@qhristen/paygrid 0.1.0

package/README.md

@@ -0,0 +1,126 @@
+# PayGrid
+
+**PayGrid** is a self-hosted, embeddable Web3 payments infrastructure for Solana. It allows you to accept SOL and SPL token payments directly within your Next.js application without relying on third-party payment processors.
+
+---
+
+## 🚀 Features
+
+- **Self-Hosted:** Full control over your data and treasury keys.
+- **Dual Payment Flows:** 
+  - **Wallet-Signing:** Direct transaction signing with Solana wallets (Phantom, Solflare, etc.).
+  - **Manual Transfer:** Unique temporary wallet generation for manual transfers.
+- **Embedded Dashboard:** Built-in React components for managing payments and API keys.
+- **SQLite Powered:** No heavy database setup required; data is stored locally in an embedded SQLite file.
+- **Status Monitoring:** Background watcher automatically settles payments by monitoring the blockchain.
+
+---
+
+## 🛠 Installation
+
+```bash
+npm install @paygrid/core
+```
+
+---
+
+## 🏗 Setup
+
+### 1. Environment Variables
+
+Create a `.env` file in your Next.js project:
+
+```bash
+SOLANA_RPC_URL=https://api.mainnet-beta.solana.com
+TREASURY_PRIVATE_KEY=YourBase58PrivateKey...
+NEXT_PUBLIC_PAYGRID_API_SECRET=at_least_32_character_random_string_for_paygrid_test
+=at_least_32_character_random_string
+DB_PATH=./paygrid.db # Default
+NETWORK=mainnet-beta # Or devnet
+```
+
+### 2. Initialize PayGrid (API Route)
+
+Create a file at `app/api/paygrid/[...path]/route.ts`:
+
+```typescript
+import { initPayGrid } from '@paygrid/core';
+import { createApiHandler } from '@paygrid/core/api';
+
+// Initialize core
+const paygrid = await initPayGrid();
+
+// Create handler
+const handler = createApiHandler(paygrid);
+
+export { handler as GET, handler as POST };
+```
+
+### 3. Embed the Dashboard
+
+Create a dashboard page at `app/dashboard/payments/page.tsx`:
+
+```tsx
+'use client';
+
+import { PayGridDashboard } from '@paygrid/core';
+import '@paygrid/core/dist/index.css'; // Import the isolated styles
+
+export default function DashboardPage() {
+  return (
+    <div className="pg-dashboard-wrapper">
+      <PayGridDashboard apiUrl="/api/paygrid" />
+    </div>
+  );
+}
+```
+
+---
+
+## 💳 Usage
+
+### Create a Payment Intent
+
+```typescript
+const response = await fetch('/api/paygrid/payment-intents', {
+  method: 'POST',
+  headers: {
+    'x-api-key': 'your_api_key',
+    'Content-Type': 'application/json'
+  },
+  body: JSON.stringify({
+    amount: 1.5,
+    tokenMint: 'SOL',
+    method: 'wallet-signing', // or 'manual-transfer'
+    metadata: { orderId: '12345' }
+  })
+});
+
+const intent = await response.json();
+console.log('Payment Intent Created:', intent.id);
+```
+
+---
+
+## 🔐 Security
+
+- **Treasury Keys:** Your treasury private key is only used to sign transactions for settlements (if applicable) and is never exposed via the API.
+- **API Keys:** Keys are hashed using `bcrypt` before being stored in the database.
+- **Validation:** Every transaction is validated against the blockchain state before being marked as `settled`.
+
+---
+
+## 🧱 Architecture
+
+- `core/`: Payment lifecycle and state machine logic.
+- `blockchain/`: Solana Web3.js integration and watchers.
+- `db/`: Embedded SQLite storage.
+- `api/`: Next.js request handlers.
+- `dashboard/`: React UI components.
+- `auth/`: API key generation and validation.
+
+---
+
+## ⚖️ License
+
+MIT

package/dist/api/index.d.ts

@@ -0,0 +1,10 @@
+import { NextRequest, NextResponse } from "next/server";
+import { PayGrid } from "../core/paygrid";
+export declare function createApiHandler(paygrid: PayGrid): (req: NextRequest) => Promise<NextResponse<import("../types").PaymentIntent> | NextResponse<import("../types").PaymentIntent[]> | NextResponse<import("../types").AnalyticsData> | NextResponse<{
+    key: string;
+    apiKey: import("../types").ApiKey;
+}> | NextResponse<import("../types").ApiKey[]> | NextResponse<{
+    success: boolean;
+}> | NextResponse<import("@radr/shadowwire").WithdrawResponse | undefined> | NextResponse<void> | NextResponse<{
+    error: any;
+}>>;

package/dist/api/index.js

@@ -0,0 +1,98 @@
+import { NextResponse } from "next/server";
+export function createApiHandler(paygrid) {
+    return async function handler(req) {
+        const { pathname } = new URL(req.url);
+        const pathParts = pathname.split("/").filter(Boolean);
+        const resource = pathParts[2]; // /api/paygrid/[resource]
+        const id = pathParts[3];
+        // Auth check
+        const apiKey = req.headers.get("x-api-key");
+        const isValid = apiKey ? await paygrid.validateApiKey(apiKey) : false;
+        if (!isValid) {
+            return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+        }
+        try {
+            if (resource === "payment-intents") {
+                if (req.method === "POST") {
+                    const body = await req.json();
+                    const intent = await paygrid.createPaymentIntent(body);
+                    return NextResponse.json(intent);
+                }
+                if (req.method === "GET" && id) {
+                    const intent = await paygrid.getPayment(id);
+                    if (!intent)
+                        return NextResponse.json({ error: "Not Found" }, { status: 404 });
+                    return NextResponse.json(intent);
+                }
+            }
+            if (resource === "payments") {
+                if (req.method === "GET") {
+                    const payments = await paygrid.getPayments();
+                    return NextResponse.json(payments);
+                }
+            }
+            if (resource === "analytics") {
+                if (req.method === "GET") {
+                    const { searchParams } = new URL(req.url);
+                    const days = parseInt(searchParams.get("days") || "30", 10);
+                    const stats = await paygrid.getAnalytics(days);
+                    return NextResponse.json(stats);
+                }
+            }
+            if (resource === "api-keys") {
+                if (req.method === "POST") {
+                    const { name } = await req.json();
+                    const result = await paygrid.createApiKey(name);
+                    return NextResponse.json(result);
+                }
+                if (req.method === "GET") {
+                    const keys = await paygrid.listApiKeys();
+                    return NextResponse.json(keys);
+                }
+                if (req.method === "DELETE" && id) {
+                    await paygrid.deleteApiKey(id);
+                    return NextResponse.json({ success: true });
+                }
+            }
+            if (resource === "privacy-withdraw") {
+                if (req.method === "POST") {
+                    const body = await req.json();
+                    const { tokenSymbol, recipient } = body;
+                    if (!tokenSymbol || !recipient) {
+                        return NextResponse.json({ error: "Missing parameters" }, { status: 400 });
+                    }
+                    const result = await paygrid.withdrawFromPrivacy({
+                        tokenSymbol: tokenSymbol,
+                        recipient,
+                    });
+                    return NextResponse.json(result);
+                }
+            }
+            if (resource === "privacy-transfer") {
+                if (req.method === "POST") {
+                    const body = await req.json();
+                    const { tokenSymbol, amount, sender } = body;
+                    if (!tokenSymbol) {
+                        return NextResponse.json({ error: "Missing parameters" }, { status: 400 });
+                    }
+                    const result = await paygrid.transferFromPrivacy({
+                        tokenSymbol: tokenSymbol,
+                        amount,
+                        sender,
+                    });
+                    return NextResponse.json(result);
+                }
+            }
+            return NextResponse.json({ error: "Method Not Allowed" }, { status: 405 });
+        }
+        catch (error) {
+            console.error("API Error Details:", {
+                message: error.message,
+                stack: error.stack,
+                resource,
+                method: req.method,
+            });
+            return NextResponse.json({ error: error.message || "Internal Server Error" }, { status: 500 });
+        }
+    };
+}

package/dist/auth/actions.d.ts

@@ -0,0 +1,4 @@
+export declare function login(prevState: any, formData: FormData): Promise<{
+    error: string;
+}>;
+export declare function logout(): Promise<void>;

package/dist/auth/actions.js

@@ -0,0 +1,37 @@
+'use server';
+import { cookies } from 'next/headers';
+import { redirect } from 'next/navigation';
+export async function login(prevState, formData) {
+    const email = formData.get('email');
+    const password = formData.get('password');
+    const adminEmail = process.env.NEXT_PUBLIC_ADMIN_EMAIL;
+    const adminPassword = process.env.NEXT_PUBLIC_ADMIN_PASSWORD;
+    if (!adminEmail || !adminPassword) {
+        return { error: 'Server configuration error: Admin credentials not set in environment.' };
+    }
+    if (email === adminEmail && password === adminPassword) {
+        const cookieStore = await cookies();
+        cookieStore.set('paygrid_admin_session', 'true', {
+            httpOnly: false,
+            secure: process.env.NODE_ENV === 'production',
+            path: '/',
+            maxAge: 60 * 60 * 24 // 1 day
+        });
+        redirect('/dashboard');
+    }
+    else {
+        return { error: 'Invalid email or password' };
+    }
+}
+export async function logout() {
+    const cookieStore = await cookies();
+    // Delete the admin session cookie with same path and immediate expiration
+    cookieStore.set('paygrid_admin_session', '', {
+        httpOnly: false,
+        secure: process.env.NODE_ENV === 'production',
+        path: '/',
+        maxAge: 0,
+    });
+    cookieStore.delete("paygrid_admin_session");
+    redirect('/');
+}

package/dist/auth/index.d.ts

@@ -0,0 +1,12 @@
+import { ApiKey } from '../types';
+export declare class AuthService {
+    private apiSecret;
+    constructor(apiSecret: string);
+    generateApiKey(name: string): {
+        key: string;
+        apiKey: ApiKey;
+    };
+    verifyApiKey(rawKey: string, hashedKey: string): boolean;
+}
+export * from './login-screen';
+export * from './actions';

package/dist/auth/index.js

@@ -0,0 +1,28 @@
+import bcrypt from 'bcryptjs';
+import crypto from 'crypto';
+export class AuthService {
+    constructor(apiSecret) {
+        this.apiSecret = apiSecret;
+    }
+    generateApiKey(name) {
+        const rawKey = `pg_${crypto.randomBytes(32).toString('hex')}`;
+        const id = crypto.randomUUID();
+        const keyHint = rawKey.substring(0, 7); // pg_ + 4 chars
+        const hashedKey = bcrypt.hashSync(rawKey, 10);
+        return {
+            key: rawKey,
+            apiKey: {
+                id,
+                keyHint,
+                hashedKey,
+                name,
+                createdAt: Date.now(),
+            }
+        };
+    }
+    verifyApiKey(rawKey, hashedKey) {
+        return bcrypt.compareSync(rawKey, hashedKey);
+    }
+}
+export * from './login-screen';
+export * from './actions';

package/dist/auth/login-screen.d.ts

@@ -0,0 +1,2 @@
+import React from 'react';
+export declare function LoginScreen(): React.JSX.Element;

package/dist/auth/login-screen.jsx

@@ -0,0 +1,49 @@
+'use client';
+import React, { useActionState } from 'react';
+import { login } from './actions';
+import { Loader2 } from 'lucide-react';
+export function LoginScreen() {
+    const [state, formAction, isPending] = useActionState(login, null);
+    return (<div className="min-h-screen flex items-center justify-center bg-[#050505] text-white overflow-hidden relative">
+            <div className="absolute inset-0 bg-[radial-gradient(ellipse_at_center,_var(--tw-gradient-stops))] from-indigo-900/20 via-[#050505] to-[#050505] z-0 pointer-events-none"/>
+
+            <div className="w-full max-w-md p-8 rounded-2xl border border-white/10 bg-[#111]/80 backdrop-blur-xl shadow-2xl z-10">
+                <div className="mb-8 text-center">
+                    <div className="mx-auto w-12 h-12 bg-indigo-500 rounded-xl flex items-center justify-center mb-4 shadow-lg shadow-indigo-500/20">
+                        <span className="text-xl font-bold text-white">P</span>
+                    </div>
+                    <h1 className="text-2xl font-bold bg-clip-text text-transparent bg-gradient-to-r from-white to-gray-400">Welcome Back</h1>
+                    <p className="text-gray-500 text-sm mt-2">Sign in to your PayGrid dashboard</p>
+                </div>
+
+                <form action={formAction} className="space-y-4">
+                    <div className="space-y-2">
+                        <label htmlFor="email" className="text-sm font-medium text-gray-300">Email</label>
+                        <input id="email" name="email" type="email" required placeholder="admin@paygrid.com" className="w-full bg-black/50 border border-white/10 rounded-lg px-4 py-3 text-sm focus:outline-none focus:ring-2 focus:ring-indigo-500/50 transition-all placeholder:text-gray-600 hover:border-white/20"/>
+                    </div>
+
+                    <div className="space-y-2">
+                        <label htmlFor="password" className="text-sm font-medium text-gray-300">Password</label>
+                        <input id="password" name="password" type="password" required placeholder="••••••••" className="w-full bg-black/50 border border-white/10 rounded-lg px-4 py-3 text-sm focus:outline-none focus:ring-2 focus:ring-indigo-500/50 transition-all placeholder:text-gray-600 hover:border-white/20"/>
+                    </div>
+
+                    {state?.error && (<div className="p-3 rounded-lg bg-red-500/10 border border-red-500/20 text-red-400 text-sm text-center">
+                            {state.error}
+                        </div>)}
+
+                    <button type="submit" disabled={isPending} className="w-full bg-indigo-600 hover:bg-indigo-500 text-white font-medium py-3 rounded-lg transition-all shadow-lg shadow-indigo-600/20 flex items-center justify-center gap-2 mt-6 disabled:opacity-50 disabled:cursor-not-allowed">
+                        {isPending ? (<>
+                                <Loader2 className="w-4 h-4 animate-spin"/>
+                                Signing in...
+                            </>) : ("Sign In")}
+                    </button>
+
+                    <div className="mt-6 text-center">
+                        <p className="text-xs text-gray-600">
+                            Secure admin access only
+                        </p>
+                    </div>
+                </form>
+            </div>
+        </div>);
+}

package/dist/blockchain/index.d.ts

@@ -0,0 +1,11 @@
+export declare class SolanaService {
+    private connection;
+    constructor(rpcUrl: string);
+    generateTemporaryWallet(): Promise<{
+        publicKey: string;
+        privateKey: string;
+    }>;
+    checkBalance(publicKey: string): Promise<number>;
+    confirmTransaction(signature: string): Promise<boolean>;
+    findTransferTo(targetWallet: string, amount: number): Promise<string | null>;
+}

package/dist/blockchain/index.js

@@ -0,0 +1,59 @@
+import { Connection, Keypair, LAMPORTS_PER_SOL, PublicKey } from "@solana/web3.js";
+import bs58 from "bs58";
+export class SolanaService {
+    constructor(rpcUrl) {
+        this.connection = new Connection(rpcUrl, "confirmed");
+    }
+    async generateTemporaryWallet() {
+        const keypair = Keypair.generate();
+        return {
+            publicKey: keypair.publicKey.toBase58(),
+            privateKey: bs58.encode(keypair.secretKey),
+        };
+    }
+    async checkBalance(publicKey) {
+        const balance = await this.connection.getBalance(new PublicKey(publicKey));
+        return balance / LAMPORTS_PER_SOL;
+    }
+    async confirmTransaction(signature) {
+        try {
+            const result = await this.connection.confirmTransaction(signature, "confirmed");
+            return !result.value.err;
+        }
+        catch (error) {
+            console.error("Error confirming transaction:", error);
+            return false;
+        }
+    }
+    async findTransferTo(targetWallet, amount) {
+        const pubkey = new PublicKey(targetWallet);
+        const signatures = await this.connection.getSignaturesForAddress(pubkey, {
+            limit: 10,
+        });
+        for (const sigInfo of signatures) {
+            const tx = await this.connection.getTransaction(sigInfo.signature, {
+                commitment: "confirmed",
+                maxSupportedTransactionVersion: 0, // 👈 REQUIRED now
+            });
+            if (!tx)
+                continue;
+            // Basic SOL transfer check - this is simplified for now
+            // A more robust check would involve parsing instructions
+            const meta = tx.meta;
+            if (!meta)
+                continue;
+            const preBalances = meta.preBalances;
+            const postBalances = meta.postBalances;
+            const accountKeys = tx.transaction.message.staticAccountKeys;
+            const targetIndex = accountKeys.findIndex((key) => key.equals(pubkey));
+            if (targetIndex === -1)
+                continue;
+            const receivedAmount = (postBalances[targetIndex] - preBalances[targetIndex]) /
+                LAMPORTS_PER_SOL;
+            if (receivedAmount >= amount) {
+                return sigInfo.signature;
+            }
+        }
+        return null;
+    }
+}

package/dist/checkout/index.d.ts

@@ -0,0 +1,10 @@
+import { PayGridResponseType } from "../types";
+export interface CheckoutModalProps {
+    amount: number;
+    method: "wallet-signing" | "manual-transfer";
+    tokenSymbol: string;
+    sender: string;
+    onPaymentResponse?: (response: PayGridResponseType) => void;
+}
+export declare function CheckoutModal({ amount: propsAmount, method: propsMethod, tokenSymbol: propsTokenSymbol, sender: propsSender, onPaymentResponse, }: CheckoutModalProps): import("react").JSX.Element;
+export default CheckoutModal;