npm - @remitmd/sdk - Versions diffs - 0.1.0 - Mend

@remitmd/sdk 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (132) hide show

package/LICENSE +21 -0
package/README.md +250 -0
package/dist/a2a.d.ts +137 -0
package/dist/a2a.d.ts.map +1 -0
package/dist/a2a.js +121 -0
package/dist/a2a.js.map +1 -0
package/dist/client.d.ts +41 -0
package/dist/client.d.ts.map +1 -0
package/dist/client.js +81 -0
package/dist/client.js.map +1 -0
package/dist/errors.d.ts +108 -0
package/dist/errors.d.ts.map +1 -0
package/dist/errors.js +218 -0
package/dist/errors.js.map +1 -0
package/dist/http.d.ts +23 -0
package/dist/http.d.ts.map +1 -0
package/dist/http.js +150 -0
package/dist/http.js.map +1 -0
package/dist/index.d.ts +18 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +21 -0
package/dist/index.js.map +1 -0
package/dist/integrations/vercel-ai.d.ts +44 -0
package/dist/integrations/vercel-ai.d.ts.map +1 -0
package/dist/integrations/vercel-ai.js +175 -0
package/dist/integrations/vercel-ai.js.map +1 -0
package/dist/models/bounty.d.ts +22 -0
package/dist/models/bounty.d.ts.map +1 -0
package/dist/models/bounty.js +2 -0
package/dist/models/bounty.js.map +1 -0
package/dist/models/common.d.ts +78 -0
package/dist/models/common.d.ts.map +1 -0
package/dist/models/common.js +3 -0
package/dist/models/common.js.map +1 -0
package/dist/models/deposit.d.ts +13 -0
package/dist/models/deposit.d.ts.map +1 -0
package/dist/models/deposit.js +2 -0
package/dist/models/deposit.js.map +1 -0
package/dist/models/escrow.d.ts +16 -0
package/dist/models/escrow.d.ts.map +1 -0
package/dist/models/escrow.js +2 -0
package/dist/models/escrow.js.map +1 -0
package/dist/models/index.d.ts +9 -0
package/dist/models/index.d.ts.map +1 -0
package/dist/models/index.js +9 -0
package/dist/models/index.js.map +1 -0
package/dist/models/invoice.d.ts +30 -0
package/dist/models/invoice.d.ts.map +1 -0
package/dist/models/invoice.js +2 -0
package/dist/models/invoice.js.map +1 -0
package/dist/models/reputation.d.ts +7 -0
package/dist/models/reputation.d.ts.map +1 -0
package/dist/models/reputation.js +2 -0
package/dist/models/reputation.js.map +1 -0
package/dist/models/stream.d.ts +15 -0
package/dist/models/stream.d.ts.map +1 -0
package/dist/models/stream.js +2 -0
package/dist/models/stream.js.map +1 -0
package/dist/models/tab.d.ts +21 -0
package/dist/models/tab.d.ts.map +1 -0
package/dist/models/tab.js +2 -0
package/dist/models/tab.js.map +1 -0
package/dist/provider.d.ts +135 -0
package/dist/provider.d.ts.map +1 -0
package/dist/provider.js +218 -0
package/dist/provider.js.map +1 -0
package/dist/signer.d.ts +31 -0
package/dist/signer.d.ts.map +1 -0
package/dist/signer.js +35 -0
package/dist/signer.js.map +1 -0
package/dist/testing/local.d.ts +31 -0
package/dist/testing/local.d.ts.map +1 -0
package/dist/testing/local.js +100 -0
package/dist/testing/local.js.map +1 -0
package/dist/testing/mock.d.ts +95 -0
package/dist/testing/mock.d.ts.map +1 -0
package/dist/testing/mock.js +407 -0
package/dist/testing/mock.js.map +1 -0
package/dist/wallet.d.ts +162 -0
package/dist/wallet.d.ts.map +1 -0
package/dist/wallet.js +365 -0
package/dist/wallet.js.map +1 -0
package/dist/x402.d.ts +78 -0
package/dist/x402.d.ts.map +1 -0
package/dist/x402.js +151 -0
package/dist/x402.js.map +1 -0
package/eslint.config.js +27 -0
package/package.json +39 -0
package/src/a2a.ts +241 -0
package/src/client.ts +104 -0
package/src/errors.ts +261 -0
package/src/http.ts +190 -0
package/src/index.ts +94 -0
package/src/integrations/vercel-ai.ts +213 -0
package/src/models/bounty.ts +23 -0
package/src/models/common.ts +106 -0
package/src/models/deposit.ts +13 -0
package/src/models/escrow.ts +16 -0
package/src/models/index.ts +8 -0
package/src/models/invoice.ts +32 -0
package/src/models/reputation.ts +7 -0
package/src/models/stream.ts +15 -0
package/src/models/tab.ts +22 -0
package/src/provider.ts +281 -0
package/src/signer.ts +70 -0
package/src/testing/local.ts +118 -0
package/src/testing/mock.ts +507 -0
package/src/wallet.ts +546 -0
package/src/x402.ts +202 -0
package/tests/acceptance/bounty.test.ts +82 -0
package/tests/acceptance/deposit.test.ts +70 -0
package/tests/acceptance/direct.test.ts +53 -0
package/tests/acceptance/escrow.test.ts +67 -0
package/tests/acceptance/setup.ts +113 -0
package/tests/acceptance/stream.test.ts +98 -0
package/tests/acceptance/tab.test.ts +108 -0
package/tests/acceptance/x402.test.ts +140 -0
package/tests/compliance/auth.ts +69 -0
package/tests/compliance/escrows.ts +96 -0
package/tests/compliance/helpers.ts +90 -0
package/tests/compliance/payments.ts +69 -0
package/tests/compliance/tabs.ts +52 -0
package/tests/test_a2a.ts +151 -0
package/tests/test_errors.ts +80 -0
package/tests/test_golden_vectors.ts +162 -0
package/tests/test_integrations.ts +115 -0
package/tests/test_mock.ts +217 -0
package/tests/test_permit.ts +216 -0
package/tests/test_provider.ts +304 -0
package/tests/test_wallet.ts +108 -0
package/tests/test_x402.ts +302 -0
package/tsconfig.json +19 -0

package/tests/test_provider.ts ADDED Viewed

@@ -0,0 +1,304 @@
+import { describe, it } from "node:test";
+import assert from "node:assert/strict";
+import { X402Paywall } from "../src/provider.js";
+const WALLET = "0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266";
+const USDC = "0x036CbD53842c5426634e7929541eC2318f3dCF7e";
+const NETWORK = "eip155:31337";
+function makePaywall(overrides: Partial<ConstructorParameters<typeof X402Paywall>[0]> = {}): X402Paywall {
+  return new X402Paywall({
+    walletAddress: WALLET,
+    amountUsdc: 0.001,
+    network: NETWORK,
+    asset: USDC,
+    facilitatorUrl: "http://localhost:3000",
+    facilitatorToken: "test-token",
+    ...overrides,
+  });
+}
+function encodeSig(payload: unknown): string {
+  return Buffer.from(JSON.stringify(payload)).toString("base64");
+}
+function makeDummyPaymentSig(): string {
+  return encodeSig({
+    scheme: "exact",
+    network: NETWORK,
+    x402Version: 1,
+    payload: {
+      signature: "0xdeadbeef",
+      authorization: {
+        from: "0x70997970C51812dc3A010C7d01b50e0d17dc79C8",
+        to: WALLET,
+        value: "1000",
+        validAfter: "0",
+        validBefore: "9999999999",
+        nonce: "0xabcd1234",
+      },
+    },
+  });
+}
+function mockFetch(response: { ok: boolean; json: () => unknown }): typeof globalThis.fetch {
+  return async () =>
+    ({
+      ok: response.ok,
+      json: async () => response.json(),
+    }) as Response;
+}
+// ─── Construction ─────────────────────────────────────────────────────────────
+describe("X402Paywall construction", () => {
+  it("toJSON() reveals only non-sensitive fields", () => {
+    const pw = makePaywall();
+    const j = pw.toJSON();
+    assert.equal(j.walletAddress, WALLET);
+    assert.equal(j.network, NETWORK);
+    // token must not appear
+    assert.ok(!("facilitatorToken" in j));
+  });
+});
+// ─── paymentRequiredHeader ────────────────────────────────────────────────────
+describe("X402Paywall.paymentRequiredHeader", () => {
+  it("produces correctly structured base64 JSON", () => {
+    const pw = makePaywall({ amountUsdc: 0.005 });
+    const raw = pw.paymentRequiredHeader();
+    const payload = JSON.parse(Buffer.from(raw, "base64").toString("utf8")) as {
+      scheme: string;
+      network: string;
+      amount: string;
+      asset: string;
+      payTo: string;
+      maxTimeoutSeconds: number;
+    };
+    assert.equal(payload.scheme, "exact");
+    assert.equal(payload.network, NETWORK);
+    assert.equal(payload.amount, "5000"); // 0.005 USDC * 1_000_000
+    assert.equal(payload.asset, USDC);
+    assert.equal(payload.payTo, WALLET);
+    assert.ok(typeof payload.maxTimeoutSeconds === "number");
+  });
+  it("converts 0.001 USDC to 1000 base units", () => {
+    const pw = makePaywall({ amountUsdc: 0.001 });
+    const raw = pw.paymentRequiredHeader();
+    const payload = JSON.parse(Buffer.from(raw, "base64").toString("utf8")) as { amount: string };
+    assert.equal(payload.amount, "1000");
+  });
+  it("includes V2 resource/description/mimeType when configured", () => {
+    const pw = makePaywall({
+      resource: "/v1/data",
+      description: "Market data feed",
+      mimeType: "application/json",
+    });
+    const raw = pw.paymentRequiredHeader();
+    const payload = JSON.parse(Buffer.from(raw, "base64").toString("utf8")) as Record<string, unknown>;
+    assert.equal(payload["resource"], "/v1/data");
+    assert.equal(payload["description"], "Market data feed");
+    assert.equal(payload["mimeType"], "application/json");
+  });
+  it("omits V2 fields when not configured", () => {
+    const pw = makePaywall();
+    const raw = pw.paymentRequiredHeader();
+    const payload = JSON.parse(Buffer.from(raw, "base64").toString("utf8")) as Record<string, unknown>;
+    assert.ok(!("resource" in payload), "resource must be absent");
+    assert.ok(!("description" in payload), "description must be absent");
+    assert.ok(!("mimeType" in payload), "mimeType must be absent");
+  });
+});
+// ─── check ─────────────────────────────────────────────────────────────────────
+describe("X402Paywall.check", () => {
+  it("returns { isValid: false } when payment_sig is null", async () => {
+    const pw = makePaywall();
+    const result = await pw.check(null);
+    assert.equal(result.isValid, false);
+    assert.equal(result.invalidReason, undefined);
+  });
+  it("returns INVALID_PAYLOAD for malformed base64", async () => {
+    const pw = makePaywall();
+    const result = await pw.check("!!!not-valid-base64!!!");
+    assert.equal(result.isValid, false);
+    assert.equal(result.invalidReason, "INVALID_PAYLOAD");
+  });
+  it("returns { isValid: true } when facilitator says valid", async () => {
+    const pw = makePaywall();
+    const orig = globalThis.fetch;
+    try {
+      (globalThis as Record<string, unknown>)["fetch"] = mockFetch({ ok: true, json: () => ({ isValid: true }) });
+      const result = await pw.check(makeDummyPaymentSig());
+      assert.equal(result.isValid, true);
+    } finally {
+      globalThis.fetch = orig;
+    }
+  });
+  it("returns invalidReason when facilitator says invalid", async () => {
+    const pw = makePaywall();
+    const orig = globalThis.fetch;
+    try {
+      (globalThis as Record<string, unknown>)["fetch"] = mockFetch({
+        ok: true,
+        json: () => ({ isValid: false, invalidReason: "SIGNATURE_INVALID" }),
+      });
+      const result = await pw.check(makeDummyPaymentSig());
+      assert.equal(result.isValid, false);
+      assert.equal(result.invalidReason, "SIGNATURE_INVALID");
+    } finally {
+      globalThis.fetch = orig;
+    }
+  });
+  it("returns FACILITATOR_ERROR when fetch throws", async () => {
+    const pw = makePaywall();
+    const orig = globalThis.fetch;
+    try {
+      (globalThis as Record<string, unknown>)["fetch"] = async () => { throw new Error("network error"); };
+      const result = await pw.check(makeDummyPaymentSig());
+      assert.equal(result.isValid, false);
+      assert.equal(result.invalidReason, "FACILITATOR_ERROR");
+    } finally {
+      globalThis.fetch = orig;
+    }
+  });
+  it("returns FACILITATOR_ERROR when facilitator returns non-ok status", async () => {
+    const pw = makePaywall();
+    const orig = globalThis.fetch;
+    try {
+      (globalThis as Record<string, unknown>)["fetch"] = mockFetch({ ok: false, json: () => ({}) });
+      const result = await pw.check(makeDummyPaymentSig());
+      assert.equal(result.isValid, false);
+      assert.equal(result.invalidReason, "FACILITATOR_ERROR");
+    } finally {
+      globalThis.fetch = orig;
+    }
+  });
+  it("sends Authorization header when token is configured", async () => {
+    const pw = makePaywall({ facilitatorToken: "my-jwt" });
+    let capturedHeaders: Record<string, string> = {};
+    const orig = globalThis.fetch;
+    try {
+      (globalThis as Record<string, unknown>)["fetch"] = async (_url: unknown, init?: RequestInit) => {
+        capturedHeaders = Object.fromEntries(new Headers(init?.headers).entries());
+        return { ok: true, json: async () => ({ isValid: true }) } as Response;
+      };
+      await pw.check(makeDummyPaymentSig());
+    } finally {
+      globalThis.fetch = orig;
+    }
+    assert.equal(capturedHeaders["authorization"], "Bearer my-jwt");
+  });
+  it("omits Authorization header when no token", async () => {
+    const pw = new X402Paywall({ walletAddress: WALLET, amountUsdc: 0.001, network: NETWORK, asset: USDC });
+    let capturedHeaders: Record<string, string> = {};
+    const orig = globalThis.fetch;
+    try {
+      (globalThis as Record<string, unknown>)["fetch"] = async (_url: unknown, init?: RequestInit) => {
+        capturedHeaders = Object.fromEntries(new Headers(init?.headers).entries());
+        return { ok: true, json: async () => ({ isValid: true }) } as Response;
+      };
+      await pw.check(makeDummyPaymentSig());
+    } finally {
+      globalThis.fetch = orig;
+    }
+    assert.ok(!("authorization" in capturedHeaders));
+  });
+});
+// ─── handle ────────────────────────────────────────────────────────────────────
+describe("X402Paywall.handle", () => {
+  it("returns 402 Response when PAYMENT-SIGNATURE header is absent", async () => {
+    const pw = makePaywall();
+    const req = new Request("http://example.com/v1/data");
+    const orig = globalThis.fetch;
+    try {
+      // check() will return false (null sig) without hitting facilitator
+      const resp = await pw.handle(req);
+      assert.ok(resp instanceof Response);
+      assert.equal(resp!.status, 402);
+      assert.ok(resp!.headers.get("payment-required"));
+    } finally {
+      globalThis.fetch = orig;
+    }
+  });
+  it("returns null when payment is valid", async () => {
+    const pw = makePaywall();
+    const req = new Request("http://example.com/v1/data", {
+      headers: { "payment-signature": makeDummyPaymentSig() },
+    });
+    const orig = globalThis.fetch;
+    try {
+      (globalThis as Record<string, unknown>)["fetch"] = mockFetch({ ok: true, json: () => ({ isValid: true }) });
+      const resp = await pw.handle(req);
+      assert.equal(resp, null);
+    } finally {
+      globalThis.fetch = orig;
+    }
+  });
+});
+// ─── honoMiddleware ────────────────────────────────────────────────────────────
+describe("X402Paywall.honoMiddleware", () => {
+  function makeHonoContext(paymentSig?: string): {
+    req: { raw: Request };
+    header(name: string, value: string): void;
+    body(content: string, status?: number): Response;
+  } {
+    const headers = new Headers();
+    if (paymentSig) headers.set("payment-signature", paymentSig);
+    const raw = new Request("http://example.com/v1/data", { headers });
+    const resHeaders: Record<string, string> = {};
+    return {
+      req: { raw },
+      header(name: string, value: string) { resHeaders[name] = value; },
+      body(content: string, status = 200): Response {
+        return new Response(content, { status, headers: resHeaders });
+      },
+    };
+  }
+  it("returns 402 Response when payment is absent", async () => {
+    const pw = makePaywall();
+    const middleware = pw.honoMiddleware();
+    const c = makeHonoContext();
+    let nextCalled = false;
+    const resp = await middleware(c, async () => { nextCalled = true; });
+    assert.ok(resp instanceof Response, "should return a Response");
+    assert.equal((resp as Response).status, 402);
+    assert.ok(!nextCalled, "next should not be called");
+  });
+  it("calls next when payment is valid", async () => {
+    const pw = makePaywall();
+    const middleware = pw.honoMiddleware();
+    const c = makeHonoContext(makeDummyPaymentSig());
+    let nextCalled = false;
+    const orig = globalThis.fetch;
+    try {
+      (globalThis as Record<string, unknown>)["fetch"] = mockFetch({ ok: true, json: () => ({ isValid: true }) });
+      const resp = await middleware(c, async () => { nextCalled = true; });
+      assert.equal(resp, undefined);
+      assert.ok(nextCalled, "next must be called when payment is valid");
+    } finally {
+      globalThis.fetch = orig;
+    }
+  });
+});

package/tests/test_wallet.ts ADDED Viewed

@@ -0,0 +1,108 @@
+import { describe, it } from "node:test";
+import assert from "node:assert/strict";
+import { inspect } from "node:util";
+import { Wallet } from "../src/wallet.js";
+import { PrivateKeySigner } from "../src/signer.js";
+const TEST_KEY = "0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80";
+const TEST_ADDR = "0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266";
+describe("Wallet construction", () => {
+  it("constructs from private key", () => {
+    const wallet = new Wallet({ privateKey: TEST_KEY });
+    assert.equal(wallet.address.toLowerCase(), TEST_ADDR.toLowerCase());
+  });
+  it("constructs from custom Signer", () => {
+    const signer = new PrivateKeySigner(TEST_KEY);
+    const wallet = new Wallet({ signer });
+    assert.equal(wallet.address.toLowerCase(), TEST_ADDR.toLowerCase());
+  });
+  it("throws without key or signer when REMITMD_KEY not set", () => {
+    const saved = process.env["REMITMD_KEY"];
+    delete process.env["REMITMD_KEY"];
+    try {
+      assert.throws(() => new Wallet({}), /REMITMD_KEY/);
+    } finally {
+      if (saved !== undefined) process.env["REMITMD_KEY"] = saved;
+    }
+  });
+  it("Wallet.create() generates unique addresses", () => {
+    const a = Wallet.create();
+    const b = Wallet.create();
+    assert.notEqual(a.address, b.address);
+  });
+  it("Wallet.fromEnv() throws when REMITMD_KEY not set", () => {
+    const saved = process.env["REMITMD_KEY"];
+    delete process.env["REMITMD_KEY"];
+    try {
+      assert.throws(() => Wallet.fromEnv(), /REMITMD_KEY/);
+    } finally {
+      if (saved) process.env["REMITMD_KEY"] = saved;
+    }
+  });
+  it("Wallet.fromEnv() succeeds when REMITMD_KEY is set", () => {
+    process.env["REMITMD_KEY"] = TEST_KEY;
+    try {
+      const wallet = Wallet.fromEnv();
+      assert.equal(wallet.address.toLowerCase(), TEST_ADDR.toLowerCase());
+    } finally {
+      delete process.env["REMITMD_KEY"];
+    }
+  });
+});
+describe("Wallet security", () => {
+  it("toJSON does not expose private key", () => {
+    const wallet = new Wallet({ privateKey: TEST_KEY });
+    const json = JSON.stringify(wallet);
+    assert(!json.includes(TEST_KEY), "private key must not appear in JSON");
+    assert(!json.includes("ac0974"), "private key fragment must not appear in JSON");
+  });
+  it("inspect does not expose private key", () => {
+    const wallet = new Wallet({ privateKey: TEST_KEY });
+    const repr = inspect(wallet);
+    assert(!repr.includes("ac0974"), "private key must not appear in inspect output");
+  });
+  it("PrivateKeySigner toJSON does not expose key", () => {
+    const signer = new PrivateKeySigner(TEST_KEY);
+    const json = JSON.stringify(signer);
+    assert(!json.includes("ac0974"), "private key must not appear in signer JSON");
+    assert(json.includes(TEST_ADDR.toLowerCase()) || json.includes("0xf39"), "address should be present");
+  });
+});
+describe("PrivateKeySigner", () => {
+  it("accepts key with 0x prefix", () => {
+    const signer = new PrivateKeySigner(TEST_KEY);
+    assert.equal(signer.getAddress().toLowerCase(), TEST_ADDR.toLowerCase());
+  });
+  it("accepts key without 0x prefix", () => {
+    const signer = new PrivateKeySigner(TEST_KEY.slice(2));
+    assert.equal(signer.getAddress().toLowerCase(), TEST_ADDR.toLowerCase());
+  });
+  it("fromHex factory works", () => {
+    const signer = PrivateKeySigner.fromHex(TEST_KEY);
+    assert.equal(signer.getAddress().toLowerCase(), TEST_ADDR.toLowerCase());
+  });
+  it("signs typed data and returns hex string", async () => {
+    const signer = new PrivateKeySigner(TEST_KEY);
+    const sig = await signer.signTypedData(
+      { name: "Test", version: "1" },
+      { Request: [{ name: "value", type: "string" }] },
+      { value: "hello" },
+    );
+    assert(sig.startsWith("0x"), "signature should be hex");
+    assert(sig.length >= 130, "signature should be at least 65 bytes");
+  });
+});