@relai-fi/x402 0.6.5 → 0.6.7

package/dist/index.js

@@ -7560,7 +7560,6 @@ var Relai = class {
         const integritasMode = integritasFlow === "single" ? "single_signature_fee_included" : integritasFlow === "dual" ? "dual_signature_split" : void 0;
         const paymentHeader = req.headers["x-payment"] || req.headers["payment-signature"] || req.headers["x-payment-signature"];
         const authHeader = req.headers["authorization"] || "";
-        console.log(`[Relai] MPP check: paymentHeader=${!!paymentHeader}, hasMpp=${!!self.mpp}, authHeader=${authHeader?.slice(0, 30)}`);
         if (!paymentHeader && self.mpp && /^Payment\s+/i.test(authHeader)) {
           try {
             const mppAmount = resolvedPrice.toFixed(6);
@@ -7572,10 +7571,7 @@ var Relai = class {
             const mppRequest = new Request(mppUrl, { method: req.method, headers: mppHeaders });
             const chargeHandler = self.mpp.charge({ amount: mppAmount });
             const mppResult = await chargeHandler(mppRequest);
-            console.log(`[Relai] MPP charge result: status=${mppResult.status}, keys=${Object.keys(mppResult)}, hasChallenge=${!!mppResult.challenge}, hasWithReceipt=${!!mppResult.withReceipt}`);
             if (mppResult.status === 402 && mppResult.challenge instanceof Response) {
-              const retryAuth = mppResult.challenge.headers.get("www-authenticate");
-              console.log(`[Relai] MPP re-challenged (credential not accepted). New WWW-Auth: ${retryAuth?.slice(0, 60)}`);
             }
             if (mppResult.status !== 200 && !mppResult.withReceipt && mppResult.status !== 402) {
               if (self.plugins.length > 0) {
@@ -7618,7 +7614,10 @@ var Relai = class {
                 const dummyResponse = new Response(null);
                 const receiptResponse = mppResult.withReceipt(dummyResponse);
                 const receiptHeader = receiptResponse.headers.get("payment-receipt");
-                if (receiptHeader) res.setHeader("Payment-Receipt", receiptHeader);
+                if (receiptHeader) {
+                  res.setHeader?.("Payment-Receipt", receiptHeader);
+                  res.setHeader?.("Cache-Control", "private");
+                }
               }
               options.onPaymentSettled?.(req, {
                 success: true,
@@ -7835,12 +7834,13 @@ var Relai = class {
               if (mppResult?.challenge instanceof Response) {
                 const wwwAuth = mppResult.challenge.headers.get("www-authenticate");
                 if (wwwAuth) {
-                  res.setHeader("WWW-Authenticate", wwwAuth);
+                  res.setHeader?.("WWW-Authenticate", wwwAuth);
                 }
               }
             } catch {
             }
           }
+          res.setHeader?.("Cache-Control", "no-store");
           return res.status(402).json(paymentRequiredResponse);
         }
         let paymentProof;
@@ -7857,39 +7857,6 @@ var Relai = class {
             });
           }
         }
-        if (paymentProof.bridged === true && paymentProof.targetTxId) {
-          console.log(`[Relai] Bridged payment accepted: source=${paymentProof.sourceTxId}, target=${paymentProof.targetTxId}`);
-          const paymentInfo2 = {
-            verified: true,
-            transactionId: paymentProof.targetTxId,
-            payer: paymentProof.sourceTxId || "bridge",
-            network,
-            amount: resolvedPrice
-          };
-          req.payment = paymentInfo2;
-          req.x402Payer = paymentProof.sourceTxId || "bridge";
-          req.x402Paid = true;
-          req.x402Transaction = paymentProof.targetTxId;
-          req.x402Network = network;
-          req.x402Bridged = true;
-          req.x402SourceChain = paymentProof.sourceChain;
-          const paymentResponse2 = {
-            x402Version: 2,
-            scheme: "exact",
-            network: caip2,
-            transaction: paymentProof.targetTxId,
-            payer: paymentProof.sourceTxId,
-            amount: amount2,
-            asset,
-            bridged: true
-          };
-          res.setHeader(
-            "PAYMENT-RESPONSE",
-            Buffer.from(JSON.stringify(paymentResponse2)).toString("base64")
-          );
-          options.onPaymentSettled?.(req, { success: true, transaction: paymentProof.targetTxId, payer: paymentProof.sourceTxId });
-          return next();
-        }
         let settlePayTo;
         if (stripeConfig) {
           settlePayTo = paymentProof.payload?.authorization?.to || paymentProof.accepted?.payTo || "";
@@ -8047,6 +8014,73 @@ import {
   TOKEN_PROGRAM_ID,
   TOKEN_2022_PROGRAM_ID
 } from "@solana/spl-token";
+
+// src/bridge.ts
+var RELAI_API_BASE = "https://api.relai.fi";
+var _cacheMap = /* @__PURE__ */ new Map();
+var CACHE_TTL = 5 * 60 * 1e3;
+async function getBridgeInfo(baseUrl = RELAI_API_BASE) {
+  const key = baseUrl.replace(/\/$/, "");
+  const now = Date.now();
+  const cached2 = _cacheMap.get(key);
+  if (cached2 && now - cached2.time < CACHE_TTL) return cached2.info;
+  const url2 = `${key}/bridge/info`;
+  const res = await fetch(url2);
+  if (!res.ok) {
+    if (cached2) return cached2.info;
+    throw new Error(`[relai:bridge] Failed to fetch ${url2}: ${res.status}`);
+  }
+  const data = await res.json();
+  const info = {
+    settleEndpoint: data.settleEndpoint,
+    supportedSourceChains: data.supportedSourceChains || [],
+    supportedSourceAssets: data.supportedSourceAssets || [],
+    payTo: data.payTo || {},
+    feePayerSvm: data.feePayerSvm ?? null,
+    feeBps: data.feeBps ?? 100,
+    paymentFacilitator: data.paymentFacilitator || "https://facilitator.x402.fi"
+  };
+  _cacheMap.set(key, { info, time: now });
+  return info;
+}
+async function settleBridge(settleEndpoint, body) {
+  const res = await fetch(settleEndpoint, {
+    method: "POST",
+    headers: { "Content-Type": "application/json" },
+    body: JSON.stringify(body)
+  });
+  if (!res.ok) {
+    const err = await res.json().catch(() => ({}));
+    throw new Error(`[relai:bridge] settle failed: ${err.error || res.status}${err.details ? " \u2014 " + err.details : ""}`);
+  }
+  return res.json();
+}
+function selectSourceChain(supportedChains, hasEvmWallet, hasSolanaWallet, preferredSourceChainId) {
+  if (preferredSourceChainId && hasEvmWallet) {
+    const preferred = `eip155:${preferredSourceChainId}`;
+    if (supportedChains.includes(preferred)) {
+      return { type: "evm", chain: preferred };
+    }
+  }
+  if (hasSolanaWallet) {
+    const sol = supportedChains.find((c) => c.startsWith("solana:"));
+    if (sol) return { type: "solana", chain: sol };
+  }
+  if (hasEvmWallet) {
+    for (const chain of supportedChains) {
+      if (chain.startsWith("eip155:")) {
+        return { type: "evm", chain };
+      }
+    }
+  }
+  return null;
+}
+function computeSourceAmount(targetAmount, feeBps) {
+  const fee = targetAmount * BigInt(feeBps) / 10000n;
+  return targetAmount + fee;
+}
+
+// src/client.ts
 var PERMIT_NETWORKS = /* @__PURE__ */ new Set([]);
 var DEFAULT_EVM_RPC_URLS = {
   "skale-base": "https://skale-base.skalenodes.com/v1/base",
@@ -8072,7 +8106,8 @@ function createX402Client(config2) {
     integritas,
     verbose = false,
     defaultHeaders = {},
-    mpp
+    mpp,
+    bridge: bridgeConfig
   } = config2;
   const relayWsEnabled = relayWs?.enabled === true;
   const relayWsPreflightTimeoutMs = relayWs?.preflightTimeoutMs ?? 5e3;
@@ -9187,6 +9222,70 @@ function createX402Client(config2) {
           headers: { ...requestHeaders, "X-PAYMENT": paymentHeader }
         });
       }
+      if (bridgeConfig?.enabled) {
+        log("No direct wallet match \u2014 attempting auto-bridge via RelAI API");
+        try {
+          const info = await getBridgeInfo(bridgeConfig.baseUrl);
+          const targetAccept = accepts[0];
+          const hasEvm = !!effectiveWallets.evm;
+          const hasSol = !!hasSolanaWallet;
+          const source = selectSourceChain(info.supportedSourceChains, hasEvm, hasSol);
+          if (source) {
+            const bridgePayTo = info.payTo[source.chain];
+            if (bridgePayTo) {
+              const targetAmount = targetAccept.amount || targetAccept.maxAmountRequired;
+              const sourceAmount = computeSourceAmount(BigInt(targetAmount), info.feeBps).toString();
+              const sourceChainIdx = info.supportedSourceChains.indexOf(source.chain);
+              const sourceAsset = sourceChainIdx >= 0 && info.supportedSourceAssets[sourceChainIdx] || (source.type === "evm" ? info.supportedSourceAssets.find((a) => a.startsWith("0x")) || targetAccept.asset : info.supportedSourceAssets.find((a) => !a.startsWith("0x")) || "");
+              let sourcePaymentHeader;
+              const sourceAccept = {
+                scheme: "exact",
+                network: source.chain,
+                asset: sourceAsset,
+                payTo: bridgePayTo,
+                amount: sourceAmount,
+                extra: {
+                  ...targetAccept.extra || {},
+                  ...source.type === "solana" && info.feePayerSvm ? { feePayer: info.feePayerSvm } : {}
+                }
+              };
+              if (source.type === "solana" && hasSolanaWallet) {
+                sourcePaymentHeader = await buildSolanaPayment(sourceAccept, requirements, url2);
+              } else if (source.type === "evm") {
+                const evmNetwork = normalizeNetwork(source.chain);
+                const usePermit = evmNetwork && PERMIT_NETWORKS.has(evmNetwork);
+                sourcePaymentHeader = usePermit ? await buildEvmPermitPayment(sourceAccept, requirements, url2) : await buildEvmPayment(sourceAccept, requirements, url2);
+              } else {
+                throw new Error(`[relai-x402] No wallet for source chain type: ${source.type}`);
+              }
+              const settleData = await settleBridge(info.settleEndpoint, {
+                sourcePayment: sourcePaymentHeader,
+                sourceChain: source.chain,
+                targetAccept: {
+                  scheme: "exact",
+                  network: targetAccept.network,
+                  asset: targetAccept.asset,
+                  payTo: targetAccept.payTo,
+                  amount: targetAmount
+                },
+                requirements,
+                resource: url2,
+                paymentFacilitator: info.paymentFacilitator
+              });
+              if (settleData.xPayment) {
+                log(`Auto-bridge settled: target=${settleData.targetTxId}`);
+                return fetch(input, {
+                  ...requestInitWithHeaders,
+                  headers: { ...requestHeaders, "X-PAYMENT": settleData.xPayment }
+                });
+              }
+              throw new Error("[relai-x402] Bridge settle did not return xPayment");
+            }
+          }
+        } catch (bridgeErr) {
+          log(`Auto-bridge failed: ${bridgeErr instanceof Error ? bridgeErr.message : bridgeErr}`);
+        }
+      }
       throw new Error(buildNoWalletError(accepts, false));
     }
     const { accept, chain } = selected;
@@ -9283,8 +9382,37 @@ function submitRelayFeedback(config2) {
 }
 
 // src/payment-codes.ts
-var DEFAULT_FACILITATOR = "https://relai.fi/facilitator";
-var DEFAULT_USDC_BASE = "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913";
+import { ethers as ethers2 } from "ethers";
+var NETWORK_CONFIGS = {
+  "base": {
+    chainId: 8453,
+    usdc: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913",
+    domainName: "USD Coin",
+    rpc: "https://mainnet.base.org",
+    settlementNetwork: "base"
+  },
+  "base-sepolia": {
+    chainId: 84532,
+    usdc: "0x036CbD53842c5426634e7929541eC2318f3dCF7e",
+    domainName: "USDC",
+    rpc: "https://sepolia.base.org",
+    settlementNetwork: "base-sepolia"
+  },
+  "skale-base-sepolia": {
+    chainId: 324705682,
+    usdc: "0x2e08028E3C4c2356572E096d8EF835cD5C6030bD",
+    domainName: "Bridged USDC (SKALE Bridge)",
+    rpc: "https://base-sepolia-testnet.skalenodes.com/v1/jubilant-horrible-ancha",
+    settlementNetwork: "skale-base-sepolia"
+  },
+  "skale-base": {
+    chainId: 1482601649,
+    usdc: "0x85889c8c714505E0c94b30fcfcF64fE3Ac8FCb20",
+    domainName: "Bridged USDC",
+    rpc: "https://skale-base.skalenodes.com/v1/base",
+    settlementNetwork: "skale-base"
+  }
+};
 var EIP3009_TYPES = {
   TransferWithAuthorization: [
     { name: "from", type: "address" },
@@ -9295,6 +9423,14 @@ var EIP3009_TYPES = {
     { name: "nonce", type: "bytes32" }
   ]
 };
+function createPrivateKeySigner(privateKey) {
+  const wallet = new ethers2.Wallet(privateKey);
+  return {
+    getAddress: () => Promise.resolve(wallet.address),
+    signTypedData: (domain2, types, value) => wallet.signTypedData(domain2, types, value)
+  };
+}
+var DEFAULT_FACILITATOR = "https://relai.fi/facilitator";
 function randomBytes32() {
   const bytes = new Uint8Array(32);
   if (typeof globalThis.crypto !== "undefined") {
@@ -9305,69 +9441,323 @@ function randomBytes32() {
   }
   return "0x" + Array.from(bytes).map((b) => b.toString(16).padStart(2, "0")).join("");
 }
-async function generatePaymentCode(config2, params) {
-  const { signer, to, value, usdcContract, ttl = 120 } = params;
-  const facilitatorUrl = config2.facilitatorUrl || DEFAULT_FACILITATOR;
-  const usdc = usdcContract || DEFAULT_USDC_BASE;
-  const from4 = await signer.getAddress();
-  const now = Math.floor(Date.now() / 1e3);
-  const validAfter = 0;
-  const validBefore = now + ttl;
-  const nonce = randomBytes32();
+async function fetchToAddress(facilitatorUrl, network) {
+  const res = await fetch(`${facilitatorUrl}/payment-codes/relayer?network=${network}`);
+  if (!res.ok) throw new Error("Failed to fetch relayer address from facilitator");
+  const data = await res.json();
+  if (!data.toAddress) throw new Error("Facilitator returned no toAddress");
+  return data.toAddress;
+}
+async function signEip3009(signer, net, from4, toAddress, value, validAfter, validBefore, nonce, usdcOverride) {
   const domain2 = {
-    name: "USD Coin",
+    name: net.domainName,
     version: "2",
-    chainId: 8453,
-    // Base mainnet
-    verifyingContract: usdc
+    chainId: net.chainId,
+    verifyingContract: usdcOverride ?? net.usdc
   };
-  const message = {
+  return signer.signTypedData(domain2, EIP3009_TYPES, {
     from: from4,
-    to,
-    value: BigInt(value).toString(),
+    to: toAddress,
+    value,
     validAfter,
     validBefore,
     nonce
-  };
-  const signature2 = await signer.signTypedData(domain2, EIP3009_TYPES, message);
+  });
+}
+async function generatePaymentCode(config2, params) {
+  const {
+    signer,
+    value,
+    ttl = 86400,
+    description,
+    payee,
+    usdcContract,
+    network = "base-sepolia"
+  } = params;
+  const facilitatorUrl = config2.facilitatorUrl ?? DEFAULT_FACILITATOR;
+  const net = NETWORK_CONFIGS[network];
+  if (!net) throw new Error(`Unsupported network: ${network}`);
+  const from4 = await signer.getAddress();
+  const now = Math.floor(Date.now() / 1e3);
+  const validBefore = now + ttl;
+  const nonce = randomBytes32();
+  const usdc = usdcContract ?? net.usdc;
+  const toAddress = await fetchToAddress(facilitatorUrl, network);
+  const signature2 = await signEip3009(
+    signer,
+    net,
+    from4,
+    toAddress,
+    BigInt(value).toString(),
+    0,
+    validBefore,
+    nonce,
+    usdc
+  );
   const res = await fetch(`${facilitatorUrl}/payment-codes`, {
     method: "POST",
     headers: { "Content-Type": "application/json" },
     body: JSON.stringify({
       from: from4,
-      to,
       value: BigInt(value).toString(),
-      validAfter,
+      validAfter: 0,
       validBefore,
       nonce,
       signature: signature2,
-      usdcContract: usdc
+      usdcContract: usdc,
+      settlementNetwork: net.settlementNetwork,
+      ...description ? { description } : {},
+      ...payee ? { payee } : {}
     })
   });
   if (!res.ok) {
     const err = await res.json().catch(() => ({}));
-    throw new Error(`Failed to register payment code: ${err.error || res.status}`);
+    throw new Error(`Failed to register payment code: ${err.error ?? res.status}`);
   }
   return res.json();
 }
-async function redeemPaymentCode(config2, code) {
-  const facilitatorUrl = config2.facilitatorUrl || DEFAULT_FACILITATOR;
-  const res = await fetch(`${facilitatorUrl}/payment-codes/${code.toUpperCase()}/redeem`, {
+async function generatePaymentCodesBatch(config2, params) {
+  const {
+    signer,
+    codes,
+    payee,
+    usdcContract,
+    network = "base-sepolia",
+    authToken
+  } = params;
+  const facilitatorUrl = config2.facilitatorUrl ?? DEFAULT_FACILITATOR;
+  const net = NETWORK_CONFIGS[network];
+  if (!net) throw new Error(`Unsupported network: ${network}`);
+  if (codes.length > 20) throw new Error("Maximum 20 codes per batch");
+  const from4 = await signer.getAddress();
+  const usdc = usdcContract ?? net.usdc;
+  const now = Math.floor(Date.now() / 1e3);
+  const toAddress = await fetchToAddress(facilitatorUrl, network);
+  const signedCodes = await Promise.all(
+    codes.map(async (item) => {
+      const validBefore = now + (item.ttl ?? 86400);
+      const nonce = randomBytes32();
+      const value = BigInt(item.value).toString();
+      const signature2 = await signEip3009(
+        signer,
+        net,
+        from4,
+        toAddress,
+        value,
+        0,
+        validBefore,
+        nonce,
+        usdc
+      );
+      return { value, validAfter: 0, validBefore, nonce, signature: signature2 };
+    })
+  );
+  const res = await fetch(`${facilitatorUrl}/payment-codes/batch`, {
     method: "POST",
-    headers: { "Content-Type": "application/json" }
+    headers: {
+      "Content-Type": "application/json",
+      "Authorization": `Bearer ${authToken}`
+    },
+    body: JSON.stringify({
+      from: from4,
+      settlementNetwork: net.settlementNetwork,
+      usdcContract: usdc,
+      ...payee ? { payee } : {},
+      codes: signedCodes
+    })
   });
   if (!res.ok) {
     const err = await res.json().catch(() => ({}));
-    throw new Error(`Failed to redeem payment code: ${err.error || res.status}`);
+    throw new Error(`Batch registration failed: ${err.error ?? res.status}`);
+  }
+  return res.json();
+}
+async function redeemPaymentCode(config2, code, payee) {
+  const facilitatorUrl = config2.facilitatorUrl ?? DEFAULT_FACILITATOR;
+  const res = await fetch(
+    `${facilitatorUrl}/payment-codes/${code.trim().toUpperCase()}/redeem`,
+    {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify(payee ? { payee } : {})
+    }
+  );
+  if (!res.ok) {
+    const err = await res.json().catch(() => ({}));
+    throw new Error(err.error ?? `Redeem failed: ${res.status}`);
   }
   return res.json();
 }
 async function getPaymentCode(config2, code) {
-  const facilitatorUrl = config2.facilitatorUrl || DEFAULT_FACILITATOR;
-  const res = await fetch(`${facilitatorUrl}/payment-codes/${code.toUpperCase()}`);
+  const facilitatorUrl = config2.facilitatorUrl ?? DEFAULT_FACILITATOR;
+  const res = await fetch(
+    `${facilitatorUrl}/payment-codes/${code.trim().toUpperCase()}`
+  );
+  if (!res.ok) {
+    const err = await res.json().catch(() => ({}));
+    throw new Error(`Payment code not found: ${err.error ?? res.status}`);
+  }
+  return res.json();
+}
+async function cancelPaymentCode(config2, code) {
+  const facilitatorUrl = config2.facilitatorUrl ?? DEFAULT_FACILITATOR;
+  const res = await fetch(
+    `${facilitatorUrl}/payment-codes/${code.trim().toUpperCase()}`,
+    { method: "DELETE" }
+  );
   if (!res.ok) {
     const err = await res.json().catch(() => ({}));
-    throw new Error(`Payment code not found: ${err.error || res.status}`);
+    throw new Error(`Cancel failed: ${err.error ?? res.status}`);
+  }
+  return res.json();
+}
+
+// src/payment-requests.ts
+var DEFAULT_FACILITATOR2 = "https://relai.fi/facilitator";
+var EIP3009_TYPES2 = {
+  TransferWithAuthorization: [
+    { name: "from", type: "address" },
+    { name: "to", type: "address" },
+    { name: "value", type: "uint256" },
+    { name: "validAfter", type: "uint256" },
+    { name: "validBefore", type: "uint256" },
+    { name: "nonce", type: "bytes32" }
+  ]
+};
+function randomBytes322() {
+  const bytes = new Uint8Array(32);
+  if (typeof globalThis.crypto !== "undefined") {
+    globalThis.crypto.getRandomValues(bytes);
+  } else {
+    const { randomBytes: randomBytes2 } = __require("crypto");
+    randomBytes2(32).copy(Buffer.from(bytes.buffer));
+  }
+  return "0x" + Array.from(bytes).map((b) => b.toString(16).padStart(2, "0")).join("");
+}
+async function createPayRequest(config2, params) {
+  const {
+    to,
+    amount: amount2,
+    network = "base-sepolia",
+    description,
+    ttlSeconds
+  } = params;
+  const facilitatorUrl = config2.facilitatorUrl ?? DEFAULT_FACILITATOR2;
+  const res = await fetch(`${facilitatorUrl}/payment-requests`, {
+    method: "POST",
+    headers: { "Content-Type": "application/json" },
+    body: JSON.stringify({
+      to,
+      amount: Number(amount2),
+      network,
+      ...description ? { description } : {},
+      ...ttlSeconds ? { ttlSeconds } : {}
+    })
+  });
+  if (!res.ok) {
+    const err = await res.json().catch(() => ({}));
+    throw new Error(`Failed to create payment request: ${err.error ?? res.status}`);
+  }
+  return res.json();
+}
+async function getPayRequest(config2, code) {
+  const facilitatorUrl = config2.facilitatorUrl ?? DEFAULT_FACILITATOR2;
+  const res = await fetch(
+    `${facilitatorUrl}/payment-requests/${code.trim().toUpperCase()}`
+  );
+  if (!res.ok) {
+    const err = await res.json().catch(() => ({}));
+    throw new Error(`Payment request not found: ${err.error ?? res.status}`);
+  }
+  return res.json();
+}
+async function payPayRequest(config2, code, signer) {
+  const facilitatorUrl = config2.facilitatorUrl ?? DEFAULT_FACILITATOR2;
+  const info = await getPayRequest(config2, code);
+  if (!info.payable) {
+    throw new Error(
+      info.status === "paid" ? "Payment request already paid" : "Payment request expired or not payable"
+    );
+  }
+  const netKey = info.network;
+  const net = NETWORK_CONFIGS[netKey];
+  if (!net) throw new Error(`Unknown network from payment request: ${info.network}`);
+  const from4 = await signer.getAddress();
+  const now = Math.floor(Date.now() / 1e3);
+  const validBefore = Math.min(now + 300, info.validUntil);
+  const nonce = randomBytes322();
+  const domain2 = {
+    name: net.domainName,
+    version: "2",
+    chainId: net.chainId,
+    verifyingContract: info.usdcContract
+  };
+  const signature2 = await signer.signTypedData(domain2, EIP3009_TYPES2, {
+    from: from4,
+    to: info.toAddress,
+    // settler/relayer — NOT the merchant directly
+    value: String(info.amount),
+    validAfter: 0,
+    validBefore,
+    nonce
+  });
+  const res = await fetch(
+    `${facilitatorUrl}/payment-requests/${code.trim().toUpperCase()}/pay`,
+    {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ from: from4, validAfter: 0, validBefore, nonce, signature: signature2 })
+    }
+  );
+  if (!res.ok) {
+    const err = await res.json().catch(() => ({}));
+    throw new Error(err.error ?? `Payment failed: ${res.status}`);
+  }
+  return res.json();
+}
+async function payPayRequestWithCode(config2, requestCode, paymentCode, options = {}) {
+  const { allowOverpayment = true, returnChange = "code" } = options;
+  const info = await getPayRequest(config2, requestCode);
+  if (!info.payable) {
+    throw new Error(
+      info.status === "paid" ? "Payment request already paid" : "Payment request expired or not payable"
+    );
+  }
+  const codeStatus = await getPaymentCode(config2, paymentCode);
+  if (!codeStatus.redeemable) {
+    throw new Error(
+      codeStatus.redeemed ? "Payment code already redeemed" : "Payment code expired or not redeemable"
+    );
+  }
+  const codeValue = BigInt(codeStatus.value);
+  const reqAmount = BigInt(info.amount);
+  if (codeValue < reqAmount) {
+    throw new Error(
+      `Payment code value (${Number(codeValue) / 1e6} USDC) is less than the request amount (${Number(reqAmount) / 1e6} USDC)`
+    );
+  }
+  if (!allowOverpayment && codeValue > reqAmount) {
+    throw new Error(
+      `Payment code value (${Number(codeValue) / 1e6} USDC) exceeds the request amount (${Number(reqAmount) / 1e6} USDC). Generate a code for the exact amount, or pass { allowOverpayment: true }.`
+    );
+  }
+  const facilitatorUrl = config2.facilitatorUrl ?? "https://relai.fi/facilitator";
+  const usePartial = codeValue > reqAmount;
+  const res = await fetch(
+    `${facilitatorUrl}/payment-codes/${paymentCode.trim().toUpperCase()}/redeem`,
+    {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({
+        payee: info.to,
+        ...usePartial ? { invoiceAmount: info.amount.toString() } : {},
+        ...usePartial ? { returnChangeAsCode: returnChange === "code" } : {}
+      })
+    }
+  );
+  if (!res.ok) {
+    const err = await res.json().catch(() => ({}));
+    throw new Error(err.error ?? `Redeem failed: ${res.status}`);
   }
   return res.json();
 }
@@ -22882,8 +23272,50 @@ var charge = Method_exports.from({
   }
 });
 
-// src/mpp/evm-server.ts
+// src/mpp/verify-erc20.ts
 var TRANSFER_EVENT_TOPIC = "0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef";
+async function verifyErc20Transfer(opts) {
+  const { txHash, rpcUrl, tokenAddress, recipient, expectedAmount } = opts;
+  let receipt = null;
+  for (let attempt = 0; attempt < 5; attempt++) {
+    const receiptRes = await fetch(rpcUrl, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({
+        jsonrpc: "2.0",
+        id: 1,
+        method: "eth_getTransactionReceipt",
+        params: [txHash]
+      })
+    });
+    const receiptData = await receiptRes.json();
+    if (receiptData.error) {
+      throw new Error(`RPC error: ${receiptData.error.message}`);
+    }
+    receipt = receiptData.result;
+    if (receipt) break;
+    await new Promise((r) => setTimeout(r, (attempt + 1) * 1e3));
+  }
+  if (!receipt) {
+    throw new Error("Transaction not found or not yet confirmed");
+  }
+  if (receipt.status !== "0x1") {
+    throw new Error("Transaction failed on-chain");
+  }
+  const recipientPadded = "0x" + recipient.slice(2).toLowerCase().padStart(64, "0");
+  const tokenLower = tokenAddress.toLowerCase();
+  const matchingLog = receipt.logs.find((log) => {
+    if (log.address.toLowerCase() !== tokenLower) return false;
+    if (log.topics[0] !== TRANSFER_EVENT_TOPIC) return false;
+    if (log.topics[2]?.toLowerCase() !== recipientPadded) return false;
+    return BigInt(log.data) >= expectedAmount;
+  });
+  if (!matchingLog) {
+    throw new Error("No matching ERC-20 Transfer found for recipient and amount");
+  }
+}
+
+// src/mpp/evm-server.ts
 function evmCharge(config2) {
   const {
     recipient,
@@ -22925,39 +23357,13 @@ function evmCharge(config2) {
       if (!txHash || !txHash.startsWith("0x")) {
         throw new Error("Missing or invalid transaction hash in credential payload");
       }
-      const expectedAmount = BigInt(cred.challenge.request.amount);
-      const receiptRes = await fetch(rpcUrl, {
-        method: "POST",
-        headers: { "Content-Type": "application/json" },
-        body: JSON.stringify({
-          jsonrpc: "2.0",
-          id: 1,
-          method: "eth_getTransactionReceipt",
-          params: [txHash]
-        })
-      });
-      const receiptData = await receiptRes.json();
-      if (receiptData.error) {
-        throw new Error(`RPC error: ${receiptData.error.message}`);
-      }
-      const receipt = receiptData.result;
-      if (!receipt) {
-        throw new Error("Transaction not found or not yet confirmed");
-      }
-      if (receipt.status !== "0x1") {
-        throw new Error("Transaction failed on-chain");
-      }
-      const recipientPadded = "0x" + recipient.slice(2).toLowerCase().padStart(64, "0");
-      const tokenLower = tokenAddress.toLowerCase();
-      const matchingLog = receipt.logs.find((log) => {
-        if (log.address.toLowerCase() !== tokenLower) return false;
-        if (log.topics[0] !== TRANSFER_EVENT_TOPIC) return false;
-        if (log.topics[2]?.toLowerCase() !== recipientPadded) return false;
-        return BigInt(log.data) >= expectedAmount;
+      await verifyErc20Transfer({
+        txHash,
+        rpcUrl,
+        tokenAddress,
+        recipient,
+        expectedAmount: BigInt(cred.challenge.request.amount)
       });
-      if (!matchingLog) {
-        throw new Error("No matching ERC-20 Transfer found for recipient and amount");
-      }
       return Receipt_exports.from({
         method: "evm",
         reference: txHash,
@@ -26283,12 +26689,72 @@ async function waitForReceipt(rpcUrl, txHash, timeoutMs = 3e4) {
   }
   return false;
 }
+
+// src/mpp/bridge-method.ts
+var charge2 = Method_exports.from({
+  intent: "charge",
+  name: "bridge",
+  schema: {
+    credential: {
+      payload: zod_exports.object({
+        /** "settled" = client called bridge settle, targetTxHash is proof */
+        type: zod_exports.string(),
+        /** Target chain tx hash (0x-prefixed) — server verifies on-chain */
+        targetTxHash: zod_exports.optional(zod_exports.string()),
+        /** Source chain tx hash/signature (for auditing) */
+        sourceTxHash: zod_exports.optional(zod_exports.string()),
+        /** CAIP-2 source chain used */
+        sourceChain: zod_exports.optional(zod_exports.string())
+      })
+    },
+    request: zod_exports.object({
+      /** Amount in target token base units */
+      amount: zod_exports.string(),
+      /** Target ERC-20 token contract address */
+      currency: zod_exports.string(),
+      /** Target chain recipient address (merchant) */
+      recipient: zod_exports.string(),
+      /** Human-readable description */
+      description: zod_exports.optional(zod_exports.string()),
+      methodDetails: zod_exports.object({
+        /** Target chain ID (where the merchant gets paid) */
+        targetChainId: zod_exports.number(),
+        /** Human-readable target network name (e.g. "skale-base") */
+        targetNetwork: zod_exports.optional(zod_exports.string()),
+        /** Target chain RPC URL (for server-side verification) */
+        targetRpcUrl: zod_exports.optional(zod_exports.string()),
+        /** Target token decimals */
+        targetDecimals: zod_exports.optional(zod_exports.number()),
+        /** Bridge settle endpoint URL */
+        settleEndpoint: zod_exports.string(),
+        /** Supported source chains (CAIP-2 format, e.g. ["eip155:8453", "solana:5eykt4..."]) */
+        supportedSourceChains: zod_exports.array(zod_exports.string()),
+        /** Supported source token addresses */
+        supportedSourceAssets: zod_exports.optional(zod_exports.array(zod_exports.string())),
+        /** Bridge receiver addresses per source chain: { [caip2]: address } */
+        payToMap: zod_exports.record(zod_exports.string(), zod_exports.string()),
+        /** Solana fee payer address (bridge facilitator sponsors gas) */
+        feePayerSvm: zod_exports.optional(zod_exports.string()),
+        /** Bridge fee in basis points */
+        feeBps: zod_exports.optional(zod_exports.number()),
+        /** Payment facilitator URL */
+        paymentFacilitator: zod_exports.optional(zod_exports.string()),
+        /** Unique reference ID (for replay protection) */
+        reference: zod_exports.string()
+      })
+    })
+  }
+});
+
+// src/mpp/bridge-server.ts
+var BRIDGE_INFO_TTL_MS = 5 * 60 * 1e3;
 export {
   BASE_MAINNET_NETWORK,
   CAIP2_TO_NETWORK,
   CHAIN_IDS,
   EXPLORER_TX_URL,
   NETWORK_CAIP2,
+  NETWORK_CONFIGS,
   NETWORK_LABELS,
   NETWORK_TOKENS,
   NETWORK_V1_TO_V2,
@@ -26300,9 +26766,12 @@ export {
   USDC_ADDRESSES,
   USDC_BASE,
   USDC_SOLANA,
+  cancelPaymentCode,
   convertPayloadToVersion,
   convertV1ToV2,
   convertV2ToV1,
+  createPayRequest,
+  createPrivateKeySigner,
   createX402Client,
   Relai as default,
   detectPayloadVersion,
@@ -26312,6 +26781,8 @@ export {
   formatUsd,
   fromAtomicUnits,
   generatePaymentCode,
+  generatePaymentCodesBatch,
+  getPayRequest,
   getPaymentCode,
   isEvm,
   isEvmNetwork,
@@ -26321,6 +26792,8 @@ export {
   networkV2ToV1,
   normalizeNetwork,
   normalizePaymentHeader,
+  payPayRequest,
+  payPayRequestWithCode,
   redeemPaymentCode,
   resolveToken,
   stripePayTo,