     * and the nonce (for the client's spend record + a re-present-the-same-auth retry).
+     */
+    payExact?(wallet: WalletHandle, accept: X402ExactAcceptEntry): Promise<{
+        payload: ExactPaymentPayload;
+        accepted: X402ExactAcceptEntry;
+        payerFrom: string;
+        nonce: string;
+    }>;
     /**
      * OPTIONAL — a DISCOVERY signer for the bound wallet: its public address plus a
      * message signer, used only for ownership proofs + SIWX index registration,
@@ -4169,7 +4256,8 @@ interface ResolvedNetwork {
      * `null` when the asset is NOT an EIP-3009 token (no `transferWithAuthorization` —
      * e.g. USDT, native coin, or a plain ERC-20), so the gate can refuse to advertise a
      * standard `exact` rail for it. Never derived from the symbol (USDC's domain name is
-     * "USD Coin", not "USDC"; EURC's is "EURC"). Called once at exact-rail resolution
+     * "USD Coin", not "USDC"; EURC's is "Euro Coin" on Ethereum/Avalanche but "EURC" on Base —
+     * which is exactly why it must be READ, never assumed). Called once at exact-rail resolution
      * (cached by the gate). RPC-read; may throw on a transient read (the gate surfaces a
      * clear config error). The first of two optional server methods for the `exact` rail.
      */
@@ -4439,6 +4527,31 @@ interface PaymentPolicy {
      *  declined, because its true decimals can't be verified. When true, the
      *  server-stated decimals are trusted (the explicit, opt-in risk). */
     allowUnknownTokens?: boolean;
+    /**
+     * Session time-to-live in SECONDS, relative to session start (client
+     * construction). After the deadline EVERY payment is refused
+     * (`SESSION_EXPIRED`), regardless of amount — a headless agent's time leash.
+     * When both `ttlSeconds` and `expiresAt` are set, the EARLIER deadline wins.
+     * Opt-in; omit for no time limit (default). PROCESS-SCOPED — resets on restart.
+     */
+    ttlSeconds?: number;
+    /**
+     * Absolute session deadline as epoch MILLISECONDS (matches `Date.now()`).
+     * SDK-only — there is no MCP env knob (the MCP exposes only the relative-seconds
+     * `PIPRAIL_TTL`). A small value expires immediately BY DESIGN; it is NOT
+     * auto-corrected from seconds, so pass milliseconds. Opt-in; omit for no limit.
+     */
+    expiresAt?: number;
+    /**
+     * Rolling-window spend cap per (network, asset), in human units (e.g. '1.00').
+     * Refuses a payment that would push spend within the last {@link windowSeconds}
+     * past this cap (`OUTSIDE_WINDOW`) — a rate limit on top of the lifetime
+     * `maxTotal`. REQUIRED together with `windowSeconds`: setting one without the
+     * other is a config error (a half-armed leash is forbidden). Opt-in; heavier.
+     */
+    windowTotal?: string;
+    /** Rolling-window width in seconds for {@link windowTotal}. REQUIRED together with it. */
+    windowSeconds?: number;
 }
 /** What the policy reasons over — built by the client from the chosen accept. */
 interface PaymentIntent {
@@ -4457,19 +4570,50 @@ interface PaymentIntent {
     /** Did the driver's `describeAsset` recognise this asset? */
     recognized: boolean;
 }
+/**
+ * A typed, machine-readable code for WHICH guard refused a payment — set by
+ * `deny()` alongside the human `reason`, so the client routes a denial to the
+ * right {@link PayBlocker}/`reasonCode` WITHOUT substring-matching the prose
+ * (which would silently break on a wording tweak).
+ */
+type PolicyDenyCode = 'CHAIN' | 'HOST' | 'UNKNOWN_TOKEN' | 'TOKEN' | 'MAX_AMOUNT' | 'MAX_TOTAL' | 'SESSION_EXPIRED' | 'WINDOW_TOTAL';
 interface PolicyDecision {
     allowed: boolean;
     /** Why it was refused (only when `allowed === false`). */
     reason?: string;
+    /** Which guard fired, as a typed enum (only when `allowed === false`). */
+    code?: PolicyDenyCode;
+}
+/**
+ * INTERNAL — the injected clock + the pre-sliced per-asset window total the
+ * client builds for the otherwise-pure {@link evaluatePolicy}. NOT exported: the
+ * client is the only producer, and keeping it private de-risks a future
+ * fold-`spentForAssetBase`-into-ctx refactor. All time state is process-scoped.
+ */
+interface PolicyContext {
+    /** A single `Date.now()` captured per quote — the expiry check and the window edge share it. */
+    now: number;
+    /** Session clock origin (epoch-ms) = client construction. */
+    sessionStart: number;
+    /** Base units spent on THIS (network, asset) within the rolling window; `0n` when no window cap. */
+    spentInWindowBase: bigint;
 }
 /**
  * Evaluate a payment against the policy. `spentForAssetBase` is the running
  * total already spent on THIS (network, asset) — supplied by the client's
  * ledger — and powers the per-asset `maxTotal` cap.
  *
- * Checks run cheapest-first; the first failure wins so the reason is specific.
+ * The optional `ctx` carries the injected clock + the pre-sliced window total so
+ * this function stays PURE (no `Date.now()` inside). Omit `ctx` and no time check
+ * runs — behaviour is byte-identical to a time-free policy.
+ *
+ * Checks run in a pinned, deterministic order, first-failure-wins so the reason
+ * is specific: **session expiry → chains → hosts → unknown-token → tokens →
+ * maxAmount → maxTotal → windowTotal**. Expiry is first because it's
+ * session-global (not asset-scoped) — an expired session must always report
+ * expiry, not whichever other gate happens to also fail.
  */
-declare function evaluatePolicy(intent: PaymentIntent, policy: PaymentPolicy | undefined, spentForAssetBase: bigint): PolicyDecision;
+declare function evaluatePolicy(intent: PaymentIntent, policy: PaymentPolicy | undefined, spentForAssetBase: bigint, ctx?: PolicyContext): PolicyDecision;
 
 interface SpendRecord {
     url: string;
@@ -4504,11 +4648,15 @@ interface SpendSummary {
     records: SpendRecord[];
 }
 
+/** The payment schemes a client can settle: PipRail's native `onchain-proof` (the
+ *  default) and the standard x402 `exact` rail (EVM + EIP-3009 only, opt-in). */
+type PaymentScheme = 'onchain-proof' | 'exact';
+
 /** Observability events. `ref` is the proof — a chain-specific id (EVM tx hash, Solana signature, TON locator, Stellar tx hash). */
 type PipRailEvent = {
     kind: 'payment-required';
     challenge: X402Challenge;
-    accept: X402AcceptEntry;
+    accept: X402AnyAccept;
 } | {
     kind: 'payment-broadcast';
     ref: string;
@@ -4528,9 +4676,18 @@ type PipRailEvent = {
     kind: 'payment-unconfirmed';
     ref: string;
     reason: string;
-} | {
+}
+/**
+ * The payment settled. `receipt` is PipRail's rich {@link X402Receipt} when the
+ * server returns one (its own gate, or a facilitator that echoes the full shape);
+ * `settle` is the standard x402 SettleResponse (`{ success, transaction, … }`) on
+ * conformant third-party-facilitator interop, where the lean SettleResponse has no
+ * rich receipt — read `settle.transaction` for the on-chain settle tx there.
+ */
+ | {
     kind: 'payment-settled';
     receipt: X402Receipt | null;
+    settle?: SettleOutcome;
 } | {
     kind: 'payment-failed';
     reason: string;
@@ -4607,6 +4764,9 @@ interface PipRailQuote {
     withinPolicy: boolean;
     /** Why the policy would refuse it (only when `withinPolicy === false`). */
     policyReason?: string;
+    /** The TYPED reason the policy refused it (only when `withinPolicy === false`) —
+     *  routes the denial to the right blocker/`reasonCode` without parsing prose. */
+    policyCode?: PolicyDenyCode;
 }
 /**
  * What `client.estimateCost(url)` returns: the priced payment requirement plus
@@ -4622,13 +4782,14 @@ interface PipRailCostQuote {
     cost: CostEstimate;
 }
 /** A hard reason a rail can't be settled right now — each maps to a concrete fix. */
-type PayBlocker = 'INSUFFICIENT_TOKEN' | 'INSUFFICIENT_GAS' | 'RECIPIENT_NOT_READY' | 'OUTSIDE_POLICY';
+type PayBlocker = 'INSUFFICIENT_TOKEN' | 'INSUFFICIENT_GAS' | 'RECIPIENT_NOT_READY' | 'OUTSIDE_POLICY' | 'OUTSIDE_WINDOW';
 /** A soft flag — never blocks, always worth surfacing to the agent. */
 type PayWarning = 'SYMBOL_MISMATCH' | 'BALANCE_UNREADABLE' | 'RECIPIENT_READINESS_UNKNOWN' | 'GAS_HEURISTIC' | 'THIN_GAS_MARGIN';
 /** One offered rail, fully analysed against the bound wallet's own holdings. */
 interface PayOption {
-    /** The rail this analyses (one entry from the 402's accepts[]). */
-    accept: X402AcceptEntry;
+    /** The rail this analyses (one entry from the 402's accepts[]) — an
+     *  `onchain-proof` rail or, when `schemes` enables it, a standard `exact` rail. */
+    accept: X402AnyAccept;
     /** The priced requirement — TRUE decimals/symbol + the policy verdict. */
     quote: PipRailQuote;
     /** Estimated native-coin gas to send it (cost.basis surfaced). */
@@ -4676,6 +4837,61 @@ interface PaymentPlan {
     options: PayOption[];
     /** When NOT payable: one human, actionable sentence on exactly what to do. */
     fundingHint: string | null;
+    /**
+     * Read-only TIME envelope — present ONLY when the policy configures one
+     * (`ttlSeconds`/`expiresAt`). Lets a headless (Mode A) agent SEE its remaining
+     * time leash before paying, rather than discovering it by hitting a decline.
+     *
+     * PROCESS-SCOPED: resets to a fresh window on restart; for crash-loop-resistant
+     * limits supply a pluggable durable store (the `isUsed`/`markUsed` analogue).
+     * `secondsRemaining` is a best-effort host wall-clock estimate, clamped ≥ 0.
+     */
+    session?: {
+        expiresAt: number | null;
+        secondsRemaining: number | null;
+    };
+}
+/**
+ * A read-only view of the spend leash for a Mode-A agent — `client.budget()`.
+ * Composes the in-memory ledger + the configured policy WITHOUT coupling them.
+ *
+ * PROCESS-SCOPED: every figure resets on restart — the session IS the process.
+ * For crash-loop-resistant limits supply a pluggable durable store (the
+ * `isUsed`/`markUsed` analogue). `secondsRemaining` is clamped ≥ 0.
+ */
+interface SessionBudget {
+    /** The session's time envelope (null fields when no `ttlSeconds`/`expiresAt`). */
+    session: {
+        /** Session start, ISO. */
+        start: string;
+        /** Deadline as ISO, or null when no time limit is configured. */
+        expiresAt: string | null;
+        /** Seconds until expiry (clamped ≥ 0), or null when no time limit. */
+        secondsRemaining: number | null;
+    };
+    /** Per-(network, asset) money leash — ONE row per pair the ledger has seen. */
+    byAsset: SpendRemaining[];
+}
+/**
+ * Per-(network, asset) remaining budget — the money half of the leash. One row
+ * per pair the LEDGER already holds (decimals are known only after the first
+ * spend), so a never-spent pair simply isn't a row. `cap`/`remaining` are
+ * `undefined` when no `policy.maxTotal` is set (unbounded). Never a cross-token
+ * sum — there is no price oracle.
+ */
+interface SpendRemaining {
+    network: Caip2;
+    asset: string;
+    symbol?: string;
+    decimals: number;
+    /** Base units spent so far on this pair. */
+    spentBase: string;
+    /** The `maxTotal` cap in base units; undefined when unbounded. */
+    capBase?: string;
+    /** `max(0, cap − spent)` in base units; undefined when unbounded. */
+    remainingBase?: string;
+    /** `remainingBase` in human units; undefined when unbounded. */
+    remainingFormatted?: string;
 }
 interface PipRailClientOptions {
     /** Wallet for the chosen chain family. */
@@ -4725,6 +4941,24 @@ interface PipRailClientOptions {
      * per call with `fetch(url, { autoRoute: true })`.
      */
     autoRoute?: boolean;
+    /**
+     * Which payment SCHEMES this client may settle. Default **`['onchain-proof']`**
+     * (defaults never change): the zero-config client pays only PipRail's native
+     * backendless rail, exactly as before. Add `'exact'` to ALSO pay standard x402
+     * `exact` rails — letting the agent pay ANY standard x402 server (the dominant
+     * `exact`-on-Base-via-CDP web), not just PipRail's own gates:
+     *
+     *   new PipRailClient({ chain: 'base', wallet, schemes: ['onchain-proof', 'exact'] })
+     *
+     * `exact` is **EVM + EIP-3009 only** (USDC/EURC); it's silently ignored on a
+     * non-EVM chain, for USDT/native, or for a token the SDK can't price — those keep
+     * `onchain-proof`. The agent signs an EIP-3009 authorization with its OWN wallet
+     * and the server / merchant-chosen facilitator broadcasts it (the buyer pays ~0
+     * gas; PipRail hosts/settles nothing). The same `policy` + `onBeforePay` gate it
+     * BEFORE signing. **Verify against your target facilitator before production.**
+     * Override per call with `fetch(url, { schemes })`.
+     */
+    schemes?: PaymentScheme[];
     /** Logger hook. Default no-op. */
     onEvent?: (event: PipRailEvent) => void;
 }
@@ -4786,11 +5020,24 @@ declare class PipRailClient {
     private readonly ledger;
     private bound?;
     constructor(opts: PipRailClientOptions);
+    /**
+     * Fail LOUDLY at construction on a misconfigured time policy — a security
+     * boundary must never silently half-arm. Two invariants (a misconfiguration is
+     * a programmer error → `TypeError`, no new SDK error code):
+     *   - the rolling window needs BOTH `windowTotal` and `windowSeconds`, or NEITHER
+     *     (one alone is a leash that silently doesn't bite);
+     *   - `ttlSeconds` must be a positive, safe integer whose `*1000` deadline stays
+     *     within `Number.MAX_SAFE_INTEGER` (else the arithmetic would lose precision).
+     */
+    private assertPolicyTimeOptions;
     /** Emit an observability event, never letting a throwing handler break the
      * payment flow (mirrors the server gate's `onPaid` isolation). */
     private safeEmit;
     /** Auto-mount the chain's driver, resolve the network, and bind the wallet — once. */
     private ensure;
+    /** Resolve the effective scheme set: a per-call override, else the constructor's
+     *  `schemes`, else the `onchain-proof`-only default. */
+    private resolveSchemes;
     /** GET that auto-handles 402. Pass a full URL to any x402-gated endpoint. */
     get(url: string, init?: RequestInit): Promise<Response>;
     /**
@@ -4827,6 +5074,25 @@ declare class PipRailClient {
     /** Aggregated snapshot of every payment this client has settled — total
      *  count, cumulative spend per token, and the individual records. */
     spent(): SpendSummary;
+    /**
+     * Read-only budget + time leash for a Mode-A (headless) agent — the policy IS
+     * the consent, and this is how the agent SEES what's left of it before paying.
+     * Composes the in-memory ledger with the configured policy; never throws, moves
+     * no funds. PROCESS-SCOPED — every figure resets on restart (see {@link SessionBudget}).
+     */
+    budget(): SessionBudget;
+    /**
+     * Per-(network, asset) remaining budget — ONE row per pair the ledger already
+     * holds (decimals are known only after the first spend), so a fresh client with
+     * a `maxTotal` set returns `[]` until its first payment. `cap`/`remaining` are
+     * `undefined` when no `maxTotal` is configured (unbounded). Pure + in-memory;
+     * never throws, never sums across tokens (no price oracle). PROCESS-SCOPED.
+     */
+    remaining(): SpendRemaining[];
+    /** The read-only TIME envelope for the plan/budget surfaces, or `undefined`
+     *  when no session deadline (`ttlSeconds`/`expiresAt`) is set. `secondsRemaining`
+     *  is clamped ≥ 0 — a best-effort host wall-clock estimate. */
+    private sessionView;
     /**
      * Plan a payment for a gated URL — WITHOUT paying. The read-only completion of
      * the `quote()` → `estimateCost()` → **`planPayment()`** trio: it surveys every
@@ -4869,8 +5135,8 @@ declare class PipRailClient {
      * - A resource just listed via {@link register} may not appear yet — 402 Index reviews
      *   before publishing, so retry with a brief backoff if a fresh listing is missing.
      * - Results are cross-scheme (mostly the mainstream `exact` scheme); `fetch()` pays
-     *   only `onchain-proof` rails directly (pay `exact` resources with the experimental
-     *   `drivers/evm/exact.ts`).
+     *   `onchain-proof` rails by default, and standard `exact` rails too once you opt in
+     *   with `schemes: ['onchain-proof', 'exact']` (EVM + EIP-3009 — USDC/EURC).
      */
     discover(opts?: DiscoverOptions): Promise<DiscoveredResource[]>;
     /**
@@ -4937,17 +5203,21 @@ declare class PipRailClient {
      * twice (once to fetch the 402, once with the proof attached). One-shot
      * streams throw `NonReplayableBodyError`.
      */
-    fetch(url: string, init?: RequestInit): Promise<Response>;
+    fetch(url: string, init?: RequestInit & {
+        autoRoute?: boolean;
+        schemes?: PaymentScheme[];
+    }): Promise<Response>;
     /**
      * From a confirmed-402 response: parse the challenge, mount + bind the
      * network, pick the accept the client can pay, and build its quote. Shared by
      * `quote()` (read-only) and `fetch()` (which then authorises + pays).
      */
     private resolveChallenge;
-    /** The candidate accepts this client could pay: our scheme, on the bound network.
-     *  A dual-advertised challenge may also carry standard `exact` rails — the PipRail
-     *  client ignores those (it pays the backendless `onchain-proof` rail); the type
-     *  predicate narrows the `X402AnyAccept` union to the rails we settle. */
+    /** The candidate accepts this client could pay, on the bound network. Always the
+     *  backendless `onchain-proof` rails; PLUS standard `exact` rails when `schemes`
+     *  enables them AND the driver can settle them (EVM `payExact` + a recognised
+     *  EIP-3009 token). `onchain-proof` is gathered FIRST so default selection is
+     *  unchanged when `exact` is off. */
     private gatherCandidates;
     /** Build the full {@link PaymentPlan} from an already-parsed challenge + bound
      *  net/wallet. Shared by `planPayment` (read-only) and `fetch`'s autoRoute. */
@@ -4959,12 +5229,32 @@ declare class PipRailClient {
      *  driver's describeAsset) + the policy verdict + a symbol-mismatch flag. */
     private buildQuote;
     /** Enforce the spend policy and the onBeforePay hook — both refuse by
-     *  throwing PaymentDeclinedError, before any funds move. */
+     *  throwing PaymentDeclinedError, before any funds move. Every refusal carries
+     *  a typed `reasonCode` so an agent can branch on the cause (and spot a
+     *  TERMINAL expiry/approval decline it must not retry) without parsing prose. */
     private authorize;
     /** Record a settled payment in the ledger (true decimals for the running total). */
     private recordSpend;
     private payAndConfirm;
     private retryWithProof;
+    /**
+     * Pay a standard x402 `exact` rail — a SEPARATE, fundamentally more conservative
+     * path than {@link retryWithProof}. The buyer SIGNS an EIP-3009 authorization ONCE
+     * (the driver's `payExact`) and the server / merchant-chosen facilitator BROADCASTS
+     * it synchronously, so a blind re-POST of a still-in-flight authorization could
+     * double-BROADCAST it. Hence, unlike the onchain-proof loop:
+     *
+     *   • sign exactly once — reuse the SAME header on every retry, never re-sign;
+     *   • retry ONLY an explicit 402 (a definitive pre-broadcast rejection), bounded
+     *     well under `maxTimeoutSeconds` so the loop can't outlive the authorization;
+     *   • a post-POST transport error/timeout → {@link PaymentTimeoutError} carrying the
+     *     nonce (the facilitator MAY have settled — verify on-chain, NEVER re-pay);
+     *   • a 5xx → return as-is (server settle failure; the authorization stays valid +
+     *     its nonce unused) — no settled event, no spend;
+     *   • a 200 whose SettleResponse says `success:false` → a rejection, NEVER a spend;
+     *   • the spend is recorded EXACTLY ONCE, on an affirmative settlement only.
+     */
+    private payExactRail;
 }
 /**
  * Plan a payment ACROSS several single-chain clients — the cross-chain brain.
@@ -5006,11 +5296,15 @@ interface AgentTool {
     parameters: Record<string, unknown>;
     /** Advisory MCP-style hints about the tool's nature (read-only, value-moving, …). */
     annotations?: ToolAnnotations;
+    /** Optional JSON Schema (draft-07 object) for the tool's RESULT — declared only
+     *  on stable read-only tools so a strict client can validate `structuredContent`.
+     *  Kept OPEN (no `additionalProperties:false`) so additive fields never break it. */
+    outputSchema?: Record<string, unknown>;
     /** Execute the tool. Returns a JSON-serialisable result. */
     invoke: (args: Record<string, unknown>) => Promise<unknown>;
 }
 /**
- * Five tools wrapping a configured {@link PipRailClient}:
+ * Seven tools wrapping a configured {@link PipRailClient}:
  *   - `piprail_discover(query?)` — FIND payable resources on the open x402
  *     indexes, WITHOUT paying (the phone book — solves "what can I buy?").
  *   - `piprail_quote_payment(url)` — price a gated URL WITHOUT paying.
@@ -5019,12 +5313,89 @@ interface AgentTool {
  *   - `piprail_pay_request(url, method?, body?)` — pay if needed and return the result.
  *   - `piprail_register(url, …)` — LIST a resource you run on the open indexes so
  *     other agents can find it (402 Index, no signature).
+ *   - `piprail_budget()` — read the remaining spend budget + time leash (Mode A self-check).
+ *   - `piprail_guide()` — read the agent contract (how to quote/plan/pay + read a refusal).
  *
- * A policy/approval refusal comes back as a structured `{ declined: true, reason }`
- * (not a thrown error), so the model can reason about it instead of crashing.
+ * The first five are byte-identical in name + order to before; the two read-only
+ * tools are appended LAST. EVERY failure the pay tool sees comes back as a
+ * STRUCTURED object (`{ ok:false, code, reason, explain, ref?, reasonCode?,
+ * declined? }`) — never a thrown error — so the model reasons about it (and never
+ * re-pays a broadcast-but-unconfirmed payment) instead of crashing.
  */
 declare function paymentTools(client: PipRailClient): AgentTool[];
 
+/**
+ * One line summarising a {@link PaymentPlan} for a model: what's payable, on which
+ * chain, the gas, and how many other rails aren't settleable. `null` (the URL
+ * isn't gated) → "no payment required".
+ */
+declare function summarizePlan(plan: PaymentPlan | null): string;
+/**
+ * One line a model can act on for any failure. For a {@link PipRailError} it
+ * switches on the stable `.code`; the broadcast-but-unconfirmed codes
+ * (`PAYMENT_TIMEOUT`, `MAX_RETRIES_EXCEEDED`, `CONFIRMATION_TIMEOUT`) carry the
+ * load-bearing recovery rule — **recover via `.ref`, never re-pay** (a fresh
+ * payment would double-spend). A non-PipRailError → `'Payment failed: <message>'`.
+ */
+declare function explainDecline(err: unknown): string;
+/**
+ * One line summarising spend so far, per (network, asset) — NEVER a single
+ * cross-token figure (there is no price oracle). Count 0 → "no payments yet".
+ *
+ * NOTE: spend totals are in-memory for THIS process and reset on restart — a
+ * convenience, not a durable ledger.
+ */
+declare function formatSpendReport(summary: SpendSummary): string;
+
+/**
+ * The PipRail agent contract, distilled into one string an LLM can read once and
+ * use the tools correctly with near-zero other docs. PURE — a static constant, no
+ * imports, no I/O. Exposed to MCP clients as a prompt + resource, and reachable
+ * from the tool layer so a headless (non-MCP) agent can prepend it to its system
+ * prompt.
+ *
+ * Keep it tight, concrete, and tool-name-accurate — an agent will trust it
+ * literally, so a wrong name or order actively misleads. A test pins the load-
+ * bearing phrases.
+ */
+declare const PIPRAIL_AGENT_GUIDE = "# Paying with PipRail \u2014 the agent contract\n\nYou can pay for x402 \"402 Payment Required\" resources autonomously. Money moves\nstraight from your wallet to the server; PipRail custodies nothing. Follow this.\n\n## The loop: quote \u2192 plan \u2192 pay\n1. piprail_quote_payment(url) \u2014 PRICE it. Returns the amount, token, chain, and\n   whether it is within your spend policy. No funds move. Use it to decide if a\n   resource is worth buying.\n2. piprail_plan_payment(url) \u2014 can I afford it NOW? Reads your balance, native gas,\n   and recipient-readiness across every rail, and returns { payable, best,\n   fundingHint, session? }. If payable is false, do NOT attempt the payment \u2014\n   fundingHint says exactly what to fix.\n3. piprail_pay_request(url, method?, body?) \u2014 PAY (only if the plan was payable)\n   and return the result.\nAlways plan before you pay so you never commit to a payment you cannot finish.\n\n## Reading a refusal \u2014 never crash, never double-spend\nA failed pay returns a STRUCTURED object, never a thrown error you must catch:\n  { ok:false, code, reason, explain, ref?, reasonCode?, declined? }\nBranch on `code` (always reliable). Key cases:\n- declined:true with reasonCode:'SESSION_EXPIRED' \u2014 your time budget is over. This\n  is TERMINAL: STOP. Do not retry ANY payment this process; it cannot be undone\n  without a restart / a longer TTL.\n- declined:true with reasonCode:'APPROVAL' \u2014 a human (or hook) declined this\n  payment. Terminal for this pay: do NOT auto-retry \u2014 they said no, or no one\n  answered.\n- declined:true with reasonCode:'OUTSIDE_WINDOW' \u2014 your rolling rate-limit is\n  exhausted. Wait for it to free, then retry; do not raise the amount.\n- declined:true with reasonCode:'POLICY' or 'BUDGET' \u2014 a spend cap or allowlist\n  refused it. Don't retry the same payment; pick a cheaper/allowed one.\n- code:'INSUFFICIENT_FUNDS' \u2014 top up the wallet (token and/or native gas), retry.\n- code:'PAYMENT_TIMEOUT' / 'MAX_RETRIES_EXCEEDED' / 'CONFIRMATION_TIMEOUT' \u2014 the\n  payment may ALREADY be on-chain. Recover using the proof on `.ref` (re-verify\n  or re-submit it); never re-pay \u2014 a fresh payment would double-spend.\n- code:'NO_COMPATIBLE_ACCEPT' / 'UNSUPPORTED_SCHEME' \u2014 the 402 isn't payable on\n  your chain/scheme; `explain` says whether it's the wrong chain or a scheme to enable.\n\n## Knowing your leash \u2014 call piprail_budget\npiprail_budget tells you how much budget and time you have left, per\n(network, asset), plus your spend so far. Read-only; moves no funds. Use it in\nMode A to self-check before paying.\n\n## Two modes\n- Mode A (headless, default): you run FREE inside a pre-set budget + time\n  envelope. The policy IS the consent \u2014 there is no per-payment prompt. Stay\n  inside it; piprail_budget shows what's left.\n- Mode B (supervised): the host may ask a human to approve each payment. A\n  decline/cancel/timeout comes back as declined:true (reasonCode:'APPROVAL') \u2014\n  do NOT retry it as if it were a transient error.\n\n## Hard facts\n- Spend caps are PER (network, asset). There is no single cross-token dollar cap \u2014\n  budgets aren't summed across tokens (no price oracle).\n- Spend totals and the time envelope live IN-MEMORY for THIS process; they reset on restart\n  (a convenience, not a durable ledger).\n";
+/** Returns {@link PIPRAIL_AGENT_GUIDE} (a parity accessor for callers that prefer a function). */
+declare function agentGuide(): string;
+
+/**
+ * Scheme/chain triage for an x402 challenge — a pure, never-throwing read that
+ * tells an agent WHY a 402 might be unpayable: "wrong chain" vs "the scheme isn't
+ * enabled" vs "no rail at all". Stops those three very different fixes from being
+ * conflated into one opaque `NO_COMPATIBLE_ACCEPT`.
+ *
+ * PURE: imports only types (`./x402.js`, `./client.js`) — zero chain libraries,
+ * zero I/O. Feed it a challenge you already parsed (`parseChallenge`) plus your
+ * client's bound network + enabled schemes.
+ */
+
+/** The verdict of a challenge triage — what's standing between you and paying. */
+type ChallengeVerdict = 'PAYABLE_RAIL' | 'UNPAYABLE_SCHEME' | 'WRONG_CHAIN' | 'NO_RAIL';
+interface ChallengeTriage {
+    /** Does any offered rail sit on the client's bound network? */
+    onClientChain: boolean;
+    /** Does any rail on the client's network use an enabled scheme? */
+    payableScheme: boolean;
+    /** The distinct schemes the challenge offers. */
+    offeredSchemes: PaymentScheme[];
+    /** The distinct networks the challenge offers. */
+    offeredNetworks: Caip2[];
+    /** The one-word verdict. */
+    verdict: ChallengeVerdict;
+}
+/**
+ * Bucket `challenge.accepts[]` by (network === `opts.network`) and
+ * (scheme ∈ `opts.schemes`) and return the verdict. Never throws.
+ */
+declare function classifyChallenge(challenge: X402Challenge, opts: {
+    network: Caip2;
+    schemes: readonly PaymentScheme[];
+}): ChallengeTriage;
+
 /**
  * Discovery — make a gated resource FINDABLE, by emitting the open-standard
  * artifacts a crawler/index reads. PURE: this file turns the config a gate
@@ -5614,21 +5985,54 @@ declare class PaymentTimeoutError extends PipRailError {
  */
 declare class MaxRetriesExceededError extends PipRailError {
     readonly code = "MAX_RETRIES_EXCEEDED";
-    /** The already-broadcast proof ref — recover with it, don't re-pay. */
+    /**
+     * The proof ref — recover with it, don't re-pay. Its meaning depends on the
+     * scheme: for `onchain-proof` it's the already-broadcast transaction ref
+     * (re-verify or re-submit it). For a standard `exact` rail it's the EIP-3009
+     * authorization NONCE (a `0x…` 32-byte value, NOT a tx hash) — re-PRESENT the
+     * same signed authorization, never re-sign a fresh nonce; check the token's
+     * `authorizationState(from, nonce)` before assuming it didn't settle.
+     */
     readonly ref?: string;
     constructor(message: string, options?: ErrorOptions & {
         ref?: string;
     });
 }
+/**
+ * A typed, machine-readable discriminator on a {@link PaymentDeclinedError} so an
+ * agent can branch on WHY a payment was refused WITHOUT regexing the human
+ * message. It's a HINT layered on top of the always-reliable `.code`
+ * (`'PAYMENT_DECLINED'`) — the two-channel error model is unchanged; this adds NO
+ * new `.code`. Values:
+ *   - `'POLICY'`         — a chain/host/token/per-payment cap refused it.
+ *   - `'BUDGET'`         — the per-(network,asset) lifetime `maxTotal` cap.
+ *   - `'OUTSIDE_WINDOW'` — the rolling `windowTotal` cap (wait for it to slide).
+ *   - `'SESSION_EXPIRED'`— the session TTL elapsed. **TERMINAL** — every payment
+ *                          this process is now refused; do NOT retry, restart/extend the TTL.
+ *   - `'APPROVAL'`       — an `onBeforePay` approval hook said no (e.g. an MCP
+ *                          human-in-the-loop decline). Terminal for this pay — do NOT auto-retry.
+ */
+type DeclineReasonCode = 'POLICY' | 'BUDGET' | 'OUTSIDE_WINDOW' | 'SESSION_EXPIRED' | 'APPROVAL';
 /**
  * The client refused to pay BEFORE any on-chain send — the quoted payment
- * exceeded the configured {@link PaymentPolicy} (amount/total ceiling, or a
- * chain/token/host outside the allowlist), or an `onBeforePay` hook returned
- * `false`. No funds moved. The message names which guard fired; inspect the
- * `quote` via `client.quote(url)` to see the full breakdown.
+ * exceeded the configured {@link PaymentPolicy} (amount/total ceiling, a
+ * chain/token/host outside the allowlist, or the session's time envelope), or an
+ * `onBeforePay` hook returned `false`. No funds moved. The message names which
+ * guard fired; inspect the `quote` via `client.quote(url)` to see the full
+ * breakdown.
+ *
+ * `.reasonCode` is an optional, typed {@link DeclineReasonCode} the client stamps
+ * so an agent can branch on the cause (and spot a TERMINAL `'SESSION_EXPIRED'` /
+ * `'APPROVAL'` it must not retry) without parsing the prose. `.code` stays
+ * `'PAYMENT_DECLINED'`.
  */
 declare class PaymentDeclinedError extends PipRailError {
     readonly code = "PAYMENT_DECLINED";
+    /** Why it was declined, as a typed enum (a hint; `.code` is the reliable channel). */
+    readonly reasonCode?: DeclineReasonCode;
+    constructor(message: string, options?: ErrorOptions & {
+        reasonCode?: DeclineReasonCode;
+    });
 }
 /**
  * The payment broadcast but didn't confirm within the driver's polling window
@@ -5667,6 +6071,22 @@ declare class InvalidEnvelopeError extends PipRailError {
 declare class NoCompatibleAcceptError extends PipRailError {
     readonly code = "NO_COMPATIBLE_ACCEPT";
 }
+/**
+ * The client was asked to pay a SCHEME the bound chain family/asset/signer can't
+ * settle, and no fallback rail was offered. Specifically: a standard `exact` rail
+ * on a non-EVM family (only EVM ships the buyer `payExact`); an `exact` rail for a
+ * token that isn't EIP-3009 (USDT needs Permit2, native isn't exact-payable, a
+ * plain ERC-20 has no `transferWithAuthorization`); or an `exact` rail whose signer
+ * is a contract / EIP-1271 / EIP-7702-delegated account (no recoverable ECDSA sig).
+ *
+ * Distinct from {@link NoCompatibleAcceptError} (no rail for the network at all)
+ * and {@link WrongFamilyError} (the wallet/payTo/token was given in another
+ * family's shape). The fix is usually "enable/keep an `onchain-proof` rail" or
+ * "pay with a supported chain/token". Thrown by the client / the EVM driver.
+ */
+declare class UnsupportedSchemeError extends PipRailError {
+    readonly code = "UNSUPPORTED_SCHEME";
+}
 /** init.body was provided but isn't replayable (e.g. a one-shot ReadableStream). */
 declare class NonReplayableBodyError extends PipRailError {
     readonly code = "NON_REPLAYABLE_BODY";
@@ -5717,10 +6137,12 @@ declare class UnsupportedNetworkError extends PipRailError {
  * x402 `exact` interop, in BOTH directions, EVM + EIP-3009 only, on the existing
  * `viem` peer (no new dep):
  *
- *   • BUYER side (client) — parse an `exact` requirement, build + EIP-712-sign the
- *     EIP-3009 authorization, encode the `X-PAYMENT` header. Deterministic,
- *     unit-testable; NOT wired into `PipRailClient.fetch`'s default (see
- *     `.claude/plans/agent-readiness/04-universal-exact.md`).
+ *   • BUYER side (client) — {@link payExactEvm} re-derives the token's EIP-712 domain
+ *     ON-CHAIN, signs the EIP-3009 authorization, and is wired into `PipRailClient`'s
+ *     pay path via the EVM driver's `payExact` SPI (OPT-IN through `schemes: ['exact']`;
+ *     the default is unchanged). The lower-level `buildExactAuthorization` /
+ *     `encodeXPaymentHeader` codecs remain for hand-rolled/v1 clients. See
+ *     `.claude/plans/exact-client/IMPLEMENTATION.md`.
  *
  *   • SELLER side (gate) — {@link readExactDomain} (read the token's true EIP-712
  *     domain so the gate can advertise + verify it) and {@link verifyAndSettleExactEvm}
@@ -5812,6 +6234,13 @@ interface BuildExactParams {
  * Build + EIP-712-sign an EIP-3009 `transferWithAuthorization` for an `exact`
  * requirement. Returns the authorization and its signature; pass both to
  * {@link encodeXPaymentHeader} to produce the `X-PAYMENT` header value.
+ *
+ * @deprecated Low-level primitive — prefer {@link payExactEvm}, which the client's
+ * `payExact` SPI uses. This helper TRUSTS the server-supplied `accept.extra.{name,
+ * version}` for the EIP-712 domain (a lying/absent value yields a silently-invalid
+ * signature) and calls `account.signTypedData` directly (which is `undefined` on a
+ * bring-your-own JsonRpcAccount). `payExactEvm` re-derives the domain on-chain and
+ * signs via the wallet client. Kept exported as a deterministic test/codec building block.
  */
 declare function buildExactAuthorization(params: BuildExactParams): Promise<{
     authorization: ExactAuthorization;
@@ -5938,13 +6367,14 @@ declare const eip3009Abi: readonly [{
  * plain ERC-20), so the gate refuses to advertise a standard `exact` rail for it.
  *
  * The name is NEVER assumed from the symbol: canonical USDC's domain name is
- * "USD Coin" (not "USDC"), EURC's is "EURC". `eip712Domain()` (EIP-5267) reverts
- * on these proxies, so we read `name()`+`version()` and probe `authorizationState`
- * to confirm EIP-3009 support.
+ * "USD Coin" (not "USDC"), and EURC's is "Euro Coin" on Ethereum/Avalanche but "EURC"
+ * on Base — proof that only the on-chain read is authoritative. `eip712Domain()`
+ * (EIP-5267) reverts on these proxies, so we read `name()`+`version()` and probe
+ * `authorizationState` to confirm EIP-3009 support.
  */
 declare function readExactDomain(publicClient: PublicClient, asset: string): Promise<{
     name: string;
     version: string;
 } | null>;
 
-export { type AcceptOption, type AddressId, type AgentTool, type AlgorandToken, type AptosToken, type AssetId, type BazaarExtension, type BuildExactParams, CHAINS, type Caip2, type ChainFamily, type ChainInput, type ChainName, type ChainPreset, type ChainSelector, type ConfirmInfo, ConfirmationTimeoutError, type CostEstimate, DIRECTORY_INFO, type DirectoryInfo, type DiscoverOptions, type DiscoveredRail, type DiscoveredResource, type DiscoveryDescriptor, type DiscoverySigner, type DiscoverySource, type DomainClaim, type DomainVerification, EIP3009_TYPES, EXACT_NETWORK_SLUGS, type EvmToken, type ExactAccept, type ExactAuthorization, type ExactAuthorizationWire, type ExactPaymentPayload, type ExactRailOption, type ExpressLikeMiddleware, type ExpressLikeNext, type ExpressLikeRequest, type ExpressLikeResponse, type FacilitatorConfig, type FacilitatorPaymentRequirements, GENERATOR, HEADER_REQUIRED, HEADER_RESPONSE, HEADER_RESPONSE_V1, HEADER_SIGNATURE, HEADER_SIGNATURE_V1, InsufficientFundsError, InvalidEnvelopeError, type ListingVisibility, type ManifestInput, MaxRetriesExceededError, MissingDriverError, type NearToken, NoCompatibleAcceptError, NonReplayableBodyError, type OpenApiDocument, type OpenApiOperation, type ParsedExactPayment, type PayBlocker, type PayOption, type PayWarning, PaymentDeclinedError, type PaymentDriver, type PaymentGate, type PaymentIntent, type PaymentPlan, type PaymentPolicy, type PaymentRail, PaymentTimeoutError, PipRailClient, type PipRailClientOptions, type PipRailCostQuote, PipRailError, type PipRailEvent, type PipRailQuote, type PolicyDecision, RecipientNotReadyError, type RecipientReason, type RegisterInput, type RegisterOptions, type RegisterOutcome, type RequirePaymentOptions, type ResolveOptions, type ResolvedChain, type ResolvedNetwork, type ResolvedToken, type ResourceDescription, type SearchOpenIndexesOptions, type SettleViaFacilitatorInput, SettlementError, type SolanaToken, type SpendAssetTotal, type SpendRecord, type SpendSummary, type StellarToken, type SuiToken, type TokenInfo, type TokenInput, type TonToken, type ToolAnnotations, type TronToken, UnknownTokenError, UnsupportedNetworkError, type VerifyErrorCode, type VerifyPaymentResult, type VerifyResult, type WalletBalance, type WalletHandle, type WalletInput, type WellKnownX402, WrongChainError, WrongFamilyError, type X402AcceptEntry, type X402AnyAccept, type X402Challenge, type X402DnsRecord, type X402ExactAcceptEntry, type X402InvalidBody, type X402PaymentSignature, type X402Receipt, type X402ResourceObject, type XrplToken, buildBazaarExtension, buildChallengeHeader, buildExactAuthorization, buildOpenApi, buildReceiptHeader, buildSignatureHeader, buildWellKnownX402, buildX402DnsTxt, chainIdForExactNetwork, claim402IndexDomain, createPaymentGate, decorateOutcome, eip3009Abi, encodeXPaymentHeader, evaluatePolicy, getDirectoryInfo, normalizeNetwork, parseChallenge, parseExactPaymentHeader, parseExactRequirements, parseReceipt, parseSignatureHeader, paymentTools, pickAccept, planAcross, readExactDomain, register402Index, registerDriver, registerX402Scan, requirePayment, resolveChain, searchOpenIndexes, settleViaFacilitator, toInsufficientFundsError, toInvalidBody, verify402IndexDomain };
+export { type AcceptOption, type AddressId, type AgentTool, type AlgorandToken, type AptosToken, type AssetId, type BazaarExtension, type BuildExactParams, CHAINS, type Caip2, type ChainFamily, type ChainInput, type ChainName, type ChainPreset, type ChainSelector, type ChallengeTriage, type ChallengeVerdict, type ConfirmInfo, ConfirmationTimeoutError, type CostEstimate, DIRECTORY_INFO, type DeclineReasonCode, type DirectoryInfo, type DiscoverOptions, type DiscoveredRail, type DiscoveredResource, type DiscoveryDescriptor, type DiscoverySigner, type DiscoverySource, type DomainClaim, type DomainVerification, EIP3009_TYPES, EXACT_NETWORK_SLUGS, type EvmToken, type ExactAccept, type ExactAuthorization, type ExactAuthorizationWire, type ExactPaymentPayload, type ExactRailOption, type ExpressLikeMiddleware, type ExpressLikeNext, type ExpressLikeRequest, type ExpressLikeResponse, type FacilitatorConfig, type FacilitatorPaymentRequirements, GENERATOR, HEADER_REQUIRED, HEADER_RESPONSE, HEADER_RESPONSE_V1, HEADER_SIGNATURE, HEADER_SIGNATURE_V1, InsufficientFundsError, InvalidEnvelopeError, type ListingVisibility, type ManifestInput, MaxRetriesExceededError, MissingDriverError, type NearToken, NoCompatibleAcceptError, NonReplayableBodyError, type OpenApiDocument, type OpenApiOperation, PIPRAIL_AGENT_GUIDE, type ParsedExactPayment, type PayBlocker, type PayOption, type PayWarning, PaymentDeclinedError, type PaymentDriver, type PaymentGate, type PaymentIntent, type PaymentPlan, type PaymentPolicy, type PaymentRail, type PaymentScheme, PaymentTimeoutError, PipRailClient, type PipRailClientOptions, type PipRailCostQuote, PipRailError, type PipRailEvent, type PipRailQuote, type PolicyDecision, type PolicyDenyCode, RecipientNotReadyError, type RecipientReason, type RegisterInput, type RegisterOptions, type RegisterOutcome, type RequirePaymentOptions, type ResolveOptions, type ResolvedChain, type ResolvedNetwork, type ResolvedToken, type ResourceDescription, type SearchOpenIndexesOptions, type SessionBudget, type SettleOutcome, type SettleViaFacilitatorInput, SettlementError, type SolanaToken, type SpendAssetTotal, type SpendRecord, type SpendRemaining, type SpendSummary, type StellarToken, type SuiToken, type TokenInfo, type TokenInput, type TonToken, type ToolAnnotations, type TronToken, UnknownTokenError, UnsupportedNetworkError, UnsupportedSchemeError, type VerifyErrorCode, type VerifyPaymentResult, type VerifyResult, type WalletBalance, type WalletHandle, type WalletInput, type WellKnownX402, WrongChainError, WrongFamilyError, type X402AcceptEntry, type X402AnyAccept, type X402Challenge, type X402DnsRecord, type X402ExactAcceptEntry, type X402InvalidBody, type X402PaymentSignature, type X402Receipt, type X402ResourceObject, type XrplToken, agentGuide, buildBazaarExtension, buildChallengeHeader, buildExactAuthorization, buildExactSignatureHeader, buildOpenApi, buildReceiptHeader, buildSignatureHeader, buildWellKnownX402, buildX402DnsTxt, chainIdForExactNetwork, claim402IndexDomain, classifyChallenge, createPaymentGate, decorateOutcome, eip3009Abi, encodeXPaymentHeader, evaluatePolicy, explainDecline, formatSpendReport, getDirectoryInfo, normalizeNetwork, parseChallenge, parseExactPaymentHeader, parseExactRequirements, parseReceipt, parseSettleResponse, parseSignatureHeader, paymentTools, pickAccept, planAcross, readExactDomain, register402Index, registerDriver, registerX402Scan, requirePayment, resolveChain, searchOpenIndexes, settleViaFacilitator, summarizePlan, toInsufficientFundsError, toInvalidBody, verify402IndexDomain };