@puga-labs/x402-mantle-sdk 0.3.6 → 0.3.8

package/dist/chunk-OW2BDRGZ.js

@@ -0,0 +1,239 @@
+import {
+  getDefaultAssetForNetwork
+} from "./chunk-HEZZ74SI.js";
+
+// src/server/core/utils.ts
+function validateAddress(address, paramName = "address") {
+  if (!address) {
+    throw new Error(`${paramName} is required`);
+  }
+  if (typeof address !== "string") {
+    throw new Error(`${paramName} must be a string, got ${typeof address}`);
+  }
+  if (!address.startsWith("0x")) {
+    const preview = address.length > 10 ? `${address.substring(0, 10)}...` : address;
+    throw new Error(
+      `${paramName} must start with "0x", got: ${preview}`
+    );
+  }
+  if (address.length !== 42) {
+    throw new Error(
+      `${paramName} must be 42 characters (0x + 40 hex), got ${address.length} characters`
+    );
+  }
+  const hexPart = address.slice(2);
+  if (!/^[0-9a-fA-F]{40}$/.test(hexPart)) {
+    throw new Error(
+      `${paramName} must contain only hexadecimal characters (0-9, a-f, A-F) after "0x"`
+    );
+  }
+}
+function decodePaymentHeader(paymentHeaderBase64) {
+  try {
+    if (typeof Buffer !== "undefined") {
+      const json = Buffer.from(paymentHeaderBase64, "base64").toString("utf8");
+      return JSON.parse(json);
+    }
+    if (typeof atob === "function") {
+      const json = atob(paymentHeaderBase64);
+      return JSON.parse(json);
+    }
+    throw new Error("No base64 decoding available in this environment");
+  } catch (err) {
+    const msg = err instanceof Error ? err.message : "Unknown error";
+    throw new Error(`Failed to decode paymentHeader: ${msg}`);
+  }
+}
+function buildRouteKey(method, path) {
+  const normalizedMethod = (method || "GET").toUpperCase();
+  const normalizedPath = path || "/";
+  return `${normalizedMethod} ${normalizedPath}`;
+}
+
+// src/server/constants.ts
+var DEFAULT_TELEMETRY_ENDPOINT = "https://x402mantlesdk.xyz/api/telemetry/settled";
+
+// src/server/telemetry.ts
+function createTelemetryEvent(entry, config) {
+  const assetConfig = getDefaultAssetForNetwork(entry.network);
+  return {
+    event: "payment_verified",
+    ts: entry.timestamp,
+    projectKey: config.projectKey,
+    network: entry.network,
+    buyer: entry.from,
+    payTo: entry.to,
+    amountAtomic: entry.valueAtomic,
+    asset: entry.asset,
+    decimals: assetConfig.decimals,
+    nonce: entry.id,
+    route: entry.route ?? "unknown",
+    // Facilitator metadata
+    facilitatorType: "hosted",
+    // SDK always uses hosted mode
+    facilitatorUrl: entry.facilitatorUrl,
+    // From PaymentLogEntry
+    // facilitatorAddress is undefined for SDK (not available)
+    // Optional metadata
+    txHash: entry.txHash,
+    priceUsd: entry.paymentRequirements?.price
+  };
+}
+async function sendTelemetry(event, endpoint) {
+  const targetEndpoint = endpoint ?? DEFAULT_TELEMETRY_ENDPOINT;
+  if (!targetEndpoint) {
+    return;
+  }
+  try {
+    const response = await fetch(targetEndpoint, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        "Authorization": `Bearer ${event.projectKey}`
+      },
+      body: JSON.stringify(event)
+    });
+    if (!response.ok) {
+      console.warn(
+        `[x402-telemetry] Failed to send event: HTTP ${response.status}`
+      );
+    }
+  } catch (err) {
+    console.error("[x402-telemetry] Error sending telemetry:", err);
+  }
+}
+
+// src/server/core/verifyPayment.ts
+async function checkPayment(input) {
+  const {
+    paymentHeader,
+    paymentRequirements,
+    facilitatorUrl,
+    apiKey,
+    routeKey,
+    network,
+    asset,
+    telemetry,
+    onPaymentSettled
+  } = input;
+  if (!paymentHeader || paymentHeader.trim() === "") {
+    return {
+      status: "require_payment",
+      statusCode: 402,
+      responseBody: {
+        error: "Payment Required",
+        paymentRequirements,
+        paymentHeader: null
+      },
+      isValid: false
+    };
+  }
+  try {
+    const verifyUrl = `${facilitatorUrl.replace(/\/+$/, "")}/verify`;
+    const verifyRes = await fetch(verifyUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        ...apiKey && { "Authorization": `Bearer ${apiKey}` }
+      },
+      body: JSON.stringify({
+        x402Version: 1,
+        paymentHeader,
+        paymentRequirements
+      })
+    });
+    if (!verifyRes.ok) {
+      const text = await verifyRes.text().catch(() => "");
+      console.error(
+        "[x402-mantle-sdk] Facilitator /verify returned non-OK:",
+        verifyRes.status,
+        text
+      );
+      return {
+        status: "verification_error",
+        statusCode: 500,
+        responseBody: {
+          error: "Payment verification error",
+          details: `Facilitator responded with HTTP ${verifyRes.status}`
+        },
+        isValid: false
+      };
+    }
+    const verifyJson = await verifyRes.json();
+    if (!verifyJson.isValid) {
+      return {
+        status: "invalid_payment",
+        statusCode: 402,
+        responseBody: {
+          error: "Payment verification failed",
+          invalidReason: verifyJson.invalidReason ?? null,
+          paymentRequirements,
+          paymentHeader: null
+        },
+        isValid: false
+      };
+    }
+    if (onPaymentSettled) {
+      try {
+        const headerObj = decodePaymentHeader(paymentHeader);
+        const { authorization } = headerObj.payload;
+        const assetConfig = getDefaultAssetForNetwork(network);
+        const logEntry = {
+          id: authorization.nonce,
+          from: authorization.from,
+          to: authorization.to,
+          valueAtomic: authorization.value,
+          network,
+          asset,
+          route: routeKey,
+          timestamp: Date.now(),
+          facilitatorUrl,
+          paymentRequirements
+        };
+        onPaymentSettled(logEntry);
+        if (telemetry) {
+          const event = createTelemetryEvent(logEntry, telemetry);
+          sendTelemetry(event, telemetry.endpoint).catch(
+            (err) => console.error("[x402-telemetry] Async send failed:", err)
+          );
+        }
+      } catch (err) {
+        console.error(
+          "[x402-mantle-sdk] Error calling onPaymentSettled hook:",
+          err
+        );
+      }
+    }
+    return {
+      status: "verified",
+      statusCode: 200,
+      responseBody: null,
+      isValid: true
+    };
+  } catch (err) {
+    console.error(
+      "[x402-mantle-sdk] Error while calling facilitator /verify:",
+      err
+    );
+    const message = err instanceof Error ? err.message : "Unknown verification error";
+    return {
+      status: "verification_error",
+      statusCode: 500,
+      responseBody: {
+        error: "Payment verification error",
+        details: message
+      },
+      isValid: false
+    };
+  }
+}
+
+export {
+  validateAddress,
+  decodePaymentHeader,
+  buildRouteKey,
+  DEFAULT_TELEMETRY_ENDPOINT,
+  createTelemetryEvent,
+  sendTelemetry,
+  checkPayment
+};

package/dist/chunk-T63MVWX3.js

@@ -0,0 +1,71 @@
+import {
+  buildRouteKey,
+  checkPayment,
+  validateAddress
+} from "./chunk-OW2BDRGZ.js";
+import {
+  MANTLE_DEFAULTS,
+  __export,
+  getDefaultAssetForNetwork,
+  usdCentsToAtomic
+} from "./chunk-HEZZ74SI.js";
+
+// src/server/adapters/web-standards.ts
+var web_standards_exports = {};
+__export(web_standards_exports, {
+  mantlePaywall: () => mantlePaywall
+});
+function mantlePaywall(opts) {
+  const { priceUsd, payTo, facilitatorUrl, apiKey, telemetry, onPaymentSettled } = opts;
+  validateAddress(payTo, "payTo");
+  const priceUsdCents = Math.round(priceUsd * 100);
+  return function(handler) {
+    return async (request) => {
+      const url = new URL(request.url);
+      const method = request.method;
+      const path = url.pathname;
+      const routeKey = buildRouteKey(method, path);
+      const network = MANTLE_DEFAULTS.NETWORK;
+      const assetConfig = getDefaultAssetForNetwork(network);
+      const maxAmountRequiredBigInt = usdCentsToAtomic(
+        priceUsdCents,
+        assetConfig.decimals
+      );
+      const paymentRequirements = {
+        scheme: "exact",
+        network,
+        asset: assetConfig.address,
+        maxAmountRequired: maxAmountRequiredBigInt.toString(),
+        payTo,
+        price: `$${(priceUsdCents / 100).toFixed(2)}`,
+        currency: "USD"
+      };
+      const paymentHeader = request.headers.get("X-PAYMENT") || request.headers.get("x-payment") || null;
+      const result = await checkPayment({
+        paymentHeader,
+        paymentRequirements,
+        facilitatorUrl: facilitatorUrl || MANTLE_DEFAULTS.FACILITATOR_URL,
+        apiKey,
+        routeKey,
+        network,
+        asset: assetConfig.address,
+        telemetry,
+        onPaymentSettled
+      });
+      if (!result.isValid) {
+        return new Response(JSON.stringify(result.responseBody), {
+          status: result.statusCode,
+          headers: {
+            "Content-Type": "application/json"
+          }
+        });
+      }
+      return handler(request);
+    };
+  };
+}
+
+export {
+  mantlePaywall,
+  web_standards_exports
+};

package/dist/client.cjs

@@ -206,11 +206,26 @@ function createPaymentClient(config) {
         validBefore,
         nonce
       };
-      const { signature, from } = await signAuthorizationWithProvider(
-        provider,
-        authorization,
-        paymentRequirements
-      );
+      let signature;
+      let from;
+      try {
+        const signed = await signAuthorizationWithProvider(
+          provider,
+          authorization,
+          paymentRequirements
+        );
+        signature = signed.signature;
+        from = signed.from;
+      } catch (err) {
+        const code = err?.code;
+        if (code === 4001 || code === "ACTION_REJECTED") {
+          const userErr = new Error("User rejected payment signature");
+          userErr.code = "USER_REJECTED_SIGNATURE";
+          userErr.userRejected = true;
+          throw userErr;
+        }
+        throw err;
+      }
       authorization = {
         ...authorization,
         from

package/dist/client.js

@@ -1,7 +1,7 @@
 import {
   createMantleClient,
   createPaymentClient
-} from "./chunk-VNO4LJWC.js";
+} from "./chunk-7SOCLVGM.js";
 import {
   MANTLE_DEFAULTS
 } from "./chunk-HEZZ74SI.js";

package/dist/express-D8L5Dg1D.d.ts

@@ -0,0 +1,68 @@
+import { Request, Response, NextFunction } from 'express';
+import { b as RoutesConfig, M as MinimalPaywallOptions } from './types-CXdNC0Ra.js';
+
+/**
+ * Express middleware function type for Mantle paywall.
+ */
+type MantleMiddleware = (req: Request, res: Response, next: NextFunction) => Promise<void>;
+/** Config for createPaymentMiddleware. */
+interface PaymentMiddlewareConfig {
+    /** Base URL of facilitator, e.g. https://facilitator.nosubs.ai */
+    facilitatorUrl: string;
+    /** Recipient address (developer). Validated at runtime. */
+    receiverAddress: string;
+    /** Map of protected routes and their pricing. */
+    routes: RoutesConfig;
+    /** Optional API key for hosted facilitator billing. */
+    apiKey?: string;
+    /**
+     * Optional hook called whenever a payment is successfully settled.
+     */
+    onPaymentSettled?: MinimalPaywallOptions["onPaymentSettled"];
+    /** Optional: Send usage telemetry for billing/analytics. */
+    telemetry?: MinimalPaywallOptions["telemetry"];
+}
+/**
+ * Create Express middleware for x402 payment verification on multiple routes.
+ *
+ * @example
+ * ```typescript
+ * const middleware = createPaymentMiddleware({
+ *   facilitatorUrl: 'https://facilitator.nosubs.ai',
+ *   receiverAddress: '0x...',
+ *   routes: {
+ *     'POST /api/generate': { priceUsdCents: 1, network: 'mantle-mainnet' },
+ *     'GET /api/data': { priceUsdCents: 5, network: 'mantle-mainnet' },
+ *   }
+ * });
+ *
+ * app.use(middleware);
+ * ```
+ */
+declare function createPaymentMiddleware(config: PaymentMiddlewareConfig): MantleMiddleware;
+/**
+ * Simplified wrapper for protecting a single route with x402 payments.
+ * Uses Mantle mainnet defaults (USDC, exact scheme, etc.).
+ *
+ * @example
+ * ```typescript
+ * const pay = mantlePaywall({ priceUsd: 0.01, payTo: "0x..." });
+ * app.post('/api/generate', pay, async (req, res) => {
+ *   // Your handler code here
+ * });
+ * ```
+ *
+ * @param opts - Minimal configuration (price, payTo, optional facilitator/telemetry).
+ * @returns Express middleware function for single-route protection.
+ */
+declare function mantlePaywall(opts: MinimalPaywallOptions): MantleMiddleware;
+
+type express_MantleMiddleware = MantleMiddleware;
+type express_PaymentMiddlewareConfig = PaymentMiddlewareConfig;
+declare const express_createPaymentMiddleware: typeof createPaymentMiddleware;
+declare const express_mantlePaywall: typeof mantlePaywall;
+declare namespace express {
+  export { type express_MantleMiddleware as MantleMiddleware, type express_PaymentMiddlewareConfig as PaymentMiddlewareConfig, express_createPaymentMiddleware as createPaymentMiddleware, express_mantlePaywall as mantlePaywall };
+}
+
+export { type MantleMiddleware as M, type PaymentMiddlewareConfig as P, createPaymentMiddleware as c, express as e, mantlePaywall as m };

package/dist/express-Pukmnwuu.d.cts

@@ -0,0 +1,68 @@
+import { Request, Response, NextFunction } from 'express';
+import { b as RoutesConfig, M as MinimalPaywallOptions } from './types-BmK0G74m.cjs';
+
+/**
+ * Express middleware function type for Mantle paywall.
+ */
+type MantleMiddleware = (req: Request, res: Response, next: NextFunction) => Promise<void>;
+/** Config for createPaymentMiddleware. */
+interface PaymentMiddlewareConfig {
+    /** Base URL of facilitator, e.g. https://facilitator.nosubs.ai */
+    facilitatorUrl: string;
+    /** Recipient address (developer). Validated at runtime. */
+    receiverAddress: string;
+    /** Map of protected routes and their pricing. */
+    routes: RoutesConfig;
+    /** Optional API key for hosted facilitator billing. */
+    apiKey?: string;
+    /**
+     * Optional hook called whenever a payment is successfully settled.
+     */
+    onPaymentSettled?: MinimalPaywallOptions["onPaymentSettled"];
+    /** Optional: Send usage telemetry for billing/analytics. */
+    telemetry?: MinimalPaywallOptions["telemetry"];
+}
+/**
+ * Create Express middleware for x402 payment verification on multiple routes.
+ *
+ * @example
+ * ```typescript
+ * const middleware = createPaymentMiddleware({
+ *   facilitatorUrl: 'https://facilitator.nosubs.ai',
+ *   receiverAddress: '0x...',
+ *   routes: {
+ *     'POST /api/generate': { priceUsdCents: 1, network: 'mantle-mainnet' },
+ *     'GET /api/data': { priceUsdCents: 5, network: 'mantle-mainnet' },
+ *   }
+ * });
+ *
+ * app.use(middleware);
+ * ```
+ */
+declare function createPaymentMiddleware(config: PaymentMiddlewareConfig): MantleMiddleware;
+/**
+ * Simplified wrapper for protecting a single route with x402 payments.
+ * Uses Mantle mainnet defaults (USDC, exact scheme, etc.).
+ *
+ * @example
+ * ```typescript
+ * const pay = mantlePaywall({ priceUsd: 0.01, payTo: "0x..." });
+ * app.post('/api/generate', pay, async (req, res) => {
+ *   // Your handler code here
+ * });
+ * ```
+ *
+ * @param opts - Minimal configuration (price, payTo, optional facilitator/telemetry).
+ * @returns Express middleware function for single-route protection.
+ */
+declare function mantlePaywall(opts: MinimalPaywallOptions): MantleMiddleware;
+
+type express_MantleMiddleware = MantleMiddleware;
+type express_PaymentMiddlewareConfig = PaymentMiddlewareConfig;
+declare const express_createPaymentMiddleware: typeof createPaymentMiddleware;
+declare const express_mantlePaywall: typeof mantlePaywall;
+declare namespace express {
+  export { type express_MantleMiddleware as MantleMiddleware, type express_PaymentMiddlewareConfig as PaymentMiddlewareConfig, express_createPaymentMiddleware as createPaymentMiddleware, express_mantlePaywall as mantlePaywall };
+}
+
+export { type MantleMiddleware as M, type PaymentMiddlewareConfig as P, createPaymentMiddleware as c, express as e, mantlePaywall as m };

package/dist/index.cjs

@@ -131,7 +131,7 @@ function buildRouteKey(method, path) {
 }
 
 // src/server/constants.ts
-var DEFAULT_TELEMETRY_ENDPOINT = void 0;
+var DEFAULT_TELEMETRY_ENDPOINT = "https://x402mantlesdk.xyz/api/telemetry/settled";
 
 // src/server/telemetry.ts
 function createTelemetryEvent(entry, config) {
@@ -189,6 +189,7 @@ async function checkPayment(input) {
     paymentHeader,
     paymentRequirements,
     facilitatorUrl,
+    apiKey,
     routeKey,
     network,
     asset,
@@ -212,7 +213,8 @@ async function checkPayment(input) {
     const verifyRes = await fetch(verifyUrl, {
       method: "POST",
       headers: {
-        "Content-Type": "application/json"
+        "Content-Type": "application/json",
+        ...apiKey && { "Authorization": `Bearer ${apiKey}` }
       },
       body: JSON.stringify({
         x402Version: 1,
@@ -308,7 +310,7 @@ async function checkPayment(input) {
 
 // src/server/adapters/express.ts
 function createPaymentMiddleware(config) {
-  const { facilitatorUrl, receiverAddress, routes, onPaymentSettled, telemetry } = config;
+  const { facilitatorUrl, receiverAddress, routes, apiKey, onPaymentSettled, telemetry } = config;
   if (!facilitatorUrl) {
     throw new Error("facilitatorUrl is required");
   }
@@ -346,6 +348,7 @@ function createPaymentMiddleware(config) {
       paymentHeader,
       paymentRequirements,
       facilitatorUrl,
+      apiKey,
       routeKey,
       network,
       asset: assetConfig.address,
@@ -360,7 +363,7 @@ function createPaymentMiddleware(config) {
   };
 }
 function mantlePaywall(opts) {
-  const { priceUsd, payTo, facilitatorUrl, telemetry, onPaymentSettled } = opts;
+  const { priceUsd, payTo, facilitatorUrl, apiKey, telemetry, onPaymentSettled } = opts;
   validateAddress(payTo, "payTo");
   const priceUsdCents = Math.round(priceUsd * 100);
   return async (req, res, next) => {
@@ -376,6 +379,7 @@ function mantlePaywall(opts) {
           network: MANTLE_DEFAULTS.NETWORK
         }
       },
+      apiKey,
       telemetry,
       onPaymentSettled
     });
@@ -533,11 +537,26 @@ function createPaymentClient(config) {
         validBefore,
         nonce
       };
-      const { signature, from } = await signAuthorizationWithProvider(
-        provider,
-        authorization,
-        paymentRequirements
-      );
+      let signature;
+      let from;
+      try {
+        const signed = await signAuthorizationWithProvider(
+          provider,
+          authorization,
+          paymentRequirements
+        );
+        signature = signed.signature;
+        from = signed.from;
+      } catch (err) {
+        const code = err?.code;
+        if (code === 4001 || code === "ACTION_REJECTED") {
+          const userErr = new Error("User rejected payment signature");
+          userErr.code = "USER_REJECTED_SIGNATURE";
+          userErr.userRejected = true;
+          throw userErr;
+        }
+        throw err;
+      }
       authorization = {
         ...authorization,
         from

package/dist/index.d.cts

@@ -1,10 +1,10 @@
 export { A as AssetConfig, a as Authorization, E as EIP1193Provider, N as NetworkId, d as PaymentHeaderBase64, c as PaymentHeaderObject, b as PaymentHeaderPayload, P as PaymentRequirements } from './types-BFUqKBBO.cjs';
 export { M as MANTLE_DEFAULTS } from './constants-CsIL25uQ.cjs';
-export { M as MantleMiddleware, e as MinimalPaywallOptions, P as PaymentLogEntry, d as PaymentMiddlewareConfig, R as RouteKey, a as RoutePricingConfig, b as RoutesConfig, T as TelemetryConfig, c as TelemetryEvent } from './types-CoOdbZSp.cjs';
-export { c as createPaymentMiddleware, m as mantlePaywall } from './express-eQOPxfnI.cjs';
+export { M as MantleMiddleware, e as MinimalPaywallOptions, P as PaymentLogEntry, d as PaymentMiddlewareConfig, R as RouteKey, a as RoutePricingConfig, b as RoutesConfig, T as TelemetryConfig, c as TelemetryEvent } from './types-BWfKovFm.cjs';
+export { c as createPaymentMiddleware, m as mantlePaywall } from './express-Pukmnwuu.cjs';
 export { C as CallWithPaymentResult, M as MantleClient, a as MantleClientConfig, b as PaymentClient, P as PaymentClientConfig, c as createMantleClient } from './createMantleClient-CO0uWPb-.cjs';
 export { createPaymentClient } from './client.cjs';
 export { UseEthersWalletOptions, UseEthersWalletReturn, UseMantleX402Options, useEthersWallet, useMantleX402 } from './react.cjs';
 import 'express';
-import './types-CrOsOHcX.cjs';
+import './types-BmK0G74m.cjs';
 import 'ethers';

package/dist/index.d.ts

@@ -1,10 +1,10 @@
 export { A as AssetConfig, a as Authorization, E as EIP1193Provider, N as NetworkId, d as PaymentHeaderBase64, c as PaymentHeaderObject, b as PaymentHeaderPayload, P as PaymentRequirements } from './types-BFUqKBBO.js';
 export { M as MANTLE_DEFAULTS } from './constants-0ncqvV_O.js';
-export { M as MantleMiddleware, e as MinimalPaywallOptions, P as PaymentLogEntry, d as PaymentMiddlewareConfig, R as RouteKey, a as RoutePricingConfig, b as RoutesConfig, T as TelemetryConfig, c as TelemetryEvent } from './types-DTzov_EE.js';
-export { c as createPaymentMiddleware, m as mantlePaywall } from './express-D8EwEcOL.js';
+export { M as MantleMiddleware, e as MinimalPaywallOptions, P as PaymentLogEntry, d as PaymentMiddlewareConfig, R as RouteKey, a as RoutePricingConfig, b as RoutesConfig, T as TelemetryConfig, c as TelemetryEvent } from './types-DgfVPQFb.js';
+export { c as createPaymentMiddleware, m as mantlePaywall } from './express-D8L5Dg1D.js';
 export { C as CallWithPaymentResult, M as MantleClient, a as MantleClientConfig, b as PaymentClient, P as PaymentClientConfig, c as createMantleClient } from './createMantleClient-CuiPsTa6.js';
 export { createPaymentClient } from './client.js';
 export { UseEthersWalletOptions, UseEthersWalletReturn, UseMantleX402Options, useEthersWallet, useMantleX402 } from './react.js';
 import 'express';
-import './types-CqQ6OgRi.js';
+import './types-CXdNC0Ra.js';
 import 'ethers';

package/dist/index.js

@@ -1,17 +1,17 @@
 import {
   useEthersWallet,
   useMantleX402
-} from "./chunk-APBCF3SX.js";
+} from "./chunk-26OQ36EN.js";
 import {
   createMantleClient,
   createPaymentClient
-} from "./chunk-VNO4LJWC.js";
+} from "./chunk-7SOCLVGM.js";
 import "./chunk-WO2MYZXT.js";
 import {
   createPaymentMiddleware,
   mantlePaywall
-} from "./chunk-QWQUSRLY.js";
-import "./chunk-ZLCKBFVJ.js";
+} from "./chunk-B4GST723.js";
+import "./chunk-OW2BDRGZ.js";
 import {
   MANTLE_DEFAULTS
 } from "./chunk-HEZZ74SI.js";