@puga-labs/x402-mantle-sdk 0.3.11 → 0.4.1

package/README.md

@@ -250,23 +250,25 @@ Deno.serve(pay(async (req) => {
 
 | Option | Type | Default | Description |
 |--------|------|---------|-------------|
-| `facilitatorUrl` | `string` | `http://localhost:8080` | Facilitator service URL |
+| `facilitatorUrl` | `string` | From 402 response | Facilitator service URL (auto-detected from backend) |
 | `resourceUrl` | `string` | `window.location.origin` | Your API base URL |
-| `projectKey` | `string` | - | Project key for hosted facilitator billing |
+| `projectKey` | `string` | From 402 response | Project key (auto-detected from backend) |
 | `getProvider` | `() => EIP1193Provider` | - | Function returning wallet provider |
 | `getAccount` | `() => string` | - | Function returning user address |
 
+**Note:** Both `facilitatorUrl` and `projectKey` are automatically passed from your backend via 402 responses, so clients typically don't need to configure them.
+
 ### Server Options (mantlePaywall)
 
 | Option | Type | Required | Description |
 |--------|------|----------|-------------|
 | `priceUsd` | `number` | Yes | Price in USD (e.g., `0.01` for 1 cent) |
 | `payTo` | `string` | Yes | Your wallet address to receive payments |
-| `facilitatorUrl` | `string` | No | Facilitator URL (default: localhost:8080) |
-| `apiKey` | `string` | No | API key for hosted facilitator |
-| `network` | `string` | No | Network ID (default: `mantle-mainnet`) |
+| `projectKey` | `string` | For hosted | Project key from dashboard (for billing + analytics) |
+| `facilitatorUrl` | `string` | For self-hosted | Your facilitator URL (defaults to hosted if not set) |
+| `facilitatorSecret` | `string` | For self-hosted | Shared secret (when set, requires facilitatorUrl) |
 | `onPaymentSettled` | `function` | No | Callback when payment is verified |
-| `telemetry` | `object` | No | Analytics configuration |
+| `telemetry` | `object` | No | Analytics configuration (auto-uses projectKey if not set) |
 
 ---
 
@@ -274,37 +276,52 @@ Deno.serve(pay(async (req) => {
 
 ### Hosted Facilitator (Recommended)
 
-Use our managed facilitator service:
+Use our managed facilitator service - **zero URL config needed**:
 
 ```typescript
+// Minimal setup - facilitatorUrl defaults to hosted service!
 const pay = mantlePaywall({
   priceUsd: 0.01,
   payTo: '0xYourWallet',
-  facilitatorUrl: 'https://facilitator.x402mantlesdk.xyz',
-  apiKey: 'your-api-key' // Get from dashboard
+  projectKey: 'pk_xxx' // Get from dashboard (for billing + analytics)
 });
 ```
 
-Get your API key from [Dashboard](https://x402mantlesdk.xyz/dashboard).
+Get your project key from [Dashboard](https://x402mantlesdk.xyz/dashboard).
+
+**Note:** `projectKey` is automatically passed to clients via 402 responses, so they don't need to configure it separately.
 
 ### Self-Hosted Facilitator
 
-Run your own facilitator:
+Run your own facilitator for full control and cost savings:
 
 ```typescript
 const pay = mantlePaywall({
   priceUsd: 0.01,
   payTo: '0xYourWallet',
-  facilitatorUrl: 'https://your-facilitator.com'
-  // No apiKey needed for self-hosted
+  facilitatorUrl: 'https://your-facilitator.com', // Required for self-hosted
+  facilitatorSecret: process.env.FACILITATOR_SECRET! // Required for self-hosted
+});
+
+// Optional: add projectKey for telemetry
+const payWithTelemetry = mantlePaywall({
+  priceUsd: 0.01,
+  payTo: '0xYourWallet',
+  facilitatorUrl: 'https://your-facilitator.com',
+  facilitatorSecret: process.env.FACILITATOR_SECRET!,
+  projectKey: 'pk_xxx' // Optional: for analytics
 });
 ```
 
+The `facilitatorSecret` is **required** for self-hosted facilitators to prevent unauthorized usage. When `facilitatorSecret` is provided, `facilitatorUrl` is also required.
+
 Create a facilitator with:
 ```bash
 npx create-mantle-facilitator my-facilitator
 ```
 
+After setup, copy `FACILITATOR_SECRET` from the generated `.env` file to your backend's environment variables.
+
 ---
 
 ## Analytics & Telemetry
@@ -316,11 +333,11 @@ const pay = mantlePaywall({
   priceUsd: 0.01,
   payTo: '0x...',
   facilitatorUrl: 'https://facilitator.x402mantlesdk.xyz',
+  projectKey: 'pk_xxx',  // Get from dashboard - used for both billing AND analytics
 
-  // Analytics configuration
+  // Optional: Advanced telemetry config
   telemetry: {
-    projectKey: 'pk_xxx',  // Get from dashboard
-    debug: true            // Enable console logging
+    debug: true  // Enable console logging (projectKey auto-derived from above)
   },
 
   // Callback on each successful payment

package/dist/chunk-2IGT3ZXX.js

@@ -0,0 +1,179 @@
+import {
+  createMantleClient
+} from "./chunk-RVPI6FMV.js";
+
+// src/client/react/useEthersWallet.ts
+import { useState, useEffect, useCallback } from "react";
+import { ethers } from "ethers";
+function useEthersWallet(options) {
+  const [address, setAddress] = useState(void 0);
+  const [isConnected, setIsConnected] = useState(false);
+  const [provider, setProvider] = useState(
+    void 0
+  );
+  const [chainId, setChainId] = useState(void 0);
+  const [error, setError] = useState(void 0);
+  const setProviderAndChain = useCallback(async () => {
+    if (typeof window === "undefined" || !window.ethereum) return;
+    const browserProvider = new ethers.BrowserProvider(
+      window.ethereum
+    );
+    setProvider(browserProvider);
+    const network = await browserProvider.getNetwork();
+    setChainId(Number(network.chainId));
+  }, []);
+  const hydrateFromPermissions = useCallback(async () => {
+    if (typeof window === "undefined" || !window.ethereum) return;
+    try {
+      const accounts = await window.ethereum.request({
+        method: "eth_accounts"
+      });
+      if (accounts && accounts.length > 0) {
+        const userAddress = accounts[0];
+        setAddress(userAddress);
+        setIsConnected(true);
+        await setProviderAndChain();
+      }
+    } catch (err) {
+      console.warn("[useEthersWallet] Failed to hydrate from permissions:", err);
+    }
+  }, [setProviderAndChain]);
+  const connect = useCallback(async () => {
+    try {
+      setError(void 0);
+      if (typeof window === "undefined" || !window.ethereum) {
+        throw new Error(
+          "No Ethereum wallet detected. Please install MetaMask or another wallet."
+        );
+      }
+      const browserProvider = new ethers.BrowserProvider(
+        window.ethereum
+      );
+      setProvider(browserProvider);
+      const accounts = await window.ethereum.request({
+        method: "eth_requestAccounts"
+      });
+      if (!accounts || accounts.length === 0) {
+        throw new Error("No accounts returned from wallet");
+      }
+      const userAddress = accounts[0];
+      setAddress(userAddress);
+      setIsConnected(true);
+      const network = await browserProvider.getNetwork();
+      setChainId(Number(network.chainId));
+    } catch (err) {
+      const errorObj = err instanceof Error ? err : new Error(String(err));
+      setError(errorObj);
+      setIsConnected(false);
+      setAddress(void 0);
+      setChainId(void 0);
+      throw errorObj;
+    }
+  }, []);
+  const disconnect = useCallback(() => {
+    setAddress(void 0);
+    setIsConnected(false);
+    setChainId(void 0);
+    setError(void 0);
+  }, []);
+  useEffect(() => {
+    if (typeof window === "undefined" || !window.ethereum) return;
+    const ethereum = window.ethereum;
+    const handleAccountsChanged = (accounts) => {
+      const accountsArray = accounts;
+      if (!accountsArray || accountsArray.length === 0) {
+        disconnect();
+      } else {
+        setAddress(accountsArray[0]);
+        setIsConnected(true);
+        void setProviderAndChain();
+      }
+    };
+    if (ethereum.on) {
+      ethereum.on("accountsChanged", handleAccountsChanged);
+    }
+    return () => {
+      if (ethereum.removeListener) {
+        ethereum.removeListener("accountsChanged", handleAccountsChanged);
+      }
+    };
+  }, [disconnect, setProviderAndChain]);
+  useEffect(() => {
+    if (typeof window === "undefined" || !window.ethereum) return;
+    const ethereum = window.ethereum;
+    const handleConnect = () => {
+      void hydrateFromPermissions();
+    };
+    if (ethereum.on) {
+      ethereum.on("connect", handleConnect);
+    }
+    return () => {
+      if (ethereum.removeListener) {
+        ethereum.removeListener("connect", handleConnect);
+      }
+    };
+  }, [hydrateFromPermissions]);
+  useEffect(() => {
+    if (typeof window === "undefined" || !window.ethereum) return;
+    const ethereum = window.ethereum;
+    const handleChainChanged = (chainIdHex) => {
+      const newChainId = parseInt(chainIdHex, 16);
+      setChainId(newChainId);
+    };
+    if (ethereum.on) {
+      ethereum.on("chainChanged", handleChainChanged);
+    }
+    return () => {
+      if (ethereum.removeListener) {
+        ethereum.removeListener("chainChanged", handleChainChanged);
+      }
+    };
+  }, []);
+  useEffect(() => {
+    void hydrateFromPermissions();
+  }, [hydrateFromPermissions]);
+  useEffect(() => {
+    if (options?.autoConnect) {
+      connect().catch((err) => {
+        console.warn("[useEthersWallet] Auto-connect failed:", err);
+      });
+    }
+  }, [options?.autoConnect, connect]);
+  return {
+    address,
+    isConnected,
+    provider,
+    chainId,
+    connect,
+    disconnect,
+    error
+  };
+}
+
+// src/client/react/useMantleX402.ts
+function useMantleX402(opts) {
+  const { address, isConnected } = useEthersWallet({
+    autoConnect: opts?.autoConnect ?? false
+  });
+  const client = createMantleClient({
+    facilitatorUrl: opts?.facilitatorUrl,
+    resourceUrl: opts?.resourceUrl,
+    projectKey: opts?.projectKey,
+    getAccount: () => {
+      if (!isConnected || !address) return void 0;
+      return address;
+    },
+    getProvider: () => {
+      if (typeof window !== "undefined" && window.ethereum) {
+        return window.ethereum;
+      }
+      return void 0;
+    }
+  });
+  return client;
+}
+
+export {
+  useEthersWallet,
+  useMantleX402
+};

package/dist/chunk-4BUJR6G5.js

@@ -0,0 +1,100 @@
+import {
+  buildRouteKey,
+  checkPayment,
+  validateAddress
+} from "./chunk-HUKLI4UV.js";
+import {
+  MANTLE_DEFAULTS,
+  __export,
+  getDefaultAssetForNetwork,
+  usdCentsToAtomic
+} from "./chunk-HEZZ74SI.js";
+
+// src/server/adapters/nextjs.ts
+var nextjs_exports = {};
+__export(nextjs_exports, {
+  isPaywallErrorResponse: () => isPaywallErrorResponse,
+  mantlePaywall: () => mantlePaywall
+});
+import { NextResponse } from "next/server";
+function debugLog(config, prefix, message, data) {
+  if (config?.debug) {
+    const timestamp = (/* @__PURE__ */ new Date()).toISOString();
+    console.log(`[${timestamp}] [x402-debug:${prefix}]`, message, data || "");
+  }
+}
+function mantlePaywall(opts) {
+  const { priceUsd, payTo, facilitatorUrl, apiKey, telemetry, onPaymentSettled, facilitatorSecret } = opts;
+  validateAddress(payTo, "payTo");
+  const priceUsdCents = Math.round(priceUsd * 100);
+  return function(handler) {
+    return async (req) => {
+      const url = new URL(req.url);
+      const method = req.method;
+      const path = url.pathname;
+      const routeKey = buildRouteKey(method, path);
+      const network = MANTLE_DEFAULTS.NETWORK;
+      const assetConfig = getDefaultAssetForNetwork(network);
+      const maxAmountRequiredBigInt = usdCentsToAtomic(
+        priceUsdCents,
+        assetConfig.decimals
+      );
+      const paymentRequirements = {
+        scheme: "exact",
+        network,
+        asset: assetConfig.address,
+        maxAmountRequired: maxAmountRequiredBigInt.toString(),
+        payTo,
+        price: `$${(priceUsdCents / 100).toFixed(2)}`,
+        currency: "USD"
+      };
+      const paymentHeader = req.headers.get("X-PAYMENT") || req.headers.get("x-payment") || null;
+      const result = await checkPayment({
+        paymentHeader,
+        paymentRequirements,
+        facilitatorUrl: facilitatorUrl || MANTLE_DEFAULTS.FACILITATOR_URL,
+        apiKey,
+        routeKey,
+        network,
+        asset: assetConfig.address,
+        telemetry,
+        onPaymentSettled,
+        facilitatorSecret
+      });
+      if (!result.isValid) {
+        return NextResponse.json(result.responseBody, {
+          status: result.statusCode
+        });
+      }
+      try {
+        debugLog(telemetry, "handler", "Handler execution started");
+        const response = await handler(req);
+        debugLog(telemetry, "handler", `Handler completed: ${response.status}`);
+        if (result.sendTelemetryAfterResponse) {
+          debugLog(telemetry, "callback", `Calling telemetry callback with status ${response.status}`);
+          result.sendTelemetryAfterResponse(response.status);
+        } else {
+          debugLog(telemetry, "callback", "WARNING: No telemetry callback to call");
+        }
+        return response;
+      } catch (err) {
+        const errorMessage = err instanceof Error ? err.message : "Unknown error";
+        debugLog(telemetry, "handler", `ERROR: Handler error: ${errorMessage}`);
+        if (result.sendTelemetryAfterResponse) {
+          debugLog(telemetry, "callback", "Calling telemetry callback with error");
+          result.sendTelemetryAfterResponse(500, errorMessage);
+        }
+        throw err;
+      }
+    };
+  };
+}
+function isPaywallErrorResponse(response) {
+  return typeof response === "object" && response !== null && "error" in response && typeof response.error === "string";
+}
+
+export {
+  mantlePaywall,
+  isPaywallErrorResponse,
+  nextjs_exports
+};

package/dist/chunk-5RSVKEVG.js

@@ -0,0 +1,307 @@
+import {
+  __require,
+  getChainIdForNetwork
+} from "./chunk-WZKYTDTE.js";
+
+// src/shared/utils.ts
+function encodeJsonToBase64(value) {
+  const json = JSON.stringify(value);
+  if (typeof btoa === "function") {
+    const bytes = new TextEncoder().encode(json);
+    const binString = Array.from(
+      bytes,
+      (byte) => String.fromCodePoint(byte)
+    ).join("");
+    return btoa(binString);
+  }
+  if (typeof globalThis.Buffer !== "undefined") {
+    return globalThis.Buffer.from(json, "utf8").toString("base64");
+  }
+  throw new Error("No base64 implementation found in this environment");
+}
+function randomBytes32Hex() {
+  if (typeof crypto !== "undefined" && "getRandomValues" in crypto) {
+    const arr = new Uint8Array(32);
+    crypto.getRandomValues(arr);
+    return "0x" + Array.from(arr).map((b) => b.toString(16).padStart(2, "0")).join("");
+  }
+  try {
+    const nodeCrypto = __require("crypto");
+    const buf = nodeCrypto.randomBytes(32);
+    return "0x" + buf.toString("hex");
+  } catch {
+    throw new Error(
+      "No cryptographically secure random number generator found. This environment does not support crypto.getRandomValues or Node.js crypto module."
+    );
+  }
+}
+
+// src/client/paymentClient.ts
+function joinUrl(base, path) {
+  const normalizedBase = base.replace(/\/+$/, "");
+  const normalizedPath = path.startsWith("/") ? path : `/${path}`;
+  return `${normalizedBase}${normalizedPath}`;
+}
+function buildTypedDataForAuthorization(authorization, paymentRequirements) {
+  const chainId = getChainIdForNetwork(paymentRequirements.network);
+  const verifyingContract = paymentRequirements.asset;
+  const domain = {
+    name: "USD Coin",
+    version: "2",
+    chainId,
+    verifyingContract
+  };
+  const types = {
+    TransferWithAuthorization: [
+      { name: "from", type: "address" },
+      { name: "to", type: "address" },
+      { name: "value", type: "uint256" },
+      { name: "validAfter", type: "uint256" },
+      { name: "validBefore", type: "uint256" },
+      { name: "nonce", type: "bytes32" }
+    ]
+  };
+  return {
+    domain,
+    types,
+    primaryType: "TransferWithAuthorization",
+    message: authorization
+  };
+}
+async function signAuthorizationWithProvider(provider, authorization, paymentRequirements) {
+  const { BrowserProvider } = await import("ethers");
+  const chainId = getChainIdForNetwork(paymentRequirements.network);
+  const browserProvider = new BrowserProvider(provider, chainId);
+  const signer = await browserProvider.getSigner();
+  const from = await signer.getAddress();
+  const authWithFrom = {
+    ...authorization,
+    from
+  };
+  const typedData = buildTypedDataForAuthorization(
+    authWithFrom,
+    paymentRequirements
+  );
+  const signature = await signer.signTypedData(
+    typedData.domain,
+    typedData.types,
+    typedData.message
+  );
+  return { signature, from };
+}
+function createPaymentClient(config) {
+  const {
+    resourceUrl,
+    facilitatorUrl: configFacilitatorUrl,
+    provider,
+    userAddress: userAddressOverride,
+    projectKey: configProjectKey
+  } = config;
+  if (!resourceUrl) {
+    throw new Error("resourceUrl is required");
+  }
+  if (!provider) {
+    throw new Error("provider is required (e.g. window.ethereum)");
+  }
+  return {
+    async callWithPayment(path, options) {
+      const method = options?.method ?? "GET";
+      const headers = {
+        ...options?.headers ?? {}
+      };
+      let body;
+      if (options?.body !== void 0) {
+        headers["Content-Type"] = headers["Content-Type"] ?? "application/json";
+        body = JSON.stringify(options.body);
+      }
+      const initialUrl = joinUrl(resourceUrl, path);
+      const initialRes = await fetch(initialUrl, {
+        method,
+        headers,
+        body
+      });
+      if (initialRes.status !== 402) {
+        const json = await initialRes.json().catch((err) => {
+          console.error("[x402] Failed to parse initial response JSON:", err);
+          return null;
+        });
+        return {
+          response: json,
+          txHash: void 0
+        };
+      }
+      const bodyJson = await initialRes.json();
+      const paymentRequirements = bodyJson.paymentRequirements;
+      if (!paymentRequirements) {
+        throw new Error(
+          "402 response did not include paymentRequirements field"
+        );
+      }
+      const facilitatorUrl = configFacilitatorUrl ?? bodyJson.facilitatorUrl;
+      if (!facilitatorUrl) {
+        throw new Error(
+          "facilitatorUrl not provided in config and not in 402 response. Either set facilitatorUrl in client config or ensure your backend includes it in 402 responses."
+        );
+      }
+      const projectKey = configProjectKey ?? bodyJson.projectKey;
+      const settleToken = bodyJson.settleToken;
+      const nowSec = Math.floor(Date.now() / 1e3);
+      const validAfter = "0";
+      const validBefore = String(nowSec + 10 * 60);
+      const nonce = randomBytes32Hex();
+      const valueAtomic = options?.valueOverrideAtomic ?? paymentRequirements.maxAmountRequired;
+      let authorization = {
+        from: "0x0000000000000000000000000000000000000000",
+        to: paymentRequirements.payTo,
+        value: valueAtomic,
+        validAfter,
+        validBefore,
+        nonce
+      };
+      let signature;
+      let from;
+      try {
+        const signed = await signAuthorizationWithProvider(
+          provider,
+          authorization,
+          paymentRequirements
+        );
+        signature = signed.signature;
+        from = signed.from;
+      } catch (err) {
+        const code = err?.code;
+        if (code === 4001 || code === "ACTION_REJECTED") {
+          const userErr = new Error("User rejected payment signature");
+          userErr.code = "USER_REJECTED_SIGNATURE";
+          userErr.userRejected = true;
+          throw userErr;
+        }
+        throw err;
+      }
+      authorization = {
+        ...authorization,
+        from
+      };
+      if (userAddressOverride && userAddressOverride.toLowerCase() !== from.toLowerCase()) {
+        console.warn(
+          "[SDK WARNING] userAddress override differs from signer address",
+          { override: userAddressOverride, signer: from }
+        );
+      }
+      const paymentHeaderObject = {
+        x402Version: 1,
+        scheme: paymentRequirements.scheme,
+        network: paymentRequirements.network,
+        payload: {
+          signature,
+          authorization
+        }
+      };
+      const paymentHeader = encodeJsonToBase64(paymentHeaderObject);
+      const settleUrl = joinUrl(facilitatorUrl, "/settle");
+      const settleRes = await fetch(settleUrl, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          ...projectKey ? { "X-Project-Key": projectKey } : {}
+        },
+        body: JSON.stringify({
+          x402Version: 1,
+          paymentHeader,
+          paymentRequirements,
+          ...settleToken && { settleToken }
+        })
+      });
+      if (!settleRes.ok) {
+        const text = await settleRes.text().catch((err) => {
+          console.error("[x402] Failed to read settle response text:", err);
+          return "";
+        });
+        throw new Error(
+          `Facilitator /settle failed with HTTP ${settleRes.status}: ${text}`
+        );
+      }
+      const settleJson = await settleRes.json();
+      if (!settleJson.success) {
+        throw new Error(
+          `Facilitator /settle returned error: ${settleJson.error ?? "unknown error"}`
+        );
+      }
+      const txHash = settleJson.txHash ?? void 0;
+      const retryHeaders = {
+        ...headers,
+        "X-PAYMENT": paymentHeader
+      };
+      const retryRes = await fetch(initialUrl, {
+        method,
+        headers: retryHeaders,
+        body
+      });
+      if (!retryRes.ok) {
+        const text = await retryRes.text().catch((err) => {
+          console.error("[x402] Failed to read retry response text:", err);
+          return "";
+        });
+        throw new Error(
+          `Protected request with X-PAYMENT failed: HTTP ${retryRes.status} ${text}`
+        );
+      }
+      const finalJson = await retryRes.json();
+      return {
+        response: finalJson,
+        txHash,
+        paymentHeader,
+        paymentRequirements
+      };
+    }
+  };
+}
+
+// src/client/createMantleClient.ts
+function createMantleClient(config) {
+  const resourceUrl = config?.resourceUrl ?? (typeof window !== "undefined" ? window.location.origin : "");
+  const facilitatorUrl = config?.facilitatorUrl ?? (typeof process !== "undefined" ? process.env?.NEXT_PUBLIC_FACILITATOR_URL : void 0);
+  return {
+    async postWithPayment(url, body) {
+      const provider = config?.getProvider?.();
+      if (!provider) {
+        throw new Error("Wallet provider not available");
+      }
+      let account = await config?.getAccount?.();
+      if (!account && provider?.request) {
+        try {
+          const accounts = await provider.request({
+            method: "eth_accounts"
+          });
+          if (Array.isArray(accounts) && accounts.length > 0) {
+            account = accounts[0];
+          }
+        } catch (err) {
+          console.warn("[x402] Failed to hydrate account from provider:", err);
+        }
+      }
+      if (!account) {
+        throw new Error(
+          "Wallet not connected. Please connect your wallet first."
+        );
+      }
+      const client = createPaymentClient({
+        resourceUrl,
+        facilitatorUrl,
+        provider,
+        userAddress: account,
+        projectKey: config?.projectKey
+      });
+      const result = await client.callWithPayment(url, {
+        method: "POST",
+        body
+      });
+      return result;
+    }
+  };
+}
+
+export {
+  createPaymentClient,
+  createMantleClient
+};