@receiz/sdk 93.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md ADDED
@@ -0,0 +1,115 @@
1
+ # Receiz SDK
2
+
3
+ Install:
4
+
5
+ ```bash
6
+ npm install @receiz/sdk
7
+ ```
8
+
9
+ Use one typed client for Receiz proof objects, public proof rendering, Sports Arena card/event proof integration, wallet ledger reads, Connect transfers, and webhook delivery verification.
10
+
11
+ ```ts
12
+ import { createReceizClient } from "@receiz/sdk";
13
+
14
+ const receiz = createReceizClient({
15
+ baseUrl: "https://receiz.com",
16
+ accessToken: process.env.RECEIZ_ACCESS_TOKEN,
17
+ });
18
+ ```
19
+
20
+ ## Primitive Boundary
21
+
22
+ The SDK is convenience, not authority. It reads public API projections, sends delegated actions, validates developer manifests, and verifies webhook delivery signatures. Sealed artifacts, proof bundles, verified appends, ownership appends, and settlement ledger records remain the stronger source of truth.
23
+
24
+ Default integration order:
25
+
26
+ 1. Verify first, then project.
27
+ 2. Render the proof object or manifest as the user-facing truth.
28
+ 3. Append public proof, wallet, sports, or Connect additions after the known truth.
29
+ 4. Never treat an SDK response as stronger than the sealed artifact, verified append, ownership append, or settlement primitive it projects.
30
+
31
+ ## Artifact Verification
32
+
33
+ ```ts
34
+ import { createReceizClient } from "@receiz/sdk";
35
+
36
+ const receiz = createReceizClient();
37
+ const file = new Blob([artifactBytes]);
38
+ const verified = await receiz.verification.verifyArtifact(file);
39
+
40
+ if (!verified.ok) throw new Error(verified.errors.join(", "));
41
+ ```
42
+
43
+ Full quickstart: `docs/artifact-verification.md`.
44
+
45
+ ## Public Proof Rendering
46
+
47
+ ```ts
48
+ import { createReceizClient } from "@receiz/sdk";
49
+
50
+ const receiz = createReceizClient();
51
+ const proof = await receiz.publicProof.byUrl("https://example.com/work");
52
+ ```
53
+
54
+ Full quickstart: `docs/public-proof-rendering.md`.
55
+
56
+ ## Sports Card And Event Proof Integration
57
+
58
+ ```ts
59
+ import { assertReceizSportsCardManifest, createReceizClient } from "@receiz/sdk";
60
+
61
+ const manifest = assertReceizSportsCardManifest(await response.json());
62
+ const eventProofUrl = createReceizClient().sports.eventProofUrl("event_proof_123");
63
+ ```
64
+
65
+ Full quickstart: `docs/sports-card-event-proofs.md`.
66
+
67
+ ## Wallet Ledger Reads
68
+
69
+ ```ts
70
+ import { createReceizClient } from "@receiz/sdk";
71
+
72
+ const receiz = createReceizClient();
73
+ const ledger = await receiz.wallet.publicLedger({ limit: 40 });
74
+ ```
75
+
76
+ Full quickstart: `docs/wallet-ledger-reads.md`.
77
+
78
+ ## Connect Transfers
79
+
80
+ ```ts
81
+ import { createReceizClient } from "@receiz/sdk";
82
+
83
+ const receiz = createReceizClient({ accessToken: process.env.RECEIZ_ACCESS_TOKEN });
84
+ await receiz.connect.transfer(
85
+ { recipientUserId: "user_123", unit: "phi", amountPhi: "10" },
86
+ { idempotencyKey: crypto.randomUUID() },
87
+ );
88
+ ```
89
+
90
+ Full quickstart: `docs/connect-transfers.md`.
91
+
92
+ ## Webhook Signatures
93
+
94
+ ```ts
95
+ import { assertReceizWebhookEvent, verifyReceizWebhookSignature } from "@receiz/sdk";
96
+
97
+ const ok = await verifyReceizWebhookSignature({
98
+ secret: process.env.RECEIZ_WEBHOOK_SECRET!,
99
+ timestamp: request.headers.get("x-receiz-timestamp")!,
100
+ signature: request.headers.get("x-receiz-signature")!,
101
+ body: rawBody,
102
+ toleranceSeconds: 300,
103
+ });
104
+
105
+ if (!ok) throw new Response("invalid signature", { status: 401 });
106
+ const event = assertReceizWebhookEvent(JSON.parse(rawBody));
107
+ ```
108
+
109
+ Full quickstart: `docs/webhook-signatures.md`.
110
+
111
+ ## App Registration And Token Lifecycle
112
+
113
+ Use Receiz Connect OIDC for self-serve developer onboarding: register an app, redirect through Authorization Code + PKCE, exchange tokens server-side, refresh on expiry, and call delegated clients with least-privilege scopes.
114
+
115
+ Full quickstart: `docs/app-registration-token-lifecycle.md`.
@@ -0,0 +1,366 @@
1
+ export declare const RECEIZ_SDK_VERSION = "93.0.0";
2
+ export declare const RECEIZ_DEFAULT_BASE_URL = "https://receiz.com";
3
+ export declare const RECEIZ_WEBHOOK_SIGNATURE_HEADER = "x-receiz-signature";
4
+ export declare const RECEIZ_WEBHOOK_TIMESTAMP_HEADER = "x-receiz-timestamp";
5
+ export type JsonObject = Record<string, unknown>;
6
+ export type ReceizClientOptions = {
7
+ baseUrl?: string;
8
+ accessToken?: string;
9
+ fetchImpl?: typeof fetch;
10
+ };
11
+ export type ReceizApiError = {
12
+ ok: false;
13
+ error: string;
14
+ detail?: string | null;
15
+ [key: string]: unknown;
16
+ };
17
+ export type ReceizProofBundle = {
18
+ kind: string;
19
+ payloadVersion?: number;
20
+ createdAtMs?: number;
21
+ ts?: string;
22
+ code?: string;
23
+ slug?: string;
24
+ verifyPath?: string;
25
+ verifyUrl?: string;
26
+ kaiPulseEternal?: number;
27
+ artifactSha256Basis?: string;
28
+ signatureV4?: unknown;
29
+ [key: string]: unknown;
30
+ };
31
+ export type DocumentVerifyResponse = {
32
+ ok: boolean;
33
+ kind: string;
34
+ errors: string[];
35
+ warnings: string[];
36
+ bundle?: JsonObject | null;
37
+ anchor?: JsonObject | null;
38
+ package?: JsonObject | null;
39
+ [key: string]: unknown;
40
+ };
41
+ export type DocumentSealResponseMetadata = {
42
+ ok?: boolean;
43
+ kind?: string;
44
+ filename?: string;
45
+ proofBundle?: ReceizProofBundle | null;
46
+ [key: string]: unknown;
47
+ };
48
+ export type PublicProofRecord = {
49
+ ok?: boolean;
50
+ id?: string;
51
+ sourceUrl?: string;
52
+ state?: string;
53
+ createdAt?: string;
54
+ record?: JsonObject | null;
55
+ proof?: JsonObject | null;
56
+ [key: string]: unknown;
57
+ };
58
+ export type PublicProofObserveRequest = {
59
+ url: string;
60
+ externalCreatorId?: string;
61
+ title?: string;
62
+ [key: string]: unknown;
63
+ };
64
+ export type PublicProofRegistryFeed = {
65
+ schema: string;
66
+ records: JsonObject[];
67
+ signature?: string;
68
+ [key: string]: unknown;
69
+ };
70
+ export type WalletLedgerEvent = {
71
+ id: string;
72
+ kind: "transfer" | "note_mint" | "note_claim" | string;
73
+ createdAt: string;
74
+ pulse?: number;
75
+ proofBundle?: JsonObject | null;
76
+ actor?: JsonObject | null;
77
+ fromActor?: JsonObject | null;
78
+ toActor?: JsonObject | null;
79
+ amountPhiMicro?: string;
80
+ amountUsdCents?: string;
81
+ receiz?: JsonObject | null;
82
+ [key: string]: unknown;
83
+ };
84
+ export type WalletLedgerFeed = {
85
+ ok: boolean;
86
+ cursor: string | null;
87
+ since: string | null;
88
+ nextCursor: string | null;
89
+ events: WalletLedgerEvent[];
90
+ rollup?: JsonObject;
91
+ };
92
+ export type ActionLedgerFeed = {
93
+ ok: boolean;
94
+ cursor?: string | null;
95
+ nextCursor?: string | null;
96
+ events: JsonObject[];
97
+ rollup?: JsonObject | null;
98
+ };
99
+ export type ReceizAssetManifest = {
100
+ schema: "receiz.asset_manifest.v1";
101
+ assetId: string;
102
+ assetType: "proof_object" | "sports_card" | "signal_card" | "wallet_note" | "market_certificate" | "profile_original" | "document";
103
+ proof: ReceizProofBundle;
104
+ owner?: JsonObject | null;
105
+ media?: JsonObject | null;
106
+ appends?: JsonObject[];
107
+ settlement?: JsonObject | null;
108
+ links: Record<string, string>;
109
+ };
110
+ export type ReceizSportsCardManifest = {
111
+ schema: "receiz.sports_arena.card_manifest.v1";
112
+ sport: "baseball" | "soccer" | "fight" | "sports" | string;
113
+ collectibleId: string;
114
+ claimHash: string;
115
+ card: JsonObject;
116
+ ownership: JsonObject;
117
+ valueBasis: JsonObject;
118
+ appendSummary?: JsonObject | null;
119
+ eventProofSummary?: JsonObject | null;
120
+ links: Record<string, string>;
121
+ };
122
+ export type ReceizWebhookEvent = {
123
+ schema: "receiz.webhook_event.v1";
124
+ id: string;
125
+ type: "asset.created" | "asset.transferred" | "proof.appended" | "sports_card.scored" | "event_proof.created" | "wallet.ledger_entry" | "note.claimed" | "market.trade" | "profile.asset.visible_changed";
126
+ createdAt: string;
127
+ data: JsonObject;
128
+ actor?: JsonObject | null;
129
+ signature?: JsonObject | null;
130
+ };
131
+ export type ConnectTransferRequest = {
132
+ conversationId?: string;
133
+ recipientUserId: string;
134
+ unit: "usd" | "phi";
135
+ amountUsd?: string;
136
+ amountPhi?: string;
137
+ note?: string;
138
+ clientNonce?: string;
139
+ };
140
+ export type ConnectTransferResponse = {
141
+ ok: boolean;
142
+ transferId?: string;
143
+ ledgerEventId?: string;
144
+ amountPhiMicro?: string;
145
+ amountUsdCents?: string;
146
+ proofBundle?: JsonObject | null;
147
+ [key: string]: unknown;
148
+ };
149
+ export type ConnectWalletResponse = {
150
+ ok: boolean;
151
+ userId?: string;
152
+ balancePhiMicro?: string;
153
+ balanceUsdCents?: string;
154
+ settlement?: JsonObject | null;
155
+ [key: string]: unknown;
156
+ };
157
+ export type CheckoutRequest = {
158
+ amountUsd: string;
159
+ currency?: "usd";
160
+ uiMode?: "hosted" | "embedded";
161
+ referenceId?: string;
162
+ description?: string;
163
+ customerEmail?: string;
164
+ successUrl?: string;
165
+ cancelUrl?: string;
166
+ [key: string]: unknown;
167
+ };
168
+ export type CheckoutSessionResponse = {
169
+ ok: boolean;
170
+ checkoutSessionId?: string;
171
+ checkoutUrl?: string;
172
+ clientSecret?: string;
173
+ status?: string;
174
+ receiptId?: string;
175
+ [key: string]: unknown;
176
+ };
177
+ export type OidcTokenRequest = {
178
+ grant_type: string;
179
+ code?: string;
180
+ redirect_uri?: string;
181
+ client_id?: string;
182
+ client_secret?: string;
183
+ code_verifier?: string;
184
+ refresh_token?: string;
185
+ };
186
+ export type OidcTokenResponse = {
187
+ access_token: string;
188
+ token_type: string;
189
+ expires_in: number;
190
+ id_token?: string;
191
+ refresh_token?: string;
192
+ scope?: string;
193
+ [key: string]: unknown;
194
+ };
195
+ export type ReceizAuthorizeUrlOptions = {
196
+ clientId: string;
197
+ redirectUri: string;
198
+ codeChallenge: string;
199
+ codeChallengeMethod?: "S256" | "plain";
200
+ state?: string;
201
+ scope?: string | string[];
202
+ responseType?: "code";
203
+ usernameHint?: string;
204
+ };
205
+ export type ReceizWebhookSignatureInput = {
206
+ secret: string;
207
+ timestamp: string;
208
+ body: string | ArrayBuffer | Uint8Array | JsonObject;
209
+ };
210
+ export type ReceizWebhookVerifyInput = ReceizWebhookSignatureInput & {
211
+ signature: string;
212
+ toleranceSeconds?: number;
213
+ nowMs?: number;
214
+ };
215
+ type RequestOptions = {
216
+ method?: string;
217
+ body?: BodyInit | JsonObject | URLSearchParams;
218
+ headers?: HeadersInit;
219
+ bearerToken?: string;
220
+ };
221
+ export declare class ReceizHttpError extends Error {
222
+ readonly status: number;
223
+ readonly payload: unknown;
224
+ constructor(status: number, payload: unknown);
225
+ }
226
+ export declare class ReceizValidationError extends Error {
227
+ readonly issues: string[];
228
+ constructor(label: string, issues: string[]);
229
+ }
230
+ export declare function appendQuery(path: string, query: Record<string, string | number | boolean | null | undefined>): string;
231
+ export declare class ReceizClient {
232
+ readonly baseUrl: string;
233
+ private readonly accessToken;
234
+ private readonly fetchImpl;
235
+ readonly verification: {
236
+ verifyArtifact: (file: Blob) => Promise<DocumentVerifyResponse>;
237
+ sealArtifact: (file: Blob, options?: {
238
+ visualStamp?: boolean;
239
+ }) => Promise<DocumentSealResponseMetadata>;
240
+ conformance: () => Promise<JsonObject>;
241
+ };
242
+ readonly publicProof: {
243
+ observe: (body: PublicProofObserveRequest) => Promise<PublicProofRecord>;
244
+ byUrl: (url: string) => Promise<PublicProofRecord>;
245
+ byId: (id: string) => Promise<PublicProofRecord>;
246
+ byCreator: (externalCreatorId: string) => Promise<{
247
+ ok: boolean;
248
+ records: PublicProofRecord[];
249
+ }>;
250
+ registryFeed: (feed: PublicProofRegistryFeed, options?: {
251
+ signature?: string;
252
+ }) => Promise<JsonObject>;
253
+ };
254
+ readonly sports: {
255
+ conformance: () => Promise<JsonObject>;
256
+ conformanceHistory: () => Promise<JsonObject>;
257
+ conformanceRollups: (query?: {
258
+ days?: number;
259
+ }) => Promise<JsonObject>;
260
+ badge: () => Promise<JsonObject>;
261
+ eventProofUrl: (eventProofId: string) => string;
262
+ assertCardManifest: typeof assertReceizSportsCardManifest;
263
+ };
264
+ readonly wallet: {
265
+ publicLedger: (query?: {
266
+ limit?: number;
267
+ cursor?: string;
268
+ since?: string;
269
+ }) => Promise<WalletLedgerFeed>;
270
+ actionLedger: (query?: {
271
+ limit?: number;
272
+ cursor?: string;
273
+ since?: string;
274
+ }) => Promise<ActionLedgerFeed>;
275
+ };
276
+ readonly connect: {
277
+ wallet: () => Promise<ConnectWalletResponse>;
278
+ record: (body: JsonObject) => Promise<JsonObject>;
279
+ verifyArtifact: (file: Blob) => Promise<DocumentVerifyResponse>;
280
+ sealArtifact: (file: Blob, options?: {
281
+ visualStamp?: boolean;
282
+ }) => Promise<DocumentSealResponseMetadata>;
283
+ transfer: (body: ConnectTransferRequest, options?: {
284
+ idempotencyKey?: string;
285
+ }) => Promise<ConnectTransferResponse>;
286
+ checkout: (body: CheckoutRequest) => Promise<CheckoutSessionResponse>;
287
+ checkoutSession: (query: {
288
+ checkoutSessionId?: string;
289
+ sessionId?: string;
290
+ }) => Promise<CheckoutSessionResponse>;
291
+ mintNote: (body: JsonObject) => Promise<JsonObject>;
292
+ claimNote: (body: JsonObject) => Promise<JsonObject>;
293
+ downloadNote: (noteId: string) => Promise<JsonObject>;
294
+ };
295
+ readonly identity: {
296
+ openIdConfiguration: () => Promise<JsonObject>;
297
+ oauthAuthorizationServerMetadata: () => Promise<JsonObject>;
298
+ jwks: () => Promise<JsonObject>;
299
+ userinfo: () => Promise<JsonObject>;
300
+ token: (body: OidcTokenRequest, options?: {
301
+ authorization?: string;
302
+ }) => Promise<OidcTokenResponse>;
303
+ introspect: (body: Record<string, string>, options?: {
304
+ authorization?: string;
305
+ }) => Promise<JsonObject>;
306
+ revoke: (body: Record<string, string>, options?: {
307
+ authorization?: string;
308
+ }) => Promise<JsonObject>;
309
+ bootstrap: (username: string) => Promise<JsonObject>;
310
+ authorizeUrl: (options: ReceizAuthorizeUrlOptions) => string;
311
+ };
312
+ readonly payments: {
313
+ embeddedCheckout: (body: CheckoutRequest) => Promise<CheckoutSessionResponse>;
314
+ embeddedNoteClaim: (body: JsonObject) => Promise<JsonObject>;
315
+ };
316
+ readonly webhooks: {
317
+ sign: typeof createReceizWebhookSignature;
318
+ verifySignature: typeof verifyReceizWebhookSignature;
319
+ signaturePayload: typeof buildReceizWebhookSignaturePayload;
320
+ assertEvent: typeof assertReceizWebhookEvent;
321
+ };
322
+ readonly manifests: {
323
+ assertAsset: typeof assertReceizAssetManifest;
324
+ assertSportsCard: typeof assertReceizSportsCardManifest;
325
+ assertWebhookEvent: typeof assertReceizWebhookEvent;
326
+ isAsset: typeof isReceizAssetManifest;
327
+ isSportsCard: typeof isReceizSportsCardManifest;
328
+ isWebhookEvent: typeof isReceizWebhookEvent;
329
+ };
330
+ constructor(options?: ReceizClientOptions);
331
+ request<T>(path: string, options?: RequestOptions): Promise<T>;
332
+ verifyArtifact(file: Blob): Promise<DocumentVerifyResponse>;
333
+ sealArtifact(file: Blob, options?: {
334
+ visualStamp?: boolean;
335
+ }): Promise<DocumentSealResponseMetadata>;
336
+ publicWalletLedger(query?: {
337
+ limit?: number;
338
+ cursor?: string;
339
+ since?: string;
340
+ }): Promise<WalletLedgerFeed>;
341
+ observePublicProof(body: PublicProofObserveRequest): Promise<PublicProofRecord>;
342
+ readPublicProofByUrl(url: string): Promise<PublicProofRecord>;
343
+ sportsConformance(): Promise<JsonObject>;
344
+ signalCircuitConformance(): Promise<JsonObject>;
345
+ delegated<T>(path: string, options?: Omit<RequestOptions, "bearerToken">): Promise<T>;
346
+ authorizeUrl(options: ReceizAuthorizeUrlOptions): string;
347
+ private delegatedVerifyArtifact;
348
+ private delegatedSealArtifact;
349
+ private connectTransfer;
350
+ }
351
+ export declare function createReceizClient(options?: ReceizClientOptions): ReceizClient;
352
+ export declare function loadReceizOpenApi(baseUrl?: string, fetchImpl?: typeof fetch): Promise<JsonObject>;
353
+ export declare function assertReceizAssetManifest(value: unknown): ReceizAssetManifest;
354
+ export declare function isReceizAssetManifest(value: unknown): value is ReceizAssetManifest;
355
+ export declare function assertReceizSportsCardManifest(value: unknown): ReceizSportsCardManifest;
356
+ export declare function isReceizSportsCardManifest(value: unknown): value is ReceizSportsCardManifest;
357
+ export declare function assertReceizWebhookEvent(value: unknown): ReceizWebhookEvent;
358
+ export declare function isReceizWebhookEvent(value: unknown): value is ReceizWebhookEvent;
359
+ export declare function buildReceizWebhookSignaturePayload(input: {
360
+ timestamp: string;
361
+ body: string | ArrayBuffer | Uint8Array | JsonObject;
362
+ }): string;
363
+ export declare function createReceizWebhookSignature(input: ReceizWebhookSignatureInput): Promise<string>;
364
+ export declare function verifyReceizWebhookSignature(input: ReceizWebhookVerifyInput): Promise<boolean>;
365
+ export {};
366
+ //# sourceMappingURL=index.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,kBAAkB,WAAW,CAAC;AAC3C,eAAO,MAAM,uBAAuB,uBAAuB,CAAC;AAC5D,eAAO,MAAM,+BAA+B,uBAAuB,CAAC;AACpE,eAAO,MAAM,+BAA+B,uBAAuB,CAAC;AAIpE,MAAM,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;AAEjD,MAAM,MAAM,mBAAmB,GAAG;IAChC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,SAAS,CAAC,EAAE,OAAO,KAAK,CAAC;CAC1B,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,EAAE,EAAE,KAAK,CAAC;IACV,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,sBAAsB,GAAG;IACnC,EAAE,EAAE,OAAO,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,MAAM,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC;IAC3B,MAAM,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC;IAC3B,OAAO,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC;IAC5B,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,4BAA4B,GAAG;IACzC,EAAE,CAAC,EAAE,OAAO,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,WAAW,CAAC,EAAE,iBAAiB,GAAG,IAAI,CAAC;IACvC,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,EAAE,CAAC,EAAE,OAAO,CAAC;IACb,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC;IAC3B,KAAK,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC;IAC1B,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,yBAAyB,GAAG;IACtC,GAAG,EAAE,MAAM,CAAC;IACZ,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,uBAAuB,GAAG;IACpC,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,UAAU,EAAE,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,UAAU,GAAG,WAAW,GAAG,YAAY,GAAG,MAAM,CAAC;IACvD,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC;IAChC,KAAK,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC;IAC1B,SAAS,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC;IAC9B,OAAO,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC;IAC5B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,MAAM,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC;IAC3B,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,EAAE,EAAE,OAAO,CAAC;IACZ,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,MAAM,EAAE,iBAAiB,EAAE,CAAC;IAC5B,MAAM,CAAC,EAAE,UAAU,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,EAAE,EAAE,OAAO,CAAC;IACZ,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,MAAM,EAAE,UAAU,EAAE,CAAC;IACrB,MAAM,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC;CAC5B,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,MAAM,EAAE,0BAA0B,CAAC;IACnC,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,cAAc,GAAG,aAAa,GAAG,aAAa,GAAG,aAAa,GAAG,oBAAoB,GAAG,kBAAkB,GAAG,UAAU,CAAC;IACnI,KAAK,EAAE,iBAAiB,CAAC;IACzB,KAAK,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC;IAC1B,KAAK,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC;IAC1B,OAAO,CAAC,EAAE,UAAU,EAAE,CAAC;IACvB,UAAU,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC;IAC/B,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC/B,CAAC;AAEF,MAAM,MAAM,wBAAwB,GAAG;IACrC,MAAM,EAAE,sCAAsC,CAAC;IAC/C,KAAK,EAAE,UAAU,GAAG,QAAQ,GAAG,OAAO,GAAG,QAAQ,GAAG,MAAM,CAAC;IAC3D,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,UAAU,CAAC;IACjB,SAAS,EAAE,UAAU,CAAC;IACtB,UAAU,EAAE,UAAU,CAAC;IACvB,aAAa,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC;IAClC,iBAAiB,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC;IACtC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC/B,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,MAAM,EAAE,yBAAyB,CAAC;IAClC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EACA,eAAe,GACf,mBAAmB,GACnB,gBAAgB,GAChB,oBAAoB,GACpB,qBAAqB,GACrB,qBAAqB,GACrB,cAAc,GACd,cAAc,GACd,+BAA+B,CAAC;IACpC,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,UAAU,CAAC;IACjB,KAAK,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC;IAC1B,SAAS,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC;CAC/B,CAAC;AAEF,MAAM,MAAM,sBAAsB,GAAG;IACnC,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,eAAe,EAAE,MAAM,CAAC;IACxB,IAAI,EAAE,KAAK,GAAG,KAAK,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,uBAAuB,GAAG;IACpC,EAAE,EAAE,OAAO,CAAC;IACZ,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,WAAW,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC;IAChC,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,EAAE,EAAE,OAAO,CAAC;IACZ,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,UAAU,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC;IAC/B,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,KAAK,CAAC;IACjB,MAAM,CAAC,EAAE,QAAQ,GAAG,UAAU,CAAC;IAC/B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,uBAAuB,GAAG;IACpC,EAAE,EAAE,OAAO,CAAC;IACZ,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,yBAAyB,GAAG;IACtC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IACvC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC1B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF,MAAM,MAAM,2BAA2B,GAAG;IACxC,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,GAAG,WAAW,GAAG,UAAU,GAAG,UAAU,CAAC;CACtD,CAAC;AAEF,MAAM,MAAM,wBAAwB,GAAG,2BAA2B,GAAG;IACnE,SAAS,EAAE,MAAM,CAAC;IAClB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,KAAK,cAAc,GAAG;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,QAAQ,GAAG,UAAU,GAAG,eAAe,CAAC;IAC/C,OAAO,CAAC,EAAE,WAAW,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,qBAAa,eAAgB,SAAQ,KAAK;IACxC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;gBAEd,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO;CAM7C;AAED,qBAAa,qBAAsB,SAAQ,KAAK;IAC9C,QAAQ,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC;gBAEd,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE;CAK5C;AAgBD,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,IAAI,GAAG,SAAS,CAAC,GAAG,MAAM,CAQrH;AAyFD,qBAAa,YAAY;IACvB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAqB;IACjD,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAe;IAEzC,QAAQ,CAAC,YAAY;+BACI,IAAI;6BACN,IAAI,YAAY;YAAE,WAAW,CAAC,EAAE,OAAO,CAAA;SAAE;;MAE9D;IAEF,QAAQ,CAAC,WAAW;wBACF,yBAAyB;qBAC5B,MAAM;mBACR,MAAM;uCACc,MAAM;gBAChB,OAAO;qBAAW,iBAAiB,EAAE;;6BACrC,uBAAuB,YAAW;YAAE,SAAS,CAAC,EAAE,MAAM,CAAA;SAAE;MAK7E;IAEF,QAAQ,CAAC,MAAM;;;qCAGe;YAAE,IAAI,CAAC,EAAE,MAAM,CAAA;SAAE;;sCAGf,MAAM;;MAEpC;IAEF,QAAQ,CAAC,MAAM;+BACS;YAAE,KAAK,CAAC,EAAE,MAAM,CAAC;YAAC,MAAM,CAAC,EAAE,MAAM,CAAC;YAAC,KAAK,CAAC,EAAE,MAAM,CAAA;SAAE;+BACnD;YAAE,KAAK,CAAC,EAAE,MAAM,CAAC;YAAC,MAAM,CAAC,EAAE,MAAM,CAAC;YAAC,KAAK,CAAC,EAAE,MAAM,CAAA;SAAE;MAEzE;IAEF,QAAQ,CAAC,OAAO;;uBAEC,UAAU;+BACF,IAAI;6BACN,IAAI,YAAY;YAAE,WAAW,CAAC,EAAE,OAAO,CAAA;SAAE;yBAC7C,sBAAsB,YAAW;YAAE,cAAc,CAAC,EAAE,MAAM,CAAA;SAAE;yBAC5D,eAAe;iCACP;YAAE,iBAAiB,CAAC,EAAE,MAAM,CAAC;YAAC,SAAS,CAAC,EAAE,MAAM,CAAA;SAAE;yBAE1D,UAAU;0BACT,UAAU;+BACL,MAAM;MAC7B;IAEF,QAAQ,CAAC,QAAQ;;;;;sBAKD,gBAAgB,YAAW;YAAE,aAAa,CAAC,EAAE,MAAM,CAAA;SAAE;2BAShD,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,YAAW;YAAE,aAAa,CAAC,EAAE,MAAM,CAAA;SAAE;uBAS/D,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,YAAW;YAAE,aAAa,CAAC,EAAE,MAAM,CAAA;SAAE;8BASpD,MAAM;gCACJ,yBAAyB;MACjD;IAEF,QAAQ,CAAC,QAAQ;iCACU,eAAe;kCACd,UAAU;MACpC;IAEF,QAAQ,CAAC,QAAQ;;;;;MAKf;IAEF,QAAQ,CAAC,SAAS;;;;;;;MAOhB;gBAEU,OAAO,GAAE,mBAAwB;IAMvC,OAAO,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,GAAE,cAAmB,GAAG,OAAO,CAAC,CAAC,CAAC;IA0BlE,cAAc,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,sBAAsB,CAAC;IAM3D,YAAY,CAAC,IAAI,EAAE,IAAI,EAAE,OAAO,GAAE;QAAE,WAAW,CAAC,EAAE,OAAO,CAAA;KAAO,GAAG,OAAO,CAAC,4BAA4B,CAAC;IAOxG,kBAAkB,CAAC,KAAK,GAAE;QAAE,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAO,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAI9G,kBAAkB,CAAC,IAAI,EAAE,yBAAyB,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAI/E,oBAAoB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAI7D,iBAAiB,IAAI,OAAO,CAAC,UAAU,CAAC;IAIxC,wBAAwB,IAAI,OAAO,CAAC,UAAU,CAAC;IAI/C,SAAS,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,GAAE,IAAI,CAAC,cAAc,EAAE,aAAa,CAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAK/F,YAAY,CAAC,OAAO,EAAE,yBAAyB,GAAG,MAAM;YAc1C,uBAAuB;YAMvB,qBAAqB;YAOrB,eAAe;CAK9B;AAED,wBAAgB,kBAAkB,CAAC,OAAO,GAAE,mBAAwB,GAAG,YAAY,CAElF;AAED,wBAAsB,iBAAiB,CAAC,OAAO,SAA0B,EAAE,SAAS,GAAE,OAAO,KAAwB,GAAG,OAAO,CAAC,UAAU,CAAC,CAM1I;AAED,wBAAgB,yBAAyB,CAAC,KAAK,EAAE,OAAO,GAAG,mBAAmB,CAe7E;AAED,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,mBAAmB,CAOlF;AAED,wBAAgB,8BAA8B,CAAC,KAAK,EAAE,OAAO,GAAG,wBAAwB,CAevF;AAED,wBAAgB,0BAA0B,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,wBAAwB,CAO5F;AAED,wBAAgB,wBAAwB,CAAC,KAAK,EAAE,OAAO,GAAG,kBAAkB,CAa3E;AAED,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,kBAAkB,CAOhF;AASD,wBAAgB,kCAAkC,CAAC,KAAK,EAAE;IAAE,SAAS,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,GAAG,WAAW,GAAG,UAAU,GAAG,UAAU,CAAA;CAAE,GAAG,MAAM,CAE7I;AAuCD,wBAAsB,4BAA4B,CAAC,KAAK,EAAE,2BAA2B,GAAG,OAAO,CAAC,MAAM,CAAC,CAGtG;AAED,wBAAsB,4BAA4B,CAAC,KAAK,EAAE,wBAAwB,GAAG,OAAO,CAAC,OAAO,CAAC,CASpG"}
package/dist/index.js ADDED
@@ -0,0 +1,474 @@
1
+ export const RECEIZ_SDK_VERSION = "93.0.0";
2
+ export const RECEIZ_DEFAULT_BASE_URL = "https://receiz.com";
3
+ export const RECEIZ_WEBHOOK_SIGNATURE_HEADER = "x-receiz-signature";
4
+ export const RECEIZ_WEBHOOK_TIMESTAMP_HEADER = "x-receiz-timestamp";
5
+ export class ReceizHttpError extends Error {
6
+ status;
7
+ payload;
8
+ constructor(status, payload) {
9
+ super(errorMessageFromPayload(status, payload));
10
+ this.name = "ReceizHttpError";
11
+ this.status = status;
12
+ this.payload = payload;
13
+ }
14
+ }
15
+ export class ReceizValidationError extends Error {
16
+ issues;
17
+ constructor(label, issues) {
18
+ super(`${label}: ${issues.join("; ")}`);
19
+ this.name = "ReceizValidationError";
20
+ this.issues = issues;
21
+ }
22
+ }
23
+ function errorMessageFromPayload(status, payload) {
24
+ if (isRecord(payload) && typeof payload.error === "string" && payload.error.trim())
25
+ return payload.error;
26
+ if (typeof payload === "string" && payload.trim())
27
+ return payload;
28
+ return `receiz_http_${status}`;
29
+ }
30
+ function trimTrailingSlash(value) {
31
+ return value.replace(/\/+$/, "");
32
+ }
33
+ function requestPath(path) {
34
+ return path.startsWith("/") ? path : `/${path}`;
35
+ }
36
+ export function appendQuery(path, query) {
37
+ const params = new URLSearchParams();
38
+ for (const [key, value] of Object.entries(query)) {
39
+ if (value === null || value === undefined || value === "")
40
+ continue;
41
+ params.set(key, String(value));
42
+ }
43
+ const queryString = params.toString();
44
+ return queryString ? `${path}?${queryString}` : path;
45
+ }
46
+ function isRecord(value) {
47
+ return Boolean(value) && typeof value === "object" && !Array.isArray(value);
48
+ }
49
+ function isJsonRecordBody(value) {
50
+ if (!isRecord(value))
51
+ return false;
52
+ if (typeof FormData !== "undefined" && value instanceof FormData)
53
+ return false;
54
+ if (typeof Blob !== "undefined" && value instanceof Blob)
55
+ return false;
56
+ if (typeof URLSearchParams !== "undefined" && value instanceof URLSearchParams)
57
+ return false;
58
+ if (value instanceof ArrayBuffer)
59
+ return false;
60
+ if (ArrayBuffer.isView(value))
61
+ return false;
62
+ return true;
63
+ }
64
+ function normalizeFetch(fetchImpl) {
65
+ const candidate = fetchImpl ?? globalThis.fetch;
66
+ if (!candidate)
67
+ throw new Error("receiz_fetch_unavailable");
68
+ return candidate;
69
+ }
70
+ async function readPayload(response) {
71
+ if (response.status === 204)
72
+ return null;
73
+ const contentType = response.headers.get("content-type") ?? "";
74
+ if (contentType.includes("application/json"))
75
+ return response.json();
76
+ return response.text();
77
+ }
78
+ function formFromRecord(record) {
79
+ const form = new URLSearchParams();
80
+ for (const [key, value] of Object.entries(record)) {
81
+ if (value === undefined)
82
+ continue;
83
+ form.set(key, String(value));
84
+ }
85
+ return form;
86
+ }
87
+ function encodePathSegment(value) {
88
+ return encodeURIComponent(value);
89
+ }
90
+ function ensureRecord(value, label) {
91
+ if (!isRecord(value))
92
+ throw new ReceizValidationError(label, ["expected object"]);
93
+ return value;
94
+ }
95
+ function ensureString(record, key, issues) {
96
+ const value = record[key];
97
+ if (typeof value !== "string" || !value.trim()) {
98
+ issues.push(`${key} must be a non-empty string`);
99
+ return null;
100
+ }
101
+ return value;
102
+ }
103
+ function ensureOptionalRecord(record, key, issues) {
104
+ const value = record[key];
105
+ if (value === undefined || value === null)
106
+ return;
107
+ if (!isRecord(value))
108
+ issues.push(`${key} must be an object or null`);
109
+ }
110
+ function ensureLinks(record, issues) {
111
+ const value = record.links;
112
+ if (!isRecord(value)) {
113
+ issues.push("links must be an object");
114
+ return;
115
+ }
116
+ for (const [key, link] of Object.entries(value)) {
117
+ if (typeof link !== "string" || !link.trim())
118
+ issues.push(`links.${key} must be a non-empty string`);
119
+ }
120
+ }
121
+ function failIfIssues(label, issues) {
122
+ if (issues.length > 0)
123
+ throw new ReceizValidationError(label, issues);
124
+ }
125
+ const WEBHOOK_EVENT_TYPES = new Set([
126
+ "asset.created",
127
+ "asset.transferred",
128
+ "proof.appended",
129
+ "sports_card.scored",
130
+ "event_proof.created",
131
+ "wallet.ledger_entry",
132
+ "note.claimed",
133
+ "market.trade",
134
+ "profile.asset.visible_changed",
135
+ ]);
136
+ export class ReceizClient {
137
+ baseUrl;
138
+ accessToken;
139
+ fetchImpl;
140
+ verification = {
141
+ verifyArtifact: (file) => this.verifyArtifact(file),
142
+ sealArtifact: (file, options) => this.sealArtifact(file, options),
143
+ conformance: () => this.request("/api/verification/conformance"),
144
+ };
145
+ publicProof = {
146
+ observe: (body) => this.observePublicProof(body),
147
+ byUrl: (url) => this.readPublicProofByUrl(url),
148
+ byId: (id) => this.request(`/api/public-proof/${encodePathSegment(id)}`),
149
+ byCreator: (externalCreatorId) => this.request(`/api/public-proof/creator/${encodePathSegment(externalCreatorId)}`),
150
+ registryFeed: (feed, options = {}) => {
151
+ const requestOptions = { method: "POST", body: feed };
152
+ if (options.signature)
153
+ requestOptions.headers = { "x-public-proof-feed-signature": options.signature };
154
+ return this.request("/api/public-proof/registry/feed", requestOptions);
155
+ },
156
+ };
157
+ sports = {
158
+ conformance: () => this.sportsConformance(),
159
+ conformanceHistory: () => this.request("/api/game/sports/conformance/history"),
160
+ conformanceRollups: (query = {}) => this.request(appendQuery("/api/game/sports/conformance/history/rollups", query)),
161
+ badge: () => this.request("/api/game/sports/conformance/badge"),
162
+ eventProofUrl: (eventProofId) => `${this.baseUrl}/game/sports/event/${encodePathSegment(eventProofId)}`,
163
+ assertCardManifest: assertReceizSportsCardManifest,
164
+ };
165
+ wallet = {
166
+ publicLedger: (query = {}) => this.publicWalletLedger(query),
167
+ actionLedger: (query = {}) => this.request(appendQuery("/api/ledger/actions/public", query)),
168
+ };
169
+ connect = {
170
+ wallet: () => this.delegated("/api/connect/wallet/me"),
171
+ record: (body) => this.delegated("/api/connect/record", { method: "POST", body }),
172
+ verifyArtifact: (file) => this.delegatedVerifyArtifact(file),
173
+ sealArtifact: (file, options) => this.delegatedSealArtifact(file, options),
174
+ transfer: (body, options = {}) => this.connectTransfer(body, options),
175
+ checkout: (body) => this.delegated("/api/connect/payments/checkout", { method: "POST", body }),
176
+ checkoutSession: (query) => this.delegated(appendQuery("/api/connect/payments/session", query)),
177
+ mintNote: (body) => this.delegated("/api/connect/payments/notes/mint", { method: "POST", body }),
178
+ claimNote: (body) => this.delegated("/api/connect/payments/notes/claim", { method: "POST", body }),
179
+ downloadNote: (noteId) => this.delegated(`/api/connect/payments/notes/${encodePathSegment(noteId)}/download`),
180
+ };
181
+ identity = {
182
+ openIdConfiguration: () => this.request("/.well-known/openid-configuration"),
183
+ oauthAuthorizationServerMetadata: () => this.request("/.well-known/oauth-authorization-server"),
184
+ jwks: () => this.request("/api/oidc/jwks"),
185
+ userinfo: () => this.delegated("/api/oidc/userinfo"),
186
+ token: (body, options = {}) => this.request("/api/oidc/token", {
187
+ method: "POST",
188
+ body: formFromRecord(body),
189
+ headers: {
190
+ "content-type": "application/x-www-form-urlencoded",
191
+ ...(options.authorization ? { authorization: options.authorization } : {}),
192
+ },
193
+ }),
194
+ introspect: (body, options = {}) => this.request("/api/oidc/introspect", {
195
+ method: "POST",
196
+ body: formFromRecord(body),
197
+ headers: {
198
+ "content-type": "application/x-www-form-urlencoded",
199
+ ...(options.authorization ? { authorization: options.authorization } : {}),
200
+ },
201
+ }),
202
+ revoke: (body, options = {}) => this.request("/api/oidc/revoke", {
203
+ method: "POST",
204
+ body: formFromRecord(body),
205
+ headers: {
206
+ "content-type": "application/x-www-form-urlencoded",
207
+ ...(options.authorization ? { authorization: options.authorization } : {}),
208
+ },
209
+ }),
210
+ bootstrap: (username) => this.request(`/api/connect/login/bootstrap/${encodePathSegment(username)}`),
211
+ authorizeUrl: (options) => this.authorizeUrl(options),
212
+ };
213
+ payments = {
214
+ embeddedCheckout: (body) => this.request("/api/payments/embed/checkout", { method: "POST", body }),
215
+ embeddedNoteClaim: (body) => this.request("/api/payments/embed/note-claim", { method: "POST", body }),
216
+ };
217
+ webhooks = {
218
+ sign: createReceizWebhookSignature,
219
+ verifySignature: verifyReceizWebhookSignature,
220
+ signaturePayload: buildReceizWebhookSignaturePayload,
221
+ assertEvent: assertReceizWebhookEvent,
222
+ };
223
+ manifests = {
224
+ assertAsset: assertReceizAssetManifest,
225
+ assertSportsCard: assertReceizSportsCardManifest,
226
+ assertWebhookEvent: assertReceizWebhookEvent,
227
+ isAsset: isReceizAssetManifest,
228
+ isSportsCard: isReceizSportsCardManifest,
229
+ isWebhookEvent: isReceizWebhookEvent,
230
+ };
231
+ constructor(options = {}) {
232
+ this.baseUrl = trimTrailingSlash(options.baseUrl ?? RECEIZ_DEFAULT_BASE_URL);
233
+ this.accessToken = options.accessToken;
234
+ this.fetchImpl = normalizeFetch(options.fetchImpl);
235
+ }
236
+ async request(path, options = {}) {
237
+ const headers = new Headers(options.headers);
238
+ if (!headers.has("accept"))
239
+ headers.set("accept", "application/json");
240
+ const token = options.bearerToken ?? this.accessToken;
241
+ if (token)
242
+ headers.set("authorization", `Bearer ${token}`);
243
+ let body = options.body;
244
+ if (isJsonRecordBody(body)) {
245
+ if (!headers.has("content-type"))
246
+ headers.set("content-type", "application/json");
247
+ body = JSON.stringify(body);
248
+ }
249
+ const url = path.startsWith("http://") || path.startsWith("https://") ? path : `${this.baseUrl}${requestPath(path)}`;
250
+ const init = {
251
+ method: options.method ?? "GET",
252
+ headers,
253
+ };
254
+ if (body !== undefined)
255
+ init.body = body;
256
+ const response = await this.fetchImpl(url, init);
257
+ const payload = await readPayload(response);
258
+ if (!response.ok)
259
+ throw new ReceizHttpError(response.status, payload);
260
+ return payload;
261
+ }
262
+ async verifyArtifact(file) {
263
+ const form = new FormData();
264
+ form.set("file", file);
265
+ return this.request("/api/document-verify", { method: "POST", body: form });
266
+ }
267
+ async sealArtifact(file, options = {}) {
268
+ const form = new FormData();
269
+ form.set("file", file);
270
+ form.set("visualStamp", options.visualStamp ? "1" : "0");
271
+ return this.request("/api/document-seal", { method: "POST", body: form });
272
+ }
273
+ async publicWalletLedger(query = {}) {
274
+ return this.request(appendQuery("/api/wallet/ledger/public", query));
275
+ }
276
+ async observePublicProof(body) {
277
+ return this.request("/api/public-proof/observe", { method: "POST", body });
278
+ }
279
+ async readPublicProofByUrl(url) {
280
+ return this.request(appendQuery("/api/public-proof/by-url", { url }));
281
+ }
282
+ async sportsConformance() {
283
+ return this.request("/api/game/sports/conformance");
284
+ }
285
+ async signalCircuitConformance() {
286
+ return this.request("/api/signal-circuit/conformance");
287
+ }
288
+ async delegated(path, options = {}) {
289
+ if (!this.accessToken)
290
+ throw new Error("receiz_access_token_required");
291
+ return this.request(path, { ...options, bearerToken: this.accessToken });
292
+ }
293
+ authorizeUrl(options) {
294
+ const url = new URL(`${this.baseUrl}/api/oidc/authorize`);
295
+ url.searchParams.set("response_type", options.responseType ?? "code");
296
+ url.searchParams.set("client_id", options.clientId);
297
+ url.searchParams.set("redirect_uri", options.redirectUri);
298
+ url.searchParams.set("code_challenge", options.codeChallenge);
299
+ url.searchParams.set("code_challenge_method", options.codeChallengeMethod ?? "S256");
300
+ const scope = Array.isArray(options.scope) ? options.scope.join(" ") : (options.scope ?? "openid profile");
301
+ url.searchParams.set("scope", scope);
302
+ if (options.state)
303
+ url.searchParams.set("state", options.state);
304
+ if (options.usernameHint)
305
+ url.searchParams.set("login_hint", options.usernameHint);
306
+ return url.toString();
307
+ }
308
+ async delegatedVerifyArtifact(file) {
309
+ const form = new FormData();
310
+ form.set("file", file);
311
+ return this.delegated("/api/connect/verify", { method: "POST", body: form });
312
+ }
313
+ async delegatedSealArtifact(file, options = {}) {
314
+ const form = new FormData();
315
+ form.set("file", file);
316
+ form.set("visualStamp", options.visualStamp ? "1" : "0");
317
+ return this.delegated("/api/connect/seal", { method: "POST", body: form });
318
+ }
319
+ async connectTransfer(body, options = {}) {
320
+ const requestBody = { ...body };
321
+ if (!requestBody.clientNonce && options.idempotencyKey)
322
+ requestBody.clientNonce = options.idempotencyKey;
323
+ return this.delegated("/api/connect/transfers", { method: "POST", body: requestBody });
324
+ }
325
+ }
326
+ export function createReceizClient(options = {}) {
327
+ return new ReceizClient(options);
328
+ }
329
+ export async function loadReceizOpenApi(baseUrl = RECEIZ_DEFAULT_BASE_URL, fetchImpl = normalizeFetch()) {
330
+ const response = await fetchImpl(`${trimTrailingSlash(baseUrl)}/openapi.json`, {
331
+ headers: { accept: "application/json" },
332
+ });
333
+ if (!response.ok)
334
+ throw new ReceizHttpError(response.status, await readPayload(response));
335
+ return response.json();
336
+ }
337
+ export function assertReceizAssetManifest(value) {
338
+ const record = ensureRecord(value, "ReceizAssetManifest");
339
+ const issues = [];
340
+ if (record.schema !== "receiz.asset_manifest.v1")
341
+ issues.push("schema must be receiz.asset_manifest.v1");
342
+ ensureString(record, "assetId", issues);
343
+ ensureString(record, "assetType", issues);
344
+ const proof = record.proof;
345
+ if (!isRecord(proof) || typeof proof.kind !== "string" || !proof.kind.trim())
346
+ issues.push("proof.kind must be a non-empty string");
347
+ ensureOptionalRecord(record, "owner", issues);
348
+ ensureOptionalRecord(record, "media", issues);
349
+ ensureOptionalRecord(record, "settlement", issues);
350
+ if (record.appends !== undefined && !Array.isArray(record.appends))
351
+ issues.push("appends must be an array when present");
352
+ ensureLinks(record, issues);
353
+ failIfIssues("ReceizAssetManifest", issues);
354
+ return record;
355
+ }
356
+ export function isReceizAssetManifest(value) {
357
+ try {
358
+ assertReceizAssetManifest(value);
359
+ return true;
360
+ }
361
+ catch {
362
+ return false;
363
+ }
364
+ }
365
+ export function assertReceizSportsCardManifest(value) {
366
+ const record = ensureRecord(value, "ReceizSportsCardManifest");
367
+ const issues = [];
368
+ if (record.schema !== "receiz.sports_arena.card_manifest.v1")
369
+ issues.push("schema must be receiz.sports_arena.card_manifest.v1");
370
+ ensureString(record, "sport", issues);
371
+ ensureString(record, "collectibleId", issues);
372
+ ensureString(record, "claimHash", issues);
373
+ if (!isRecord(record.card))
374
+ issues.push("card must be an object");
375
+ if (!isRecord(record.ownership))
376
+ issues.push("ownership must be an object");
377
+ if (!isRecord(record.valueBasis))
378
+ issues.push("valueBasis must be an object");
379
+ ensureOptionalRecord(record, "appendSummary", issues);
380
+ ensureOptionalRecord(record, "eventProofSummary", issues);
381
+ ensureLinks(record, issues);
382
+ failIfIssues("ReceizSportsCardManifest", issues);
383
+ return record;
384
+ }
385
+ export function isReceizSportsCardManifest(value) {
386
+ try {
387
+ assertReceizSportsCardManifest(value);
388
+ return true;
389
+ }
390
+ catch {
391
+ return false;
392
+ }
393
+ }
394
+ export function assertReceizWebhookEvent(value) {
395
+ const record = ensureRecord(value, "ReceizWebhookEvent");
396
+ const issues = [];
397
+ if (record.schema !== "receiz.webhook_event.v1")
398
+ issues.push("schema must be receiz.webhook_event.v1");
399
+ ensureString(record, "id", issues);
400
+ const type = ensureString(record, "type", issues);
401
+ if (type && !WEBHOOK_EVENT_TYPES.has(type))
402
+ issues.push(`unsupported webhook type ${type}`);
403
+ ensureString(record, "createdAt", issues);
404
+ if (!isRecord(record.data))
405
+ issues.push("data must be an object");
406
+ ensureOptionalRecord(record, "actor", issues);
407
+ ensureOptionalRecord(record, "signature", issues);
408
+ failIfIssues("ReceizWebhookEvent", issues);
409
+ return record;
410
+ }
411
+ export function isReceizWebhookEvent(value) {
412
+ try {
413
+ assertReceizWebhookEvent(value);
414
+ return true;
415
+ }
416
+ catch {
417
+ return false;
418
+ }
419
+ }
420
+ function bodyToString(body) {
421
+ if (typeof body === "string")
422
+ return body;
423
+ if (body instanceof ArrayBuffer)
424
+ return new TextDecoder().decode(body);
425
+ if (body instanceof Uint8Array)
426
+ return new TextDecoder().decode(body);
427
+ return JSON.stringify(body);
428
+ }
429
+ export function buildReceizWebhookSignaturePayload(input) {
430
+ return `${input.timestamp}.${bodyToString(input.body)}`;
431
+ }
432
+ async function hmacSha256Hex(secret, payload) {
433
+ const key = await crypto.subtle.importKey("raw", new TextEncoder().encode(secret), { name: "HMAC", hash: "SHA-256" }, false, ["sign"]);
434
+ const signed = await crypto.subtle.sign("HMAC", key, new TextEncoder().encode(payload));
435
+ return Array.from(new Uint8Array(signed))
436
+ .map((byte) => byte.toString(16).padStart(2, "0"))
437
+ .join("");
438
+ }
439
+ function normalizeSignature(value) {
440
+ const trimmed = value.trim().toLowerCase();
441
+ return trimmed.startsWith("sha256=") ? trimmed.slice("sha256=".length) : trimmed;
442
+ }
443
+ function timingSafeEqual(left, right) {
444
+ let diff = left.length ^ right.length;
445
+ const max = Math.max(left.length, right.length);
446
+ for (let index = 0; index < max; index += 1) {
447
+ diff |= (left.charCodeAt(index) || 0) ^ (right.charCodeAt(index) || 0);
448
+ }
449
+ return diff === 0;
450
+ }
451
+ function timestampMs(value) {
452
+ const trimmed = value.trim();
453
+ if (/^\d+$/.test(trimmed)) {
454
+ const numeric = Number(trimmed);
455
+ return numeric < 10_000_000_000 ? numeric * 1000 : numeric;
456
+ }
457
+ return Date.parse(trimmed);
458
+ }
459
+ export async function createReceizWebhookSignature(input) {
460
+ const payload = buildReceizWebhookSignaturePayload(input);
461
+ return `sha256=${await hmacSha256Hex(input.secret, payload)}`;
462
+ }
463
+ export async function verifyReceizWebhookSignature(input) {
464
+ if (input.toleranceSeconds !== undefined) {
465
+ const parsedTimestamp = timestampMs(input.timestamp);
466
+ if (!Number.isFinite(parsedTimestamp))
467
+ return false;
468
+ const now = input.nowMs ?? Date.now();
469
+ if (Math.abs(now - parsedTimestamp) > input.toleranceSeconds * 1000)
470
+ return false;
471
+ }
472
+ const expected = await createReceizWebhookSignature(input);
473
+ return timingSafeEqual(normalizeSignature(expected), normalizeSignature(input.signature));
474
+ }
@@ -0,0 +1,31 @@
1
+ # App Registration And Token Lifecycle
2
+
3
+ ```bash
4
+ npm install @receiz/sdk
5
+ ```
6
+
7
+ ```ts
8
+ import { createReceizClient } from "@receiz/sdk";
9
+
10
+ const receiz = createReceizClient();
11
+ const authorizeUrl = receiz.identity.authorizeUrl({
12
+ clientId: process.env.RECEIZ_CLIENT_ID!,
13
+ redirectUri: "https://app.example.com/auth/receiz/callback",
14
+ codeChallenge,
15
+ scope: ["openid", "profile", "receiz:verify", "receiz:wallet.transfer"],
16
+ state,
17
+ });
18
+ ```
19
+
20
+ Receiz Connect uses standard OIDC mechanics for app onboarding and token lifecycle. The identity primitive remains the Receiz subject and account continuity behind the token; the token is permission for delegated API calls, not the identity proof root.
21
+
22
+ Lifecycle:
23
+
24
+ 1. Register the app and exact redirect URI.
25
+ 2. Start Authorization Code + PKCE with the scopes your app needs.
26
+ 3. Exchange the authorization code server-side.
27
+ 4. Store refresh tokens server-side only.
28
+ 5. Use access tokens for `receiz.connect.*` calls.
29
+ 6. Revoke tokens when the user disconnects your app.
30
+
31
+ Use `sub` from OIDC as the stable external user key. Do not key your user model by mutable email.
@@ -0,0 +1,22 @@
1
+ # Artifact Verification
2
+
3
+ ```bash
4
+ npm install @receiz/sdk
5
+ ```
6
+
7
+ ```ts
8
+ import { assertReceizAssetManifest, createReceizClient } from "@receiz/sdk";
9
+
10
+ const receiz = createReceizClient();
11
+ const verified = await receiz.verification.verifyArtifact(file);
12
+
13
+ if (!verified.ok) {
14
+ throw new Error(verified.errors.join(", "));
15
+ }
16
+
17
+ const manifest = assertReceizAssetManifest(await manifestResponse.json());
18
+ ```
19
+
20
+ Receiz rule: verify first, then project. The SDK makes the verification call and validates the manifest shape, but the proof object remains the sealed artifact/proof bundle, not the SDK response.
21
+
22
+ Keep the original artifact bytes exactly as received. Store the manifest as a developer projection that points back to `proof.verifyUrl`, `proof.verifyPath`, and the deterministic proof identity.
@@ -0,0 +1,35 @@
1
+ # Connect Transfers
2
+
3
+ ```bash
4
+ npm install @receiz/sdk
5
+ ```
6
+
7
+ ```ts
8
+ import { createReceizClient } from "@receiz/sdk";
9
+
10
+ const receiz = createReceizClient({
11
+ accessToken: process.env.RECEIZ_ACCESS_TOKEN,
12
+ });
13
+
14
+ const transfer = await receiz.connect.transfer(
15
+ {
16
+ recipientUserId: "user_123",
17
+ unit: "phi",
18
+ amountPhi: "10",
19
+ note: "Thanks",
20
+ },
21
+ { idempotencyKey: crypto.randomUUID() },
22
+ );
23
+
24
+ console.log(transfer.ledgerEventId, transfer.proofBundle);
25
+ ```
26
+
27
+ Connect transfers are delegated settlement actions. The SDK submits the user-approved action with a bearer token and idempotency key. The settlement primitive is the resulting ledger event and proof bundle, not the HTTP call itself.
28
+
29
+ Production checklist:
30
+
31
+ 1. Use Authorization Code + PKCE to obtain a user-approved access token.
32
+ 2. Request only the scopes your app needs, such as `receiz:wallet.transfer`.
33
+ 3. Send a stable idempotency key for retries.
34
+ 4. Store the returned ledger event and proof bundle as settlement evidence.
35
+ 5. Refresh ledger reads for verified additions after the transfer completes.
@@ -0,0 +1,28 @@
1
+ # Public Proof Rendering
2
+
3
+ ```bash
4
+ npm install @receiz/sdk
5
+ ```
6
+
7
+ ```ts
8
+ import { createReceizClient } from "@receiz/sdk";
9
+
10
+ const receiz = createReceizClient();
11
+ const proof = await receiz.publicProof.byUrl("https://example.com/work");
12
+
13
+ if (!proof.record) {
14
+ await receiz.publicProof.observe({
15
+ url: "https://example.com/work",
16
+ title: "Example Work",
17
+ });
18
+ }
19
+ ```
20
+
21
+ Public proof rendering should display the proof object, provenance, ownership/custody state, verification affordance, and source material. The API response is a public projection over Receiz proof truth. Do not treat it as a mutable content feed that can replace the underlying proof object.
22
+
23
+ Recommended UI order:
24
+
25
+ 1. Render the known proof object or manifest immediately.
26
+ 2. Add public proof records after they resolve.
27
+ 3. Keep source links and verify links visible.
28
+ 4. Treat missing public proof records as missing projection, not proof invalidation.
@@ -0,0 +1,25 @@
1
+ # Sports Card And Event Proof Integration
2
+
3
+ ```bash
4
+ npm install @receiz/sdk
5
+ ```
6
+
7
+ ```ts
8
+ import { assertReceizSportsCardManifest, createReceizClient } from "@receiz/sdk";
9
+
10
+ const receiz = createReceizClient();
11
+ const conformance = await receiz.sports.conformance();
12
+ const manifest = assertReceizSportsCardManifest(await sportsCardManifestResponse.json());
13
+ const eventProofUrl = receiz.sports.eventProofUrl("event_proof_123");
14
+
15
+ console.log(conformance.reportHash, manifest.collectibleId, eventProofUrl);
16
+ ```
17
+
18
+ Sports cards are proof objects. The manifest carries card identity, ownership/custody, value basis, append summary, event proof summary, and links. The SDK validates the projection and gives you typed calls, but verified appends and event proofs remain the source of truth.
19
+
20
+ For lazy integrations:
21
+
22
+ 1. Render `card`, `ownership`, and `valueBasis` from the manifest.
23
+ 2. Use `appendSummary` and `eventProofSummary` as quick visible proof memory.
24
+ 3. Link each event proof through `receiz.sports.eventProofUrl(eventProofId)`.
25
+ 4. Poll or refresh only for verified additions, not to re-prove admitted card history.
@@ -0,0 +1,24 @@
1
+ # Wallet Ledger Reads
2
+
3
+ ```bash
4
+ npm install @receiz/sdk
5
+ ```
6
+
7
+ ```ts
8
+ import { createReceizClient } from "@receiz/sdk";
9
+
10
+ const receiz = createReceizClient();
11
+ let cursor: string | null | undefined;
12
+
13
+ do {
14
+ const page = await receiz.wallet.publicLedger({ limit: 100, cursor });
15
+ for (const event of page.events) {
16
+ console.log(event.kind, event.amountPhiMicro, event.proofBundle);
17
+ }
18
+ cursor = page.nextCursor;
19
+ } while (cursor);
20
+ ```
21
+
22
+ The wallet ledger is a settlement primitive projection. Display transfer, note mint, note claim, and proof bundle data as append-only ledger events. Keep already-read ledger events as verified history and append later pages or later additions beneath them.
23
+
24
+ Use pagination for large views. Do not flatten settlement into a generic balance-only view when the ledger event carries proof-native value, reserve, note, and transfer evidence.
@@ -0,0 +1,33 @@
1
+ # Webhook Signatures
2
+
3
+ ```bash
4
+ npm install @receiz/sdk
5
+ ```
6
+
7
+ ```ts
8
+ import { assertReceizWebhookEvent, verifyReceizWebhookSignature } from "@receiz/sdk";
9
+
10
+ const rawBody = await request.text();
11
+ const ok = await verifyReceizWebhookSignature({
12
+ secret: process.env.RECEIZ_WEBHOOK_SECRET!,
13
+ timestamp: request.headers.get("x-receiz-timestamp")!,
14
+ signature: request.headers.get("x-receiz-signature")!,
15
+ body: rawBody,
16
+ toleranceSeconds: 300,
17
+ });
18
+
19
+ if (!ok) {
20
+ return new Response("invalid Receiz webhook signature", { status: 401 });
21
+ }
22
+
23
+ const event = assertReceizWebhookEvent(JSON.parse(rawBody));
24
+ ```
25
+
26
+ Webhook signature verification proves delivery authenticity for a webhook envelope. It does not replace artifact proof, verified appends, ownership appends, or settlement ledger truth.
27
+
28
+ Processing order:
29
+
30
+ 1. Read the raw body.
31
+ 2. Verify `x-receiz-signature` with `x-receiz-timestamp`.
32
+ 3. Parse and validate `receiz.webhook_event.v1`.
33
+ 4. Verify or fetch the underlying proof object, append, ownership state, or settlement ledger event before treating the event as product truth.
@@ -0,0 +1,43 @@
1
+ {
2
+ "schema": "receiz.asset_manifest.v1",
3
+ "assetId": "asset_example_01JZ_RECEIZ",
4
+ "assetType": "proof_object",
5
+ "proof": {
6
+ "kind": "receiz.proof_bundle",
7
+ "payloadVersion": 1,
8
+ "createdAtMs": 1782400000000,
9
+ "ts": "2026-06-25T00:00:00.000Z",
10
+ "code": "EXAMPLE",
11
+ "slug": "developer-example",
12
+ "verifyPath": "/v/developer-example/EXAMPLE/123456",
13
+ "verifyUrl": "https://receiz.com/v/developer-example/EXAMPLE/123456",
14
+ "kaiPulseEternal": 123456,
15
+ "artifactSha256Basis": "sha256:example-artifact-basis"
16
+ },
17
+ "owner": {
18
+ "receizSubject": "sub_example_receiz_subject",
19
+ "displayName": "Example Owner",
20
+ "custody": "current"
21
+ },
22
+ "media": {
23
+ "kind": "image",
24
+ "mimeType": "image/png",
25
+ "url": "https://receiz.com/api/receiz?code=EXAMPLE"
26
+ },
27
+ "appends": [
28
+ {
29
+ "id": "append_example_001",
30
+ "kind": "proof.appended",
31
+ "createdAt": "2026-06-25T00:00:00.000Z",
32
+ "appendHash": "sha256:example-append"
33
+ }
34
+ ],
35
+ "settlement": {
36
+ "state": "none",
37
+ "ledgerEventId": null
38
+ },
39
+ "links": {
40
+ "verify": "https://receiz.com/v/developer-example/EXAMPLE/123456",
41
+ "openapi": "https://receiz.com/openapi.json"
42
+ }
43
+ }
@@ -0,0 +1,40 @@
1
+ {
2
+ "schema": "receiz.sports_arena.card_manifest.v1",
3
+ "sport": "baseball",
4
+ "collectibleId": "sports_card_example_01JZ",
5
+ "claimHash": "sha256:example-card-claim",
6
+ "card": {
7
+ "playerName": "Example Player",
8
+ "team": "Example Club",
9
+ "season": "2026",
10
+ "rarity": "rare",
11
+ "deterministicImageUrl": "https://receiz.com/api/game/signal-run/cards/example/share-image"
12
+ },
13
+ "ownership": {
14
+ "ownerSubject": "sub_example_receiz_subject",
15
+ "custody": "owned",
16
+ "ownershipAppendHash": "sha256:example-ownership-append",
17
+ "updatedAt": "2026-06-25T00:00:00.000Z"
18
+ },
19
+ "valueBasis": {
20
+ "score": "12.4",
21
+ "kaiUpulse": "123456.000001",
22
+ "reserveUsdCents": "2500",
23
+ "source": "verified_appends"
24
+ },
25
+ "appendSummary": {
26
+ "count": 3,
27
+ "latestAppendHash": "sha256:example-latest-append",
28
+ "latestObservedAt": "2026-06-25T00:01:00.000Z"
29
+ },
30
+ "eventProofSummary": {
31
+ "count": 1,
32
+ "latestProofHash": "sha256:example-event-proof",
33
+ "latestEventType": "defensive_gem"
34
+ },
35
+ "links": {
36
+ "asset": "https://receiz.com/game/sports",
37
+ "proof": "https://receiz.com/api/game/sports/conformance",
38
+ "manifestSchema": "https://receiz.com/standards/receiz.sports-card-manifest.schema.v1.json"
39
+ }
40
+ }
@@ -0,0 +1,17 @@
1
+ {
2
+ "schema": "receiz.webhook_event.v1",
3
+ "id": "evt_example_01JZ_RECEIZ",
4
+ "type": "proof.appended",
5
+ "createdAt": "2026-06-25T00:00:00.000Z",
6
+ "data": {
7
+ "assetId": "asset_example_01JZ_RECEIZ",
8
+ "appendId": "append_example_001",
9
+ "appendHash": "sha256:example-append",
10
+ "proofBundle": {
11
+ "kind": "receiz.proof_bundle",
12
+ "verifyPath": "/v/developer-example/EXAMPLE/123456",
13
+ "verifyUrl": "https://receiz.com/v/developer-example/EXAMPLE/123456",
14
+ "kaiPulseEternal": 123456
15
+ }
16
+ }
17
+ }
package/package.json ADDED
@@ -0,0 +1,43 @@
1
+ {
2
+ "name": "@receiz/sdk",
3
+ "version": "93.0.0",
4
+ "description": "TypeScript SDK for Receiz proof-native artifact, public proof, wallet, sports, and Connect integrations.",
5
+ "type": "module",
6
+ "main": "dist/index.js",
7
+ "types": "dist/index.d.ts",
8
+ "exports": {
9
+ ".": {
10
+ "types": "./dist/index.d.ts",
11
+ "import": "./dist/index.js"
12
+ },
13
+ "./fixtures/*": "./fixtures/*",
14
+ "./docs/*": "./docs/*",
15
+ "./package.json": "./package.json"
16
+ },
17
+ "files": [
18
+ "dist",
19
+ "README.md",
20
+ "docs",
21
+ "fixtures"
22
+ ],
23
+ "scripts": {
24
+ "build": "tsc -p tsconfig.json",
25
+ "test": "node --import tsx --test test/*.test.ts",
26
+ "typecheck": "tsc -p tsconfig.json --noEmit",
27
+ "prepack": "npm run build"
28
+ },
29
+ "keywords": [
30
+ "receiz",
31
+ "proof",
32
+ "artifact",
33
+ "wallet",
34
+ "sports",
35
+ "connect",
36
+ "settlement",
37
+ "sdk"
38
+ ],
39
+ "license": "MIT",
40
+ "publishConfig": {
41
+ "access": "public"
42
+ }
43
+ }