npm - @techdigger/humanode-agentlink - Versions diffs - 0.2.0 - Mend

@techdigger/humanode-agentlink 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/cjs/index.js ADDED Viewed

@@ -0,0 +1,2300 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+// src/index.ts
+var src_exports = {};
+__export(src_exports, {
+  AGENTLINK: () => AGENTLINK,
+  AGENT_LINK_TYPES: () => AGENT_LINK_TYPES,
+  AgentLinkPayloadSchema: () => AgentLinkPayloadSchema,
+  BIOMAPPER_AGENT_REGISTRY_ABI: () => BIOMAPPER_AGENT_REGISTRY_ABI,
+  BIOMAPPER_AGENT_REGISTRY_NAME: () => BIOMAPPER_AGENT_REGISTRY_NAME,
+  BIOMAPPER_AGENT_REGISTRY_VERSION: () => BIOMAPPER_AGENT_REGISTRY_VERSION,
+  BIOMAPPER_APP_URLS: () => BIOMAPPER_APP_URLS,
+  BRIDGED_BIOMAPPER_ADDRESSES: () => BRIDGED_BIOMAPPER_ADDRESSES,
+  BRIDGED_BIOMAPPER_READ_ABI: () => BRIDGED_BIOMAPPER_READ_ABI,
+  BiomapperNetworkSchema: () => BiomapperNetworkSchema,
+  BiomapperQueryError: () => BiomapperQueryError,
+  CHECK_AGENT_STATUS_TOOL_DESCRIPTION: () => CHECK_AGENT_STATUS_TOOL_DESCRIPTION,
+  CHECK_AGENT_STATUS_TOOL_NAME: () => CHECK_AGENT_STATUS_TOOL_NAME,
+  CheckAgentStatusInputSchema: () => CheckAgentStatusInputSchema,
+  CheckAgentStatusResultSchema: () => CheckAgentStatusResultSchema,
+  GET_BIOMAPPER_INFO_TOOL_DESCRIPTION: () => GET_BIOMAPPER_INFO_TOOL_DESCRIPTION,
+  GET_BIOMAPPER_INFO_TOOL_NAME: () => GET_BIOMAPPER_INFO_TOOL_NAME,
+  GET_CURRENT_GENERATION_TOOL_DESCRIPTION: () => GET_CURRENT_GENERATION_TOOL_DESCRIPTION,
+  GET_CURRENT_GENERATION_TOOL_NAME: () => GET_CURRENT_GENERATION_TOOL_NAME,
+  GetBiomapperInfoInputSchema: () => GetBiomapperInfoInputSchema,
+  GetBiomapperInfoResultSchema: () => GetBiomapperInfoResultSchema,
+  GetCurrentGenerationInputSchema: () => GetCurrentGenerationInputSchema,
+  GetCurrentGenerationResultSchema: () => GetCurrentGenerationResultSchema,
+  InMemoryAgentLinkStorage: () => InMemoryAgentLinkStorage,
+  InMemoryLinkSessionStore: () => InMemoryLinkSessionStore,
+  agentlinkResourceServerExtension: () => agentlinkResourceServerExtension,
+  buildAgentLinkSchema: () => buildAgentLinkSchema,
+  buildAgentLinkTypedData: () => buildAgentLinkTypedData,
+  buildAgentLinkUsageKey: () => buildAgentLinkUsageKey,
+  buildEmbeddedHostedLinkUrl: () => buildEmbeddedHostedLinkUrl,
+  buildHostedLinkUrl: () => buildHostedLinkUrl,
+  createAgentLinkConsent: () => createAgentLinkConsent,
+  createAgentLinkHooks: () => createAgentLinkHooks,
+  createAgentLinkWebhookDispatcher: () => createAgentLinkWebhookDispatcher,
+  createAgentLinkWebhookEnvelope: () => createAgentLinkWebhookEnvelope,
+  createBiomapperLink: () => createBiomapperLink,
+  createBiomapperQueryClient: () => createBiomapperQueryClient,
+  createBiomapperRegistryVerifier: () => createBiomapperRegistryVerifier,
+  createHonoPaymentMiddlewareFromHTTPServer: () => createHonoPaymentMiddlewareFromHTTPServer,
+  createLinkSession: () => createLinkSession,
+  createNextPaymentHandlerFromHTTPServer: () => createNextPaymentHandlerFromHTTPServer,
+  declareAgentLinkExtension: () => declareAgentLinkExtension,
+  decodeLinkSession: () => decodeLinkSession,
+  dispatchAgentLinkWebhook: () => dispatchAgentLinkWebhook,
+  encodeLinkSession: () => encodeLinkSession,
+  extractEVMChainId: () => extractEVMChainId,
+  formatSIWEMessage: () => formatSIWEMessage,
+  getLinkSession: () => getLinkSession,
+  parseAgentLinkHeader: () => parseAgentLinkHeader,
+  validateAgentLinkMessage: () => validateAgentLinkMessage,
+  validateLinkSession: () => validateLinkSession,
+  verifyAgentLinkSignature: () => verifyAgentLinkSignature,
+  verifyAgentLinkWebhookSignature: () => verifyAgentLinkWebhookSignature,
+  verifyEVMSignature: () => verifyEVMSignature
+});
+module.exports = __toCommonJS(src_exports);
+// src/types.ts
+var import_zod = require("zod");
+var AGENTLINK = "agentlink";
+var AgentLinkPayloadSchema = import_zod.z.object({
+  domain: import_zod.z.string(),
+  address: import_zod.z.string(),
+  statement: import_zod.z.string().optional(),
+  uri: import_zod.z.string(),
+  version: import_zod.z.string(),
+  chainId: import_zod.z.string(),
+  type: import_zod.z.enum(["eip191", "eip1271"]),
+  nonce: import_zod.z.string(),
+  issuedAt: import_zod.z.string(),
+  expirationTime: import_zod.z.string().optional(),
+  notBefore: import_zod.z.string().optional(),
+  requestId: import_zod.z.string().optional(),
+  resources: import_zod.z.array(import_zod.z.string()).optional(),
+  signatureScheme: import_zod.z.enum(["eip191", "eip1271"]).optional(),
+  signature: import_zod.z.string()
+});
+// src/schema.ts
+function buildAgentLinkSchema() {
+  return {
+    $schema: "https://json-schema.org/draft/2020-12/schema",
+    type: "object",
+    properties: {
+      domain: { type: "string" },
+      address: { type: "string" },
+      statement: { type: "string" },
+      uri: { type: "string", format: "uri" },
+      version: { type: "string" },
+      chainId: { type: "string" },
+      type: { type: "string" },
+      nonce: { type: "string" },
+      issuedAt: { type: "string", format: "date-time" },
+      expirationTime: { type: "string", format: "date-time" },
+      notBefore: { type: "string", format: "date-time" },
+      requestId: { type: "string" },
+      resources: { type: "array", items: { type: "string", format: "uri" } },
+      signature: { type: "string" }
+    },
+    required: ["domain", "address", "uri", "version", "chainId", "type", "nonce", "issuedAt", "signature"]
+  };
+}
+// src/declare.ts
+function getSignatureTypes(network) {
+  if (!network.startsWith("eip155:")) {
+    throw new Error(`Biomapper-backed AgentLink only supports EVM networks. Received "${network}".`);
+  }
+  return ["eip191", "eip1271"];
+}
+function declareAgentLinkExtension(options = {}) {
+  const info = {
+    version: options.version ?? "1"
+  };
+  if (options.domain) {
+    info.domain = options.domain;
+  }
+  if (options.resourceUri) {
+    info.uri = options.resourceUri;
+    info.resources = [options.resourceUri];
+  }
+  if (options.statement) {
+    info.statement = options.statement;
+  }
+  let supportedChains = [];
+  if (options.network) {
+    const networks = Array.isArray(options.network) ? options.network : [options.network];
+    supportedChains = networks.flatMap(
+      (network) => getSignatureTypes(network).map((type) => ({
+        chainId: network,
+        type
+      }))
+    );
+  }
+  const declaration = {
+    info,
+    supportedChains,
+    schema: buildAgentLinkSchema(),
+    _options: options
+  };
+  return { [AGENTLINK]: declaration };
+}
+// src/server.ts
+var import_crypto = require("crypto");
+var agentlinkResourceServerExtension = {
+  key: AGENTLINK,
+  enrichPaymentRequiredResponse: async (declaration, context) => {
+    const decl = declaration;
+    const opts = decl._options ?? {};
+    const resourceUri = opts.resourceUri ?? context.resourceInfo.url;
+    let domain = opts.domain;
+    if (!domain && resourceUri) {
+      try {
+        domain = new URL(resourceUri).hostname;
+      } catch {
+      }
+    }
+    let networks;
+    if (opts.network) {
+      networks = Array.isArray(opts.network) ? opts.network : [opts.network];
+    } else {
+      networks = [...new Set(context.requirements.map((r) => r.network))];
+    }
+    const nonce = (0, import_crypto.randomBytes)(16).toString("hex");
+    const issuedAt = (/* @__PURE__ */ new Date()).toISOString();
+    const expirationSeconds = opts.expirationSeconds;
+    const expirationTime = expirationSeconds !== void 0 ? new Date(Date.now() + expirationSeconds * 1e3).toISOString() : void 0;
+    const info = {
+      domain: domain ?? "",
+      uri: resourceUri,
+      version: opts.version ?? "1",
+      nonce,
+      issuedAt,
+      resources: [resourceUri]
+    };
+    if (expirationTime) {
+      info.expirationTime = expirationTime;
+    }
+    if (opts.statement) {
+      info.statement = opts.statement;
+    }
+    const supportedChains = networks.flatMap(
+      (network) => getSignatureTypes(network).map((type) => ({
+        chainId: network,
+        type
+      }))
+    );
+    return {
+      info,
+      supportedChains,
+      schema: buildAgentLinkSchema(),
+      ...opts.mode ? { mode: opts.mode } : {}
+    };
+  }
+};
+// src/parse.ts
+var import_utils = require("@x402/core/utils");
+function parseAgentLinkHeader(header) {
+  if (!import_utils.Base64EncodedRegex.test(header)) {
+    throw new Error("Invalid agentlink header: not valid base64");
+  }
+  const jsonStr = (0, import_utils.safeBase64Decode)(header);
+  let rawPayload;
+  try {
+    rawPayload = JSON.parse(jsonStr);
+  } catch (error) {
+    if (error instanceof SyntaxError) {
+      throw new Error("Invalid agentlink header: not valid JSON");
+    }
+    throw error;
+  }
+  const parsed = AgentLinkPayloadSchema.safeParse(rawPayload);
+  if (!parsed.success) {
+    const issues = parsed.error.issues.map((i) => `${i.path.join(".")}: ${i.message}`).join(", ");
+    throw new Error(`Invalid agentlink header: ${issues}`);
+  }
+  return parsed.data;
+}
+// src/validate.ts
+var DEFAULT_MAX_AGE_MS = 5 * 60 * 1e3;
+function normalizeComparableUrl(input) {
+  const url = new URL(input);
+  return {
+    host: url.host,
+    pathname: url.pathname,
+    search: url.search
+  };
+}
+async function validateAgentLinkMessage(message, expectedResourceUri, options = {}) {
+  const expectedUrl = new URL(expectedResourceUri);
+  const expectedResource = normalizeComparableUrl(expectedResourceUri);
+  const maxAge = options.maxAge ?? DEFAULT_MAX_AGE_MS;
+  if (message.domain !== expectedUrl.hostname) {
+    return {
+      valid: false,
+      error: `Domain mismatch: expected "${expectedUrl.hostname}", got "${message.domain}"`
+    };
+  }
+  let messageResource;
+  try {
+    messageResource = normalizeComparableUrl(message.uri);
+  } catch {
+    return { valid: false, error: `Invalid URI: "${message.uri}"` };
+  }
+  if (messageResource.host !== expectedResource.host) {
+    return {
+      valid: false,
+      error: `URI host mismatch: expected "${expectedResource.host}", got "${messageResource.host}"`
+    };
+  }
+  if (messageResource.pathname !== expectedResource.pathname) {
+    return {
+      valid: false,
+      error: `URI path mismatch: expected "${expectedResource.pathname}", got "${messageResource.pathname}"`
+    };
+  }
+  if (messageResource.search !== expectedResource.search) {
+    return {
+      valid: false,
+      error: `URI query mismatch: expected "${expectedResource.search}", got "${messageResource.search}"`
+    };
+  }
+  const issuedAt = new Date(message.issuedAt);
+  if (isNaN(issuedAt.getTime())) {
+    return { valid: false, error: "Invalid issuedAt timestamp" };
+  }
+  const age = Date.now() - issuedAt.getTime();
+  if (age > maxAge) {
+    return {
+      valid: false,
+      error: `Message too old: ${Math.round(age / 1e3)}s exceeds ${maxAge / 1e3}s limit`
+    };
+  }
+  if (age < 0) {
+    return { valid: false, error: "issuedAt is in the future" };
+  }
+  if (message.expirationTime) {
+    const expiration = new Date(message.expirationTime);
+    if (isNaN(expiration.getTime())) {
+      return { valid: false, error: "Invalid expirationTime timestamp" };
+    }
+    if (expiration < /* @__PURE__ */ new Date()) {
+      return { valid: false, error: "Message expired" };
+    }
+  }
+  if (message.notBefore) {
+    const notBefore = new Date(message.notBefore);
+    if (isNaN(notBefore.getTime())) {
+      return { valid: false, error: "Invalid notBefore timestamp" };
+    }
+    if (/* @__PURE__ */ new Date() < notBefore) {
+      return { valid: false, error: "Message not yet valid (notBefore is in the future)" };
+    }
+  }
+  if (options.checkNonce) {
+    const nonceValid = await options.checkNonce(message.nonce);
+    if (!nonceValid) {
+      return { valid: false, error: "Nonce validation failed (possible replay attack)" };
+    }
+  }
+  return { valid: true };
+}
+// src/evm.ts
+var import_siwe = require("siwe");
+// src/viem-client.ts
+var chains = __toESM(require("viem/chains"));
+var import_viem = require("viem");
+var allChains = Object.values(chains);
+var clientCache = /* @__PURE__ */ new Map();
+function getPublicClient(numericChainId, rpcUrl) {
+  const cacheKey = `${numericChainId}:${rpcUrl ?? ""}`;
+  let cached = clientCache.get(cacheKey);
+  if (cached) return cached;
+  let chain;
+  if (rpcUrl) {
+    chain = { id: numericChainId };
+  } else {
+    chain = (0, import_viem.extractChain)({ chains: allChains, id: numericChainId });
+  }
+  cached = (0, import_viem.createPublicClient)({ chain, transport: (0, import_viem.http)(rpcUrl) });
+  clientCache.set(cacheKey, cached);
+  return cached;
+}
+// src/evm.ts
+function extractEVMChainId(chainId) {
+  const match = /^eip155:(\d+)$/.exec(chainId);
+  if (!match) {
+    throw new Error(`Invalid EVM chainId format: ${chainId}. Expected eip155:<number>`);
+  }
+  return parseInt(match[1], 10);
+}
+function formatSIWEMessage(info, address) {
+  const numericChainId = extractEVMChainId(info.chainId);
+  const siweMessage = new import_siwe.SiweMessage({
+    domain: info.domain,
+    address,
+    statement: info.statement,
+    uri: info.uri,
+    version: info.version,
+    chainId: numericChainId,
+    nonce: info.nonce,
+    issuedAt: info.issuedAt,
+    expirationTime: info.expirationTime,
+    notBefore: info.notBefore,
+    requestId: info.requestId,
+    resources: info.resources
+  });
+  return siweMessage.prepareMessage();
+}
+async function verifyEVMSignature(message, address, signature, chainId, rpcUrl) {
+  const numericChainId = extractEVMChainId(chainId);
+  const client = getPublicClient(numericChainId, rpcUrl);
+  return client.verifyMessage({
+    address,
+    message,
+    signature
+  });
+}
+// src/verify.ts
+async function verifyAgentLinkSignature(payload, rpcUrl) {
+  try {
+    if (payload.chainId.startsWith("eip155:")) {
+      return verifyEVMPayload(payload, rpcUrl);
+    }
+    return {
+      valid: false,
+      error: `Unsupported chain namespace: ${payload.chainId}. Biomapper-backed AgentLink currently supports EVM chains only.`
+    };
+  } catch (error) {
+    return {
+      valid: false,
+      error: error instanceof Error ? error.message : "Verification failed"
+    };
+  }
+}
+async function verifyEVMPayload(payload, rpcUrl) {
+  const message = formatSIWEMessage(
+    {
+      domain: payload.domain,
+      uri: payload.uri,
+      statement: payload.statement,
+      version: payload.version,
+      chainId: payload.chainId,
+      type: payload.type,
+      nonce: payload.nonce,
+      issuedAt: payload.issuedAt,
+      expirationTime: payload.expirationTime,
+      notBefore: payload.notBefore,
+      requestId: payload.requestId,
+      resources: payload.resources
+    },
+    payload.address
+  );
+  try {
+    const valid = await verifyEVMSignature(message, payload.address, payload.signature, payload.chainId, rpcUrl);
+    if (!valid) {
+      return {
+        valid: false,
+        error: `Signature verification failed. The signature does not match the reconstructed SIWE message. Ensure your agent signs exactly this message using EIP-191 (EOA) or ERC-1271 (smart wallet):
+${message}`
+      };
+    }
+    return { valid: true, address: payload.address };
+  } catch (error) {
+    const reason = error instanceof Error ? error.message : "Unknown error";
+    return {
+      valid: false,
+      error: `Signature verification error: ${reason}. The SIWE message the server reconstructed from your payload:
+${message}`
+    };
+  }
+}
+// src/biomapper-registry.ts
+var import_viem2 = require("viem");
+var BASE_MAINNET = "eip155:8453";
+var BASE_SEPOLIA = "eip155:84532";
+var KNOWN_DEPLOYMENTS = {};
+var BIOMAPPER_AGENT_REGISTRY_ABI = [
+  {
+    inputs: [{ internalType: "address", name: "agent", type: "address" }],
+    name: "agentNonce",
+    outputs: [{ internalType: "uint256", name: "nonce", type: "uint256" }],
+    stateMutability: "view",
+    type: "function"
+  },
+  {
+    inputs: [{ internalType: "address", name: "agent", type: "address" }],
+    name: "getAgentStatus",
+    outputs: [
+      { internalType: "address", name: "owner", type: "address" },
+      { internalType: "uint256", name: "generationPtr", type: "uint256" },
+      { internalType: "bool", name: "active", type: "bool" }
+    ],
+    stateMutability: "view",
+    type: "function"
+  },
+  {
+    inputs: [{ internalType: "address", name: "agent", type: "address" }],
+    name: "linkedOwner",
+    outputs: [{ internalType: "address", name: "owner", type: "address" }],
+    stateMutability: "view",
+    type: "function"
+  },
+  {
+    inputs: [
+      { internalType: "address", name: "agent", type: "address" },
+      { internalType: "uint256", name: "deadline", type: "uint256" },
+      { internalType: "bytes", name: "signature", type: "bytes" }
+    ],
+    name: "linkAgent",
+    outputs: [],
+    stateMutability: "nonpayable",
+    type: "function"
+  }
+];
+function createBiomapperRegistryVerifier(options = {}) {
+  function resolveLookupChainId(chainId) {
+    if (options.network === "base") return BASE_MAINNET;
+    if (options.network === "base-sepolia") return BASE_SEPOLIA;
+    if (chainId === BASE_SEPOLIA) return BASE_SEPOLIA;
+    return BASE_MAINNET;
+  }
+  function getClient2(chainId) {
+    if (options.client) return options.client;
+    const lookupChainId = options.contractAddress && options.rpcUrl && !options.network ? chainId : resolveLookupChainId(chainId);
+    return getPublicClient(extractEVMChainId(lookupChainId), options.rpcUrl);
+  }
+  function getContractAddress(chainId) {
+    if (options.contractAddress) return options.contractAddress;
+    return KNOWN_DEPLOYMENTS[resolveLookupChainId(chainId)] ?? null;
+  }
+  return {
+    async getAgentStatus(address, chainId) {
+      if (!chainId.startsWith("eip155:")) return null;
+      const contractAddress = getContractAddress(chainId);
+      if (!contractAddress) return null;
+      const client = getClient2(chainId);
+      try {
+        const [owner, generationPtr, active] = await client.readContract({
+          address: contractAddress,
+          abi: BIOMAPPER_AGENT_REGISTRY_ABI,
+          functionName: "getAgentStatus",
+          args: [address]
+        });
+        return {
+          owner: owner === import_viem2.zeroAddress ? null : owner,
+          generationPtr,
+          active
+        };
+      } catch {
+        return null;
+      }
+    }
+  };
+}
+// src/biomapper.ts
+var BRIDGED_BIOMAPPER_ADDRESSES = {
+  base: "0x31e98F489ad65dF5Ee43CBe06e4f35557Cd0abb2",
+  "base-sepolia": "0x16F2a7AC67B6aC1E57dD5528A24b1fC689902Be2"
+};
+var BIOMAPPER_APP_URLS = {
+  base: "https://mainnet.biomapper.hmnd.app/",
+  "base-sepolia": "https://testnet5.biomapper.hmnd.app/"
+};
+var BRIDGED_BIOMAPPER_READ_ABI = [
+  {
+    inputs: [],
+    name: "generationsHead",
+    outputs: [{ internalType: "uint256", name: "", type: "uint256" }],
+    stateMutability: "view",
+    type: "function"
+  },
+  {
+    inputs: [
+      { internalType: "address", name: "owner", type: "address" },
+      { internalType: "uint256", name: "generationPtr", type: "uint256" }
+    ],
+    name: "lookupBiomappingPtr",
+    outputs: [{ internalType: "uint256", name: "", type: "uint256" }],
+    stateMutability: "view",
+    type: "function"
+  }
+];
+// src/biomapper-query.ts
+var import_zod2 = require("zod");
+var import_viem3 = require("viem");
+var BiomapperNetworkSchema = import_zod2.z.enum(["base", "base-sepolia"]);
+var BiomapperAddressSchema = import_zod2.z.string().regex(/^0x[a-fA-F0-9]{40}$/, "Expected a 20-byte EVM address.");
+var BiomapperRpcUrlSchema = import_zod2.z.string().url();
+var NETWORK_CHAIN_IDS = {
+  base: 8453,
+  "base-sepolia": 84532
+};
+var NETWORK_CAIP2_IDS = {
+  base: "eip155:8453",
+  "base-sepolia": "eip155:84532"
+};
+var CHECK_AGENT_STATUS_TOOL_NAME = "check_agent_status";
+var GET_CURRENT_GENERATION_TOOL_NAME = "get_current_generation";
+var GET_BIOMAPPER_INFO_TOOL_NAME = "get_biomapper_info";
+var CHECK_AGENT_STATUS_TOOL_DESCRIPTION = "Check if an agent wallet is linked to a biomapped human and whether the link is currently active. Returns the owner address, current Biomapper generation pointer, and active status.";
+var GET_CURRENT_GENERATION_TOOL_DESCRIPTION = "Get the current Biomapper generation pointer from the Bridged Biomapper contract. Generations represent verification periods \u2014 when a generation ends, usage quotas reset.";
+var GET_BIOMAPPER_INFO_TOOL_DESCRIPTION = "Get Biomapper network metadata \u2014 contract addresses, app URLs, and supported networks. Useful for discovering where to point registry queries or where users can verify their identity.";
+var CheckAgentStatusInputSchema = import_zod2.z.object({
+  agentAddress: BiomapperAddressSchema.describe("The agent wallet address (0x...)"),
+  network: BiomapperNetworkSchema.optional().describe("The network to query"),
+  registryAddress: BiomapperAddressSchema.optional().describe("The BiomapperAgentRegistry contract address (0x...)"),
+  rpcUrl: BiomapperRpcUrlSchema.optional().describe("Custom RPC URL (uses public RPC if omitted)")
+});
+var GetCurrentGenerationInputSchema = import_zod2.z.object({
+  network: BiomapperNetworkSchema.optional().describe("The network to query"),
+  rpcUrl: BiomapperRpcUrlSchema.optional().describe("Custom RPC URL (uses public RPC if omitted)")
+});
+var GetBiomapperInfoInputSchema = import_zod2.z.object({
+  network: BiomapperNetworkSchema.optional().describe("Specific network (returns all if omitted)")
+});
+var BiomapperNetworkInfoSchema = import_zod2.z.object({
+  network: BiomapperNetworkSchema,
+  bridgedBiomapper: BiomapperAddressSchema,
+  biomapperAppUrl: import_zod2.z.string().url(),
+  chainId: import_zod2.z.number().int().positive(),
+  caip2: import_zod2.z.string()
+});
+var CheckAgentStatusResultSchema = import_zod2.z.object({
+  linked: import_zod2.z.boolean(),
+  active: import_zod2.z.boolean(),
+  agentAddress: BiomapperAddressSchema,
+  owner: BiomapperAddressSchema.nullable(),
+  generationPtr: import_zod2.z.string().nullable(),
+  network: BiomapperNetworkSchema,
+  message: import_zod2.z.string()
+});
+var GetCurrentGenerationResultSchema = import_zod2.z.object({
+  generationsHead: import_zod2.z.string(),
+  network: BiomapperNetworkSchema,
+  bridgedBiomapper: BiomapperAddressSchema,
+  biomapperAppUrl: import_zod2.z.string().url()
+});
+var GetBiomapperInfoResultSchema = import_zod2.z.object({
+  networks: import_zod2.z.array(BiomapperNetworkInfoSchema)
+});
+var BiomapperQueryError = class extends Error {
+  constructor(code, message, options) {
+    super(message);
+    this.code = code;
+    this.name = "BiomapperQueryError";
+    if (options?.cause !== void 0) {
+      ;
+      this.cause = options.cause;
+    }
+  }
+};
+function getErrorMessage(error) {
+  return error instanceof Error ? error.message : String(error);
+}
+function createValidationError(method, result) {
+  return new BiomapperQueryError("invalid_input", `${method} received invalid input: ${result.error.message}`, {
+    cause: result.error
+  });
+}
+function resolveNetworkInfo(network) {
+  return {
+    network,
+    bridgedBiomapper: BRIDGED_BIOMAPPER_ADDRESSES[network],
+    biomapperAppUrl: BIOMAPPER_APP_URLS[network],
+    chainId: NETWORK_CHAIN_IDS[network],
+    caip2: NETWORK_CAIP2_IDS[network]
+  };
+}
+function createBiomapperQueryClient(defaults = {}) {
+  const parsedDefaults = import_zod2.z.object({
+    network: BiomapperNetworkSchema.optional(),
+    registryAddress: BiomapperAddressSchema.optional(),
+    rpcUrl: BiomapperRpcUrlSchema.optional()
+  }).safeParse({
+    network: defaults.network,
+    registryAddress: defaults.registryAddress,
+    rpcUrl: defaults.rpcUrl
+  });
+  if (!parsedDefaults.success) {
+    throw createValidationError("createBiomapperQueryClient", parsedDefaults);
+  }
+  function getClient2(network, rpcUrl) {
+    if (defaults.client) return defaults.client;
+    return getPublicClient(NETWORK_CHAIN_IDS[network], rpcUrl ?? defaults.rpcUrl);
+  }
+  function resolveRequiredNetwork(network) {
+    const resolvedNetwork = network ?? defaults.network;
+    if (!resolvedNetwork) {
+      throw new BiomapperQueryError(
+        "missing_network",
+        "Biomapper network is required. Pass `network` to this call or set a default in createBiomapperQueryClient(...)."
+      );
+    }
+    return resolvedNetwork;
+  }
+  function resolveRegistryAddress(registryAddress) {
+    const resolvedRegistryAddress = registryAddress ?? defaults.registryAddress;
+    if (!resolvedRegistryAddress) {
+      throw new BiomapperQueryError(
+        "missing_registry",
+        "Biomapper registry address is required for agent status queries. Pass `registryAddress` to this call or set a default in createBiomapperQueryClient(...)."
+      );
+    }
+    return resolvedRegistryAddress;
+  }
+  return {
+    async checkAgentStatus(input) {
+      const parsed = CheckAgentStatusInputSchema.safeParse(input);
+      if (!parsed.success) {
+        throw createValidationError("checkAgentStatus", parsed);
+      }
+      const network = resolveRequiredNetwork(parsed.data.network);
+      const registryAddress = resolveRegistryAddress(parsed.data.registryAddress);
+      const client = getClient2(network, parsed.data.rpcUrl);
+      try {
+        const [owner, generationPtr, active] = await client.readContract({
+          address: registryAddress,
+          abi: BIOMAPPER_AGENT_REGISTRY_ABI,
+          functionName: "getAgentStatus",
+          args: [parsed.data.agentAddress]
+        });
+        if (owner === import_viem3.zeroAddress) {
+          return CheckAgentStatusResultSchema.parse({
+            linked: false,
+            active: false,
+            agentAddress: parsed.data.agentAddress,
+            owner: null,
+            generationPtr: null,
+            network,
+            message: "This agent is not linked to any owner."
+          });
+        }
+        return CheckAgentStatusResultSchema.parse({
+          linked: true,
+          active,
+          agentAddress: parsed.data.agentAddress,
+          owner,
+          generationPtr: generationPtr.toString(),
+          network,
+          message: active ? "Agent is linked and active \u2014 the owner is biomapped in the current generation." : "Agent is linked but inactive \u2014 the owner needs to re-verify with Biomapper for the current generation."
+        });
+      } catch (error) {
+        throw new BiomapperQueryError(
+          "query_failed",
+          `Failed to query Biomapper agent status: ${getErrorMessage(error)}`,
+          { cause: error }
+        );
+      }
+    },
+    async getCurrentGeneration(input = {}) {
+      const parsed = GetCurrentGenerationInputSchema.safeParse(input);
+      if (!parsed.success) {
+        throw createValidationError("getCurrentGeneration", parsed);
+      }
+      const network = resolveRequiredNetwork(parsed.data.network);
+      const client = getClient2(network, parsed.data.rpcUrl);
+      const info = resolveNetworkInfo(network);
+      try {
+        const generationsHead = await client.readContract({
+          address: info.bridgedBiomapper,
+          abi: BRIDGED_BIOMAPPER_READ_ABI,
+          functionName: "generationsHead"
+        });
+        return GetCurrentGenerationResultSchema.parse({
+          generationsHead: generationsHead.toString(),
+          network,
+          bridgedBiomapper: info.bridgedBiomapper,
+          biomapperAppUrl: info.biomapperAppUrl
+        });
+      } catch (error) {
+        throw new BiomapperQueryError(
+          "query_failed",
+          `Failed to query Biomapper generation: ${getErrorMessage(error)}`,
+          { cause: error }
+        );
+      }
+    },
+    async getBiomapperInfo(input = {}) {
+      const parsed = GetBiomapperInfoInputSchema.safeParse(input);
+      if (!parsed.success) {
+        throw createValidationError("getBiomapperInfo", parsed);
+      }
+      const resolvedNetwork = parsed.data.network ?? defaults.network;
+      const networks = resolvedNetwork ? [resolvedNetwork] : [...BiomapperNetworkSchema.options];
+      return GetBiomapperInfoResultSchema.parse({
+        networks: networks.map((network) => resolveNetworkInfo(network))
+      });
+    }
+  };
+}
+// src/link-consent.ts
+var import_chains = require("viem/chains");
+var import_accounts = require("viem/accounts");
+var import_viem4 = require("viem");
+var BIOMAPPER_AGENT_REGISTRY_NAME = "BiomapperAgentRegistry";
+var BIOMAPPER_AGENT_REGISTRY_VERSION = "1";
+var AGENT_LINK_TYPES = {
+  AgentLink: [
+    { name: "agent", type: "address" },
+    { name: "owner", type: "address" },
+    { name: "nonce", type: "uint256" },
+    { name: "deadline", type: "uint256" }
+  ]
+};
+var LINK_CONSENT_NETWORKS = {
+  base: import_chains.base,
+  "base-sepolia": import_chains.baseSepolia
+};
+var BIOMAPPER_AGENT_REGISTRY_ABI2 = [
+  {
+    inputs: [{ internalType: "address", name: "agent", type: "address" }],
+    name: "agentNonce",
+    outputs: [{ internalType: "uint256", name: "nonce", type: "uint256" }],
+    stateMutability: "view",
+    type: "function"
+  }
+];
+function buildAgentLinkTypedData(input) {
+  return {
+    domain: {
+      name: BIOMAPPER_AGENT_REGISTRY_NAME,
+      version: BIOMAPPER_AGENT_REGISTRY_VERSION,
+      chainId: input.chainId,
+      verifyingContract: input.registry
+    },
+    types: AGENT_LINK_TYPES,
+    primaryType: "AgentLink",
+    message: {
+      agent: input.agent,
+      owner: input.owner,
+      nonce: input.nonce,
+      deadline: input.deadline
+    }
+  };
+}
+function resolveSigner(options) {
+  if (options.signer) return options.signer;
+  if (options.privateKey) return (0, import_accounts.privateKeyToAccount)(options.privateKey);
+  throw new Error("Missing link consent signer. Pass signer or privateKey.");
+}
+function getClient(options) {
+  if (options.client) return options.client;
+  const chain = LINK_CONSENT_NETWORKS[options.network];
+  return (0, import_viem4.createPublicClient)({
+    chain,
+    transport: (0, import_viem4.http)(options.rpcUrl)
+  });
+}
+async function createAgentLinkConsent(options) {
+  const signer = resolveSigner(options);
+  const chain = LINK_CONSENT_NETWORKS[options.network];
+  const client = getClient(options);
+  if (options.rpcUrl && !options.client) {
+    const remoteChainId = await client.getChainId?.();
+    if (remoteChainId === void 0) {
+      throw new Error("The configured consent client cannot report its chain id.");
+    }
+    if (remoteChainId !== chain.id) {
+      throw new Error(
+        `RPC chain mismatch. ${options.network} expects chain id ${chain.id}, but ${options.rpcUrl} returned ${remoteChainId}.`
+      );
+    }
+  }
+  const nonce = await client.readContract({
+    address: options.registry,
+    abi: BIOMAPPER_AGENT_REGISTRY_ABI2,
+    functionName: "agentNonce",
+    args: [signer.address]
+  });
+  const typedData = buildAgentLinkTypedData({
+    agent: signer.address,
+    owner: options.owner,
+    registry: options.registry,
+    chainId: chain.id,
+    nonce,
+    deadline: options.deadline
+  });
+  const signature = await signer.signTypedData(typedData);
+  return {
+    type: "biomapper-agent-link",
+    network: options.network,
+    chainId: chain.id,
+    agent: signer.address,
+    owner: options.owner,
+    registry: options.registry,
+    nonce: nonce.toString(),
+    deadline: options.deadline.toString(),
+    typedData: {
+      domain: {
+        name: typedData.domain.name ?? BIOMAPPER_AGENT_REGISTRY_NAME,
+        version: typedData.domain.version ?? BIOMAPPER_AGENT_REGISTRY_VERSION,
+        chainId: typedData.domain.chainId,
+        verifyingContract: typedData.domain.verifyingContract
+      },
+      types: typedData.types,
+      primaryType: typedData.primaryType,
+      message: {
+        agent: typedData.message.agent,
+        owner: typedData.message.owner,
+        nonce: typedData.message.nonce.toString(),
+        deadline: typedData.message.deadline.toString()
+      }
+    },
+    signature
+  };
+}
+// src/storage.ts
+function buildAgentLinkUsageKey(input) {
+  return [
+    input.endpoint,
+    input.generationPtr.toString(),
+    input.owner.toLowerCase(),
+    input.platformAccountId ?? "*",
+    input.workspaceId ?? "*"
+  ].join(":");
+}
+var InMemoryAgentLinkStorage = class {
+  constructor() {
+    this.usage = /* @__PURE__ */ new Map();
+    this.nonces = /* @__PURE__ */ new Set();
+  }
+  async getUsageCount(endpoint, owner, generationPtr, context) {
+    return this.usage.get(
+      buildAgentLinkUsageKey({
+        endpoint,
+        owner,
+        generationPtr,
+        platformAccountId: context?.platformAccountId,
+        workspaceId: context?.workspaceId
+      })
+    ) ?? 0;
+  }
+  async incrementUsage(endpoint, owner, generationPtr, context) {
+    const key = buildAgentLinkUsageKey({
+      endpoint,
+      owner,
+      generationPtr,
+      platformAccountId: context?.platformAccountId,
+      workspaceId: context?.workspaceId
+    });
+    this.usage.set(key, (this.usage.get(key) ?? 0) + 1);
+  }
+  async hasUsedNonce(nonce) {
+    return this.nonces.has(nonce);
+  }
+  async recordNonce(nonce) {
+    this.nonces.add(nonce);
+  }
+};
+// src/hooks.ts
+function createAgentLinkHooks(options) {
+  const { registry, onEvent } = options;
+  const mode = options.mode ?? { type: "free" };
+  const storage = options.storage;
+  const usageThresholds = normalizeThresholds(options.usageThresholds);
+  assertReplayStorage(storage);
+  if (mode.type === "free-trial" || mode.type === "discount") {
+    assertUsageStorage(storage, mode.type);
+  }
+  if (mode.type === "discount" && (!Number.isInteger(mode.percent) || mode.percent <= 0 || mode.percent > 100)) {
+    throw new Error(`Discount percent must be an integer between 1 and 100, got ${mode.percent}`);
+  }
+  const PENDING_TTL_MS = 5 * 60 * 1e3;
+  const pendingDiscounts = /* @__PURE__ */ new Map();
+  const observedLinks = /* @__PURE__ */ new Map();
+  async function emit(event) {
+    if (!onEvent) return;
+    try {
+      await onEvent(event);
+    } catch {
+    }
+  }
+  function getLinkedOnlyAbort() {
+    return {
+      abort: true,
+      reason: mode.type === "linked-only" ? mode.reason ?? "Linked agent access is required for this resource." : ""
+    };
+  }
+  async function resolveEntitlements(input) {
+    const resolved = typeof options.entitlements === "function" ? await options.entitlements(input) : options.entitlements ?? {};
+    return {
+      endpoint: resolved?.endpoint ?? input.request.path,
+      platformAccountId: resolved?.platformAccountId,
+      workspaceId: resolved?.workspaceId
+    };
+  }
+  function buildScopedContext(resource, entitlements) {
+    return {
+      resource,
+      endpoint: entitlements.endpoint,
+      platformAccountId: entitlements.platformAccountId,
+      workspaceId: entitlements.workspaceId
+    };
+  }
+  async function observeLinkStatus(address, status, scoped) {
+    if (!status) return;
+    const key = [address.toLowerCase(), scoped.platformAccountId ?? "*", scoped.workspaceId ?? "*"].join(":");
+    const previous = observedLinks.get(key);
+    const owner = status.owner ? status.owner.toLowerCase() : null;
+    if (status.owner && status.active) {
+      if (!previous || !previous.active || previous.owner?.toLowerCase() !== owner || previous.generationPtr !== status.generationPtr) {
+        await emit({
+          type: "link.activated",
+          address,
+          owner: status.owner,
+          generationPtr: status.generationPtr,
+          ...scoped
+        });
+      }
+    } else if (!status.owner) {
+      if (previous?.owner) {
+        await emit({
+          type: "link.unlinked",
+          address,
+          previousOwner: previous.owner,
+          generationPtr: previous.generationPtr,
+          ...scoped
+        });
+      }
+    } else if (previous?.owner && previous.active && !status.active) {
+      await emit({
+        type: "link.deactivated",
+        address,
+        owner: status.owner,
+        generationPtr: status.generationPtr,
+        reason: "inactive",
+        ...scoped
+      });
+      await emit({
+        type: "relink.required",
+        address,
+        owner: status.owner,
+        generationPtr: status.generationPtr,
+        reason: "inactive_owner",
+        ...scoped
+      });
+    }
+    observedLinks.set(key, {
+      owner: status.owner,
+      generationPtr: status.generationPtr,
+      active: status.active
+    });
+  }
+  async function maybeEmitThresholdEvent(input) {
+    const thresholds = new Set(usageThresholds);
+    if (input.defaultThreshold && input.defaultThreshold > 0) {
+      thresholds.add(input.defaultThreshold);
+    }
+    if (!thresholds.has(input.count)) return;
+    await emit({
+      type: "usage.threshold_reached",
+      resource: input.resource,
+      endpoint: input.endpoint,
+      address: input.address,
+      owner: input.owner,
+      generationPtr: input.generationPtr,
+      count: input.count,
+      threshold: input.count,
+      mode: input.mode,
+      platformAccountId: input.usageContext.platformAccountId,
+      workspaceId: input.usageContext.workspaceId
+    });
+  }
+  function prunePendingDiscounts(now) {
+    for (const [address, entries] of pendingDiscounts) {
+      const activeEntries = entries.filter((entry) => now - entry.createdAt <= PENDING_TTL_MS);
+      if (activeEntries.length > 0) {
+        pendingDiscounts.set(address, activeEntries);
+      } else {
+        pendingDiscounts.delete(address);
+      }
+    }
+  }
+  const requestHook = async (context) => {
+    const header = context.adapter.getHeader(AGENTLINK) || context.adapter.getHeader(AGENTLINK.toLowerCase());
+    if (!header) {
+      if (mode.type === "linked-only") {
+        return getLinkedOnlyAbort();
+      }
+      return;
+    }
+    try {
+      const payload = parseAgentLinkHeader(header);
+      const resourceUri = context.adapter.getUrl();
+      const checkNonce = async (nonce) => !await storage.hasUsedNonce(nonce);
+      const validation = await validateAgentLinkMessage(payload, resourceUri, {
+        checkNonce
+      });
+      if (!validation.valid) {
+        await emit({
+          type: "validation_failed",
+          resource: context.path,
+          endpoint: context.path,
+          error: validation.error
+        });
+        if (mode.type === "linked-only") {
+          return getLinkedOnlyAbort();
+        }
+        return;
+      }
+      const verification = await verifyAgentLinkSignature(payload, options.rpcUrl);
+      if (!verification.valid || !verification.address) {
+        await emit({
+          type: "validation_failed",
+          resource: context.path,
+          endpoint: context.path,
+          error: verification.error
+        });
+        if (mode.type === "linked-only") {
+          return getLinkedOnlyAbort();
+        }
+        return;
+      }
+      await storage.recordNonce(payload.nonce);
+      const status = await registry.getAgentStatus(verification.address, payload.chainId);
+      const entitlements = await resolveEntitlements({
+        request: context,
+        payload,
+        address: verification.address,
+        status
+      });
+      const scoped = buildScopedContext(context.path, entitlements);
+      const usageContext = {
+        platformAccountId: entitlements.platformAccountId,
+        workspaceId: entitlements.workspaceId
+      };
+      await observeLinkStatus(verification.address, status, scoped);
+      if (!status?.owner || !status.active) {
+        await emit({
+          type: "agent_not_verified",
+          resource: context.path,
+          endpoint: entitlements.endpoint,
+          address: verification.address,
+          platformAccountId: entitlements.platformAccountId,
+          workspaceId: entitlements.workspaceId
+        });
+        if (mode.type === "linked-only") {
+          return getLinkedOnlyAbort();
+        }
+        return;
+      }
+      if (mode.type === "linked-only" || mode.type === "free") {
+        await emit({
+          type: "agent_verified",
+          resource: context.path,
+          endpoint: entitlements.endpoint,
+          address: verification.address,
+          owner: status.owner,
+          generationPtr: status.generationPtr,
+          platformAccountId: entitlements.platformAccountId,
+          workspaceId: entitlements.workspaceId
+        });
+        return { grantAccess: true };
+      }
+      if (mode.type === "free-trial") {
+        const usageStorage = assertUsageStorage(storage, mode.type);
+        const uses = mode.uses ?? 1;
+        const count = await usageStorage.getUsageCount(
+          entitlements.endpoint,
+          status.owner,
+          status.generationPtr,
+          usageContext
+        );
+        if (count < uses) {
+          const nextCount = count + 1;
+          await usageStorage.incrementUsage(
+            entitlements.endpoint,
+            status.owner,
+            status.generationPtr,
+            usageContext
+          );
+          await emit({
+            type: "agent_verified",
+            resource: context.path,
+            endpoint: entitlements.endpoint,
+            address: verification.address,
+            owner: status.owner,
+            generationPtr: status.generationPtr,
+            platformAccountId: entitlements.platformAccountId,
+            workspaceId: entitlements.workspaceId
+          });
+          await maybeEmitThresholdEvent({
+            resource: context.path,
+            endpoint: entitlements.endpoint,
+            address: verification.address,
+            owner: status.owner,
+            generationPtr: status.generationPtr,
+            mode: "free-trial",
+            usageContext,
+            count: nextCount,
+            defaultThreshold: uses
+          });
+          return { grantAccess: true };
+        }
+        return;
+      }
+      if (mode.type === "discount") {
+        const now = Date.now();
+        prunePendingDiscounts(now);
+        const pendingEntries = pendingDiscounts.get(verification.address) ?? [];
+        const nextEntries = pendingEntries.filter((entry) => entry.resource !== context.path);
+        nextEntries.push({
+          address: verification.address,
+          owner: status.owner,
+          generationPtr: status.generationPtr,
+          resource: context.path,
+          endpoint: entitlements.endpoint,
+          usageContext,
+          createdAt: now
+        });
+        pendingDiscounts.set(verification.address, nextEntries);
+        return;
+      }
+    } catch (err) {
+      await emit({
+        type: "validation_failed",
+        resource: context.path,
+        endpoint: context.path,
+        error: err instanceof Error ? err.message : "Unknown error"
+      });
+      if (mode.type === "linked-only") {
+        return getLinkedOnlyAbort();
+      }
+    }
+  };
+  const verifyFailureHook = mode.type === "discount" ? async (context) => {
+    const usageStorage = assertUsageStorage(storage, mode.type);
+    const resourcePath = new URL(context.paymentPayload.resource.url).pathname;
+    const payer = extractPayer(context.paymentPayload.payload);
+    const now = Date.now();
+    prunePendingDiscounts(now);
+    const pendingEntries = payer ? pendingDiscounts.get(payer) ?? [] : [];
+    const pendingIndex = pendingEntries.findIndex((entry) => entry.resource === resourcePath);
+    const pending = pendingIndex >= 0 ? pendingEntries[pendingIndex] : void 0;
+    if (pendingIndex >= 0) {
+      pendingEntries.splice(pendingIndex, 1);
+      if (pendingEntries.length > 0) {
+        pendingDiscounts.set(payer, pendingEntries);
+      } else {
+        pendingDiscounts.delete(payer);
+      }
+    }
+    if (!pending) return;
+    if (!isUnderpaymentError(context.error)) return;
+    const uses = mode.uses ?? Infinity;
+    const count = await usageStorage.getUsageCount(
+      pending.endpoint,
+      pending.owner,
+      pending.generationPtr,
+      pending.usageContext
+    );
+    if (count >= uses) {
+      await emit({
+        type: "discount_exhausted",
+        resource: resourcePath,
+        endpoint: pending.endpoint,
+        address: pending.address,
+        owner: pending.owner,
+        generationPtr: pending.generationPtr,
+        platformAccountId: pending.usageContext.platformAccountId,
+        workspaceId: pending.usageContext.workspaceId
+      });
+      return;
+    }
+    const requiredAmount = BigInt(context.requirements.amount);
+    const discountedAmount = requiredAmount * BigInt(100 - mode.percent) / 100n;
+    const paidAmount = extractPaidAmount(context.paymentPayload.payload);
+    if (paidAmount === null || paidAmount < discountedAmount) return;
+    if (paidAmount >= requiredAmount) return;
+    const nextCount = count + 1;
+    await usageStorage.incrementUsage(
+      pending.endpoint,
+      pending.owner,
+      pending.generationPtr,
+      pending.usageContext
+    );
+    await emit({
+      type: "discount_applied",
+      resource: resourcePath,
+      endpoint: pending.endpoint,
+      address: pending.address,
+      owner: pending.owner,
+      generationPtr: pending.generationPtr,
+      platformAccountId: pending.usageContext.platformAccountId,
+      workspaceId: pending.usageContext.workspaceId
+    });
+    await maybeEmitThresholdEvent({
+      resource: resourcePath,
+      endpoint: pending.endpoint,
+      address: pending.address,
+      owner: pending.owner,
+      generationPtr: pending.generationPtr,
+      mode: "discount",
+      usageContext: pending.usageContext,
+      count: nextCount,
+      defaultThreshold: Number.isFinite(uses) ? uses : void 0
+    });
+    context.requirements.amount = String(paidAmount);
+    return {
+      recovered: true,
+      result: { isValid: true, payer: pending.address }
+    };
+  } : void 0;
+  return { requestHook, verifyFailureHook };
+}
+function assertReplayStorage(storage) {
+  if (!storage) {
+    throw new Error("AgentLink hooks require a storage instance with nonce replay protection");
+  }
+  if (typeof storage.hasUsedNonce !== "function" || typeof storage.recordNonce !== "function") {
+    throw new Error("AgentLink storage must implement hasUsedNonce and recordNonce to prevent replay attacks");
+  }
+}
+function assertUsageStorage(storage, modeType) {
+  if (typeof storage.getUsageCount !== "function" || typeof storage.incrementUsage !== "function") {
+    throw new Error(`AgentLink mode "${modeType}" requires storage methods getUsageCount and incrementUsage`);
+  }
+  return {
+    getUsageCount: storage.getUsageCount.bind(storage),
+    incrementUsage: storage.incrementUsage.bind(storage)
+  };
+}
+function normalizeThresholds(thresholds) {
+  return (thresholds ?? []).filter((value) => Number.isInteger(value) && value > 0);
+}
+function extractFromPayload(payload, fromAuth, fromPermit2Auth) {
+  try {
+    if ("authorization" in payload) {
+      return fromAuth(payload.authorization);
+    }
+    if ("permit2Authorization" in payload) {
+      return fromPermit2Auth(payload.permit2Authorization);
+    }
+    return null;
+  } catch {
+    return null;
+  }
+}
+function extractPayer(payload) {
+  const getFrom = (auth) => auth.from;
+  return extractFromPayload(payload, getFrom, getFrom);
+}
+var UNDERPAYMENT_REASONS = [
+  "invalid_exact_evm_payload_authorization_value",
+  "permit2_insufficient_amount",
+  "insufficient_funds"
+];
+function isUnderpaymentError(error) {
+  const reason = error.message.split(":")[0];
+  return UNDERPAYMENT_REASONS.includes(reason);
+}
+function extractPaidAmount(payload) {
+  return extractFromPayload(
+    payload,
+    (auth) => BigInt(auth.value),
+    (auth) => BigInt(auth.permitted.amount)
+  );
+}
+// src/link-session.ts
+var import_viem5 = require("viem");
+var InMemoryLinkSessionStore = class {
+  constructor() {
+    this.sessions = /* @__PURE__ */ new Map();
+  }
+  async set(session) {
+    this.sessions.set(session.id, session);
+  }
+  async get(id) {
+    return this.sessions.get(id) ?? null;
+  }
+};
+function createSessionId() {
+  if (typeof globalThis.crypto?.randomUUID === "function") {
+    return `als_${globalThis.crypto.randomUUID()}`;
+  }
+  if (typeof globalThis.crypto?.getRandomValues === "function") {
+    const bytes = new Uint8Array(8);
+    globalThis.crypto.getRandomValues(bytes);
+    const randomStr = Array.from(bytes, (b) => b.toString(16).padStart(2, "0")).join("");
+    return `als_${Date.now().toString(36)}_${randomStr}`;
+  }
+  throw new Error("crypto.getRandomValues is not available in this environment");
+}
+var NETWORK_CHAIN_IDS2 = {
+  base: 8453,
+  "base-sepolia": 84532
+};
+function isNetworkName(value) {
+  return value === "base" || value === "base-sepolia";
+}
+function parseOptionalStringRecord(input) {
+  if (!input || typeof input !== "object" || Array.isArray(input)) {
+    return void 0;
+  }
+  const entries = Object.entries(input);
+  if (entries.some(([, value]) => typeof value !== "string")) {
+    return void 0;
+  }
+  return Object.fromEntries(entries);
+}
+function normalizeHttpsBrandingUrl(value, label) {
+  if (value === void 0) {
+    return { valid: true };
+  }
+  if (typeof value !== "string") {
+    return { valid: false, error: `Hosted link sessions must use a string branding.${label}.` };
+  }
+  let parsed;
+  try {
+    parsed = new URL(value);
+  } catch {
+    return { valid: false, error: `Hosted link sessions must use an absolute branding.${label}.` };
+  }
+  if (parsed.protocol !== "https:") {
+    return { valid: false, error: `Hosted link sessions only allow https branding.${label} values.` };
+  }
+  return { valid: true, value: parsed.toString() };
+}
+function parseBranding(input) {
+  if (!input || typeof input !== "object" || Array.isArray(input)) {
+    return { valid: true };
+  }
+  const parsed = input;
+  const branding = {};
+  if (typeof parsed.platformName === "string") branding.platformName = parsed.platformName;
+  if (typeof parsed.accentColor === "string") branding.accentColor = parsed.accentColor;
+  const logoUrl = normalizeHttpsBrandingUrl(parsed.logoUrl, "logoUrl");
+  if (!logoUrl.valid) {
+    return logoUrl;
+  }
+  if (logoUrl.value) branding.logoUrl = logoUrl.value;
+  const supportUrl = normalizeHttpsBrandingUrl(parsed.supportUrl, "supportUrl");
+  if (!supportUrl.valid) {
+    return supportUrl;
+  }
+  if (supportUrl.value) branding.supportUrl = supportUrl.value;
+  return Object.keys(branding).length > 0 ? { valid: true, branding } : { valid: true };
+}
+function normalizeAllowedRedirectOrigins(allowedRedirectOrigins) {
+  if (!allowedRedirectOrigins?.length) {
+    return void 0;
+  }
+  const origins = /* @__PURE__ */ new Set();
+  for (const value of allowedRedirectOrigins) {
+    let parsed;
+    try {
+      parsed = new URL(value);
+    } catch {
+      throw new Error(`Invalid allowed redirect origin "${value}". Expected an absolute URL origin.`);
+    }
+    if (parsed.protocol !== "https:") {
+      throw new Error(`Invalid allowed redirect origin "${value}". Redirect origins must use https.`);
+    }
+    origins.add(parsed.origin);
+  }
+  return origins;
+}
+function validateRedirectUrl(value, allowedOrigins) {
+  if (value === void 0) {
+    return { valid: true };
+  }
+  if (typeof value !== "string") {
+    return { valid: false, error: "Hosted link sessions must use a string redirectUrl." };
+  }
+  let redirectUrl;
+  try {
+    redirectUrl = new URL(value);
+  } catch {
+    return { valid: false, error: "Hosted link sessions must use an absolute redirectUrl." };
+  }
+  if (redirectUrl.protocol !== "https:") {
+    return { valid: false, error: "Hosted link sessions only allow https redirect URLs." };
+  }
+  if (allowedOrigins && !allowedOrigins.has(redirectUrl.origin)) {
+    return {
+      valid: false,
+      error: `Hosted link sessions only allow redirects to these origins: ${Array.from(allowedOrigins).join(", ")}`
+    };
+  }
+  return { valid: true, redirectUrl: redirectUrl.toString() };
+}
+function parseConsentBlob(input) {
+  if (!input || typeof input !== "object" || Array.isArray(input)) {
+    return { valid: false, error: "Hosted link sessions require an embedded agent consent payload." };
+  }
+  const parsed = input;
+  if (parsed.type !== "biomapper-agent-link") {
+    return { valid: false, error: "Hosted link sessions require a biomapper-agent-link consent payload." };
+  }
+  if (!isNetworkName(parsed.network)) {
+    return { valid: false, error: "Hosted link sessions must use a valid consent network." };
+  }
+  if (typeof parsed.chainId !== "number") {
+    return { valid: false, error: "Hosted link sessions must include a valid consent chain id." };
+  }
+  if (!parsed.agent || !(0, import_viem5.isAddress)(parsed.agent)) {
+    return { valid: false, error: "Hosted link sessions must include a valid consent agent wallet." };
+  }
+  if (!parsed.owner || !(0, import_viem5.isAddress)(parsed.owner)) {
+    return { valid: false, error: "Hosted link sessions must include a valid consent owner wallet." };
+  }
+  if (!parsed.registry || !(0, import_viem5.isAddress)(parsed.registry)) {
+    return { valid: false, error: "Hosted link sessions must include a valid consent registry address." };
+  }
+  if (!parsed.signature || !/^0x[0-9a-fA-F]+$/u.test(parsed.signature)) {
+    return { valid: false, error: "Hosted link sessions must include a valid consent signature." };
+  }
+  if (!parsed.deadline || !/^\d+$/u.test(parsed.deadline)) {
+    return { valid: false, error: "Hosted link sessions must include a valid consent expiry." };
+  }
+  if (!parsed.nonce || !/^\d+$/u.test(parsed.nonce)) {
+    return { valid: false, error: "Hosted link sessions must include a valid consent nonce." };
+  }
+  if (!parsed.typedData || typeof parsed.typedData !== "object" || Array.isArray(parsed.typedData)) {
+    return { valid: false, error: "Hosted link sessions must include consent typed data." };
+  }
+  if (!parsed.typedData.domain || typeof parsed.typedData.domain !== "object" || Array.isArray(parsed.typedData.domain) || parsed.typedData.domain.chainId !== parsed.chainId || typeof parsed.typedData.domain.verifyingContract !== "string" || parsed.typedData.domain.verifyingContract.toLowerCase() !== parsed.registry.toLowerCase()) {
+    return { valid: false, error: "Hosted link sessions have mismatched consent typed data." };
+  }
+  if (!parsed.typedData.message || typeof parsed.typedData.message !== "object" || Array.isArray(parsed.typedData.message) || typeof parsed.typedData.message.agent !== "string" || parsed.typedData.message.agent.toLowerCase() !== parsed.agent.toLowerCase() || typeof parsed.typedData.message.owner !== "string" || parsed.typedData.message.owner.toLowerCase() !== parsed.owner.toLowerCase() || parsed.typedData.message.nonce !== parsed.nonce || parsed.typedData.message.deadline !== parsed.deadline) {
+    return { valid: false, error: "Hosted link sessions have mismatched consent message details." };
+  }
+  return {
+    valid: true,
+    consent: parsed
+  };
+}
+function validateLinkSession(session, options = {}) {
+  if (!session || typeof session !== "object" || Array.isArray(session)) {
+    return { valid: false, error: "Hosted link sessions must be objects." };
+  }
+  const parsed = session;
+  if (!parsed.id || typeof parsed.id !== "string") {
+    return { valid: false, error: "Hosted link sessions must include an id." };
+  }
+  if (!parsed.createdAt || typeof parsed.createdAt !== "string" || !Number.isFinite(Date.parse(parsed.createdAt))) {
+    return { valid: false, error: "Hosted link sessions must include a valid createdAt timestamp." };
+  }
+  if (!parsed.platformAccountId || typeof parsed.platformAccountId !== "string") {
+    return { valid: false, error: "Hosted link sessions must include a platformAccountId." };
+  }
+  if (!isNetworkName(parsed.network)) {
+    return { valid: false, error: "Hosted link sessions must use a valid network." };
+  }
+  if (!parsed.registry || !(0, import_viem5.isAddress)(parsed.registry)) {
+    return { valid: false, error: "Hosted link sessions must include a valid registry address." };
+  }
+  if (parsed.workspaceId !== void 0 && typeof parsed.workspaceId !== "string") {
+    return { valid: false, error: "Hosted link sessions must use a string workspaceId when provided." };
+  }
+  if (parsed.expiresAt !== void 0) {
+    if (typeof parsed.expiresAt !== "string" || !Number.isFinite(Date.parse(parsed.expiresAt))) {
+      return { valid: false, error: "Hosted link sessions must use a valid expiresAt timestamp." };
+    }
+  }
+  const allowedOrigins = normalizeAllowedRedirectOrigins(options.allowedRedirectOrigins);
+  const redirectValidation = validateRedirectUrl(parsed.redirectUrl, allowedOrigins);
+  if (!redirectValidation.valid) {
+    return redirectValidation;
+  }
+  const consentValidation = parseConsentBlob(parsed.consent);
+  if (!consentValidation.valid) {
+    return consentValidation;
+  }
+  const consent = consentValidation.consent;
+  if (consent.network !== parsed.network) {
+    return { valid: false, error: "Hosted link sessions have mismatched network details." };
+  }
+  if (consent.chainId !== NETWORK_CHAIN_IDS2[parsed.network]) {
+    return { valid: false, error: "Hosted link sessions have mismatched chain details." };
+  }
+  if (consent.registry.toLowerCase() !== parsed.registry.toLowerCase()) {
+    return { valid: false, error: "Hosted link sessions have mismatched registry details." };
+  }
+  const now = options.now ?? /* @__PURE__ */ new Date();
+  if (BigInt(consent.deadline) <= BigInt(Math.floor(now.getTime() / 1e3))) {
+    return { valid: false, error: "Hosted link sessions have expired embedded consent." };
+  }
+  if (parsed.expiresAt && Date.parse(parsed.expiresAt) <= now.getTime()) {
+    return { valid: false, error: "Hosted link sessions have expired." };
+  }
+  const branding = parseBranding(parsed.branding);
+  if (!branding.valid) {
+    return branding;
+  }
+  const metadata = parseOptionalStringRecord(parsed.metadata);
+  return {
+    valid: true,
+    session: {
+      id: parsed.id,
+      createdAt: parsed.createdAt,
+      platformAccountId: parsed.platformAccountId,
+      ...parsed.workspaceId ? { workspaceId: parsed.workspaceId } : {},
+      network: parsed.network,
+      registry: parsed.registry,
+      ...redirectValidation.redirectUrl ? { redirectUrl: redirectValidation.redirectUrl } : {},
+      consent,
+      ...branding.branding ? { branding: branding.branding } : {},
+      ...metadata ? { metadata } : {},
+      ...parsed.expiresAt ? { expiresAt: parsed.expiresAt } : {}
+    }
+  };
+}
+async function createLinkSession(input, options = {}) {
+  if (!input.registry) {
+    throw new Error("Hosted link sessions require a registry address.");
+  }
+  if (!input.consent) {
+    throw new Error("Hosted link sessions require an embedded agent consent payload.");
+  }
+  const createdAt = (options.now ?? /* @__PURE__ */ new Date()).toISOString();
+  const session = {
+    id: options.id ?? createSessionId(),
+    createdAt,
+    platformAccountId: input.platformAccountId,
+    workspaceId: input.workspaceId,
+    network: input.network,
+    registry: input.registry,
+    redirectUrl: input.redirectUrl,
+    consent: input.consent,
+    branding: input.branding,
+    metadata: input.metadata,
+    expiresAt: input.expiresAt
+  };
+  const validation = validateLinkSession(session, {
+    now: options.now,
+    allowedRedirectOrigins: options.allowedRedirectOrigins
+  });
+  if (!validation.valid) {
+    throw new Error(validation.error);
+  }
+  if (options.store) {
+    await options.store.set(validation.session);
+  }
+  await options.onEvent?.({
+    type: "link.created",
+    sessionId: validation.session.id,
+    platformAccountId: validation.session.platformAccountId,
+    workspaceId: validation.session.workspaceId,
+    network: validation.session.network,
+    redirectUrl: validation.session.redirectUrl,
+    registry: validation.session.registry,
+    platformName: validation.session.branding?.platformName
+  });
+  return validation.session;
+}
+async function getLinkSession(id, options) {
+  return options.store.get(id);
+}
+function encodeLinkSession(session) {
+  return Buffer.from(JSON.stringify(session), "utf8").toString("base64url");
+}
+function decodeLinkSession(value) {
+  return JSON.parse(Buffer.from(value, "base64url").toString("utf8"));
+}
+function buildHostedLinkUrl(baseUrl, session) {
+  const url = new URL(baseUrl);
+  url.searchParams.set("sessionId", session.id);
+  return url.toString();
+}
+function buildEmbeddedHostedLinkUrl(baseUrl, session) {
+  const url = new URL(baseUrl);
+  url.searchParams.set("sessionId", session.id);
+  url.searchParams.set("session", encodeLinkSession(session));
+  return url.toString();
+}
+// src/biomapper-link.ts
+var import_server = require("@x402/evm/exact/server");
+var import_server2 = require("@x402/core/server");
+var import_http = require("@x402/core/http");
+// src/webhooks.ts
+var WEBHOOK_SIGNATURE_VERSION = "v1";
+var DEFAULT_WEBHOOK_TOLERANCE_SECONDS = 5 * 60;
+function createWebhookId() {
+  if (typeof globalThis.crypto?.randomUUID === "function") {
+    return globalThis.crypto.randomUUID();
+  }
+  if (typeof globalThis.crypto?.getRandomValues === "function") {
+    const bytes = new Uint8Array(8);
+    globalThis.crypto.getRandomValues(bytes);
+    const randomStr = Array.from(bytes, (b) => b.toString(16).padStart(2, "0")).join("");
+    return `evt_${Date.now().toString(36)}_${randomStr}`;
+  }
+  throw new Error("crypto.getRandomValues is not available in this environment");
+}
+function resolveFetch(fetchImpl) {
+  if (fetchImpl) return fetchImpl;
+  if (typeof fetch !== "function") {
+    throw new Error("No fetch implementation is available. Pass fetchImpl to dispatch AgentLink webhooks.");
+  }
+  return fetch;
+}
+function createAgentLinkWebhookEnvelope(event) {
+  return {
+    id: createWebhookId(),
+    createdAt: (/* @__PURE__ */ new Date()).toISOString(),
+    type: event.type,
+    event
+  };
+}
+function stringifyWebhookEnvelope(envelope) {
+  return JSON.stringify(envelope, (_key, value) => typeof value === "bigint" ? value.toString() : value);
+}
+function normalizeWebhookBody(body) {
+  if (typeof body === "string") {
+    return new TextEncoder().encode(body);
+  }
+  if (body instanceof Uint8Array) {
+    return body;
+  }
+  if (body instanceof ArrayBuffer) {
+    return new Uint8Array(body);
+  }
+  return new Uint8Array(body.buffer, body.byteOffset, body.byteLength);
+}
+function encodeHex(bytes) {
+  return Array.from(bytes, (byte) => byte.toString(16).padStart(2, "0")).join("");
+}
+function constantTimeEqual(left, right) {
+  if (left.length !== right.length) return false;
+  let mismatch = 0;
+  for (let index = 0; index < left.length; index += 1) {
+    mismatch |= left.charCodeAt(index) ^ right.charCodeAt(index);
+  }
+  return mismatch === 0;
+}
+function parseSignatureValue(signature) {
+  for (const part of signature.split(",")) {
+    const trimmed = part.trim();
+    if (trimmed.startsWith(`${WEBHOOK_SIGNATURE_VERSION}=`)) {
+      return trimmed.slice(WEBHOOK_SIGNATURE_VERSION.length + 1);
+    }
+  }
+  return null;
+}
+async function createHmacSignature(secret, timestamp, body) {
+  if (!globalThis.crypto?.subtle) {
+    throw new Error("Web Crypto is required to sign AgentLink webhooks in this runtime.");
+  }
+  const encoder = new TextEncoder();
+  const key = await globalThis.crypto.subtle.importKey(
+    "raw",
+    encoder.encode(secret),
+    { name: "HMAC", hash: "SHA-256" },
+    false,
+    ["sign"]
+  );
+  const payload = new Uint8Array([...encoder.encode(`${timestamp}.`), ...normalizeWebhookBody(body)]);
+  const signature = await globalThis.crypto.subtle.sign("HMAC", key, payload);
+  return `${WEBHOOK_SIGNATURE_VERSION}=${encodeHex(new Uint8Array(signature))}`;
+}
+async function verifyAgentLinkWebhookSignature(options) {
+  if (!/^\d+$/u.test(options.timestamp)) {
+    return { valid: false, error: "Invalid webhook timestamp." };
+  }
+  const timestampSeconds = Number(options.timestamp);
+  const nowSeconds = Math.floor((options.now ?? /* @__PURE__ */ new Date()).getTime() / 1e3);
+  const toleranceSeconds = options.toleranceSeconds ?? DEFAULT_WEBHOOK_TOLERANCE_SECONDS;
+  if (Math.abs(nowSeconds - timestampSeconds) > toleranceSeconds) {
+    return { valid: false, error: "Webhook timestamp is outside the allowed tolerance." };
+  }
+  const providedSignature = parseSignatureValue(options.signature);
+  if (!providedSignature) {
+    return { valid: false, error: "Invalid webhook signature format." };
+  }
+  const expectedSignature = parseSignatureValue(
+    await createHmacSignature(options.secret, options.timestamp, options.body)
+  );
+  if (!expectedSignature || !constantTimeEqual(providedSignature, expectedSignature)) {
+    return { valid: false, error: "Webhook signature mismatch." };
+  }
+  return { valid: true };
+}
+async function dispatchAgentLinkWebhook(event, options) {
+  const fetchImpl = resolveFetch(options.fetchImpl);
+  const envelope = createAgentLinkWebhookEnvelope(event);
+  const urls = Array.isArray(options.url) ? options.url : [options.url];
+  const body = stringifyWebhookEnvelope(envelope);
+  const timestamp = Math.floor(Date.now() / 1e3).toString();
+  const signature = options.secret ? await createHmacSignature(options.secret, timestamp, body) : void 0;
+  for (const url of urls) {
+    const includeLegacySecretHeader = options.includeLegacySecretHeader ?? true;
+    const response = await fetchImpl(url, {
+      method: "POST",
+      headers: {
+        "content-type": "application/json",
+        ...options.secret ? {
+          "x-agentlink-webhook-timestamp": timestamp,
+          "x-agentlink-webhook-signature": signature,
+          ...includeLegacySecretHeader ? { "x-agentlink-webhook-secret": options.secret } : {}
+        } : {},
+        ...options.headers
+      },
+      body
+    });
+    if (!response.ok) {
+      throw new Error(`AgentLink webhook delivery failed for ${url} with status ${response.status}`);
+    }
+  }
+  return envelope;
+}
+function createAgentLinkWebhookDispatcher(options) {
+  return async (event) => {
+    await dispatchAgentLinkWebhook(event, options);
+  };
+}
+// src/hono.ts
+var HonoAdapter = class {
+  constructor(context) {
+    this.context = context;
+  }
+  getHeader(name) {
+    return this.context.req.header(name);
+  }
+  getMethod() {
+    return this.context.req.method;
+  }
+  getPath() {
+    return this.context.req.path;
+  }
+  getUrl() {
+    return this.context.req.url;
+  }
+  getAcceptHeader() {
+    return this.context.req.header("Accept") ?? "";
+  }
+  getUserAgent() {
+    return this.context.req.header("User-Agent") ?? "";
+  }
+  getQueryParams() {
+    return this.context.req.query();
+  }
+  getQueryParam(name) {
+    return this.context.req.query(name);
+  }
+  async getBody() {
+    return await this.context.req.json();
+  }
+};
+function createHonoPaymentMiddlewareFromHTTPServer(httpServer, paywallConfig, paywall) {
+  if (paywall) {
+    httpServer.registerPaywallProvider(paywall);
+  }
+  let initialized = false;
+  let initializePromise = null;
+  async function initialize() {
+    if (initialized) return;
+    if (!initializePromise) {
+      initializePromise = httpServer.initialize().then(() => {
+        initialized = true;
+      }).catch((error) => {
+        initializePromise = null;
+        throw error;
+      });
+    }
+    await initializePromise;
+  }
+  const middleware = async (context, next) => {
+    const typedContext = context;
+    const adapter = new HonoAdapter(typedContext);
+    const requestContext = {
+      adapter,
+      path: typedContext.req.path,
+      method: typedContext.req.method,
+      paymentHeader: adapter.getHeader("payment-signature") || adapter.getHeader("x-payment")
+    };
+    if (!httpServer.requiresPayment(requestContext)) {
+      return next();
+    }
+    await initialize();
+    const result = await httpServer.processHTTPRequest(requestContext, paywallConfig);
+    switch (result.type) {
+      case "no-payment-required":
+        return next();
+      case "payment-error": {
+        const { response } = result;
+        for (const [key, value] of Object.entries(response.headers)) {
+          typedContext.header(key, value);
+        }
+        if (response.isHtml) {
+          return typedContext.html(String(response.body ?? ""), response.status);
+        }
+        return typedContext.json(response.body ?? {}, response.status);
+      }
+      case "payment-verified": {
+        const { paymentPayload, paymentRequirements, declaredExtensions } = result;
+        await next();
+        let response = typedContext.res;
+        if (!response || response.status >= 400) {
+          return;
+        }
+        const responseBody = Buffer.from(await response.clone().arrayBuffer());
+        typedContext.res = void 0;
+        const settlement = await httpServer.processSettlement(
+          paymentPayload,
+          paymentRequirements,
+          declaredExtensions,
+          {
+            request: requestContext,
+            responseBody
+          }
+        );
+        if (!settlement.success) {
+          const { response: errorResponse } = settlement;
+          const body = errorResponse.isHtml ? String(errorResponse.body ?? "") : JSON.stringify(errorResponse.body ?? {});
+          response = new Response(body, {
+            status: errorResponse.status,
+            headers: errorResponse.headers
+          });
+        } else {
+          for (const [key, value] of Object.entries(settlement.headers)) {
+            response.headers.set(key, value);
+          }
+        }
+        typedContext.res = response;
+        return;
+      }
+    }
+  };
+  return { middleware, initialize };
+}
+// src/biomapper-link.ts
+var NETWORK_TO_CHAIN_ID = {
+  base: "eip155:8453",
+  "base-sepolia": "eip155:84532"
+};
+var DEFAULT_X402_FACILITATOR_URL = "https://x402.org/facilitator";
+var hasWarnedAboutInMemoryStorageDefault = false;
+function createBiomapperLink(options) {
+  const chainId = NETWORK_TO_CHAIN_ID[options.network];
+  const storage = options.storage ?? resolveDefaultStorage();
+  const registry = createBiomapperRegistryVerifier({
+    contractAddress: options.registry,
+    network: options.network,
+    rpcUrl: options.rpcUrl
+  });
+  let onEvent = options.onEvent;
+  if (options.webhook) {
+    const webhookDispatcher = createAgentLinkWebhookDispatcher({
+      url: options.webhook.url,
+      secret: options.webhook.secret,
+      headers: options.webhook.headers
+    });
+    const userOnEvent = onEvent;
+    onEvent = async (event) => {
+      await webhookDispatcher(event);
+      await userOnEvent?.(event);
+    };
+  }
+  const hooks = createAgentLinkHooks({
+    registry,
+    storage,
+    mode: options.mode,
+    rpcUrl: options.rpcUrl,
+    onEvent,
+    entitlements: options.entitlements,
+    usageThresholds: options.usageThresholds
+  });
+  const declare = (overrides) => declareAgentLinkExtension({
+    network: chainId,
+    mode: options.mode,
+    statement: options.statement,
+    domain: options.domain,
+    ...overrides
+  });
+  let resourceServer;
+  let httpServer;
+  let middleware = async () => {
+    throw new Error(
+      "createBiomapperLink was used as middleware without x402 route configuration. Pass `protect` or `routes` to enable the one-call middleware path."
+    );
+  };
+  let initialize = async () => {
+  };
+  const routes = buildRoutes(options, declare(), chainId);
+  if (routes) {
+    resourceServer = new import_server2.x402ResourceServer(resolveFacilitatorClients(options));
+    resourceServer.registerExtension(agentlinkResourceServerExtension);
+    if (hooks.verifyFailureHook) {
+      resourceServer.onVerifyFailure(async (context) => {
+        const url = context.paymentPayload.resource?.url;
+        if (!url) return;
+        return hooks.verifyFailureHook?.({
+          paymentPayload: {
+            resource: { url },
+            payload: context.paymentPayload.payload
+          },
+          requirements: {
+            amount: context.requirements.amount
+          },
+          error: context.error
+        });
+      });
+    }
+    if (options.schemes?.length) {
+      for (const scheme of options.schemes) {
+        resourceServer.register(scheme.network, scheme.server);
+      }
+    } else {
+      (0, import_server.registerExactEvmScheme)(resourceServer, {
+        networks: collectExactEvmNetworks(routes)
+      });
+    }
+    httpServer = new import_http.x402HTTPResourceServer(resourceServer, routes).onProtectedRequest(hooks.requestHook);
+    const hono = createHonoPaymentMiddlewareFromHTTPServer(httpServer, options.paywallConfig, options.paywall);
+    middleware = hono.middleware;
+    initialize = hono.initialize;
+  }
+  return Object.assign(middleware, {
+    extension: agentlinkResourceServerExtension,
+    declare,
+    requestHook: hooks.requestHook,
+    verifyFailureHook: hooks.verifyFailureHook,
+    middleware,
+    initialize,
+    resourceServer,
+    httpServer
+  });
+}
+function resolveDefaultStorage() {
+  if (process.env.NODE_ENV === "production") {
+    throw new Error(
+      "createBiomapperLink requires an explicit storage backend in production. Pass persistent/shared storage instead of relying on the in-memory development default."
+    );
+  }
+  if (!hasWarnedAboutInMemoryStorageDefault) {
+    hasWarnedAboutInMemoryStorageDefault = true;
+    console.warn(
+      "[agentlink] createBiomapperLink is using InMemoryAgentLinkStorage because no storage backend was provided. This is only safe for local development and tests."
+    );
+  }
+  return new InMemoryAgentLinkStorage();
+}
+function buildRoutes(options, agentlinkExtensions, defaultNetwork) {
+  if (options.routes && options.protect) {
+    throw new Error("Pass either `routes` or `protect` to createBiomapperLink, not both.");
+  }
+  if (options.routes) {
+    return mergeAgentLinkExtensions(options.routes, agentlinkExtensions);
+  }
+  if (!options.protect) return void 0;
+  return Object.fromEntries(
+    Object.entries(options.protect).map(([pattern, config]) => [
+      pattern,
+      {
+        resource: config.resource,
+        description: config.description,
+        mimeType: config.mimeType,
+        customPaywallHtml: config.customPaywallHtml,
+        unpaidResponseBody: config.unpaidResponseBody,
+        settlementFailedResponseBody: config.settlementFailedResponseBody,
+        extensions: {
+          ...agentlinkExtensions,
+          ...config.extensions ?? {}
+        },
+        accepts: {
+          scheme: config.scheme ?? "exact",
+          network: config.network ?? defaultNetwork,
+          payTo: config.payTo,
+          price: config.price,
+          maxTimeoutSeconds: config.maxTimeoutSeconds,
+          extra: config.extra
+        }
+      }
+    ])
+  );
+}
+function mergeAgentLinkExtensions(routes, agentlinkExtensions) {
+  if (isRouteConfig(routes)) {
+    return {
+      ...routes,
+      extensions: {
+        ...agentlinkExtensions,
+        ...routes.extensions ?? {}
+      }
+    };
+  }
+  return Object.fromEntries(
+    Object.entries(routes).map(([pattern, route]) => [
+      pattern,
+      {
+        ...route,
+        extensions: {
+          ...agentlinkExtensions,
+          ...route.extensions ?? {}
+        }
+      }
+    ])
+  );
+}
+function collectExactEvmNetworks(routes) {
+  const routeList = isRouteConfig(routes) ? [routes] : Object.values(routes);
+  const networks = /* @__PURE__ */ new Set();
+  for (const route of routeList) {
+    const accepts = normalizePaymentOptions(route);
+    for (const option of accepts) {
+      if (option.scheme !== "exact") {
+        throw new Error(
+          `Auto-registration only supports the x402 "exact" scheme. Register custom schemes via \`schemes\` for "${option.scheme}".`
+        );
+      }
+      if (!option.network.startsWith("eip155:")) {
+        throw new Error(
+          `Auto-registration only supports EVM payment networks. Register custom schemes via \`schemes\` for "${option.network}".`
+        );
+      }
+      networks.add(option.network);
+    }
+  }
+  return [...networks];
+}
+function isRouteConfig(routes) {
+  return "accepts" in routes;
+}
+function normalizePaymentOptions(route) {
+  return Array.isArray(route.accepts) ? route.accepts : [route.accepts];
+}
+function resolveFacilitatorClients(options) {
+  return options.facilitator ?? new import_server2.HTTPFacilitatorClient({ url: options.facilitatorUrl ?? DEFAULT_X402_FACILITATOR_URL });
+}
+// src/next.ts
+var NextAdapter = class {
+  constructor(request) {
+    this.request = request;
+  }
+  getHeader(name) {
+    return this.request.headers.get(name) ?? void 0;
+  }
+  getMethod() {
+    return this.request.method;
+  }
+  getPath() {
+    return new URL(this.request.url).pathname;
+  }
+  getUrl() {
+    return this.request.url;
+  }
+  getAcceptHeader() {
+    return this.request.headers.get("Accept") ?? "";
+  }
+  getUserAgent() {
+    return this.request.headers.get("User-Agent") ?? "";
+  }
+  getQueryParams() {
+    const params = {};
+    for (const [key, value] of new URL(this.request.url).searchParams.entries()) {
+      const existing = params[key];
+      if (existing === void 0) {
+        params[key] = value;
+      } else if (Array.isArray(existing)) {
+        existing.push(value);
+      } else {
+        params[key] = [existing, value];
+      }
+    }
+    return params;
+  }
+  getQueryParam(name) {
+    const values = new URL(this.request.url).searchParams.getAll(name);
+    if (values.length === 0) return void 0;
+    return values.length === 1 ? values[0] : values;
+  }
+  async getBody() {
+    try {
+      return await this.request.clone().json();
+    } catch {
+      return void 0;
+    }
+  }
+};
+function createNextPaymentHandlerFromHTTPServer(httpServer, paywallConfig, paywall) {
+  if (paywall) {
+    httpServer.registerPaywallProvider(paywall);
+  }
+  let initialized = false;
+  let initializePromise = null;
+  async function initialize() {
+    if (initialized) return;
+    if (!initializePromise) {
+      initializePromise = httpServer.initialize().then(() => {
+        initialized = true;
+      }).catch((error) => {
+        initializePromise = null;
+        throw error;
+      });
+    }
+    await initializePromise;
+  }
+  function wrap(handler) {
+    return async (request) => {
+      const adapter = new NextAdapter(request);
+      const requestContext = {
+        adapter,
+        path: new URL(request.url).pathname,
+        method: request.method,
+        paymentHeader: adapter.getHeader("payment-signature") || adapter.getHeader("x-payment")
+      };
+      if (!httpServer.requiresPayment(requestContext)) {
+        return handler(request);
+      }
+      await initialize();
+      const result = await httpServer.processHTTPRequest(requestContext, paywallConfig);
+      switch (result.type) {
+        case "no-payment-required":
+          return handler(request);
+        case "payment-error": {
+          const { response } = result;
+          const body = response.isHtml ? String(response.body ?? "") : JSON.stringify(response.body ?? {});
+          return new Response(body, {
+            status: response.status,
+            headers: response.headers
+          });
+        }
+        case "payment-verified": {
+          const { paymentPayload, paymentRequirements, declaredExtensions } = result;
+          const handlerResponse = await handler(request);
+          if (handlerResponse.status >= 400) {
+            return handlerResponse;
+          }
+          const responseBody = Buffer.from(await handlerResponse.clone().arrayBuffer());
+          const settlement = await httpServer.processSettlement(
+            paymentPayload,
+            paymentRequirements,
+            declaredExtensions,
+            { request: requestContext, responseBody }
+          );
+          if (!settlement.success) {
+            const { response: errorResponse } = settlement;
+            const body = errorResponse.isHtml ? String(errorResponse.body ?? "") : JSON.stringify(errorResponse.body ?? {});
+            return new Response(body, {
+              status: errorResponse.status,
+              headers: errorResponse.headers
+            });
+          }
+          const headers = new Headers(handlerResponse.headers);
+          for (const [key, value] of Object.entries(settlement.headers)) {
+            headers.set(key, value);
+          }
+          return new Response(handlerResponse.body, {
+            status: handlerResponse.status,
+            headers
+          });
+        }
+      }
+    };
+  }
+  return { wrap, initialize };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  AGENTLINK,
+  AGENT_LINK_TYPES,
+  AgentLinkPayloadSchema,
+  BIOMAPPER_AGENT_REGISTRY_ABI,
+  BIOMAPPER_AGENT_REGISTRY_NAME,
+  BIOMAPPER_AGENT_REGISTRY_VERSION,
+  BIOMAPPER_APP_URLS,
+  BRIDGED_BIOMAPPER_ADDRESSES,
+  BRIDGED_BIOMAPPER_READ_ABI,
+  BiomapperNetworkSchema,
+  BiomapperQueryError,
+  CHECK_AGENT_STATUS_TOOL_DESCRIPTION,
+  CHECK_AGENT_STATUS_TOOL_NAME,
+  CheckAgentStatusInputSchema,
+  CheckAgentStatusResultSchema,
+  GET_BIOMAPPER_INFO_TOOL_DESCRIPTION,
+  GET_BIOMAPPER_INFO_TOOL_NAME,
+  GET_CURRENT_GENERATION_TOOL_DESCRIPTION,
+  GET_CURRENT_GENERATION_TOOL_NAME,
+  GetBiomapperInfoInputSchema,
+  GetBiomapperInfoResultSchema,
+  GetCurrentGenerationInputSchema,
+  GetCurrentGenerationResultSchema,
+  InMemoryAgentLinkStorage,
+  InMemoryLinkSessionStore,
+  agentlinkResourceServerExtension,
+  buildAgentLinkSchema,
+  buildAgentLinkTypedData,
+  buildAgentLinkUsageKey,
+  buildEmbeddedHostedLinkUrl,
+  buildHostedLinkUrl,
+  createAgentLinkConsent,
+  createAgentLinkHooks,
+  createAgentLinkWebhookDispatcher,
+  createAgentLinkWebhookEnvelope,
+  createBiomapperLink,
+  createBiomapperQueryClient,
+  createBiomapperRegistryVerifier,
+  createHonoPaymentMiddlewareFromHTTPServer,
+  createLinkSession,
+  createNextPaymentHandlerFromHTTPServer,
+  declareAgentLinkExtension,
+  decodeLinkSession,
+  dispatchAgentLinkWebhook,
+  encodeLinkSession,
+  extractEVMChainId,
+  formatSIWEMessage,
+  getLinkSession,
+  parseAgentLinkHeader,
+  validateAgentLinkMessage,
+  validateLinkSession,
+  verifyAgentLinkSignature,
+  verifyAgentLinkWebhookSignature,
+  verifyEVMSignature
+});
+//# sourceMappingURL=index.js.map