@tvip2/sdk 0.1.0-beta.1

package/LICENSE

@@ -0,0 +1,43 @@
+VELA TVIP SDK — Licence Proprietaire
+
+Copyright (c) 2026 Missylia Systems. Tous droits reserves.
+
+BREVET EN COURS DE DEPOT — PATENT PENDING
+
+Ce logiciel et sa documentation sont la propriete exclusive de Missylia Systems.
+L'acces a ce SDK est strictement reserve aux participants du programme beta
+autorise par Missylia Systems.
+
+CONDITIONS D'UTILISATION :
+
+1. ACCES RESTREINT — Ce SDK est distribue en beta fermee. Toute utilisation
+   necessite une cle API valide fournie par Missylia Systems.
+
+2. INTERDICTION DE REDISTRIBUTION — Vous ne pouvez pas copier, redistribuer,
+   sous-licencier, vendre ou rendre disponible ce SDK a des tiers sans
+   l'autorisation ecrite prealable de Missylia Systems.
+
+3. INTERDICTION DE RETRO-INGENIERIE — Vous ne pouvez pas decompiler,
+   desassembler ou tenter d'extraire le code source, les algorithmes ou
+   les methodes du protocole TVIP.
+
+4. PROPRIETE INTELLECTUELLE — Le protocole TVIP (Transaction-to-Verified-
+   Invoice Protocol), ses algorithmes de correlation, de signature
+   cryptographique SHA-256, et de rapprochement bancaire automatique sont
+   proteges par un brevet en cours de depot par Missylia Systems.
+
+5. CONFIDENTIALITE — Les informations techniques contenues dans ce SDK
+   sont confidentielles. Vous vous engagez a ne pas divulguer ces
+   informations a des tiers.
+
+6. SANS GARANTIE — Ce SDK est fourni "en l'etat", sans garantie d'aucune
+   sorte, expresse ou implicite.
+
+7. RESILIATION — Missylia Systems se reserve le droit de revoquer l'acces
+   a tout moment, sans preavis.
+
+Pour toute demande d'acces au programme beta :
+contact@missylia.com
+
+Missylia Systems — VELA — Transaction-to-Verified-Invoice Protocol (TVIP)
+Patent Pending — Brevet en cours de depot

package/README.md

@@ -0,0 +1,104 @@
+# @tvip2/sdk — Beta Fermee
+
+> **BREVET EN COURS DE DEPOT — PATENT PENDING**
+>
+> Ce SDK est distribue en beta fermee. L'acces necessite une invitation
+> et une cle API valide fournie par Missylia Systems.
+
+SDK officiel JavaScript/Node.js pour le **protocole TVIP** (Transaction-to-Verified-Invoice Protocol).
+
+Correle les autorisations de paiement avec les factures marchands detaillees en temps reel.
+
+## Acces Beta
+
+Ce SDK n'est pas disponible publiquement. Pour demander l'acces :
+
+- Email : contact@missylia.com
+- Sujet : "Demande acces SDK TVIP Beta"
+
+## Installation (participants beta uniquement)
+
+```bash
+npm install @tvip2/sdk
+```
+
+## Quick Start
+
+```javascript
+const { TVIP } = require('@tvip2/sdk');
+
+// Cle API fournie par VELA Protocol
+const tvip = new TVIP({ apiKey: 'sk_beta_votre_cle' });
+
+// 1. Creer une session de correlation
+const session = await tvip.createSession({
+  amount: 12450,     // centimes
+  currency: 'EUR',
+  merchant_order_id: 'ord_1001'
+});
+
+// 2. Envoyer la facture depuis le POS
+await tvip.sendInvoice({
+  correlation_token: session.correlation_token,
+  invoice_id: 'inv_1001',
+  items: [
+    { name: 'Tomates bio', quantity: 4, unit_price: 2500, tax_rate: 0.055 },
+    { name: 'Pain complet', quantity: 1, unit_price: 2450, tax_rate: 0.055 },
+  ],
+  total: 12450,
+  currency: 'EUR'
+});
+
+// 3. TVIP cree automatiquement un evenement verifie :
+//    -> Signe SHA-256
+//    -> Ecritures comptables (PCG)
+//    -> Rapprochement bancaire
+//    -> Categorisation IA
+```
+
+## AI Vision Scanner
+
+```javascript
+const fs = require('fs');
+const image = fs.readFileSync('./ticket.jpg', 'base64');
+
+const parsed = await tvip.scanImage(image);
+// Retourne : {merchant, items, total, tax, ...}
+```
+
+## Verification Webhook
+
+```javascript
+const { TVIP } = require('@tvip2/sdk');
+
+app.post('/webhooks/tvip', (req, res) => {
+  const isValid = TVIP.verifyWebhook(
+    JSON.stringify(req.body),
+    req.headers['x-tvip-signature'],
+    process.env.TVIP_WEBHOOK_SECRET
+  );
+  if (!isValid) return res.status(401).send('Signature invalide');
+  // Traiter l'evenement...
+});
+```
+
+## API Reference
+
+| Methode | Description |
+|---------|-------------|
+| `createSession(params)` | Creer une session de correlation |
+| `getSession(token)` | Obtenir session par token |
+| `sendInvoice(params)` | Envoyer facture marchande |
+| `getEvent(id)` | Obtenir evenement TVIP |
+| `listEvents(filters?)` | Lister evenements avec filtres |
+| `ingest({ source, data })` | Ingerer Factur-X/JSON/XML |
+| `scanImage(base64)` | Scanner ticket IA Vision |
+| `TVIP.verifyWebhook(...)` | Verifier signature HMAC-SHA256 |
+
+## Licence
+
+Licence proprietaire — Missylia Systems
+Brevet en cours de depot (Patent Pending)
+Voir fichier LICENSE pour les conditions d'utilisation.
+
+(c) 2026 Missylia Systems. Tous droits reserves.

package/package.json

@@ -0,0 +1,20 @@
+{
+  "name": "@tvip2/sdk",
+  "version": "0.1.0-beta.1",
+  "description": "TVIP SDK — Transaction-to-Verified-Invoice Protocol. Beta fermee — brevet en cours de depot.",
+  "main": "src/index.js",
+  "types": "src/index.d.ts",
+  "files": ["src/", "README.md", "LICENSE"],
+  "keywords": ["tvip", "payment", "invoice", "correlation", "fintech"],
+  "author": "Missylia Systems <contact@missylia.com>",
+  "license": "SEE LICENSE IN LICENSE",
+  "private": false,
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/vela-protocol/tvip-sdk-js"
+  },
+  "engines": { "node": ">=18.0.0" }
+}

package/src/index.d.ts

@@ -0,0 +1,56 @@
+export class TVIPError extends Error {
+  status: number;
+  code?: string;
+  constructor(message: string, status?: number, code?: string);
+}
+
+export interface TVIPConfig {
+  apiKey: string;
+  baseUrl?: string;
+  timeout?: number;
+}
+
+export interface SessionParams {
+  amount: number;
+  currency: string;
+  merchant_order_id?: string;
+}
+
+export interface InvoiceItem {
+  name: string;
+  quantity: number;
+  unit_price: number;
+  tax_rate: number;
+}
+
+export interface InvoiceParams {
+  correlation_token: string;
+  invoice_id: string;
+  items: InvoiceItem[];
+  total: number;
+  currency: string;
+}
+
+export interface EventFilters {
+  status?: string;
+  limit?: number;
+  offset?: number;
+}
+
+export interface IngestParams {
+  source: 'facturx' | 'json' | 'xml';
+  data: any;
+}
+
+export class TVIP {
+  isSandbox: boolean;
+  constructor(config: TVIPConfig);
+  createSession(params: SessionParams): Promise<any>;
+  getSession(correlationToken: string): Promise<any>;
+  sendInvoice(params: InvoiceParams): Promise<any>;
+  getEvent(eventId: string): Promise<any>;
+  listEvents(filters?: EventFilters): Promise<any>;
+  ingest(params: IngestParams): Promise<any>;
+  scanImage(base64Image: string): Promise<any>;
+  static verifyWebhook(payload: string, signature: string, secret: string): boolean;
+}

package/src/index.js

@@ -0,0 +1,146 @@
+/**
+ * TVIP SDK — Transaction-to-Verified-Invoice Protocol
+ * JavaScript/Node.js Client
+ */
+
+class TVIPError extends Error {
+  constructor(message, status, code) {
+    super(message);
+    this.name = 'TVIPError';
+    this.status = status;
+    this.code = code;
+  }
+}
+
+class TVIP {
+  /**
+   * @param {Object} config
+   * @param {string} config.apiKey - API key (sk_test_* or sk_live_*)
+   * @param {string} [config.baseUrl] - Base URL (default: https://api.tvip.com)
+   * @param {number} [config.timeout] - Request timeout in ms (default: 30000)
+   */
+  constructor({ apiKey, baseUrl = 'https://api.tvip.com', timeout = 30000 }) {
+    if (!apiKey) throw new TVIPError('API key is required');
+    this.apiKey = apiKey;
+    this.baseUrl = baseUrl.replace(/\/$/, '');
+    this.timeout = timeout;
+    this.isSandbox = apiKey.startsWith('sk_test_');
+  }
+
+  async _request(method, path, body = null) {
+    const url = `${this.baseUrl}/sdk/v2${path}`;
+    const opts = {
+      method,
+      headers: {
+        'Authorization': `Bearer ${this.apiKey}`,
+        'Content-Type': 'application/json',
+        'X-TVIP-SDK': 'js/0.1.0',
+      },
+    };
+    if (body) opts.body = JSON.stringify(body);
+
+    const controller = new AbortController();
+    const timer = setTimeout(() => controller.abort(), this.timeout);
+    opts.signal = controller.signal;
+
+    try {
+      const res = await fetch(url, opts);
+      const data = await res.json();
+      if (!res.ok) throw new TVIPError(data.detail || data.message || 'API Error', res.status, data.code);
+      return data;
+    } finally {
+      clearTimeout(timer);
+    }
+  }
+
+  // ─── Sessions ───
+  /**
+   * Create a TVIP correlation session
+   * @param {Object} params
+   * @param {number} params.amount - Amount in cents
+   * @param {string} params.currency - ISO 4217 currency code
+   * @param {string} [params.merchant_order_id] - Merchant order reference
+   * @returns {Promise<Object>} Session with correlation_token
+   */
+  async createSession({ amount, currency, merchant_order_id }) {
+    return this._request('POST', '/sessions', { amount, currency, merchant_order_id });
+  }
+
+  /**
+   * Get session by correlation token
+   * @param {string} correlationToken
+   */
+  async getSession(correlationToken) {
+    return this._request('GET', `/sessions/${correlationToken}`);
+  }
+
+  // ─── Invoices ───
+  /**
+   * Send a detailed merchant invoice
+   * @param {Object} params
+   * @param {string} params.correlation_token
+   * @param {string} params.invoice_id
+   * @param {Array} params.items - [{name, quantity, unit_price, tax_rate}]
+   * @param {number} params.total - Total in cents
+   * @param {string} params.currency
+   */
+  async sendInvoice({ correlation_token, invoice_id, items, total, currency }) {
+    return this._request('POST', '/invoices', { correlation_token, invoice_id, items, total, currency });
+  }
+
+  // ─── Events ───
+  /**
+   * Get TVIP event by ID
+   * @param {string} eventId
+   */
+  async getEvent(eventId) {
+    return this._request('GET', `/events/${eventId}`);
+  }
+
+  /**
+   * List TVIP events with optional filters
+   * @param {Object} [filters]
+   * @param {string} [filters.status]
+   * @param {number} [filters.limit]
+   * @param {number} [filters.offset]
+   */
+  async listEvents(filters = {}) {
+    const qs = new URLSearchParams(filters).toString();
+    return this._request('GET', `/events${qs ? '?' + qs : ''}`);
+  }
+
+  // ─── Ingestion ───
+  /**
+   * Ingest an invoice (Factur-X, JSON, XML)
+   * @param {Object} params
+   * @param {string} params.source - 'facturx' | 'json' | 'xml'
+   * @param {*} params.data - Invoice data
+   */
+  async ingest({ source, data }) {
+    return this._request('POST', '/ingest', { source, data });
+  }
+
+  /**
+   * Scan invoice image with AI Vision
+   * @param {string} base64Image - Base64 encoded image
+   */
+  async scanImage(base64Image) {
+    return this._request('POST', '/ingest/scan', { image: base64Image });
+  }
+
+  // ─── Webhooks ───
+  /**
+   * Verify webhook signature (HMAC-SHA256)
+   * @param {string} payload - Raw request body
+   * @param {string} signature - X-TVIP-Signature header
+   * @param {string} secret - Webhook secret
+   * @returns {boolean}
+   */
+  static verifyWebhook(payload, signature, secret) {
+    const crypto = require('crypto');
+    const expected = crypto.createHmac('sha256', secret).update(payload).digest('hex');
+    return crypto.timingSafeEqual(Buffer.from(signature), Buffer.from(expected));
+  }
+}
+
+module.exports = { TVIP, TVIPError };