npm - @t2000/x402 - Versions diffs - 0.1.0 - Mend

@t2000/x402 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2026 t2000
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md ADDED Viewed

@@ -0,0 +1,206 @@
+# @t2000/x402
+x402 payment protocol client and facilitator for AI agents on Sui. Pay for API resources with USDC micropayments — the first x402 implementation on Sui.
+[![npm](https://img.shields.io/npm/v/@t2000/x402)](https://www.npmjs.com/package/@t2000/x402)
+[![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)](https://opensource.org/licenses/MIT)
+**[Website](https://t2000.ai)** · **[GitHub](https://github.com/mission69b/t2000)** · **[SDK](https://www.npmjs.com/package/@t2000/sdk)** · **[CLI](https://www.npmjs.com/package/@t2000/cli)**
+## What is x402?
+The [x402 protocol](https://www.x402.org/) enables machine-to-machine payments for API access. When a server returns HTTP `402 Payment Required`, the client automatically pays with USDC and retries — no API keys, no subscriptions, no human approval.
+t2000 is the **first x402 client on Sui**, built on the [Sui Payment Kit](https://docs.sui.io/standards/payment-kit) for on-chain payment verification with Move-level replay protection.
+## Installation
+```bash
+npm install @t2000/x402
+# or
+pnpm add @t2000/x402
+# or
+yarn add @t2000/x402
+```
+**Requirements:** Node.js 18+ · `@t2000/sdk` (peer dependency)
+## Quick Start — Client
+```typescript
+import { x402Client } from '@t2000/x402';
+import { T2000 } from '@t2000/sdk';
+const agent = await T2000.create({ passphrase: 'my-secret' });
+const client = new x402Client(agent);
+// Fetch a paid API — handles the full 402 handshake
+const response = await client.fetch('https://api.example.com/data', {
+  maxPrice: 0.10,    // max USDC per request (default: $1.00)
+  timeout: 30_000,   // request timeout in ms (default: 30s)
+});
+const data = await response.json();
+```
+## Quick Start — CLI
+```bash
+# Pay for an API request (handles 402 automatically)
+t2000 pay https://api.example.com/data
+# With max price limit
+t2000 pay https://api.example.com/premium --max-price 0.10
+# POST request with JSON body
+t2000 pay https://api.example.com/analyze --method POST --data '{"text":"hello"}'
+```
+## How It Works
+```
+Agent                    API Server               Facilitator (t2000)
+  │                          │                          │
+  │── GET /data ────────────>│                          │
+  │<── 402 Payment Required ─│                          │
+  │    (amount, recipient)   │                          │
+  │                          │                          │
+  │── Sign & broadcast ─────────────────────────────────│
+  │   USDC payment on Sui    │                          │
+  │                          │                          │
+  │── GET /data ────────────>│                          │
+  │   + X-PAYMENT header     │── POST /x402/verify ────>│
+  │                          │<── { valid: true } ──────│
+  │<── 200 OK + data ────────│                          │
+  │                          │── POST /x402/settle ────>│
+  │                          │<── { settled: true } ────│
+```
+Total round-trip: ~820ms.
+## Client API
+### `new x402Client(wallet)`
+Creates an x402 client with the given wallet. Per-request options like `maxPrice` and `timeout` are passed to `client.fetch()`.
+```typescript
+const client = new x402Client(wallet);
+```
+### `client.fetch(url, init?)`
+Makes an HTTP request, automatically handling `402 Payment Required` responses.
+```typescript
+const res = await client.fetch('https://api.example.com/data', {
+  method: 'POST',
+  headers: { 'Content-Type': 'application/json' },
+  body: JSON.stringify({ query: 'hello' }),
+});
+```
+### `parsePaymentRequired(response)`
+Parses a 402 response into structured payment terms.
+```typescript
+import { parsePaymentRequired } from '@t2000/x402';
+const terms = parsePaymentRequired(response);
+// { amount: 10000, recipient: '0x...', network: 'sui', ... }
+```
+## Facilitator API (Server-Side)
+For API providers who want to accept x402 payments:
+### `verifyPayment(params)`
+Verify that an on-chain payment transaction is valid.
+```typescript
+import { verifyPayment } from '@t2000/x402';
+const result = await verifyPayment({
+  txDigest: 'ABC123...',
+  expectedAmount: 10000,       // 0.01 USDC in raw units (6 decimals)
+  expectedRecipient: '0x...',
+  client: suiClient,          // SuiClient instance
+});
+if (result.valid) {
+  // Payment verified — serve the resource
+}
+```
+### Settlement
+Settlement (marking payments as used) is handled server-side by the t2000 facilitator API. The `/x402/settle` endpoint records the payment in the database to prevent double-use. See the [server source](https://github.com/mission69b/t2000/tree/main/apps/server) for implementation details.
+## Payment Kit Integration
+Payments are executed on-chain via the [Sui Payment Kit](https://docs.sui.io/standards/payment-kit), which provides:
+- **Atomic payments** — pay and verify in a single Sui transaction
+- **Move-level nonce enforcement** — `EDuplicatePayment` abort prevents replay attacks
+- **On-chain receipts** — `PaymentReceipt` events for auditing
+```typescript
+import { buildPaymentTransaction } from '@t2000/x402';
+// Build a payment transaction (advanced usage)
+const tx = buildPaymentTransaction({
+  registryId: '0x...',
+  recipient: '0x...',
+  amount: 10000n,          // raw USDC units
+  nonce: 'unique-nonce',
+  coinObjectId: '0x...',
+});
+```
+## Configuration
+| Environment Variable | Description | Default |
+|---------------------|-------------|---------|
+| `PAYMENT_KIT_PACKAGE` | Payment Kit Move package ID | Mainnet default |
+| `T2000_PAYMENT_REGISTRY_ID` | PaymentRegistry object ID | t2000 mainnet registry |
+| `X402_FACILITATOR_URL` | Facilitator base URL | `https://api.t2000.ai/x402` |
+## Safety
+- **Price limits** — payments refused if amount exceeds `maxPrice` (default $1.00)
+- **Network validation** — only Sui payments are accepted
+- **Replay protection** — on-chain nonce enforcement via Sui Payment Kit
+- **Timeout** — requests abort after configurable timeout (default 30s)
+## Wallet Interface
+Any wallet implementing `X402Wallet` can be used as a payment source:
+```typescript
+interface X402Wallet {
+  client: SuiClient;
+  keypair: Ed25519Keypair;
+  address(): string;
+  signAndExecute(tx: unknown): Promise<{ digest: string }>;
+}
+```
+The `T2000` class from `@t2000/sdk` implements this interface.
+## Testing
+```bash
+# Unit tests (27 tests)
+pnpm --filter @t2000/x402 test
+# Integration tests (requires funded mainnet wallet)
+T2000_PRIVATE_KEY='suiprivkey1q...' INTEGRATION=true pnpm --filter @t2000/x402 test
+```
+Integration tests execute real on-chain transactions to verify the full payment flow and replay protection. See the [root README](https://github.com/mission69b/t2000#integration-tests-local-only) for details.
+## License
+MIT — see [LICENSE](https://github.com/mission69b/t2000/blob/main/LICENSE)

package/dist/index.cjs ADDED Viewed

@@ -0,0 +1,302 @@
+'use strict';
+var sdk = require('@t2000/sdk');
+var transactions = require('@mysten/sui/transactions');
+// src/client.ts
+// src/types.ts
+var X402_HEADERS = {
+  PAYMENT_REQUIRED: "payment-required",
+  X_PAYMENT: "x-payment"
+};
+var DEFAULT_MAX_PRICE = 1;
+var DEFAULT_TIMEOUT = 3e4;
+// src/constants.ts
+var PAYMENT_KIT_PACKAGE = process.env.PAYMENT_KIT_PACKAGE ?? "0xbc126f1535fba7d641cb9150ad9eae93b104972586ba20f3c60bfe0e53b69bc6";
+var T2000_PAYMENT_REGISTRY_ID = process.env.T2000_PAYMENT_REGISTRY_ID ?? "0x4009dd17305ed1b33352b808e9d0e9eb94d09085b2d5ec0f395c5cdfa2271291";
+var USDC_TYPE = "0xdba34672e30cb065b1f93e3ab55318768fd6fef66c15942c9f7cb846e2f900e7::usdc::USDC";
+var CLOCK_ID = "0x6";
+var DEFAULT_FACILITATOR_URL = "https://api.t2000.ai/x402";
+var PAYMENT_KIT_MODULE = "payment_kit";
+var PAYMENT_KIT_FUNCTION = "process_registry_payment";
+var PAYMENT_RECEIPT_EVENT_TYPE = `${PAYMENT_KIT_PACKAGE}::${PAYMENT_KIT_MODULE}::PaymentReceipt`;
+// src/payment-kit.ts
+async function buildPaymentTransaction(client, senderAddress, params) {
+  const { nonce, amount, payTo } = params;
+  const rawAmount = sdk.usdcToRaw(Number(amount));
+  if (!T2000_PAYMENT_REGISTRY_ID) {
+    throw new Error(
+      "T2000_PAYMENT_REGISTRY_ID is not set. Create a PaymentRegistry<USDC> via Payment Kit before using x402."
+    );
+  }
+  const coins = await client.getCoins({
+    owner: senderAddress,
+    coinType: USDC_TYPE
+  });
+  if (coins.data.length === 0) {
+    throw new Error("No USDC coins found in wallet");
+  }
+  const tx = new transactions.Transaction();
+  let primaryCoin = tx.object(coins.data[0].coinObjectId);
+  if (coins.data.length > 1) {
+    const otherCoins = coins.data.slice(1).map((c) => tx.object(c.coinObjectId));
+    tx.mergeCoins(primaryCoin, otherCoins);
+  }
+  const [paymentCoin] = tx.splitCoins(primaryCoin, [tx.pure.u64(rawAmount)]);
+  tx.moveCall({
+    target: `${PAYMENT_KIT_PACKAGE}::${PAYMENT_KIT_MODULE}::${PAYMENT_KIT_FUNCTION}`,
+    arguments: [
+      tx.object(T2000_PAYMENT_REGISTRY_ID),
+      tx.pure.string(nonce),
+      tx.pure.u64(rawAmount),
+      paymentCoin,
+      tx.pure.option("address", payTo),
+      tx.object(CLOCK_ID)
+    ],
+    typeArguments: [USDC_TYPE]
+  });
+  return tx;
+}
+// src/client.ts
+function parsePaymentRequired(headerValue, maxPrice = DEFAULT_MAX_PRICE) {
+  if (!headerValue) {
+    throw new sdk.T2000Error(
+      "TRANSACTION_FAILED",
+      "402 response missing PAYMENT-REQUIRED header"
+    );
+  }
+  let parsed;
+  try {
+    parsed = JSON.parse(headerValue);
+  } catch {
+    throw new sdk.T2000Error(
+      "TRANSACTION_FAILED",
+      "Malformed PAYMENT-REQUIRED header: invalid JSON",
+      { raw: headerValue }
+    );
+  }
+  if (!parsed.network || !parsed.amount || !parsed.payTo || !parsed.nonce || parsed.expiresAt == null) {
+    throw new sdk.T2000Error(
+      "TRANSACTION_FAILED",
+      "PAYMENT-REQUIRED header missing required fields",
+      { parsed }
+    );
+  }
+  if (parsed.network !== "sui") {
+    throw new sdk.T2000Error(
+      "UNSUPPORTED_NETWORK",
+      `x402 requires network "${parsed.network}" but only Sui is supported`,
+      { network: parsed.network }
+    );
+  }
+  if (parsed.asset && parsed.asset !== "USDC") {
+    throw new sdk.T2000Error(
+      "TRANSACTION_FAILED",
+      `x402 requires asset "${parsed.asset}" but only USDC is supported`,
+      { asset: parsed.asset }
+    );
+  }
+  if (parsed.expiresAt < Date.now() / 1e3) {
+    throw new sdk.T2000Error(
+      "PAYMENT_EXPIRED",
+      "x402 payment challenge has expired",
+      { expiresAt: parsed.expiresAt }
+    );
+  }
+  const price = Number(parsed.amount);
+  if (price > maxPrice) {
+    throw new sdk.T2000Error(
+      "PRICE_EXCEEDS_LIMIT",
+      `Requested price $${parsed.amount} exceeds max price $${maxPrice}`,
+      { requested: parsed.amount, limit: maxPrice }
+    );
+  }
+  return parsed;
+}
+var x402Client = class {
+  wallet;
+  constructor(wallet) {
+    this.wallet = wallet;
+  }
+  /**
+   * Makes an HTTP request, handling x402 payment if required.
+   * Non-402 responses pass through unmodified.
+   */
+  async fetch(url, options = {}) {
+    const {
+      maxPrice = DEFAULT_MAX_PRICE,
+      method = "GET",
+      headers = {},
+      body,
+      timeout = DEFAULT_TIMEOUT,
+      dryRun = false,
+      onPayment
+    } = options;
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), timeout);
+    try {
+      const initial = await globalThis.fetch(url, {
+        method,
+        headers,
+        body,
+        signal: controller.signal
+      });
+      if (initial.status !== 402) {
+        return initial;
+      }
+      const paymentRequired = parsePaymentRequired(
+        initial.headers.get(X402_HEADERS.PAYMENT_REQUIRED),
+        maxPrice
+      );
+      if (dryRun) {
+        return new Response(
+          JSON.stringify({
+            dryRun: true,
+            amount: paymentRequired.amount,
+            asset: paymentRequired.asset,
+            payTo: paymentRequired.payTo,
+            network: paymentRequired.network
+          }),
+          { status: 200, headers: { "content-type": "application/json" } }
+        );
+      }
+      const tx = await buildPaymentTransaction(
+        this.wallet.client,
+        this.wallet.address(),
+        {
+          nonce: paymentRequired.nonce,
+          amount: paymentRequired.amount,
+          payTo: paymentRequired.payTo
+        }
+      );
+      let result;
+      try {
+        result = await this.wallet.signAndExecute(tx);
+      } catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        if (msg.includes("EDuplicatePayment") || msg.includes("duplicate")) {
+          throw new sdk.T2000Error(
+            "DUPLICATE_PAYMENT",
+            "Payment nonce already used on-chain",
+            { nonce: paymentRequired.nonce }
+          );
+        }
+        if (msg.includes("InsufficientCoinBalance") || msg.includes("Insufficient")) {
+          throw new sdk.T2000Error(
+            "INSUFFICIENT_BALANCE",
+            "Not enough USDC to complete payment",
+            { required: paymentRequired.amount }
+          );
+        }
+        throw new sdk.T2000Error(
+          "TRANSACTION_FAILED",
+          `Payment transaction failed: ${msg}`,
+          { nonce: paymentRequired.nonce }
+        );
+      }
+      const paymentDetails = {
+        amount: paymentRequired.amount,
+        asset: paymentRequired.asset || "USDC",
+        payTo: paymentRequired.payTo,
+        nonce: paymentRequired.nonce,
+        txHash: result.digest
+      };
+      onPayment?.(paymentDetails);
+      const paymentPayload = {
+        txHash: result.digest,
+        network: "sui",
+        amount: paymentRequired.amount,
+        nonce: paymentRequired.nonce
+      };
+      const retry = await globalThis.fetch(url, {
+        method,
+        headers: {
+          ...headers,
+          [X402_HEADERS.X_PAYMENT]: JSON.stringify(paymentPayload)
+        },
+        body,
+        signal: controller.signal
+      });
+      return retry;
+    } finally {
+      clearTimeout(timeoutId);
+    }
+  }
+};
+function isPaymentReceipt(event) {
+  return event.type === PAYMENT_RECEIPT_EVENT_TYPE;
+}
+function parsePaymentReceiptFields(event) {
+  const json = event.parsedJson;
+  if (!json) return null;
+  return {
+    payment_amount: String(json.payment_amount ?? ""),
+    receiver: String(json.receiver ?? ""),
+    nonce: String(json.nonce ?? ""),
+    coin_type: json.coin_type ? String(json.coin_type) : void 0,
+    timestamp_ms: json.timestamp_ms ? String(json.timestamp_ms) : void 0
+  };
+}
+async function verifyPayment(client, req) {
+  if (Date.now() / 1e3 > req.expiresAt) {
+    return { verified: false, reason: "expired" };
+  }
+  let tx;
+  try {
+    tx = await client.getTransactionBlock({
+      digest: req.txHash,
+      options: { showEffects: true, showEvents: true }
+    });
+  } catch {
+    return { verified: false, reason: "tx_not_found" };
+  }
+  if (!tx) {
+    return { verified: false, reason: "tx_not_found" };
+  }
+  const receiptEvent = tx.events?.find(isPaymentReceipt);
+  if (!receiptEvent) {
+    return { verified: false, reason: "no_payment_event" };
+  }
+  const fields = parsePaymentReceiptFields(receiptEvent);
+  if (!fields) {
+    return { verified: false, reason: "no_payment_event" };
+  }
+  const expectedAmount = sdk.usdcToRaw(Number(req.amount));
+  if (BigInt(fields.payment_amount) !== expectedAmount) {
+    return { verified: false, reason: "amount_mismatch" };
+  }
+  if (fields.receiver !== req.payTo) {
+    return { verified: false, reason: "wrong_recipient" };
+  }
+  if (fields.nonce !== req.nonce) {
+    return { verified: false, reason: "nonce_mismatch" };
+  }
+  return {
+    verified: true,
+    txHash: req.txHash,
+    settledAmount: req.amount,
+    settledAt: Math.floor(Date.now() / 1e3)
+  };
+}
+exports.CLOCK_ID = CLOCK_ID;
+exports.DEFAULT_FACILITATOR_URL = DEFAULT_FACILITATOR_URL;
+exports.DEFAULT_MAX_PRICE = DEFAULT_MAX_PRICE;
+exports.DEFAULT_TIMEOUT = DEFAULT_TIMEOUT;
+exports.PAYMENT_KIT_FUNCTION = PAYMENT_KIT_FUNCTION;
+exports.PAYMENT_KIT_MODULE = PAYMENT_KIT_MODULE;
+exports.PAYMENT_KIT_PACKAGE = PAYMENT_KIT_PACKAGE;
+exports.PAYMENT_RECEIPT_EVENT_TYPE = PAYMENT_RECEIPT_EVENT_TYPE;
+exports.T2000_PAYMENT_REGISTRY_ID = T2000_PAYMENT_REGISTRY_ID;
+exports.USDC_TYPE = USDC_TYPE;
+exports.X402_HEADERS = X402_HEADERS;
+exports.buildPaymentTransaction = buildPaymentTransaction;
+exports.parsePaymentRequired = parsePaymentRequired;
+exports.verifyPayment = verifyPayment;
+exports.x402Client = x402Client;
+//# sourceMappingURL=index.cjs.map
+//# sourceMappingURL=index.cjs.map

package/dist/index.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/types.ts","../src/constants.ts","../src/payment-kit.ts","../src/client.ts","../src/facilitator.ts"],"names":["usdcToRaw","Transaction","T2000Error"],"mappings":";;;;;;;;AAwEO,IAAM,YAAA,GAAe;AAAA,EAC1B,gBAAA,EAAkB,kBAAA;AAAA,EAClB,SAAA,EAAW;AACb;AAEO,IAAM,iBAAA,GAAoB;AAC1B,IAAM,eAAA,GAAkB;;;AC1ExB,IAAM,mBAAA,GACX,OAAA,CAAQ,GAAA,CAAI,mBAAA,IACZ;AAOK,IAAM,yBAAA,GACX,OAAA,CAAQ,GAAA,CAAI,yBAAA,IACZ;AAEK,IAAM,SAAA,GACX;AAEK,IAAM,QAAA,GAAW;AAEjB,IAAM,uBAAA,GAA0B;AAEhC,IAAM,kBAAA,GAAqB;AAC3B,IAAM,oBAAA,GAAuB;AAC7B,IAAM,0BAAA,GAA6B,CAAA,EAAG,mBAAmB,CAAA,EAAA,EAAK,kBAAkB,CAAA,gBAAA;;;ACOvF,eAAsB,uBAAA,CACpB,MAAA,EACA,aAAA,EACA,MAAA,EACsB;AACtB,EAAA,MAAM,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAM,GAAI,MAAA;AACjC,EAAA,MAAM,SAAA,GAAYA,aAAA,CAAU,MAAA,CAAO,MAAM,CAAC,CAAA;AAE1C,EAAA,IAAI,CAAC,yBAAA,EAA2B;AAC9B,IAAA,MAAM,IAAI,KAAA;AAAA,MACR;AAAA,KAEF;AAAA,EACF;AAEA,EAAA,MAAM,KAAA,GAAQ,MAAM,MAAA,CAAO,QAAA,CAAS;AAAA,IAClC,KAAA,EAAO,aAAA;AAAA,IACP,QAAA,EAAU;AAAA,GACX,CAAA;AAED,EAAA,IAAI,KAAA,CAAM,IAAA,CAAK,MAAA,KAAW,CAAA,EAAG;AAC3B,IAAA,MAAM,IAAI,MAAM,+BAA+B,CAAA;AAAA,EACjD;AAEA,EAAA,MAAM,EAAA,GAAK,IAAIC,wBAAA,EAAY;AAE3B,EAAA,IAAI,cAAc,EAAA,CAAG,MAAA,CAAO,MAAM,IAAA,CAAK,CAAC,EAAE,YAAY,CAAA;AACtD,EAAA,IAAI,KAAA,CAAM,IAAA,CAAK,MAAA,GAAS,CAAA,EAAG;AACzB,IAAA,MAAM,UAAA,GAAa,KAAA,CAAM,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE,GAAA,CAAI,CAAA,CAAA,KAAK,EAAA,CAAG,MAAA,CAAO,CAAA,CAAE,YAAY,CAAC,CAAA;AACzE,IAAA,EAAA,CAAG,UAAA,CAAW,aAAa,UAAU,CAAA;AAAA,EACvC;AAEA,EAAA,MAAM,CAAC,WAAW,CAAA,GAAI,EAAA,CAAG,UAAA,CAAW,WAAA,EAAa,CAAC,EAAA,CAAG,IAAA,CAAK,GAAA,CAAI,SAAS,CAAC,CAAC,CAAA;AAEzE,EAAA,EAAA,CAAG,QAAA,CAAS;AAAA,IACV,QAAQ,CAAA,EAAG,mBAAmB,CAAA,EAAA,EAAK,kBAAkB,KAAK,oBAAoB,CAAA,CAAA;AAAA,IAC9E,SAAA,EAAW;AAAA,MACT,EAAA,CAAG,OAAO,yBAAyB,CAAA;AAAA,MACnC,EAAA,CAAG,IAAA,CAAK,MAAA,CAAO,KAAK,CAAA;AAAA,MACpB,EAAA,CAAG,IAAA,CAAK,GAAA,CAAI,SAAS,CAAA;AAAA,MACrB,WAAA;AAAA,MACA,EAAA,CAAG,IAAA,CAAK,MAAA,CAAO,SAAA,EAAW,KAAK,CAAA;AAAA,MAC/B,EAAA,CAAG,OAAO,QAAQ;AAAA,KACpB;AAAA,IACA,aAAA,EAAe,CAAC,SAAS;AAAA,GAC1B,CAAA;AAED,EAAA,OAAO,EAAA;AACT;;;AC7DO,SAAS,oBAAA,CACd,WAAA,EACA,QAAA,GAAmB,iBAAA,EACF;AACjB,EAAA,IAAI,CAAC,WAAA,EAAa;AAChB,IAAA,MAAM,IAAIC,cAAA;AAAA,MACR,oBAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAA,GAAS,IAAA,CAAK,MAAM,WAAW,CAAA;AAAA,EACjC,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,IAAIA,cAAA;AAAA,MACR,oBAAA;AAAA,MACA,iDAAA;AAAA,MACA,EAAE,KAAK,WAAA;AAAY,KACrB;AAAA,EACF;AAEA,EAAA,IAAI,CAAC,MAAA,CAAO,OAAA,IAAW,CAAC,OAAO,MAAA,IAAU,CAAC,MAAA,CAAO,KAAA,IAAS,CAAC,MAAA,CAAO,KAAA,IAAS,MAAA,CAAO,aAAa,IAAA,EAAM;AACnG,IAAA,MAAM,IAAIA,cAAA;AAAA,MACR,oBAAA;AAAA,MACA,iDAAA;AAAA,MACA,EAAE,MAAA;AAAO,KACX;AAAA,EACF;AAEA,EAAA,IAAI,MAAA,CAAO,YAAY,KAAA,EAAO;AAC5B,IAAA,MAAM,IAAIA,cAAA;AAAA,MACR,qBAAA;AAAA,MACA,CAAA,uBAAA,EAA0B,OAAO,OAAO,CAAA,2BAAA,CAAA;AAAA,MACxC,EAAE,OAAA,EAAS,MAAA,CAAO,OAAA;AAAQ,KAC5B;AAAA,EACF;AAEA,EAAA,IAAI,MAAA,CAAO,KAAA,IAAS,MAAA,CAAO,KAAA,KAAU,MAAA,EAAQ;AAC3C,IAAA,MAAM,IAAIA,cAAA;AAAA,MACR,oBAAA;AAAA,MACA,CAAA,qBAAA,EAAwB,OAAO,KAAK,CAAA,4BAAA,CAAA;AAAA,MACpC,EAAE,KAAA,EAAO,MAAA,CAAO,KAAA;AAAM,KACxB;AAAA,EACF;AAEA,EAAA,IAAI,MAAA,CAAO,SAAA,GAAY,IAAA,CAAK,GAAA,KAAQ,GAAA,EAAM;AACxC,IAAA,MAAM,IAAIA,cAAA;AAAA,MACR,iBAAA;AAAA,MACA,oCAAA;AAAA,MACA,EAAE,SAAA,EAAW,MAAA,CAAO,SAAA;AAAU,KAChC;AAAA,EACF;AAEA,EAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,MAAA,CAAO,MAAM,CAAA;AAClC,EAAA,IAAI,QAAQ,QAAA,EAAU;AACpB,IAAA,MAAM,IAAIA,cAAA;AAAA,MACR,qBAAA;AAAA,MACA,CAAA,iBAAA,EAAoB,MAAA,CAAO,MAAM,CAAA,oBAAA,EAAuB,QAAQ,CAAA,CAAA;AAAA,MAChE,EAAE,SAAA,EAAW,MAAA,CAAO,MAAA,EAAQ,OAAO,QAAA;AAAS,KAC9C;AAAA,EACF;AAEA,EAAA,OAAO,MAAA;AACT;AAiBO,IAAM,aAAN,MAAiB;AAAA,EACd,MAAA;AAAA,EAER,YAAY,MAAA,EAAoB;AAC9B,IAAA,IAAA,CAAK,MAAA,GAAS,MAAA;AAAA,EAChB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,KAAA,CAAM,GAAA,EAAa,OAAA,GAA4B,EAAC,EAAsB;AAC1E,IAAA,MAAM;AAAA,MACJ,QAAA,GAAW,iBAAA;AAAA,MACX,MAAA,GAAS,KAAA;AAAA,MACT,UAAU,EAAC;AAAA,MACX,IAAA;AAAA,MACA,OAAA,GAAU,eAAA;AAAA,MACV,MAAA,GAAS,KAAA;AAAA,MACT;AAAA,KACF,GAAI,OAAA;AAEJ,IAAA,MAAM,UAAA,GAAa,IAAI,eAAA,EAAgB;AACvC,IAAA,MAAM,YAAY,UAAA,CAAW,MAAM,UAAA,CAAW,KAAA,IAAS,OAAO,CAAA;AAE9D,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,MAAM,UAAA,CAAW,KAAA,CAAM,GAAA,EAAK;AAAA,QAC1C,MAAA;AAAA,QACA,OAAA;AAAA,QACA,IAAA;AAAA,QACA,QAAQ,UAAA,CAAW;AAAA,OACpB,CAAA;AAED,MAAA,IAAI,OAAA,CAAQ,WAAW,GAAA,EAAK;AAC1B,QAAA,OAAO,OAAA;AAAA,MACT;AAEA,MAAA,MAAM,eAAA,GAAkB,oBAAA;AAAA,QACtB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,gBAAgB,CAAA;AAAA,QACjD;AAAA,OACF;AAEA,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,OAAO,IAAI,QAAA;AAAA,UACT,KAAK,SAAA,CAAU;AAAA,YACb,MAAA,EAAQ,IAAA;AAAA,YACR,QAAQ,eAAA,CAAgB,MAAA;AAAA,YACxB,OAAO,eAAA,CAAgB,KAAA;AAAA,YACvB,OAAO,eAAA,CAAgB,KAAA;AAAA,YACvB,SAAS,eAAA,CAAgB;AAAA,WAC1B,CAAA;AAAA,UACD,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,EAAE,cAAA,EAAgB,oBAAmB;AAAE,SACjE;AAAA,MACF;AAEA,MAAA,MAAM,KAAK,MAAM,uBAAA;AAAA,QACf,KAAK,MAAA,CAAO,MAAA;AAAA,QACZ,IAAA,CAAK,OAAO,OAAA,EAAQ;AAAA,QACpB;AAAA,UACE,OAAO,eAAA,CAAgB,KAAA;AAAA,UACvB,QAAQ,eAAA,CAAgB,MAAA;AAAA,UACxB,OAAO,eAAA,CAAgB;AAAA;AACzB,OACF;AAEA,MAAA,IAAI,MAAA;AACJ,MAAA,IAAI;AACF,QAAA,MAAA,GAAS,MAAM,IAAA,CAAK,MAAA,CAAO,cAAA,CAAe,EAAE,CAAA;AAAA,MAC9C,SAAS,GAAA,EAAK;AACZ,QAAA,MAAM,MAAM,GAAA,YAAe,KAAA,GAAQ,GAAA,CAAI,OAAA,GAAU,OAAO,GAAG,CAAA;AAC3D,QAAA,IAAI,IAAI,QAAA,CAAS,mBAAmB,KAAK,GAAA,CAAI,QAAA,CAAS,WAAW,CAAA,EAAG;AAClE,UAAA,MAAM,IAAIA,cAAA;AAAA,YACR,mBAAA;AAAA,YACA,qCAAA;AAAA,YACA,EAAE,KAAA,EAAO,eAAA,CAAgB,KAAA;AAAM,WACjC;AAAA,QACF;AACA,QAAA,IAAI,IAAI,QAAA,CAAS,yBAAyB,KAAK,GAAA,CAAI,QAAA,CAAS,cAAc,CAAA,EAAG;AAC3E,UAAA,MAAM,IAAIA,cAAA;AAAA,YACR,sBAAA;AAAA,YACA,qCAAA;AAAA,YACA,EAAE,QAAA,EAAU,eAAA,CAAgB,MAAA;AAAO,WACrC;AAAA,QACF;AACA,QAAA,MAAM,IAAIA,cAAA;AAAA,UACR,oBAAA;AAAA,UACA,+BAA+B,GAAG,CAAA,CAAA;AAAA,UAClC,EAAE,KAAA,EAAO,eAAA,CAAgB,KAAA;AAAM,SACjC;AAAA,MACF;AAEA,MAAA,MAAM,cAAA,GAAiC;AAAA,QACrC,QAAQ,eAAA,CAAgB,MAAA;AAAA,QACxB,KAAA,EAAO,gBAAgB,KAAA,IAAS,MAAA;AAAA,QAChC,OAAO,eAAA,CAAgB,KAAA;AAAA,QACvB,OAAO,eAAA,CAAgB,KAAA;AAAA,QACvB,QAAQ,MAAA,CAAO;AAAA,OACjB;AAEA,MAAA,SAAA,GAAY,cAAc,CAAA;AAE1B,MAAA,MAAM,cAAA,GAAiC;AAAA,QACrC,QAAQ,MAAA,CAAO,MAAA;AAAA,QACf,OAAA,EAAS,KAAA;AAAA,QACT,QAAQ,eAAA,CAAgB,MAAA;AAAA,QACxB,OAAO,eAAA,CAAgB;AAAA,OACzB;AAEA,MAAA,MAAM,KAAA,GAAQ,MAAM,UAAA,CAAW,KAAA,CAAM,GAAA,EAAK;AAAA,QACxC,MAAA;AAAA,QACA,OAAA,EAAS;AAAA,UACP,GAAG,OAAA;AAAA,UACH,CAAC,YAAA,CAAa,SAAS,GAAG,IAAA,CAAK,UAAU,cAAc;AAAA,SACzD;AAAA,QACA,IAAA;AAAA,QACA,QAAQ,UAAA,CAAW;AAAA,OACpB,CAAA;AAED,MAAA,OAAO,KAAA;AAAA,IACT,CAAA,SAAE;AACA,MAAA,YAAA,CAAa,SAAS,CAAA;AAAA,IACxB;AAAA,EACF;AACF;AC/MA,SAAS,iBAAiB,KAAA,EAA0B;AAClD,EAAA,OAAO,MAAM,IAAA,KAAS,0BAAA;AACxB;AAEA,SAAS,0BAA0B,KAAA,EAA8C;AAC/E,EAAA,MAAM,OAAO,KAAA,CAAM,UAAA;AACnB,EAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAElB,EAAA,OAAO;AAAA,IACL,cAAA,EAAgB,MAAA,CAAO,IAAA,CAAK,cAAA,IAAkB,EAAE,CAAA;AAAA,IAChD,QAAA,EAAU,MAAA,CAAO,IAAA,CAAK,QAAA,IAAY,EAAE,CAAA;AAAA,IACpC,KAAA,EAAO,MAAA,CAAO,IAAA,CAAK,KAAA,IAAS,EAAE,CAAA;AAAA,IAC9B,WAAW,IAAA,CAAK,SAAA,GAAY,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,GAAI,MAAA;AAAA,IACrD,cAAc,IAAA,CAAK,YAAA,GAAe,MAAA,CAAO,IAAA,CAAK,YAAY,CAAA,GAAI;AAAA,GAChE;AACF;AAcA,eAAsB,aAAA,CACpB,QACA,GAAA,EACyB;AACzB,EAAA,IAAI,IAAA,CAAK,GAAA,EAAI,GAAI,GAAA,GAAO,IAAI,SAAA,EAAW;AACrC,IAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,MAAA,EAAQ,SAAA,EAAU;AAAA,EAC9C;AAEA,EAAA,IAAI,EAAA;AACJ,EAAA,IAAI;AACF,IAAA,EAAA,GAAK,MAAM,OAAO,mBAAA,CAAoB;AAAA,MACpC,QAAQ,GAAA,CAAI,MAAA;AAAA,MACZ,OAAA,EAAS,EAAE,WAAA,EAAa,IAAA,EAAM,YAAY,IAAA;AAAK,KAChD,CAAA;AAAA,EACH,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,MAAA,EAAQ,cAAA,EAAe;AAAA,EACnD;AAEA,EAAA,IAAI,CAAC,EAAA,EAAI;AACP,IAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,MAAA,EAAQ,cAAA,EAAe;AAAA,EACnD;AAEA,EAAA,MAAM,YAAA,GAAe,EAAA,CAAG,MAAA,EAAQ,IAAA,CAAK,gBAAgB,CAAA;AACrD,EAAA,IAAI,CAAC,YAAA,EAAc;AACjB,IAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,MAAA,EAAQ,kBAAA,EAAmB;AAAA,EACvD;AAEA,EAAA,MAAM,MAAA,GAAS,0BAA0B,YAAY,CAAA;AACrD,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,MAAA,EAAQ,kBAAA,EAAmB;AAAA,EACvD;AAEA,EAAA,MAAM,cAAA,GAAiBF,aAAAA,CAAU,MAAA,CAAO,GAAA,CAAI,MAAM,CAAC,CAAA;AACnD,EAAA,IAAI,MAAA,CAAO,MAAA,CAAO,cAAc,CAAA,KAAM,cAAA,EAAgB;AACpD,IAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,MAAA,EAAQ,iBAAA,EAAkB;AAAA,EACtD;AAEA,EAAA,IAAI,MAAA,CAAO,QAAA,KAAa,GAAA,CAAI,KAAA,EAAO;AACjC,IAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,MAAA,EAAQ,iBAAA,EAAkB;AAAA,EACtD;AAEA,EAAA,IAAI,MAAA,CAAO,KAAA,KAAU,GAAA,CAAI,KAAA,EAAO;AAC9B,IAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,MAAA,EAAQ,gBAAA,EAAwC;AAAA,EAC5E;AAEA,EAAA,OAAO;AAAA,IACL,QAAA,EAAU,IAAA;AAAA,IACV,QAAQ,GAAA,CAAI,MAAA;AAAA,IACZ,eAAe,GAAA,CAAI,MAAA;AAAA,IACnB,WAAW,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI;AAAA,GACzC;AACF","file":"index.cjs","sourcesContent":["export interface PaymentRequired {\n amount: string;\n asset: string;\n network: string;\n payTo: string;\n nonce: string;\n expiresAt: number;\n description?: string;\n}\n\nexport interface PaymentPayload {\n txHash: string;\n network: string;\n amount: string;\n nonce: string;\n}\n\nexport interface VerifyRequest {\n txHash: string;\n network: string;\n amount: string;\n asset: string;\n payTo: string;\n nonce: string;\n expiresAt: number;\n}\n\nexport interface VerifyResponse {\n verified: boolean;\n txHash?: string;\n settledAmount?: string;\n settledAt?: number;\n reason?: VerifyFailureReason;\n}\n\nexport type VerifyFailureReason =\n | 'expired'\n | 'tx_not_found'\n | 'no_payment_event'\n | 'amount_mismatch'\n | 'wrong_recipient'\n | 'nonce_mismatch';\n\nexport interface SettleRequest {\n txHash: string;\n nonce: string;\n}\n\nexport interface SettleResponse {\n settled: boolean;\n}\n\nexport interface X402ClientOptions {\n maxPrice?: number;\n method?: string;\n headers?: Record<string, string>;\n body?: string;\n timeout?: number;\n dryRun?: boolean;\n onPayment?: (details: PaymentDetails) => void;\n}\n\nexport interface PaymentDetails {\n amount: string;\n asset: string;\n payTo: string;\n nonce: string;\n txHash: string;\n}\n\nexport type X402FetchOptions = X402ClientOptions;\n\nexport const X402_HEADERS = {\n PAYMENT_REQUIRED: 'payment-required',\n X_PAYMENT: 'x-payment',\n} as const;\n\nexport const DEFAULT_MAX_PRICE = 1.0;\nexport const DEFAULT_TIMEOUT = 30_000;\n","/**\n * Sui Payment Kit package ID (mainnet).\n * Source: github.com/MystenLabs/sui-payment-kit Move.lock `original-published-id`.\n */\nexport const PAYMENT_KIT_PACKAGE =\n process.env.PAYMENT_KIT_PACKAGE ??\n '0xbc126f1535fba7d641cb9150ad9eae93b104972586ba20f3c60bfe0e53b69bc6';\n\n/**\n * t2000's PaymentRegistry object ID (mainnet).\n * Created via `create_registry` on Payment Kit Namespace.\n * Tx: 666ZX1PhfV3PVJtqVZfuToHoVGoTDeWCxzZb1u8aRgmL\n */\nexport const T2000_PAYMENT_REGISTRY_ID =\n process.env.T2000_PAYMENT_REGISTRY_ID ??\n '0x4009dd17305ed1b33352b808e9d0e9eb94d09085b2d5ec0f395c5cdfa2271291';\n\nexport const USDC_TYPE =\n '0xdba34672e30cb065b1f93e3ab55318768fd6fef66c15942c9f7cb846e2f900e7::usdc::USDC';\n\nexport const CLOCK_ID = '0x6';\n\nexport const DEFAULT_FACILITATOR_URL = 'https://api.t2000.ai/x402';\n\nexport const PAYMENT_KIT_MODULE = 'payment_kit';\nexport const PAYMENT_KIT_FUNCTION = 'process_registry_payment';\nexport const PAYMENT_RECEIPT_EVENT_TYPE = `${PAYMENT_KIT_PACKAGE}::${PAYMENT_KIT_MODULE}::PaymentReceipt`;\n","import { Transaction } from '@mysten/sui/transactions';\nimport type { SuiClient } from '@mysten/sui/client';\nimport { usdcToRaw } from '@t2000/sdk';\nimport {\n PAYMENT_KIT_PACKAGE,\n PAYMENT_KIT_MODULE,\n PAYMENT_KIT_FUNCTION,\n T2000_PAYMENT_REGISTRY_ID,\n USDC_TYPE,\n CLOCK_ID,\n} from './constants.js';\n\nexport interface PaymentPTBParams {\n nonce: string;\n amount: string;\n payTo: string;\n}\n\n/**\n * Builds a payment PTB using USDC coins from the wallet.\n *\n * The Move function signature:\n * process_registry_payment<CoinType>(\n * registry: &mut PaymentRegistry<CoinType>,\n * nonce: String,\n * amount: u64,\n * coin: Coin<CoinType>,\n * receiver: Option<address>,\n * clock: &Clock\n * )\n *\n * Move enforces nonce uniqueness atomically via EDuplicatePayment.\n */\nexport async function buildPaymentTransaction(\n client: SuiClient,\n senderAddress: string,\n params: PaymentPTBParams,\n): Promise<Transaction> {\n const { nonce, amount, payTo } = params;\n const rawAmount = usdcToRaw(Number(amount));\n\n if (!T2000_PAYMENT_REGISTRY_ID) {\n throw new Error(\n 'T2000_PAYMENT_REGISTRY_ID is not set. ' +\n 'Create a PaymentRegistry<USDC> via Payment Kit before using x402.'\n );\n }\n\n const coins = await client.getCoins({\n owner: senderAddress,\n coinType: USDC_TYPE,\n });\n\n if (coins.data.length === 0) {\n throw new Error('No USDC coins found in wallet');\n }\n\n const tx = new Transaction();\n\n let primaryCoin = tx.object(coins.data[0].coinObjectId);\n if (coins.data.length > 1) {\n const otherCoins = coins.data.slice(1).map(c => tx.object(c.coinObjectId));\n tx.mergeCoins(primaryCoin, otherCoins);\n }\n\n const [paymentCoin] = tx.splitCoins(primaryCoin, [tx.pure.u64(rawAmount)]);\n\n tx.moveCall({\n target: `${PAYMENT_KIT_PACKAGE}::${PAYMENT_KIT_MODULE}::${PAYMENT_KIT_FUNCTION}`,\n arguments: [\n tx.object(T2000_PAYMENT_REGISTRY_ID),\n tx.pure.string(nonce),\n tx.pure.u64(rawAmount),\n paymentCoin,\n tx.pure.option('address', payTo),\n tx.object(CLOCK_ID),\n ],\n typeArguments: [USDC_TYPE],\n });\n\n return tx;\n}\n","import type { SuiClient } from '@mysten/sui/client';\nimport type { Ed25519Keypair } from '@mysten/sui/keypairs/ed25519';\nimport { T2000Error } from '@t2000/sdk';\nimport type {\n PaymentRequired,\n PaymentPayload,\n X402FetchOptions,\n PaymentDetails,\n} from './types.js';\nimport {\n X402_HEADERS,\n DEFAULT_MAX_PRICE,\n DEFAULT_TIMEOUT,\n} from './types.js';\nimport { buildPaymentTransaction } from './payment-kit.js';\n\n/**\n * Parses the PAYMENT-REQUIRED header from a 402 response.\n * Validates network, asset, expiry, and price constraints.\n */\nexport function parsePaymentRequired(\n headerValue: string | null,\n maxPrice: number = DEFAULT_MAX_PRICE,\n): PaymentRequired {\n if (!headerValue) {\n throw new T2000Error(\n 'TRANSACTION_FAILED',\n '402 response missing PAYMENT-REQUIRED header',\n );\n }\n\n let parsed: PaymentRequired;\n try {\n parsed = JSON.parse(headerValue);\n } catch {\n throw new T2000Error(\n 'TRANSACTION_FAILED',\n 'Malformed PAYMENT-REQUIRED header: invalid JSON',\n { raw: headerValue },\n );\n }\n\n if (!parsed.network || !parsed.amount || !parsed.payTo || !parsed.nonce || parsed.expiresAt == null) {\n throw new T2000Error(\n 'TRANSACTION_FAILED',\n 'PAYMENT-REQUIRED header missing required fields',\n { parsed },\n );\n }\n\n if (parsed.network !== 'sui') {\n throw new T2000Error(\n 'UNSUPPORTED_NETWORK',\n `x402 requires network \"${parsed.network}\" but only Sui is supported`,\n { network: parsed.network },\n );\n }\n\n if (parsed.asset && parsed.asset !== 'USDC') {\n throw new T2000Error(\n 'TRANSACTION_FAILED',\n `x402 requires asset \"${parsed.asset}\" but only USDC is supported`,\n { asset: parsed.asset },\n );\n }\n\n if (parsed.expiresAt < Date.now() / 1000) {\n throw new T2000Error(\n 'PAYMENT_EXPIRED',\n 'x402 payment challenge has expired',\n { expiresAt: parsed.expiresAt },\n );\n }\n\n const price = Number(parsed.amount);\n if (price > maxPrice) {\n throw new T2000Error(\n 'PRICE_EXCEEDS_LIMIT',\n `Requested price $${parsed.amount} exceeds max price $${maxPrice}`,\n { requested: parsed.amount, limit: maxPrice },\n );\n }\n\n return parsed;\n}\n\nexport interface X402Wallet {\n client: SuiClient;\n keypair: Ed25519Keypair;\n address(): string;\n signAndExecute(tx: unknown): Promise<{ digest: string }>;\n}\n\n/**\n * x402 client for Sui. Handles the full 402 payment flow:\n * 1. Sends initial request\n * 2. Detects 402 Payment Required\n * 3. Parses payment terms\n * 4. Builds and executes Payment Kit PTB\n * 5. Retries with X-PAYMENT proof header\n */\nexport class x402Client {\n private wallet: X402Wallet;\n\n constructor(wallet: X402Wallet) {\n this.wallet = wallet;\n }\n\n /**\n * Makes an HTTP request, handling x402 payment if required.\n * Non-402 responses pass through unmodified.\n */\n async fetch(url: string, options: X402FetchOptions = {}): Promise<Response> {\n const {\n maxPrice = DEFAULT_MAX_PRICE,\n method = 'GET',\n headers = {},\n body,\n timeout = DEFAULT_TIMEOUT,\n dryRun = false,\n onPayment,\n } = options;\n\n const controller = new AbortController();\n const timeoutId = setTimeout(() => controller.abort(), timeout);\n\n try {\n const initial = await globalThis.fetch(url, {\n method,\n headers,\n body,\n signal: controller.signal,\n });\n\n if (initial.status !== 402) {\n return initial;\n }\n\n const paymentRequired = parsePaymentRequired(\n initial.headers.get(X402_HEADERS.PAYMENT_REQUIRED),\n maxPrice,\n );\n\n if (dryRun) {\n return new Response(\n JSON.stringify({\n dryRun: true,\n amount: paymentRequired.amount,\n asset: paymentRequired.asset,\n payTo: paymentRequired.payTo,\n network: paymentRequired.network,\n }),\n { status: 200, headers: { 'content-type': 'application/json' } },\n );\n }\n\n const tx = await buildPaymentTransaction(\n this.wallet.client,\n this.wallet.address(),\n {\n nonce: paymentRequired.nonce,\n amount: paymentRequired.amount,\n payTo: paymentRequired.payTo,\n },\n );\n\n let result: { digest: string };\n try {\n result = await this.wallet.signAndExecute(tx);\n } catch (err) {\n const msg = err instanceof Error ? err.message : String(err);\n if (msg.includes('EDuplicatePayment') || msg.includes('duplicate')) {\n throw new T2000Error(\n 'DUPLICATE_PAYMENT',\n 'Payment nonce already used on-chain',\n { nonce: paymentRequired.nonce },\n );\n }\n if (msg.includes('InsufficientCoinBalance') || msg.includes('Insufficient')) {\n throw new T2000Error(\n 'INSUFFICIENT_BALANCE',\n 'Not enough USDC to complete payment',\n { required: paymentRequired.amount },\n );\n }\n throw new T2000Error(\n 'TRANSACTION_FAILED',\n `Payment transaction failed: ${msg}`,\n { nonce: paymentRequired.nonce },\n );\n }\n\n const paymentDetails: PaymentDetails = {\n amount: paymentRequired.amount,\n asset: paymentRequired.asset || 'USDC',\n payTo: paymentRequired.payTo,\n nonce: paymentRequired.nonce,\n txHash: result.digest,\n };\n\n onPayment?.(paymentDetails);\n\n const paymentPayload: PaymentPayload = {\n txHash: result.digest,\n network: 'sui',\n amount: paymentRequired.amount,\n nonce: paymentRequired.nonce,\n };\n\n const retry = await globalThis.fetch(url, {\n method,\n headers: {\n ...headers,\n [X402_HEADERS.X_PAYMENT]: JSON.stringify(paymentPayload),\n },\n body,\n signal: controller.signal,\n });\n\n return retry;\n } finally {\n clearTimeout(timeoutId);\n }\n }\n}\n","import type { SuiClient, SuiEvent } from '@mysten/sui/client';\nimport { usdcToRaw } from '@t2000/sdk';\nimport type {\n VerifyRequest,\n VerifyResponse,\n VerifyFailureReason,\n} from './types.js';\nimport { PAYMENT_RECEIPT_EVENT_TYPE } from './constants.js';\n\ninterface PaymentReceiptFields {\n payment_amount: string;\n receiver: string;\n nonce: string;\n coin_type?: string;\n timestamp_ms?: string;\n}\n\nfunction isPaymentReceipt(event: SuiEvent): boolean {\n return event.type === PAYMENT_RECEIPT_EVENT_TYPE;\n}\n\nfunction parsePaymentReceiptFields(event: SuiEvent): PaymentReceiptFields | null {\n const json = event.parsedJson as Record<string, unknown> | undefined;\n if (!json) return null;\n\n return {\n payment_amount: String(json.payment_amount ?? ''),\n receiver: String(json.receiver ?? ''),\n nonce: String(json.nonce ?? ''),\n coin_type: json.coin_type ? String(json.coin_type) : undefined,\n timestamp_ms: json.timestamp_ms ? String(json.timestamp_ms) : undefined,\n };\n}\n\n/**\n * Verifies an x402 payment by checking the Sui transaction on-chain.\n *\n * Verification steps:\n * 1. Check if the challenge has expired\n * 2. Fetch the transaction from Sui RPC\n * 3. Find the PaymentReceipt event emitted by Payment Kit\n * 4. Validate amount, recipient, and nonce match the request\n *\n * Duplicate nonces are already prevented by Move's EDuplicatePayment.\n * This function only verifies payments that successfully landed on-chain.\n */\nexport async function verifyPayment(\n client: SuiClient,\n req: VerifyRequest,\n): Promise<VerifyResponse> {\n if (Date.now() / 1000 > req.expiresAt) {\n return { verified: false, reason: 'expired' };\n }\n\n let tx;\n try {\n tx = await client.getTransactionBlock({\n digest: req.txHash,\n options: { showEffects: true, showEvents: true },\n });\n } catch {\n return { verified: false, reason: 'tx_not_found' };\n }\n\n if (!tx) {\n return { verified: false, reason: 'tx_not_found' };\n }\n\n const receiptEvent = tx.events?.find(isPaymentReceipt);\n if (!receiptEvent) {\n return { verified: false, reason: 'no_payment_event' };\n }\n\n const fields = parsePaymentReceiptFields(receiptEvent);\n if (!fields) {\n return { verified: false, reason: 'no_payment_event' };\n }\n\n const expectedAmount = usdcToRaw(Number(req.amount));\n if (BigInt(fields.payment_amount) !== expectedAmount) {\n return { verified: false, reason: 'amount_mismatch' };\n }\n\n if (fields.receiver !== req.payTo) {\n return { verified: false, reason: 'wrong_recipient' };\n }\n\n if (fields.nonce !== req.nonce) {\n return { verified: false, reason: 'nonce_mismatch' as VerifyFailureReason };\n }\n\n return {\n verified: true,\n txHash: req.txHash,\n settledAmount: req.amount,\n settledAt: Math.floor(Date.now() / 1000),\n };\n}\n"]}

package/dist/index.d.cts ADDED Viewed

@@ -0,0 +1,153 @@
+import { SuiClient } from '@mysten/sui/client';
+import { Ed25519Keypair } from '@mysten/sui/keypairs/ed25519';
+import { Transaction } from '@mysten/sui/transactions';
+interface PaymentRequired {
+    amount: string;
+    asset: string;
+    network: string;
+    payTo: string;
+    nonce: string;
+    expiresAt: number;
+    description?: string;
+}
+interface PaymentPayload {
+    txHash: string;
+    network: string;
+    amount: string;
+    nonce: string;
+}
+interface VerifyRequest {
+    txHash: string;
+    network: string;
+    amount: string;
+    asset: string;
+    payTo: string;
+    nonce: string;
+    expiresAt: number;
+}
+interface VerifyResponse {
+    verified: boolean;
+    txHash?: string;
+    settledAmount?: string;
+    settledAt?: number;
+    reason?: VerifyFailureReason;
+}
+type VerifyFailureReason = 'expired' | 'tx_not_found' | 'no_payment_event' | 'amount_mismatch' | 'wrong_recipient' | 'nonce_mismatch';
+interface SettleRequest {
+    txHash: string;
+    nonce: string;
+}
+interface SettleResponse {
+    settled: boolean;
+}
+interface X402ClientOptions {
+    maxPrice?: number;
+    method?: string;
+    headers?: Record<string, string>;
+    body?: string;
+    timeout?: number;
+    dryRun?: boolean;
+    onPayment?: (details: PaymentDetails) => void;
+}
+interface PaymentDetails {
+    amount: string;
+    asset: string;
+    payTo: string;
+    nonce: string;
+    txHash: string;
+}
+type X402FetchOptions = X402ClientOptions;
+declare const X402_HEADERS: {
+    readonly PAYMENT_REQUIRED: "payment-required";
+    readonly X_PAYMENT: "x-payment";
+};
+declare const DEFAULT_MAX_PRICE = 1;
+declare const DEFAULT_TIMEOUT = 30000;
+/**
+ * Parses the PAYMENT-REQUIRED header from a 402 response.
+ * Validates network, asset, expiry, and price constraints.
+ */
+declare function parsePaymentRequired(headerValue: string | null, maxPrice?: number): PaymentRequired;
+interface X402Wallet {
+    client: SuiClient;
+    keypair: Ed25519Keypair;
+    address(): string;
+    signAndExecute(tx: unknown): Promise<{
+        digest: string;
+    }>;
+}
+/**
+ * x402 client for Sui. Handles the full 402 payment flow:
+ * 1. Sends initial request
+ * 2. Detects 402 Payment Required
+ * 3. Parses payment terms
+ * 4. Builds and executes Payment Kit PTB
+ * 5. Retries with X-PAYMENT proof header
+ */
+declare class x402Client {
+    private wallet;
+    constructor(wallet: X402Wallet);
+    /**
+     * Makes an HTTP request, handling x402 payment if required.
+     * Non-402 responses pass through unmodified.
+     */
+    fetch(url: string, options?: X402FetchOptions): Promise<Response>;
+}
+interface PaymentPTBParams {
+    nonce: string;
+    amount: string;
+    payTo: string;
+}
+/**
+ * Builds a payment PTB using USDC coins from the wallet.
+ *
+ * The Move function signature:
+ *   process_registry_payment<CoinType>(
+ *     registry: &mut PaymentRegistry<CoinType>,
+ *     nonce: String,
+ *     amount: u64,
+ *     coin: Coin<CoinType>,
+ *     receiver: Option<address>,
+ *     clock: &Clock
+ *   )
+ *
+ * Move enforces nonce uniqueness atomically via EDuplicatePayment.
+ */
+declare function buildPaymentTransaction(client: SuiClient, senderAddress: string, params: PaymentPTBParams): Promise<Transaction>;
+/**
+ * Verifies an x402 payment by checking the Sui transaction on-chain.
+ *
+ * Verification steps:
+ * 1. Check if the challenge has expired
+ * 2. Fetch the transaction from Sui RPC
+ * 3. Find the PaymentReceipt event emitted by Payment Kit
+ * 4. Validate amount, recipient, and nonce match the request
+ *
+ * Duplicate nonces are already prevented by Move's EDuplicatePayment.
+ * This function only verifies payments that successfully landed on-chain.
+ */
+declare function verifyPayment(client: SuiClient, req: VerifyRequest): Promise<VerifyResponse>;
+/**
+ * Sui Payment Kit package ID (mainnet).
+ * Source: github.com/MystenLabs/sui-payment-kit Move.lock `original-published-id`.
+ */
+declare const PAYMENT_KIT_PACKAGE: string;
+/**
+ * t2000's PaymentRegistry object ID (mainnet).
+ * Created via `create_registry` on Payment Kit Namespace.
+ * Tx: 666ZX1PhfV3PVJtqVZfuToHoVGoTDeWCxzZb1u8aRgmL
+ */
+declare const T2000_PAYMENT_REGISTRY_ID: string;
+declare const USDC_TYPE = "0xdba34672e30cb065b1f93e3ab55318768fd6fef66c15942c9f7cb846e2f900e7::usdc::USDC";
+declare const CLOCK_ID = "0x6";
+declare const DEFAULT_FACILITATOR_URL = "https://api.t2000.ai/x402";
+declare const PAYMENT_KIT_MODULE = "payment_kit";
+declare const PAYMENT_KIT_FUNCTION = "process_registry_payment";
+declare const PAYMENT_RECEIPT_EVENT_TYPE: string;
+export { CLOCK_ID, DEFAULT_FACILITATOR_URL, DEFAULT_MAX_PRICE, DEFAULT_TIMEOUT, PAYMENT_KIT_FUNCTION, PAYMENT_KIT_MODULE, PAYMENT_KIT_PACKAGE, PAYMENT_RECEIPT_EVENT_TYPE, type PaymentDetails, type PaymentPTBParams, type PaymentPayload, type PaymentRequired, type SettleRequest, type SettleResponse, T2000_PAYMENT_REGISTRY_ID, USDC_TYPE, type VerifyFailureReason, type VerifyRequest, type VerifyResponse, type X402ClientOptions, type X402FetchOptions, type X402Wallet, X402_HEADERS, buildPaymentTransaction, parsePaymentRequired, verifyPayment, x402Client };

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,153 @@
+import { SuiClient } from '@mysten/sui/client';
+import { Ed25519Keypair } from '@mysten/sui/keypairs/ed25519';
+import { Transaction } from '@mysten/sui/transactions';
+interface PaymentRequired {
+    amount: string;
+    asset: string;
+    network: string;
+    payTo: string;
+    nonce: string;
+    expiresAt: number;
+    description?: string;
+}
+interface PaymentPayload {
+    txHash: string;
+    network: string;
+    amount: string;
+    nonce: string;
+}
+interface VerifyRequest {
+    txHash: string;
+    network: string;
+    amount: string;
+    asset: string;
+    payTo: string;
+    nonce: string;
+    expiresAt: number;
+}
+interface VerifyResponse {
+    verified: boolean;
+    txHash?: string;
+    settledAmount?: string;
+    settledAt?: number;
+    reason?: VerifyFailureReason;
+}
+type VerifyFailureReason = 'expired' | 'tx_not_found' | 'no_payment_event' | 'amount_mismatch' | 'wrong_recipient' | 'nonce_mismatch';
+interface SettleRequest {
+    txHash: string;
+    nonce: string;
+}
+interface SettleResponse {
+    settled: boolean;
+}
+interface X402ClientOptions {
+    maxPrice?: number;
+    method?: string;
+    headers?: Record<string, string>;
+    body?: string;
+    timeout?: number;
+    dryRun?: boolean;
+    onPayment?: (details: PaymentDetails) => void;
+}
+interface PaymentDetails {
+    amount: string;
+    asset: string;
+    payTo: string;
+    nonce: string;
+    txHash: string;
+}
+type X402FetchOptions = X402ClientOptions;
+declare const X402_HEADERS: {
+    readonly PAYMENT_REQUIRED: "payment-required";
+    readonly X_PAYMENT: "x-payment";
+};
+declare const DEFAULT_MAX_PRICE = 1;
+declare const DEFAULT_TIMEOUT = 30000;
+/**
+ * Parses the PAYMENT-REQUIRED header from a 402 response.
+ * Validates network, asset, expiry, and price constraints.
+ */
+declare function parsePaymentRequired(headerValue: string | null, maxPrice?: number): PaymentRequired;
+interface X402Wallet {
+    client: SuiClient;
+    keypair: Ed25519Keypair;
+    address(): string;
+    signAndExecute(tx: unknown): Promise<{
+        digest: string;
+    }>;
+}
+/**
+ * x402 client for Sui. Handles the full 402 payment flow:
+ * 1. Sends initial request
+ * 2. Detects 402 Payment Required
+ * 3. Parses payment terms
+ * 4. Builds and executes Payment Kit PTB
+ * 5. Retries with X-PAYMENT proof header
+ */
+declare class x402Client {
+    private wallet;
+    constructor(wallet: X402Wallet);
+    /**
+     * Makes an HTTP request, handling x402 payment if required.
+     * Non-402 responses pass through unmodified.
+     */
+    fetch(url: string, options?: X402FetchOptions): Promise<Response>;
+}
+interface PaymentPTBParams {
+    nonce: string;
+    amount: string;
+    payTo: string;
+}
+/**
+ * Builds a payment PTB using USDC coins from the wallet.
+ *
+ * The Move function signature:
+ *   process_registry_payment<CoinType>(
+ *     registry: &mut PaymentRegistry<CoinType>,
+ *     nonce: String,
+ *     amount: u64,
+ *     coin: Coin<CoinType>,
+ *     receiver: Option<address>,
+ *     clock: &Clock
+ *   )
+ *
+ * Move enforces nonce uniqueness atomically via EDuplicatePayment.
+ */
+declare function buildPaymentTransaction(client: SuiClient, senderAddress: string, params: PaymentPTBParams): Promise<Transaction>;
+/**
+ * Verifies an x402 payment by checking the Sui transaction on-chain.
+ *
+ * Verification steps:
+ * 1. Check if the challenge has expired
+ * 2. Fetch the transaction from Sui RPC
+ * 3. Find the PaymentReceipt event emitted by Payment Kit
+ * 4. Validate amount, recipient, and nonce match the request
+ *
+ * Duplicate nonces are already prevented by Move's EDuplicatePayment.
+ * This function only verifies payments that successfully landed on-chain.
+ */
+declare function verifyPayment(client: SuiClient, req: VerifyRequest): Promise<VerifyResponse>;
+/**
+ * Sui Payment Kit package ID (mainnet).
+ * Source: github.com/MystenLabs/sui-payment-kit Move.lock `original-published-id`.
+ */
+declare const PAYMENT_KIT_PACKAGE: string;
+/**
+ * t2000's PaymentRegistry object ID (mainnet).
+ * Created via `create_registry` on Payment Kit Namespace.
+ * Tx: 666ZX1PhfV3PVJtqVZfuToHoVGoTDeWCxzZb1u8aRgmL
+ */
+declare const T2000_PAYMENT_REGISTRY_ID: string;
+declare const USDC_TYPE = "0xdba34672e30cb065b1f93e3ab55318768fd6fef66c15942c9f7cb846e2f900e7::usdc::USDC";
+declare const CLOCK_ID = "0x6";
+declare const DEFAULT_FACILITATOR_URL = "https://api.t2000.ai/x402";
+declare const PAYMENT_KIT_MODULE = "payment_kit";
+declare const PAYMENT_KIT_FUNCTION = "process_registry_payment";
+declare const PAYMENT_RECEIPT_EVENT_TYPE: string;
+export { CLOCK_ID, DEFAULT_FACILITATOR_URL, DEFAULT_MAX_PRICE, DEFAULT_TIMEOUT, PAYMENT_KIT_FUNCTION, PAYMENT_KIT_MODULE, PAYMENT_KIT_PACKAGE, PAYMENT_RECEIPT_EVENT_TYPE, type PaymentDetails, type PaymentPTBParams, type PaymentPayload, type PaymentRequired, type SettleRequest, type SettleResponse, T2000_PAYMENT_REGISTRY_ID, USDC_TYPE, type VerifyFailureReason, type VerifyRequest, type VerifyResponse, type X402ClientOptions, type X402FetchOptions, type X402Wallet, X402_HEADERS, buildPaymentTransaction, parsePaymentRequired, verifyPayment, x402Client };

package/dist/index.js ADDED Viewed

@@ -0,0 +1,286 @@
+import { usdcToRaw, T2000Error } from '@t2000/sdk';
+import { Transaction } from '@mysten/sui/transactions';
+// src/client.ts
+// src/types.ts
+var X402_HEADERS = {
+  PAYMENT_REQUIRED: "payment-required",
+  X_PAYMENT: "x-payment"
+};
+var DEFAULT_MAX_PRICE = 1;
+var DEFAULT_TIMEOUT = 3e4;
+// src/constants.ts
+var PAYMENT_KIT_PACKAGE = process.env.PAYMENT_KIT_PACKAGE ?? "0xbc126f1535fba7d641cb9150ad9eae93b104972586ba20f3c60bfe0e53b69bc6";
+var T2000_PAYMENT_REGISTRY_ID = process.env.T2000_PAYMENT_REGISTRY_ID ?? "0x4009dd17305ed1b33352b808e9d0e9eb94d09085b2d5ec0f395c5cdfa2271291";
+var USDC_TYPE = "0xdba34672e30cb065b1f93e3ab55318768fd6fef66c15942c9f7cb846e2f900e7::usdc::USDC";
+var CLOCK_ID = "0x6";
+var DEFAULT_FACILITATOR_URL = "https://api.t2000.ai/x402";
+var PAYMENT_KIT_MODULE = "payment_kit";
+var PAYMENT_KIT_FUNCTION = "process_registry_payment";
+var PAYMENT_RECEIPT_EVENT_TYPE = `${PAYMENT_KIT_PACKAGE}::${PAYMENT_KIT_MODULE}::PaymentReceipt`;
+// src/payment-kit.ts
+async function buildPaymentTransaction(client, senderAddress, params) {
+  const { nonce, amount, payTo } = params;
+  const rawAmount = usdcToRaw(Number(amount));
+  if (!T2000_PAYMENT_REGISTRY_ID) {
+    throw new Error(
+      "T2000_PAYMENT_REGISTRY_ID is not set. Create a PaymentRegistry<USDC> via Payment Kit before using x402."
+    );
+  }
+  const coins = await client.getCoins({
+    owner: senderAddress,
+    coinType: USDC_TYPE
+  });
+  if (coins.data.length === 0) {
+    throw new Error("No USDC coins found in wallet");
+  }
+  const tx = new Transaction();
+  let primaryCoin = tx.object(coins.data[0].coinObjectId);
+  if (coins.data.length > 1) {
+    const otherCoins = coins.data.slice(1).map((c) => tx.object(c.coinObjectId));
+    tx.mergeCoins(primaryCoin, otherCoins);
+  }
+  const [paymentCoin] = tx.splitCoins(primaryCoin, [tx.pure.u64(rawAmount)]);
+  tx.moveCall({
+    target: `${PAYMENT_KIT_PACKAGE}::${PAYMENT_KIT_MODULE}::${PAYMENT_KIT_FUNCTION}`,
+    arguments: [
+      tx.object(T2000_PAYMENT_REGISTRY_ID),
+      tx.pure.string(nonce),
+      tx.pure.u64(rawAmount),
+      paymentCoin,
+      tx.pure.option("address", payTo),
+      tx.object(CLOCK_ID)
+    ],
+    typeArguments: [USDC_TYPE]
+  });
+  return tx;
+}
+// src/client.ts
+function parsePaymentRequired(headerValue, maxPrice = DEFAULT_MAX_PRICE) {
+  if (!headerValue) {
+    throw new T2000Error(
+      "TRANSACTION_FAILED",
+      "402 response missing PAYMENT-REQUIRED header"
+    );
+  }
+  let parsed;
+  try {
+    parsed = JSON.parse(headerValue);
+  } catch {
+    throw new T2000Error(
+      "TRANSACTION_FAILED",
+      "Malformed PAYMENT-REQUIRED header: invalid JSON",
+      { raw: headerValue }
+    );
+  }
+  if (!parsed.network || !parsed.amount || !parsed.payTo || !parsed.nonce || parsed.expiresAt == null) {
+    throw new T2000Error(
+      "TRANSACTION_FAILED",
+      "PAYMENT-REQUIRED header missing required fields",
+      { parsed }
+    );
+  }
+  if (parsed.network !== "sui") {
+    throw new T2000Error(
+      "UNSUPPORTED_NETWORK",
+      `x402 requires network "${parsed.network}" but only Sui is supported`,
+      { network: parsed.network }
+    );
+  }
+  if (parsed.asset && parsed.asset !== "USDC") {
+    throw new T2000Error(
+      "TRANSACTION_FAILED",
+      `x402 requires asset "${parsed.asset}" but only USDC is supported`,
+      { asset: parsed.asset }
+    );
+  }
+  if (parsed.expiresAt < Date.now() / 1e3) {
+    throw new T2000Error(
+      "PAYMENT_EXPIRED",
+      "x402 payment challenge has expired",
+      { expiresAt: parsed.expiresAt }
+    );
+  }
+  const price = Number(parsed.amount);
+  if (price > maxPrice) {
+    throw new T2000Error(
+      "PRICE_EXCEEDS_LIMIT",
+      `Requested price $${parsed.amount} exceeds max price $${maxPrice}`,
+      { requested: parsed.amount, limit: maxPrice }
+    );
+  }
+  return parsed;
+}
+var x402Client = class {
+  wallet;
+  constructor(wallet) {
+    this.wallet = wallet;
+  }
+  /**
+   * Makes an HTTP request, handling x402 payment if required.
+   * Non-402 responses pass through unmodified.
+   */
+  async fetch(url, options = {}) {
+    const {
+      maxPrice = DEFAULT_MAX_PRICE,
+      method = "GET",
+      headers = {},
+      body,
+      timeout = DEFAULT_TIMEOUT,
+      dryRun = false,
+      onPayment
+    } = options;
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), timeout);
+    try {
+      const initial = await globalThis.fetch(url, {
+        method,
+        headers,
+        body,
+        signal: controller.signal
+      });
+      if (initial.status !== 402) {
+        return initial;
+      }
+      const paymentRequired = parsePaymentRequired(
+        initial.headers.get(X402_HEADERS.PAYMENT_REQUIRED),
+        maxPrice
+      );
+      if (dryRun) {
+        return new Response(
+          JSON.stringify({
+            dryRun: true,
+            amount: paymentRequired.amount,
+            asset: paymentRequired.asset,
+            payTo: paymentRequired.payTo,
+            network: paymentRequired.network
+          }),
+          { status: 200, headers: { "content-type": "application/json" } }
+        );
+      }
+      const tx = await buildPaymentTransaction(
+        this.wallet.client,
+        this.wallet.address(),
+        {
+          nonce: paymentRequired.nonce,
+          amount: paymentRequired.amount,
+          payTo: paymentRequired.payTo
+        }
+      );
+      let result;
+      try {
+        result = await this.wallet.signAndExecute(tx);
+      } catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        if (msg.includes("EDuplicatePayment") || msg.includes("duplicate")) {
+          throw new T2000Error(
+            "DUPLICATE_PAYMENT",
+            "Payment nonce already used on-chain",
+            { nonce: paymentRequired.nonce }
+          );
+        }
+        if (msg.includes("InsufficientCoinBalance") || msg.includes("Insufficient")) {
+          throw new T2000Error(
+            "INSUFFICIENT_BALANCE",
+            "Not enough USDC to complete payment",
+            { required: paymentRequired.amount }
+          );
+        }
+        throw new T2000Error(
+          "TRANSACTION_FAILED",
+          `Payment transaction failed: ${msg}`,
+          { nonce: paymentRequired.nonce }
+        );
+      }
+      const paymentDetails = {
+        amount: paymentRequired.amount,
+        asset: paymentRequired.asset || "USDC",
+        payTo: paymentRequired.payTo,
+        nonce: paymentRequired.nonce,
+        txHash: result.digest
+      };
+      onPayment?.(paymentDetails);
+      const paymentPayload = {
+        txHash: result.digest,
+        network: "sui",
+        amount: paymentRequired.amount,
+        nonce: paymentRequired.nonce
+      };
+      const retry = await globalThis.fetch(url, {
+        method,
+        headers: {
+          ...headers,
+          [X402_HEADERS.X_PAYMENT]: JSON.stringify(paymentPayload)
+        },
+        body,
+        signal: controller.signal
+      });
+      return retry;
+    } finally {
+      clearTimeout(timeoutId);
+    }
+  }
+};
+function isPaymentReceipt(event) {
+  return event.type === PAYMENT_RECEIPT_EVENT_TYPE;
+}
+function parsePaymentReceiptFields(event) {
+  const json = event.parsedJson;
+  if (!json) return null;
+  return {
+    payment_amount: String(json.payment_amount ?? ""),
+    receiver: String(json.receiver ?? ""),
+    nonce: String(json.nonce ?? ""),
+    coin_type: json.coin_type ? String(json.coin_type) : void 0,
+    timestamp_ms: json.timestamp_ms ? String(json.timestamp_ms) : void 0
+  };
+}
+async function verifyPayment(client, req) {
+  if (Date.now() / 1e3 > req.expiresAt) {
+    return { verified: false, reason: "expired" };
+  }
+  let tx;
+  try {
+    tx = await client.getTransactionBlock({
+      digest: req.txHash,
+      options: { showEffects: true, showEvents: true }
+    });
+  } catch {
+    return { verified: false, reason: "tx_not_found" };
+  }
+  if (!tx) {
+    return { verified: false, reason: "tx_not_found" };
+  }
+  const receiptEvent = tx.events?.find(isPaymentReceipt);
+  if (!receiptEvent) {
+    return { verified: false, reason: "no_payment_event" };
+  }
+  const fields = parsePaymentReceiptFields(receiptEvent);
+  if (!fields) {
+    return { verified: false, reason: "no_payment_event" };
+  }
+  const expectedAmount = usdcToRaw(Number(req.amount));
+  if (BigInt(fields.payment_amount) !== expectedAmount) {
+    return { verified: false, reason: "amount_mismatch" };
+  }
+  if (fields.receiver !== req.payTo) {
+    return { verified: false, reason: "wrong_recipient" };
+  }
+  if (fields.nonce !== req.nonce) {
+    return { verified: false, reason: "nonce_mismatch" };
+  }
+  return {
+    verified: true,
+    txHash: req.txHash,
+    settledAmount: req.amount,
+    settledAt: Math.floor(Date.now() / 1e3)
+  };
+}
+export { CLOCK_ID, DEFAULT_FACILITATOR_URL, DEFAULT_MAX_PRICE, DEFAULT_TIMEOUT, PAYMENT_KIT_FUNCTION, PAYMENT_KIT_MODULE, PAYMENT_KIT_PACKAGE, PAYMENT_RECEIPT_EVENT_TYPE, T2000_PAYMENT_REGISTRY_ID, USDC_TYPE, X402_HEADERS, buildPaymentTransaction, parsePaymentRequired, verifyPayment, x402Client };
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/types.ts","../src/constants.ts","../src/payment-kit.ts","../src/client.ts","../src/facilitator.ts"],"names":["usdcToRaw"],"mappings":";;;;;;AAwEO,IAAM,YAAA,GAAe;AAAA,EAC1B,gBAAA,EAAkB,kBAAA;AAAA,EAClB,SAAA,EAAW;AACb;AAEO,IAAM,iBAAA,GAAoB;AAC1B,IAAM,eAAA,GAAkB;;;AC1ExB,IAAM,mBAAA,GACX,OAAA,CAAQ,GAAA,CAAI,mBAAA,IACZ;AAOK,IAAM,yBAAA,GACX,OAAA,CAAQ,GAAA,CAAI,yBAAA,IACZ;AAEK,IAAM,SAAA,GACX;AAEK,IAAM,QAAA,GAAW;AAEjB,IAAM,uBAAA,GAA0B;AAEhC,IAAM,kBAAA,GAAqB;AAC3B,IAAM,oBAAA,GAAuB;AAC7B,IAAM,0BAAA,GAA6B,CAAA,EAAG,mBAAmB,CAAA,EAAA,EAAK,kBAAkB,CAAA,gBAAA;;;ACOvF,eAAsB,uBAAA,CACpB,MAAA,EACA,aAAA,EACA,MAAA,EACsB;AACtB,EAAA,MAAM,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAM,GAAI,MAAA;AACjC,EAAA,MAAM,SAAA,GAAY,SAAA,CAAU,MAAA,CAAO,MAAM,CAAC,CAAA;AAE1C,EAAA,IAAI,CAAC,yBAAA,EAA2B;AAC9B,IAAA,MAAM,IAAI,KAAA;AAAA,MACR;AAAA,KAEF;AAAA,EACF;AAEA,EAAA,MAAM,KAAA,GAAQ,MAAM,MAAA,CAAO,QAAA,CAAS;AAAA,IAClC,KAAA,EAAO,aAAA;AAAA,IACP,QAAA,EAAU;AAAA,GACX,CAAA;AAED,EAAA,IAAI,KAAA,CAAM,IAAA,CAAK,MAAA,KAAW,CAAA,EAAG;AAC3B,IAAA,MAAM,IAAI,MAAM,+BAA+B,CAAA;AAAA,EACjD;AAEA,EAAA,MAAM,EAAA,GAAK,IAAI,WAAA,EAAY;AAE3B,EAAA,IAAI,cAAc,EAAA,CAAG,MAAA,CAAO,MAAM,IAAA,CAAK,CAAC,EAAE,YAAY,CAAA;AACtD,EAAA,IAAI,KAAA,CAAM,IAAA,CAAK,MAAA,GAAS,CAAA,EAAG;AACzB,IAAA,MAAM,UAAA,GAAa,KAAA,CAAM,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,CAAE,GAAA,CAAI,CAAA,CAAA,KAAK,EAAA,CAAG,MAAA,CAAO,CAAA,CAAE,YAAY,CAAC,CAAA;AACzE,IAAA,EAAA,CAAG,UAAA,CAAW,aAAa,UAAU,CAAA;AAAA,EACvC;AAEA,EAAA,MAAM,CAAC,WAAW,CAAA,GAAI,EAAA,CAAG,UAAA,CAAW,WAAA,EAAa,CAAC,EAAA,CAAG,IAAA,CAAK,GAAA,CAAI,SAAS,CAAC,CAAC,CAAA;AAEzE,EAAA,EAAA,CAAG,QAAA,CAAS;AAAA,IACV,QAAQ,CAAA,EAAG,mBAAmB,CAAA,EAAA,EAAK,kBAAkB,KAAK,oBAAoB,CAAA,CAAA;AAAA,IAC9E,SAAA,EAAW;AAAA,MACT,EAAA,CAAG,OAAO,yBAAyB,CAAA;AAAA,MACnC,EAAA,CAAG,IAAA,CAAK,MAAA,CAAO,KAAK,CAAA;AAAA,MACpB,EAAA,CAAG,IAAA,CAAK,GAAA,CAAI,SAAS,CAAA;AAAA,MACrB,WAAA;AAAA,MACA,EAAA,CAAG,IAAA,CAAK,MAAA,CAAO,SAAA,EAAW,KAAK,CAAA;AAAA,MAC/B,EAAA,CAAG,OAAO,QAAQ;AAAA,KACpB;AAAA,IACA,aAAA,EAAe,CAAC,SAAS;AAAA,GAC1B,CAAA;AAED,EAAA,OAAO,EAAA;AACT;;;AC7DO,SAAS,oBAAA,CACd,WAAA,EACA,QAAA,GAAmB,iBAAA,EACF;AACjB,EAAA,IAAI,CAAC,WAAA,EAAa;AAChB,IAAA,MAAM,IAAI,UAAA;AAAA,MACR,oBAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAA,GAAS,IAAA,CAAK,MAAM,WAAW,CAAA;AAAA,EACjC,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,IAAI,UAAA;AAAA,MACR,oBAAA;AAAA,MACA,iDAAA;AAAA,MACA,EAAE,KAAK,WAAA;AAAY,KACrB;AAAA,EACF;AAEA,EAAA,IAAI,CAAC,MAAA,CAAO,OAAA,IAAW,CAAC,OAAO,MAAA,IAAU,CAAC,MAAA,CAAO,KAAA,IAAS,CAAC,MAAA,CAAO,KAAA,IAAS,MAAA,CAAO,aAAa,IAAA,EAAM;AACnG,IAAA,MAAM,IAAI,UAAA;AAAA,MACR,oBAAA;AAAA,MACA,iDAAA;AAAA,MACA,EAAE,MAAA;AAAO,KACX;AAAA,EACF;AAEA,EAAA,IAAI,MAAA,CAAO,YAAY,KAAA,EAAO;AAC5B,IAAA,MAAM,IAAI,UAAA;AAAA,MACR,qBAAA;AAAA,MACA,CAAA,uBAAA,EAA0B,OAAO,OAAO,CAAA,2BAAA,CAAA;AAAA,MACxC,EAAE,OAAA,EAAS,MAAA,CAAO,OAAA;AAAQ,KAC5B;AAAA,EACF;AAEA,EAAA,IAAI,MAAA,CAAO,KAAA,IAAS,MAAA,CAAO,KAAA,KAAU,MAAA,EAAQ;AAC3C,IAAA,MAAM,IAAI,UAAA;AAAA,MACR,oBAAA;AAAA,MACA,CAAA,qBAAA,EAAwB,OAAO,KAAK,CAAA,4BAAA,CAAA;AAAA,MACpC,EAAE,KAAA,EAAO,MAAA,CAAO,KAAA;AAAM,KACxB;AAAA,EACF;AAEA,EAAA,IAAI,MAAA,CAAO,SAAA,GAAY,IAAA,CAAK,GAAA,KAAQ,GAAA,EAAM;AACxC,IAAA,MAAM,IAAI,UAAA;AAAA,MACR,iBAAA;AAAA,MACA,oCAAA;AAAA,MACA,EAAE,SAAA,EAAW,MAAA,CAAO,SAAA;AAAU,KAChC;AAAA,EACF;AAEA,EAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,MAAA,CAAO,MAAM,CAAA;AAClC,EAAA,IAAI,QAAQ,QAAA,EAAU;AACpB,IAAA,MAAM,IAAI,UAAA;AAAA,MACR,qBAAA;AAAA,MACA,CAAA,iBAAA,EAAoB,MAAA,CAAO,MAAM,CAAA,oBAAA,EAAuB,QAAQ,CAAA,CAAA;AAAA,MAChE,EAAE,SAAA,EAAW,MAAA,CAAO,MAAA,EAAQ,OAAO,QAAA;AAAS,KAC9C;AAAA,EACF;AAEA,EAAA,OAAO,MAAA;AACT;AAiBO,IAAM,aAAN,MAAiB;AAAA,EACd,MAAA;AAAA,EAER,YAAY,MAAA,EAAoB;AAC9B,IAAA,IAAA,CAAK,MAAA,GAAS,MAAA;AAAA,EAChB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,KAAA,CAAM,GAAA,EAAa,OAAA,GAA4B,EAAC,EAAsB;AAC1E,IAAA,MAAM;AAAA,MACJ,QAAA,GAAW,iBAAA;AAAA,MACX,MAAA,GAAS,KAAA;AAAA,MACT,UAAU,EAAC;AAAA,MACX,IAAA;AAAA,MACA,OAAA,GAAU,eAAA;AAAA,MACV,MAAA,GAAS,KAAA;AAAA,MACT;AAAA,KACF,GAAI,OAAA;AAEJ,IAAA,MAAM,UAAA,GAAa,IAAI,eAAA,EAAgB;AACvC,IAAA,MAAM,YAAY,UAAA,CAAW,MAAM,UAAA,CAAW,KAAA,IAAS,OAAO,CAAA;AAE9D,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,MAAM,UAAA,CAAW,KAAA,CAAM,GAAA,EAAK;AAAA,QAC1C,MAAA;AAAA,QACA,OAAA;AAAA,QACA,IAAA;AAAA,QACA,QAAQ,UAAA,CAAW;AAAA,OACpB,CAAA;AAED,MAAA,IAAI,OAAA,CAAQ,WAAW,GAAA,EAAK;AAC1B,QAAA,OAAO,OAAA;AAAA,MACT;AAEA,MAAA,MAAM,eAAA,GAAkB,oBAAA;AAAA,QACtB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,gBAAgB,CAAA;AAAA,QACjD;AAAA,OACF;AAEA,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,OAAO,IAAI,QAAA;AAAA,UACT,KAAK,SAAA,CAAU;AAAA,YACb,MAAA,EAAQ,IAAA;AAAA,YACR,QAAQ,eAAA,CAAgB,MAAA;AAAA,YACxB,OAAO,eAAA,CAAgB,KAAA;AAAA,YACvB,OAAO,eAAA,CAAgB,KAAA;AAAA,YACvB,SAAS,eAAA,CAAgB;AAAA,WAC1B,CAAA;AAAA,UACD,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,EAAE,cAAA,EAAgB,oBAAmB;AAAE,SACjE;AAAA,MACF;AAEA,MAAA,MAAM,KAAK,MAAM,uBAAA;AAAA,QACf,KAAK,MAAA,CAAO,MAAA;AAAA,QACZ,IAAA,CAAK,OAAO,OAAA,EAAQ;AAAA,QACpB;AAAA,UACE,OAAO,eAAA,CAAgB,KAAA;AAAA,UACvB,QAAQ,eAAA,CAAgB,MAAA;AAAA,UACxB,OAAO,eAAA,CAAgB;AAAA;AACzB,OACF;AAEA,MAAA,IAAI,MAAA;AACJ,MAAA,IAAI;AACF,QAAA,MAAA,GAAS,MAAM,IAAA,CAAK,MAAA,CAAO,cAAA,CAAe,EAAE,CAAA;AAAA,MAC9C,SAAS,GAAA,EAAK;AACZ,QAAA,MAAM,MAAM,GAAA,YAAe,KAAA,GAAQ,GAAA,CAAI,OAAA,GAAU,OAAO,GAAG,CAAA;AAC3D,QAAA,IAAI,IAAI,QAAA,CAAS,mBAAmB,KAAK,GAAA,CAAI,QAAA,CAAS,WAAW,CAAA,EAAG;AAClE,UAAA,MAAM,IAAI,UAAA;AAAA,YACR,mBAAA;AAAA,YACA,qCAAA;AAAA,YACA,EAAE,KAAA,EAAO,eAAA,CAAgB,KAAA;AAAM,WACjC;AAAA,QACF;AACA,QAAA,IAAI,IAAI,QAAA,CAAS,yBAAyB,KAAK,GAAA,CAAI,QAAA,CAAS,cAAc,CAAA,EAAG;AAC3E,UAAA,MAAM,IAAI,UAAA;AAAA,YACR,sBAAA;AAAA,YACA,qCAAA;AAAA,YACA,EAAE,QAAA,EAAU,eAAA,CAAgB,MAAA;AAAO,WACrC;AAAA,QACF;AACA,QAAA,MAAM,IAAI,UAAA;AAAA,UACR,oBAAA;AAAA,UACA,+BAA+B,GAAG,CAAA,CAAA;AAAA,UAClC,EAAE,KAAA,EAAO,eAAA,CAAgB,KAAA;AAAM,SACjC;AAAA,MACF;AAEA,MAAA,MAAM,cAAA,GAAiC;AAAA,QACrC,QAAQ,eAAA,CAAgB,MAAA;AAAA,QACxB,KAAA,EAAO,gBAAgB,KAAA,IAAS,MAAA;AAAA,QAChC,OAAO,eAAA,CAAgB,KAAA;AAAA,QACvB,OAAO,eAAA,CAAgB,KAAA;AAAA,QACvB,QAAQ,MAAA,CAAO;AAAA,OACjB;AAEA,MAAA,SAAA,GAAY,cAAc,CAAA;AAE1B,MAAA,MAAM,cAAA,GAAiC;AAAA,QACrC,QAAQ,MAAA,CAAO,MAAA;AAAA,QACf,OAAA,EAAS,KAAA;AAAA,QACT,QAAQ,eAAA,CAAgB,MAAA;AAAA,QACxB,OAAO,eAAA,CAAgB;AAAA,OACzB;AAEA,MAAA,MAAM,KAAA,GAAQ,MAAM,UAAA,CAAW,KAAA,CAAM,GAAA,EAAK;AAAA,QACxC,MAAA;AAAA,QACA,OAAA,EAAS;AAAA,UACP,GAAG,OAAA;AAAA,UACH,CAAC,YAAA,CAAa,SAAS,GAAG,IAAA,CAAK,UAAU,cAAc;AAAA,SACzD;AAAA,QACA,IAAA;AAAA,QACA,QAAQ,UAAA,CAAW;AAAA,OACpB,CAAA;AAED,MAAA,OAAO,KAAA;AAAA,IACT,CAAA,SAAE;AACA,MAAA,YAAA,CAAa,SAAS,CAAA;AAAA,IACxB;AAAA,EACF;AACF;AC/MA,SAAS,iBAAiB,KAAA,EAA0B;AAClD,EAAA,OAAO,MAAM,IAAA,KAAS,0BAAA;AACxB;AAEA,SAAS,0BAA0B,KAAA,EAA8C;AAC/E,EAAA,MAAM,OAAO,KAAA,CAAM,UAAA;AACnB,EAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAElB,EAAA,OAAO;AAAA,IACL,cAAA,EAAgB,MAAA,CAAO,IAAA,CAAK,cAAA,IAAkB,EAAE,CAAA;AAAA,IAChD,QAAA,EAAU,MAAA,CAAO,IAAA,CAAK,QAAA,IAAY,EAAE,CAAA;AAAA,IACpC,KAAA,EAAO,MAAA,CAAO,IAAA,CAAK,KAAA,IAAS,EAAE,CAAA;AAAA,IAC9B,WAAW,IAAA,CAAK,SAAA,GAAY,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,GAAI,MAAA;AAAA,IACrD,cAAc,IAAA,CAAK,YAAA,GAAe,MAAA,CAAO,IAAA,CAAK,YAAY,CAAA,GAAI;AAAA,GAChE;AACF;AAcA,eAAsB,aAAA,CACpB,QACA,GAAA,EACyB;AACzB,EAAA,IAAI,IAAA,CAAK,GAAA,EAAI,GAAI,GAAA,GAAO,IAAI,SAAA,EAAW;AACrC,IAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,MAAA,EAAQ,SAAA,EAAU;AAAA,EAC9C;AAEA,EAAA,IAAI,EAAA;AACJ,EAAA,IAAI;AACF,IAAA,EAAA,GAAK,MAAM,OAAO,mBAAA,CAAoB;AAAA,MACpC,QAAQ,GAAA,CAAI,MAAA;AAAA,MACZ,OAAA,EAAS,EAAE,WAAA,EAAa,IAAA,EAAM,YAAY,IAAA;AAAK,KAChD,CAAA;AAAA,EACH,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,MAAA,EAAQ,cAAA,EAAe;AAAA,EACnD;AAEA,EAAA,IAAI,CAAC,EAAA,EAAI;AACP,IAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,MAAA,EAAQ,cAAA,EAAe;AAAA,EACnD;AAEA,EAAA,MAAM,YAAA,GAAe,EAAA,CAAG,MAAA,EAAQ,IAAA,CAAK,gBAAgB,CAAA;AACrD,EAAA,IAAI,CAAC,YAAA,EAAc;AACjB,IAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,MAAA,EAAQ,kBAAA,EAAmB;AAAA,EACvD;AAEA,EAAA,MAAM,MAAA,GAAS,0BAA0B,YAAY,CAAA;AACrD,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,MAAA,EAAQ,kBAAA,EAAmB;AAAA,EACvD;AAEA,EAAA,MAAM,cAAA,GAAiBA,SAAAA,CAAU,MAAA,CAAO,GAAA,CAAI,MAAM,CAAC,CAAA;AACnD,EAAA,IAAI,MAAA,CAAO,MAAA,CAAO,cAAc,CAAA,KAAM,cAAA,EAAgB;AACpD,IAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,MAAA,EAAQ,iBAAA,EAAkB;AAAA,EACtD;AAEA,EAAA,IAAI,MAAA,CAAO,QAAA,KAAa,GAAA,CAAI,KAAA,EAAO;AACjC,IAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,MAAA,EAAQ,iBAAA,EAAkB;AAAA,EACtD;AAEA,EAAA,IAAI,MAAA,CAAO,KAAA,KAAU,GAAA,CAAI,KAAA,EAAO;AAC9B,IAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,MAAA,EAAQ,gBAAA,EAAwC;AAAA,EAC5E;AAEA,EAAA,OAAO;AAAA,IACL,QAAA,EAAU,IAAA;AAAA,IACV,QAAQ,GAAA,CAAI,MAAA;AAAA,IACZ,eAAe,GAAA,CAAI,MAAA;AAAA,IACnB,WAAW,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI;AAAA,GACzC;AACF","file":"index.js","sourcesContent":["export interface PaymentRequired {\n amount: string;\n asset: string;\n network: string;\n payTo: string;\n nonce: string;\n expiresAt: number;\n description?: string;\n}\n\nexport interface PaymentPayload {\n txHash: string;\n network: string;\n amount: string;\n nonce: string;\n}\n\nexport interface VerifyRequest {\n txHash: string;\n network: string;\n amount: string;\n asset: string;\n payTo: string;\n nonce: string;\n expiresAt: number;\n}\n\nexport interface VerifyResponse {\n verified: boolean;\n txHash?: string;\n settledAmount?: string;\n settledAt?: number;\n reason?: VerifyFailureReason;\n}\n\nexport type VerifyFailureReason =\n | 'expired'\n | 'tx_not_found'\n | 'no_payment_event'\n | 'amount_mismatch'\n | 'wrong_recipient'\n | 'nonce_mismatch';\n\nexport interface SettleRequest {\n txHash: string;\n nonce: string;\n}\n\nexport interface SettleResponse {\n settled: boolean;\n}\n\nexport interface X402ClientOptions {\n maxPrice?: number;\n method?: string;\n headers?: Record<string, string>;\n body?: string;\n timeout?: number;\n dryRun?: boolean;\n onPayment?: (details: PaymentDetails) => void;\n}\n\nexport interface PaymentDetails {\n amount: string;\n asset: string;\n payTo: string;\n nonce: string;\n txHash: string;\n}\n\nexport type X402FetchOptions = X402ClientOptions;\n\nexport const X402_HEADERS = {\n PAYMENT_REQUIRED: 'payment-required',\n X_PAYMENT: 'x-payment',\n} as const;\n\nexport const DEFAULT_MAX_PRICE = 1.0;\nexport const DEFAULT_TIMEOUT = 30_000;\n","/**\n * Sui Payment Kit package ID (mainnet).\n * Source: github.com/MystenLabs/sui-payment-kit Move.lock `original-published-id`.\n */\nexport const PAYMENT_KIT_PACKAGE =\n process.env.PAYMENT_KIT_PACKAGE ??\n '0xbc126f1535fba7d641cb9150ad9eae93b104972586ba20f3c60bfe0e53b69bc6';\n\n/**\n * t2000's PaymentRegistry object ID (mainnet).\n * Created via `create_registry` on Payment Kit Namespace.\n * Tx: 666ZX1PhfV3PVJtqVZfuToHoVGoTDeWCxzZb1u8aRgmL\n */\nexport const T2000_PAYMENT_REGISTRY_ID =\n process.env.T2000_PAYMENT_REGISTRY_ID ??\n '0x4009dd17305ed1b33352b808e9d0e9eb94d09085b2d5ec0f395c5cdfa2271291';\n\nexport const USDC_TYPE =\n '0xdba34672e30cb065b1f93e3ab55318768fd6fef66c15942c9f7cb846e2f900e7::usdc::USDC';\n\nexport const CLOCK_ID = '0x6';\n\nexport const DEFAULT_FACILITATOR_URL = 'https://api.t2000.ai/x402';\n\nexport const PAYMENT_KIT_MODULE = 'payment_kit';\nexport const PAYMENT_KIT_FUNCTION = 'process_registry_payment';\nexport const PAYMENT_RECEIPT_EVENT_TYPE = `${PAYMENT_KIT_PACKAGE}::${PAYMENT_KIT_MODULE}::PaymentReceipt`;\n","import { Transaction } from '@mysten/sui/transactions';\nimport type { SuiClient } from '@mysten/sui/client';\nimport { usdcToRaw } from '@t2000/sdk';\nimport {\n PAYMENT_KIT_PACKAGE,\n PAYMENT_KIT_MODULE,\n PAYMENT_KIT_FUNCTION,\n T2000_PAYMENT_REGISTRY_ID,\n USDC_TYPE,\n CLOCK_ID,\n} from './constants.js';\n\nexport interface PaymentPTBParams {\n nonce: string;\n amount: string;\n payTo: string;\n}\n\n/**\n * Builds a payment PTB using USDC coins from the wallet.\n *\n * The Move function signature:\n * process_registry_payment<CoinType>(\n * registry: &mut PaymentRegistry<CoinType>,\n * nonce: String,\n * amount: u64,\n * coin: Coin<CoinType>,\n * receiver: Option<address>,\n * clock: &Clock\n * )\n *\n * Move enforces nonce uniqueness atomically via EDuplicatePayment.\n */\nexport async function buildPaymentTransaction(\n client: SuiClient,\n senderAddress: string,\n params: PaymentPTBParams,\n): Promise<Transaction> {\n const { nonce, amount, payTo } = params;\n const rawAmount = usdcToRaw(Number(amount));\n\n if (!T2000_PAYMENT_REGISTRY_ID) {\n throw new Error(\n 'T2000_PAYMENT_REGISTRY_ID is not set. ' +\n 'Create a PaymentRegistry<USDC> via Payment Kit before using x402.'\n );\n }\n\n const coins = await client.getCoins({\n owner: senderAddress,\n coinType: USDC_TYPE,\n });\n\n if (coins.data.length === 0) {\n throw new Error('No USDC coins found in wallet');\n }\n\n const tx = new Transaction();\n\n let primaryCoin = tx.object(coins.data[0].coinObjectId);\n if (coins.data.length > 1) {\n const otherCoins = coins.data.slice(1).map(c => tx.object(c.coinObjectId));\n tx.mergeCoins(primaryCoin, otherCoins);\n }\n\n const [paymentCoin] = tx.splitCoins(primaryCoin, [tx.pure.u64(rawAmount)]);\n\n tx.moveCall({\n target: `${PAYMENT_KIT_PACKAGE}::${PAYMENT_KIT_MODULE}::${PAYMENT_KIT_FUNCTION}`,\n arguments: [\n tx.object(T2000_PAYMENT_REGISTRY_ID),\n tx.pure.string(nonce),\n tx.pure.u64(rawAmount),\n paymentCoin,\n tx.pure.option('address', payTo),\n tx.object(CLOCK_ID),\n ],\n typeArguments: [USDC_TYPE],\n });\n\n return tx;\n}\n","import type { SuiClient } from '@mysten/sui/client';\nimport type { Ed25519Keypair } from '@mysten/sui/keypairs/ed25519';\nimport { T2000Error } from '@t2000/sdk';\nimport type {\n PaymentRequired,\n PaymentPayload,\n X402FetchOptions,\n PaymentDetails,\n} from './types.js';\nimport {\n X402_HEADERS,\n DEFAULT_MAX_PRICE,\n DEFAULT_TIMEOUT,\n} from './types.js';\nimport { buildPaymentTransaction } from './payment-kit.js';\n\n/**\n * Parses the PAYMENT-REQUIRED header from a 402 response.\n * Validates network, asset, expiry, and price constraints.\n */\nexport function parsePaymentRequired(\n headerValue: string | null,\n maxPrice: number = DEFAULT_MAX_PRICE,\n): PaymentRequired {\n if (!headerValue) {\n throw new T2000Error(\n 'TRANSACTION_FAILED',\n '402 response missing PAYMENT-REQUIRED header',\n );\n }\n\n let parsed: PaymentRequired;\n try {\n parsed = JSON.parse(headerValue);\n } catch {\n throw new T2000Error(\n 'TRANSACTION_FAILED',\n 'Malformed PAYMENT-REQUIRED header: invalid JSON',\n { raw: headerValue },\n );\n }\n\n if (!parsed.network || !parsed.amount || !parsed.payTo || !parsed.nonce || parsed.expiresAt == null) {\n throw new T2000Error(\n 'TRANSACTION_FAILED',\n 'PAYMENT-REQUIRED header missing required fields',\n { parsed },\n );\n }\n\n if (parsed.network !== 'sui') {\n throw new T2000Error(\n 'UNSUPPORTED_NETWORK',\n `x402 requires network \"${parsed.network}\" but only Sui is supported`,\n { network: parsed.network },\n );\n }\n\n if (parsed.asset && parsed.asset !== 'USDC') {\n throw new T2000Error(\n 'TRANSACTION_FAILED',\n `x402 requires asset \"${parsed.asset}\" but only USDC is supported`,\n { asset: parsed.asset },\n );\n }\n\n if (parsed.expiresAt < Date.now() / 1000) {\n throw new T2000Error(\n 'PAYMENT_EXPIRED',\n 'x402 payment challenge has expired',\n { expiresAt: parsed.expiresAt },\n );\n }\n\n const price = Number(parsed.amount);\n if (price > maxPrice) {\n throw new T2000Error(\n 'PRICE_EXCEEDS_LIMIT',\n `Requested price $${parsed.amount} exceeds max price $${maxPrice}`,\n { requested: parsed.amount, limit: maxPrice },\n );\n }\n\n return parsed;\n}\n\nexport interface X402Wallet {\n client: SuiClient;\n keypair: Ed25519Keypair;\n address(): string;\n signAndExecute(tx: unknown): Promise<{ digest: string }>;\n}\n\n/**\n * x402 client for Sui. Handles the full 402 payment flow:\n * 1. Sends initial request\n * 2. Detects 402 Payment Required\n * 3. Parses payment terms\n * 4. Builds and executes Payment Kit PTB\n * 5. Retries with X-PAYMENT proof header\n */\nexport class x402Client {\n private wallet: X402Wallet;\n\n constructor(wallet: X402Wallet) {\n this.wallet = wallet;\n }\n\n /**\n * Makes an HTTP request, handling x402 payment if required.\n * Non-402 responses pass through unmodified.\n */\n async fetch(url: string, options: X402FetchOptions = {}): Promise<Response> {\n const {\n maxPrice = DEFAULT_MAX_PRICE,\n method = 'GET',\n headers = {},\n body,\n timeout = DEFAULT_TIMEOUT,\n dryRun = false,\n onPayment,\n } = options;\n\n const controller = new AbortController();\n const timeoutId = setTimeout(() => controller.abort(), timeout);\n\n try {\n const initial = await globalThis.fetch(url, {\n method,\n headers,\n body,\n signal: controller.signal,\n });\n\n if (initial.status !== 402) {\n return initial;\n }\n\n const paymentRequired = parsePaymentRequired(\n initial.headers.get(X402_HEADERS.PAYMENT_REQUIRED),\n maxPrice,\n );\n\n if (dryRun) {\n return new Response(\n JSON.stringify({\n dryRun: true,\n amount: paymentRequired.amount,\n asset: paymentRequired.asset,\n payTo: paymentRequired.payTo,\n network: paymentRequired.network,\n }),\n { status: 200, headers: { 'content-type': 'application/json' } },\n );\n }\n\n const tx = await buildPaymentTransaction(\n this.wallet.client,\n this.wallet.address(),\n {\n nonce: paymentRequired.nonce,\n amount: paymentRequired.amount,\n payTo: paymentRequired.payTo,\n },\n );\n\n let result: { digest: string };\n try {\n result = await this.wallet.signAndExecute(tx);\n } catch (err) {\n const msg = err instanceof Error ? err.message : String(err);\n if (msg.includes('EDuplicatePayment') || msg.includes('duplicate')) {\n throw new T2000Error(\n 'DUPLICATE_PAYMENT',\n 'Payment nonce already used on-chain',\n { nonce: paymentRequired.nonce },\n );\n }\n if (msg.includes('InsufficientCoinBalance') || msg.includes('Insufficient')) {\n throw new T2000Error(\n 'INSUFFICIENT_BALANCE',\n 'Not enough USDC to complete payment',\n { required: paymentRequired.amount },\n );\n }\n throw new T2000Error(\n 'TRANSACTION_FAILED',\n `Payment transaction failed: ${msg}`,\n { nonce: paymentRequired.nonce },\n );\n }\n\n const paymentDetails: PaymentDetails = {\n amount: paymentRequired.amount,\n asset: paymentRequired.asset || 'USDC',\n payTo: paymentRequired.payTo,\n nonce: paymentRequired.nonce,\n txHash: result.digest,\n };\n\n onPayment?.(paymentDetails);\n\n const paymentPayload: PaymentPayload = {\n txHash: result.digest,\n network: 'sui',\n amount: paymentRequired.amount,\n nonce: paymentRequired.nonce,\n };\n\n const retry = await globalThis.fetch(url, {\n method,\n headers: {\n ...headers,\n [X402_HEADERS.X_PAYMENT]: JSON.stringify(paymentPayload),\n },\n body,\n signal: controller.signal,\n });\n\n return retry;\n } finally {\n clearTimeout(timeoutId);\n }\n }\n}\n","import type { SuiClient, SuiEvent } from '@mysten/sui/client';\nimport { usdcToRaw } from '@t2000/sdk';\nimport type {\n VerifyRequest,\n VerifyResponse,\n VerifyFailureReason,\n} from './types.js';\nimport { PAYMENT_RECEIPT_EVENT_TYPE } from './constants.js';\n\ninterface PaymentReceiptFields {\n payment_amount: string;\n receiver: string;\n nonce: string;\n coin_type?: string;\n timestamp_ms?: string;\n}\n\nfunction isPaymentReceipt(event: SuiEvent): boolean {\n return event.type === PAYMENT_RECEIPT_EVENT_TYPE;\n}\n\nfunction parsePaymentReceiptFields(event: SuiEvent): PaymentReceiptFields | null {\n const json = event.parsedJson as Record<string, unknown> | undefined;\n if (!json) return null;\n\n return {\n payment_amount: String(json.payment_amount ?? ''),\n receiver: String(json.receiver ?? ''),\n nonce: String(json.nonce ?? ''),\n coin_type: json.coin_type ? String(json.coin_type) : undefined,\n timestamp_ms: json.timestamp_ms ? String(json.timestamp_ms) : undefined,\n };\n}\n\n/**\n * Verifies an x402 payment by checking the Sui transaction on-chain.\n *\n * Verification steps:\n * 1. Check if the challenge has expired\n * 2. Fetch the transaction from Sui RPC\n * 3. Find the PaymentReceipt event emitted by Payment Kit\n * 4. Validate amount, recipient, and nonce match the request\n *\n * Duplicate nonces are already prevented by Move's EDuplicatePayment.\n * This function only verifies payments that successfully landed on-chain.\n */\nexport async function verifyPayment(\n client: SuiClient,\n req: VerifyRequest,\n): Promise<VerifyResponse> {\n if (Date.now() / 1000 > req.expiresAt) {\n return { verified: false, reason: 'expired' };\n }\n\n let tx;\n try {\n tx = await client.getTransactionBlock({\n digest: req.txHash,\n options: { showEffects: true, showEvents: true },\n });\n } catch {\n return { verified: false, reason: 'tx_not_found' };\n }\n\n if (!tx) {\n return { verified: false, reason: 'tx_not_found' };\n }\n\n const receiptEvent = tx.events?.find(isPaymentReceipt);\n if (!receiptEvent) {\n return { verified: false, reason: 'no_payment_event' };\n }\n\n const fields = parsePaymentReceiptFields(receiptEvent);\n if (!fields) {\n return { verified: false, reason: 'no_payment_event' };\n }\n\n const expectedAmount = usdcToRaw(Number(req.amount));\n if (BigInt(fields.payment_amount) !== expectedAmount) {\n return { verified: false, reason: 'amount_mismatch' };\n }\n\n if (fields.receiver !== req.payTo) {\n return { verified: false, reason: 'wrong_recipient' };\n }\n\n if (fields.nonce !== req.nonce) {\n return { verified: false, reason: 'nonce_mismatch' as VerifyFailureReason };\n }\n\n return {\n verified: true,\n txHash: req.txHash,\n settledAmount: req.amount,\n settledAt: Math.floor(Date.now() / 1000),\n };\n}\n"]}

package/package.json ADDED Viewed

@@ -0,0 +1,58 @@
+{
+  "name": "@t2000/x402",
+  "version": "0.1.0",
+  "description": "x402 payment protocol client for AI agents on Sui — pay for API resources with USDC",
+  "type": "module",
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "require": "./dist/index.cjs"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "keywords": [
+    "x402",
+    "sui",
+    "payment",
+    "micropayment",
+    "usdc",
+    "ai",
+    "agent",
+    "402"
+  ],
+  "author": "t2000",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/mission69b/t2000",
+    "directory": "packages/x402"
+  },
+  "homepage": "https://t2000.ai",
+  "dependencies": {
+    "@mysten/sui": "^1",
+    "@t2000/sdk": "0.1.0"
+  },
+  "devDependencies": {
+    "@types/node": "^22",
+    "eslint": "^9",
+    "tsup": "^8",
+    "typescript": "^5",
+    "vitest": "^3"
+  },
+  "license": "MIT",
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "typecheck": "tsc --noEmit",
+    "lint": "eslint src/",
+    "clean": "rm -rf dist"
+  }
+}