@unicitylabs/sphere-sdk 0.7.2 → 0.8.0-dev.0

package/dist/core/index.js

@@ -1890,26 +1890,14 @@ var NostrTransportProvider = class _NostrTransportProvider {
   }
   /**
    * Convert a BindingInfo (from nostr-js-sdk) to PeerInfo (sphere-sdk type).
-   * Computes PROXY address from nametag if available.
    */
   async bindingInfoToPeerInfo(binding, nametag) {
-    const nametagValue = nametag || binding.nametag;
-    let proxyAddress = binding.proxyAddress;
-    if (nametagValue && !proxyAddress) {
-      try {
-        const { ProxyAddress } = await import("@unicitylabs/state-transition-sdk/lib/address/ProxyAddress");
-        const proxyAddr = await ProxyAddress.fromNameTag(nametagValue);
-        proxyAddress = proxyAddr.toString();
-      } catch {
-      }
-    }
     return {
-      nametag: nametagValue,
+      nametag: nametag || binding.nametag,
       transportPubkey: binding.transportPubkey,
       chainPubkey: binding.publicKey || "",
       l1Address: binding.l1Address || "",
       directAddress: binding.directAddress || "",
-      proxyAddress,
       timestamp: binding.timestamp
     };
   }
@@ -1935,7 +1923,6 @@ var NostrTransportProvider = class _NostrTransportProvider {
         chainPubkey: content.public_key || "",
         l1Address: content.l1_address || "",
         directAddress: content.direct_address || "",
-        proxyAddress: content.proxy_address || void 0,
         timestamp: bindingEvent.created_at * 1e3
       };
     } catch {
@@ -1978,7 +1965,6 @@ var NostrTransportProvider = class _NostrTransportProvider {
           chainPubkey: content.public_key || "",
           l1Address: content.l1_address || "",
           directAddress: content.direct_address || "",
-          proxyAddress: content.proxy_address || void 0,
           timestamp: event.created_at * 1e3
         });
       } catch {
@@ -2048,8 +2034,6 @@ var NostrTransportProvider = class _NostrTransportProvider {
     }
     const nostrPubkey = this.getNostrPubkey();
     if (nametag) {
-      const { ProxyAddress } = await import("@unicitylabs/state-transition-sdk/lib/address/ProxyAddress");
-      const proxyAddr = await ProxyAddress.fromNameTag(nametag);
       try {
         const success2 = await this.nostrClient.publishNametagBinding(
           nametag,
@@ -2057,8 +2041,7 @@ var NostrTransportProvider = class _NostrTransportProvider {
           {
             publicKey: chainPubkey,
             l1Address,
-            directAddress,
-            proxyAddress: proxyAddr.toString()
+            directAddress
           }
         );
         if (success2) {
@@ -6108,6 +6091,13 @@ var L1PaymentsModule = class {
   }
 };
 
+// types/v2-transfer.ts
+function isV2TransferPayload(obj) {
+  if (!obj || typeof obj !== "object") return false;
+  const p = obj;
+  return p.type === "V2_TRANSFER" && typeof p.tokenBlob === "string" && p.tokenBlob.length > 0;
+}
+
 // modules/payments/TokenSplitExecutor.ts
 init_logger();
 init_errors();
@@ -6483,16 +6473,115 @@ init_logger();
 init_errors();
 import { Token as SdkToken } from "@unicitylabs/state-transition-sdk/lib/token/Token";
 import { CoinId as CoinId2 } from "@unicitylabs/state-transition-sdk/lib/token/fungible/CoinId";
+
+// token-engine/sdk.ts
+import { StateTransitionClient } from "state-transition-sdk-v2/lib/StateTransitionClient.js";
+import { AggregatorClient } from "state-transition-sdk-v2/lib/api/AggregatorClient.js";
+import { NetworkId } from "state-transition-sdk-v2/lib/api/NetworkId.js";
+import { CertificationData } from "state-transition-sdk-v2/lib/api/CertificationData.js";
+import { CertificationResponse, CertificationStatus } from "state-transition-sdk-v2/lib/api/CertificationResponse.js";
+import { StateId } from "state-transition-sdk-v2/lib/api/StateId.js";
+import { InclusionProof } from "state-transition-sdk-v2/lib/api/InclusionProof.js";
+import { InclusionProofResponse } from "state-transition-sdk-v2/lib/api/InclusionProofResponse.js";
+import { RootTrustBase } from "state-transition-sdk-v2/lib/api/bft/RootTrustBase.js";
+import { waitInclusionProof as waitInclusionProof2 } from "state-transition-sdk-v2/lib/util/InclusionProofUtils.js";
+import { Token as Token2 } from "state-transition-sdk-v2/lib/transaction/Token.js";
+import { MintTransaction } from "state-transition-sdk-v2/lib/transaction/MintTransaction.js";
+import { TransferTransaction } from "state-transition-sdk-v2/lib/transaction/TransferTransaction.js";
+import { CertifiedMintTransaction } from "state-transition-sdk-v2/lib/transaction/CertifiedMintTransaction.js";
+import { CertifiedTransferTransaction } from "state-transition-sdk-v2/lib/transaction/CertifiedTransferTransaction.js";
+import { TokenId as TokenId2 } from "state-transition-sdk-v2/lib/transaction/TokenId.js";
+import { TokenType } from "state-transition-sdk-v2/lib/transaction/TokenType.js";
+import { TokenSalt } from "state-transition-sdk-v2/lib/transaction/TokenSalt.js";
+import { MintJustificationVerifierService } from "state-transition-sdk-v2/lib/transaction/verification/MintJustificationVerifierService.js";
+import { EncodedPredicate } from "state-transition-sdk-v2/lib/predicate/EncodedPredicate.js";
+import { SignaturePredicate } from "state-transition-sdk-v2/lib/predicate/builtin/SignaturePredicate.js";
+import { SignaturePredicateUnlockScript } from "state-transition-sdk-v2/lib/predicate/builtin/SignaturePredicateUnlockScript.js";
+import { BurnPredicate } from "state-transition-sdk-v2/lib/predicate/builtin/BurnPredicate.js";
+import { PredicateVerifierService } from "state-transition-sdk-v2/lib/predicate/verification/PredicateVerifierService.js";
+import { SigningService } from "state-transition-sdk-v2/lib/crypto/secp256k1/SigningService.js";
+import { Signature } from "state-transition-sdk-v2/lib/crypto/secp256k1/Signature.js";
+import { MintSigningService } from "state-transition-sdk-v2/lib/crypto/MintSigningService.js";
+import { HashAlgorithm as HashAlgorithm2 } from "state-transition-sdk-v2/lib/crypto/hash/HashAlgorithm.js";
+import { DataHash } from "state-transition-sdk-v2/lib/crypto/hash/DataHash.js";
+import { DataHasher } from "state-transition-sdk-v2/lib/crypto/hash/DataHasher.js";
+import { DataHasherFactory } from "state-transition-sdk-v2/lib/crypto/hash/DataHasherFactory.js";
+import { CborSerializer } from "state-transition-sdk-v2/lib/serialization/cbor/CborSerializer.js";
+import { CborDeserializer } from "state-transition-sdk-v2/lib/serialization/cbor/CborDeserializer.js";
+import { CborError } from "state-transition-sdk-v2/lib/serialization/cbor/CborError.js";
+import { Asset } from "state-transition-sdk-v2/lib/payment/asset/Asset.js";
+import { AssetId } from "state-transition-sdk-v2/lib/payment/asset/AssetId.js";
+import { PaymentAssetCollection } from "state-transition-sdk-v2/lib/payment/asset/PaymentAssetCollection.js";
+import { TokenSplit } from "state-transition-sdk-v2/lib/payment/TokenSplit.js";
+import { SplitTokenRequest } from "state-transition-sdk-v2/lib/payment/SplitTokenRequest.js";
+import { SplitToken } from "state-transition-sdk-v2/lib/payment/SplitToken.js";
+import { SplitAssetProof } from "state-transition-sdk-v2/lib/payment/SplitAssetProof.js";
+import { SplitMintJustification } from "state-transition-sdk-v2/lib/payment/SplitMintJustification.js";
+import { SplitMintJustificationVerifier } from "state-transition-sdk-v2/lib/payment/SplitMintJustificationVerifier.js";
+import { VerificationStatus } from "state-transition-sdk-v2/lib/verification/VerificationStatus.js";
+import { VerificationResult } from "state-transition-sdk-v2/lib/verification/VerificationResult.js";
+import { HexConverter } from "state-transition-sdk-v2/lib/util/HexConverter.js";
+import { BigintConverter } from "state-transition-sdk-v2/lib/util/BigintConverter.js";
+import { BitString } from "state-transition-sdk-v2/lib/util/BitString.js";
+
+// token-engine/token-blob.ts
+var TOKEN_BLOB_TAG = 39051n;
+var TOKEN_BLOB_VERSION = 1;
+function encodeTokenBlob(blob) {
+  return CborSerializer.encodeTag(
+    TOKEN_BLOB_TAG,
+    CborSerializer.encodeArray(
+      CborSerializer.encodeUnsignedInteger(BigInt(blob.v)),
+      CborSerializer.encodeUnsignedInteger(BigInt(blob.network)),
+      CborSerializer.encodeTextString(blob.tokenId),
+      CborSerializer.encodeByteString(blob.token)
+    )
+  );
+}
+function decodeTokenBlob(bytes) {
+  const tag = CborDeserializer.decodeTag(bytes);
+  if (tag.tag !== TOKEN_BLOB_TAG) {
+    throw new CborError(`Invalid TokenBlob tag: ${tag.tag}`);
+  }
+  const fields = CborDeserializer.decodeArray(tag.data, 4);
+  const v = Number(CborDeserializer.decodeUnsignedInteger(fields[0]));
+  if (v !== TOKEN_BLOB_VERSION) {
+    throw new CborError(`Unsupported TokenBlob version: ${v}`);
+  }
+  return {
+    v,
+    network: Number(CborDeserializer.decodeUnsignedInteger(fields[1])),
+    tokenId: CborDeserializer.decodeTextString(fields[2]),
+    token: CborDeserializer.decodeByteString(fields[3])
+  };
+}
+
+// modules/payments/SpendQueue.ts
 var QUEUE_TIMEOUT_MS = 3e4;
 var QUEUE_MAX_SIZE = 100;
 var TAG2 = "SpendQueue";
 var SpendPlanner = class {
+  /**
+   * Token engine (path B). When injected, value reads go through the v2 engine
+   * (sdkData = engine blob); otherwise the legacy v1 SdkToken path is used. The
+   * engine is wired after construction via {@link setEngine} (it is bound to the
+   * payments deps, which arrive after the planner is built).
+   */
+  engine;
+  constructor(engine) {
+    this.engine = engine;
+  }
+  /** Inject (or clear) the token engine. */
+  setEngine(engine) {
+    this.engine = engine;
+  }
   /**
    * Async pre-computation: parse all tokens for a given coinId.
    * Called BEFORE the synchronous critical section.
    *
-   * Filters to confirmed tokens matching the coinId, parses each
-   * token's sdkData into an SdkToken, and extracts the bigint amount.
+   * Filters to confirmed tokens matching the coinId, decodes each token's
+   * sdkData and extracts the bigint amount — via the v2 engine when injected,
+   * else the legacy v1 SdkToken path.
    */
   async buildParsedPool(tokens, coinId) {
     const pool = /* @__PURE__ */ new Map();
@@ -6501,20 +6590,28 @@ var SpendPlanner = class {
       if (t.status !== "confirmed") continue;
       if (!t.sdkData) continue;
       try {
-        const parsed = JSON.parse(t.sdkData);
-        const sdkToken = await SdkToken.fromJSON(parsed);
-        const realAmount = this.getTokenBalance(sdkToken, coinId);
-        if (realAmount <= 0n) {
+        const { sdkToken, amount } = this.engine ? await this.parseViaEngine(t.sdkData, coinId) : await this.parseViaSdk(t.sdkData, coinId);
+        if (amount <= 0n) {
           logger.warn(TAG2, `Token ${t.id} has 0 balance for coinId ${coinId}`);
           continue;
         }
-        pool.set(t.id, { token: t, sdkToken, amount: realAmount });
+        pool.set(t.id, { token: t, sdkToken, amount });
       } catch (e) {
         logger.warn(TAG2, "Failed to parse token", t.id, e);
       }
     }
     return pool;
   }
+  /** Engine path (v2): sdkData is the engine blob (hex of CBOR(TokenBlob)). */
+  async parseViaEngine(sdkData, coinId) {
+    const token = await this.engine.decodeToken(decodeTokenBlob(hexToBytes2(sdkData)));
+    return { sdkToken: token, amount: this.engine.balanceOf(token, coinId) };
+  }
+  /** Legacy v1 path: sdkData is TXF JSON. */
+  async parseViaSdk(sdkData, coinId) {
+    const sdkToken = await SdkToken.fromJSON(JSON.parse(sdkData));
+    return { sdkToken, amount: this.getTokenBalance(sdkToken, coinId) };
+  }
   /**
    * SYNCHRONOUS critical section. NO await allowed anywhere in this method.
    *
@@ -6925,174 +7022,6 @@ var SpendQueue = class {
   }
 };
 
-// modules/payments/NametagMinter.ts
-init_logger();
-import { Token as Token2 } from "@unicitylabs/state-transition-sdk/lib/token/Token";
-import { TokenId as TokenId2 } from "@unicitylabs/state-transition-sdk/lib/token/TokenId";
-import { TokenType } from "@unicitylabs/state-transition-sdk/lib/token/TokenType";
-import { TokenState as TokenState2 } from "@unicitylabs/state-transition-sdk/lib/token/TokenState";
-import { MintTransactionData } from "@unicitylabs/state-transition-sdk/lib/transaction/MintTransactionData";
-import { MintCommitment } from "@unicitylabs/state-transition-sdk/lib/transaction/MintCommitment";
-import { HashAlgorithm as HashAlgorithm2 } from "@unicitylabs/state-transition-sdk/lib/hash/HashAlgorithm";
-import { UnmaskedPredicate as UnmaskedPredicate2 } from "@unicitylabs/state-transition-sdk/lib/predicate/embedded/UnmaskedPredicate";
-import { waitInclusionProof as waitInclusionProof2 } from "@unicitylabs/state-transition-sdk/lib/util/InclusionProofUtils";
-import { normalizeNametag } from "@unicitylabs/nostr-js-sdk";
-var UNICITY_TOKEN_TYPE_HEX = "f8aa13834268d29355ff12183066f0cb902003629bbc5eb9ef0efbe397867509";
-var NametagMinter = class {
-  client;
-  trustBase;
-  signingService;
-  skipVerification;
-  debug;
-  constructor(config) {
-    this.client = config.stateTransitionClient;
-    this.trustBase = config.trustBase;
-    this.signingService = config.signingService;
-    this.skipVerification = config.skipVerification ?? false;
-    this.debug = config.debug ?? false;
-  }
-  log(message, ...args) {
-    logger.debug("NametagMinter", message, ...args);
-  }
-  /**
-   * Check if a nametag is available (not already minted)
-   */
-  async isNametagAvailable(nametag) {
-    try {
-      const stripped = nametag.startsWith("@") ? nametag.slice(1) : nametag;
-      const cleanNametag = normalizeNametag(stripped);
-      const nametagTokenId = await TokenId2.fromNameTag(cleanNametag);
-      const isMinted = await this.client.isMinted(this.trustBase, nametagTokenId);
-      return !isMinted;
-    } catch (error) {
-      this.log("Error checking nametag availability:", error);
-      return false;
-    }
-  }
-  /**
-   * Mint a nametag token on-chain
-   *
-   * @param nametag - The nametag to mint (e.g., "alice" or "@alice")
-   * @param ownerAddress - The owner's direct address
-   * @returns MintNametagResult with token if successful
-   */
-  async mintNametag(nametag, ownerAddress) {
-    const stripped = nametag.startsWith("@") ? nametag.slice(1) : nametag;
-    const cleanNametag = normalizeNametag(stripped);
-    this.log(`Starting mint for nametag: ${cleanNametag}`);
-    try {
-      const nametagTokenId = await TokenId2.fromNameTag(cleanNametag);
-      const nametagTokenType = new TokenType(
-        Buffer.from(UNICITY_TOKEN_TYPE_HEX, "hex")
-      );
-      const nametagBytes = new TextEncoder().encode(cleanNametag);
-      const pubKey = this.signingService.publicKey;
-      const saltInput = new Uint8Array(pubKey.length + nametagBytes.length);
-      saltInput.set(pubKey, 0);
-      saltInput.set(nametagBytes, pubKey.length);
-      const saltBuffer = await crypto.subtle.digest("SHA-256", saltInput);
-      const salt = new Uint8Array(saltBuffer);
-      this.log("Generated deterministic salt");
-      const mintData = await MintTransactionData.createFromNametag(
-        cleanNametag,
-        nametagTokenType,
-        ownerAddress,
-        salt,
-        ownerAddress
-      );
-      this.log("Created MintTransactionData");
-      const commitment = await MintCommitment.create(mintData);
-      this.log("Created MintCommitment");
-      const MAX_RETRIES = 3;
-      let submitSuccess = false;
-      for (let attempt = 1; attempt <= MAX_RETRIES; attempt++) {
-        try {
-          this.log(`Submitting commitment (attempt ${attempt}/${MAX_RETRIES})...`);
-          const response = await this.client.submitMintCommitment(commitment);
-          if (response.status === "SUCCESS" || response.status === "REQUEST_ID_EXISTS") {
-            this.log(`Commitment ${response.status === "REQUEST_ID_EXISTS" ? "already exists" : "submitted successfully"}`);
-            submitSuccess = true;
-            break;
-          } else {
-            this.log(`Commitment failed: ${response.status}`);
-            if (attempt === MAX_RETRIES) {
-              return {
-                success: false,
-                error: `Failed to submit commitment after ${MAX_RETRIES} attempts: ${response.status}`
-              };
-            }
-            await new Promise((r) => setTimeout(r, 1e3 * attempt));
-          }
-        } catch (error) {
-          this.log(`Attempt ${attempt} error:`, error);
-          if (attempt === MAX_RETRIES) {
-            return {
-              success: false,
-              error: `Submit failed: ${error instanceof Error ? error.message : String(error)}`
-            };
-          }
-          await new Promise((r) => setTimeout(r, 1e3 * attempt));
-        }
-      }
-      if (!submitSuccess) {
-        return {
-          success: false,
-          error: "Failed to submit commitment after retries"
-        };
-      }
-      this.log("Waiting for inclusion proof...");
-      const inclusionProof = await waitInclusionProof2(this.trustBase, this.client, commitment);
-      this.log("Received inclusion proof");
-      const genesisTransaction = commitment.toTransaction(inclusionProof);
-      const nametagPredicate = await UnmaskedPredicate2.create(
-        nametagTokenId,
-        nametagTokenType,
-        this.signingService,
-        HashAlgorithm2.SHA256,
-        salt
-      );
-      const tokenState = new TokenState2(nametagPredicate, null);
-      let token;
-      if (this.skipVerification) {
-        this.log("Creating token WITHOUT verification (dev mode)");
-        const tokenJson = {
-          version: "2.0",
-          state: tokenState.toJSON(),
-          genesis: genesisTransaction.toJSON(),
-          transactions: [],
-          nametags: []
-        };
-        token = await Token2.fromJSON(tokenJson);
-      } else {
-        token = await Token2.mint(
-          this.trustBase,
-          tokenState,
-          genesisTransaction
-        );
-      }
-      this.log(`Nametag minted successfully: ${cleanNametag}`);
-      const nametagData = {
-        name: cleanNametag,
-        token: token.toJSON(),
-        timestamp: Date.now(),
-        format: "txf",
-        version: "2.0"
-      };
-      return {
-        success: true,
-        token,
-        nametagData
-      };
-    } catch (error) {
-      this.log("Minting failed:", error);
-      return {
-        success: false,
-        error: error instanceof Error ? error.message : String(error)
-      };
-    }
-  }
-};
-
 // modules/payments/PaymentsModule.ts
 init_constants();
 
@@ -7675,6 +7604,15 @@ function txfToToken(tokenId, txf) {
     sdkData: JSON.stringify(txf)
   };
 }
+function isV2TokenBlob(sdkData) {
+  return typeof sdkData === "string" && sdkData.length >= 2 && sdkData.length % 2 === 0 && sdkData[0] !== "{" && /^[0-9a-f]+$/i.test(sdkData);
+}
+function v2TokenId(token) {
+  return token.id.startsWith("v2_") ? token.id.slice(3) : token.id;
+}
+function isV2TokenEntry(entry) {
+  return typeof entry === "object" && entry !== null && !("genesis" in entry) && isV2TokenBlob(entry.sdkData);
+}
 async function buildTxfStorageData(tokens, meta, options) {
   const storageData = {
     _meta: {
@@ -7705,6 +7643,8 @@ async function buildTxfStorageData(tokens, meta, options) {
     if (txf) {
       const actualTokenId = txf.genesis.data.tokenId;
       storageData[keyFromTokenId(actualTokenId)] = txf;
+    } else if (isV2TokenBlob(token.sdkData)) {
+      storageData[keyFromTokenId(v2TokenId(token))] = token;
     }
   }
   if (options?.archivedTokens && options.archivedTokens.size > 0) {
@@ -7802,6 +7742,8 @@ function parseTxfStorageData(data) {
         if (txfToken?.genesis?.data?.tokenId) {
           const token = txfToToken(tokenId, txfToken);
           result.tokens.push(token);
+        } else if (isV2TokenEntry(storageData[key])) {
+          result.tokens.push(storageData[key]);
         }
       } catch (err) {
         result.validationErrors.push(`Token ${tokenId}: ${err}`);
@@ -8026,12 +7968,12 @@ init_logger();
 init_errors();
 import { Token as Token3 } from "@unicitylabs/state-transition-sdk/lib/token/Token";
 import { TokenId as TokenId3 } from "@unicitylabs/state-transition-sdk/lib/token/TokenId";
-import { TokenState as TokenState3 } from "@unicitylabs/state-transition-sdk/lib/token/TokenState";
+import { TokenState as TokenState2 } from "@unicitylabs/state-transition-sdk/lib/token/TokenState";
 import { CoinId as CoinId3 } from "@unicitylabs/state-transition-sdk/lib/token/fungible/CoinId";
 import { TokenCoinData as TokenCoinData2 } from "@unicitylabs/state-transition-sdk/lib/token/fungible/TokenCoinData";
 import { TokenSplitBuilder as TokenSplitBuilder2 } from "@unicitylabs/state-transition-sdk/lib/transaction/split/TokenSplitBuilder";
 import { HashAlgorithm as HashAlgorithm3 } from "@unicitylabs/state-transition-sdk/lib/hash/HashAlgorithm";
-import { UnmaskedPredicate as UnmaskedPredicate3 } from "@unicitylabs/state-transition-sdk/lib/predicate/embedded/UnmaskedPredicate";
+import { UnmaskedPredicate as UnmaskedPredicate2 } from "@unicitylabs/state-transition-sdk/lib/predicate/embedded/UnmaskedPredicate";
 import { UnmaskedPredicateReference as UnmaskedPredicateReference2 } from "@unicitylabs/state-transition-sdk/lib/predicate/embedded/UnmaskedPredicateReference";
 import { TransferCommitment as TransferCommitment2 } from "@unicitylabs/state-transition-sdk/lib/transaction/TransferCommitment";
 import { waitInclusionProof as waitInclusionProof3 } from "@unicitylabs/state-transition-sdk/lib/util/InclusionProofUtils";
@@ -8153,14 +8095,14 @@ var InstantSplitExecutor = class {
       options?.message
       // on-chain message (invoice memo bytes, or null)
     );
-    const mintedPredicate = await UnmaskedPredicate3.create(
+    const mintedPredicate = await UnmaskedPredicate2.create(
       recipientTokenId,
       tokenToSplit.type,
       this.signingService,
       HashAlgorithm3.SHA256,
       recipientSalt
     );
-    const mintedState = new TokenState3(mintedPredicate, null);
+    const mintedState = new TokenState2(mintedPredicate, null);
     logger.debug("InstantSplit", "Step 5: Packaging V5 bundle...");
     const senderPubkey = toHex2(this.signingService.publicKey);
     let nametagTokenJson;
@@ -8275,14 +8217,14 @@ var InstantSplitExecutor = class {
    * It does NOT need the genesis transaction or mint proof.
    */
   async createTransferCommitmentFromMintData(mintData, recipientAddress, transferSalt, signingService, nametagTokens, message) {
-    const predicate = await UnmaskedPredicate3.create(
+    const predicate = await UnmaskedPredicate2.create(
       mintData.tokenId,
       mintData.tokenType,
       signingService,
       HashAlgorithm3.SHA256,
       mintData.salt
     );
-    const state = new TokenState3(predicate, null);
+    const state = new TokenState2(predicate, null);
     const minimalToken = {
       state,
       nametagTokens: nametagTokens || [],
@@ -8343,14 +8285,14 @@ var InstantSplitExecutor = class {
           message: `Mint proof received in ${proofDuration.toFixed(0)}ms`
         });
         const mintTransaction = senderMintCommitment.toTransaction(senderMintProof);
-        const predicate = await UnmaskedPredicate3.create(
+        const predicate = await UnmaskedPredicate2.create(
           context.senderTokenId,
           context.tokenType,
           context.signingService,
           HashAlgorithm3.SHA256,
           context.senderSalt
         );
-        const state = new TokenState3(predicate, null);
+        const state = new TokenState2(predicate, null);
         const changeToken = await Token3.mint(this.trustBase, state, mintTransaction);
         if (!this.devMode) {
           const verification = await changeToken.verify(this.trustBase);
@@ -8430,14 +8372,14 @@ var InstantSplitExecutor = class {
 init_logger();
 init_errors();
 import { Token as Token4 } from "@unicitylabs/state-transition-sdk/lib/token/Token";
-import { TokenState as TokenState4 } from "@unicitylabs/state-transition-sdk/lib/token/TokenState";
+import { TokenState as TokenState3 } from "@unicitylabs/state-transition-sdk/lib/token/TokenState";
 import { TokenType as TokenType2 } from "@unicitylabs/state-transition-sdk/lib/token/TokenType";
 import { HashAlgorithm as HashAlgorithm4 } from "@unicitylabs/state-transition-sdk/lib/hash/HashAlgorithm";
-import { UnmaskedPredicate as UnmaskedPredicate4 } from "@unicitylabs/state-transition-sdk/lib/predicate/embedded/UnmaskedPredicate";
+import { UnmaskedPredicate as UnmaskedPredicate3 } from "@unicitylabs/state-transition-sdk/lib/predicate/embedded/UnmaskedPredicate";
 import { TransferCommitment as TransferCommitment3 } from "@unicitylabs/state-transition-sdk/lib/transaction/TransferCommitment";
-import { TransferTransaction } from "@unicitylabs/state-transition-sdk/lib/transaction/TransferTransaction";
-import { MintCommitment as MintCommitment2 } from "@unicitylabs/state-transition-sdk/lib/transaction/MintCommitment";
-import { MintTransactionData as MintTransactionData2 } from "@unicitylabs/state-transition-sdk/lib/transaction/MintTransactionData";
+import { TransferTransaction as TransferTransaction2 } from "@unicitylabs/state-transition-sdk/lib/transaction/TransferTransaction";
+import { MintCommitment } from "@unicitylabs/state-transition-sdk/lib/transaction/MintCommitment";
+import { MintTransactionData } from "@unicitylabs/state-transition-sdk/lib/transaction/MintTransactionData";
 import { waitInclusionProof as waitInclusionProof4 } from "@unicitylabs/state-transition-sdk/lib/util/InclusionProofUtils";
 
 // types/instant-split.ts
@@ -8530,11 +8472,11 @@ var InstantSplitProcessor = class {
         logger.warn("InstantSplit", "Sender pubkey mismatch (non-fatal)");
       }
       const burnTxJson = JSON.parse(bundle.burnTransaction);
-      const _burnTransaction = await TransferTransaction.fromJSON(burnTxJson);
+      const _burnTransaction = await TransferTransaction2.fromJSON(burnTxJson);
       logger.debug("InstantSplit", "Burn transaction validated");
       const mintDataJson = JSON.parse(bundle.recipientMintData);
-      const mintData = await MintTransactionData2.fromJSON(mintDataJson);
-      const mintCommitment = await MintCommitment2.create(mintData);
+      const mintData = await MintTransactionData.fromJSON(mintDataJson);
+      const mintCommitment = await MintCommitment.create(mintData);
       logger.debug("InstantSplit", "Mint commitment recreated");
       const mintResponse = await this.client.submitMintCommitment(mintCommitment);
       if (mintResponse.status !== "SUCCESS" && mintResponse.status !== "REQUEST_ID_EXISTS") {
@@ -8566,14 +8508,14 @@ var InstantSplitProcessor = class {
       const transferTransaction = transferCommitment.toTransaction(transferProof);
       logger.debug("InstantSplit", "Transfer proof received");
       const transferSalt = fromHex3(bundle.transferSaltHex);
-      const finalRecipientPredicate = await UnmaskedPredicate4.create(
+      const finalRecipientPredicate = await UnmaskedPredicate3.create(
         mintData.tokenId,
         tokenType,
         signingService,
         HashAlgorithm4.SHA256,
         transferSalt
       );
-      const finalRecipientState = new TokenState4(finalRecipientPredicate, null);
+      const finalRecipientState = new TokenState3(finalRecipientPredicate, null);
       logger.debug("InstantSplit", "Final recipient state created");
       let nametagTokens = [];
       const recipientAddressStr = bundle.recipientAddressJson;
@@ -8680,8 +8622,8 @@ var InstantSplitProcessor = class {
       await this.waitInclusionProofWithDevBypass(burnCommitment, options?.proofTimeoutMs);
       logger.debug("InstantSplit", "V4: Burn proof received");
       const mintDataJson = JSON.parse(bundle.recipientMintData);
-      const mintData = await MintTransactionData2.fromJSON(mintDataJson);
-      const mintCommitment = await MintCommitment2.create(mintData);
+      const mintData = await MintTransactionData.fromJSON(mintDataJson);
+      const mintCommitment = await MintCommitment.create(mintData);
       const mintResponse = await this.client.submitMintCommitment(mintCommitment);
       if (mintResponse.status !== "SUCCESS" && mintResponse.status !== "REQUEST_ID_EXISTS") {
         throw new SphereError(`Mint submission failed: ${mintResponse.status}`, "TRANSFER_FAILED");
@@ -8694,14 +8636,14 @@ var InstantSplitProcessor = class {
       logger.debug("InstantSplit", "V4: Mint proof received");
       const tokenType = new TokenType2(fromHex3(bundle.tokenTypeHex));
       const recipientSalt = fromHex3(bundle.recipientSaltHex);
-      const recipientPredicate = await UnmaskedPredicate4.create(
+      const recipientPredicate = await UnmaskedPredicate3.create(
         mintData.tokenId,
         tokenType,
         signingService,
         HashAlgorithm4.SHA256,
         recipientSalt
       );
-      const recipientState = new TokenState4(recipientPredicate, null);
+      const recipientState = new TokenState3(recipientPredicate, null);
       const tokenJson = {
         version: "2.0",
         state: recipientState.toJSON(),
@@ -8724,14 +8666,14 @@ var InstantSplitProcessor = class {
       const transferTransaction = transferCommitment.toTransaction(transferProof);
       logger.debug("InstantSplit", "V4: Transfer proof received");
       const transferSalt = fromHex3(bundle.transferSaltHex);
-      const finalPredicate = await UnmaskedPredicate4.create(
+      const finalPredicate = await UnmaskedPredicate3.create(
         mintData.tokenId,
         tokenType,
         signingService,
         HashAlgorithm4.SHA256,
         transferSalt
       );
-      const finalState = new TokenState4(finalPredicate, null);
+      const finalState = new TokenState3(finalPredicate, null);
       const finalTokenJson = mintedToken.toJSON();
       finalTokenJson.state = finalState.toJSON();
       finalTokenJson.transactions = [transferTransaction.toJSON()];
@@ -8782,17 +8724,17 @@ var InstantSplitProcessor = class {
 import { Token as SdkToken2 } from "@unicitylabs/state-transition-sdk/lib/token/Token";
 import { CoinId as CoinId4 } from "@unicitylabs/state-transition-sdk/lib/token/fungible/CoinId";
 import { TransferCommitment as TransferCommitment4 } from "@unicitylabs/state-transition-sdk/lib/transaction/TransferCommitment";
-import { TransferTransaction as TransferTransaction2 } from "@unicitylabs/state-transition-sdk/lib/transaction/TransferTransaction";
-import { SigningService } from "@unicitylabs/state-transition-sdk/lib/sign/SigningService";
+import { TransferTransaction as TransferTransaction3 } from "@unicitylabs/state-transition-sdk/lib/transaction/TransferTransaction";
+import { SigningService as SigningService2 } from "@unicitylabs/state-transition-sdk/lib/sign/SigningService";
 import { AddressScheme } from "@unicitylabs/state-transition-sdk/lib/address/AddressScheme";
-import { UnmaskedPredicate as UnmaskedPredicate5 } from "@unicitylabs/state-transition-sdk/lib/predicate/embedded/UnmaskedPredicate";
-import { TokenState as TokenState5 } from "@unicitylabs/state-transition-sdk/lib/token/TokenState";
+import { UnmaskedPredicate as UnmaskedPredicate4 } from "@unicitylabs/state-transition-sdk/lib/predicate/embedded/UnmaskedPredicate";
+import { TokenState as TokenState4 } from "@unicitylabs/state-transition-sdk/lib/token/TokenState";
 import { HashAlgorithm as HashAlgorithm5 } from "@unicitylabs/state-transition-sdk/lib/hash/HashAlgorithm";
 import { TokenType as TokenType3 } from "@unicitylabs/state-transition-sdk/lib/token/TokenType";
-import { MintCommitment as MintCommitment3 } from "@unicitylabs/state-transition-sdk/lib/transaction/MintCommitment";
-import { MintTransactionData as MintTransactionData3 } from "@unicitylabs/state-transition-sdk/lib/transaction/MintTransactionData";
+import { MintCommitment as MintCommitment2 } from "@unicitylabs/state-transition-sdk/lib/transaction/MintCommitment";
+import { MintTransactionData as MintTransactionData2 } from "@unicitylabs/state-transition-sdk/lib/transaction/MintTransactionData";
 import { waitInclusionProof as waitInclusionProof5 } from "@unicitylabs/state-transition-sdk/lib/util/InclusionProofUtils";
-import { InclusionProof } from "@unicitylabs/state-transition-sdk/lib/transaction/InclusionProof";
+import { InclusionProof as InclusionProof2 } from "@unicitylabs/state-transition-sdk/lib/transaction/InclusionProof";
 function computeHistoryDedupKey(type, tokenId, transferId) {
   if (type === "SENT" && transferId) return `${type}_transfer_${transferId}`;
   if (tokenId) return `${type}_${tokenId}`;
@@ -8813,7 +8755,7 @@ function enrichWithRegistry(info) {
   }
   return info;
 }
-async function parseTokenInfo(tokenData) {
+async function parseTokenInfo(tokenData, engine) {
   const defaultInfo = {
     coinId: "ALPHA",
     symbol: "ALPHA",
@@ -8821,6 +8763,25 @@ async function parseTokenInfo(tokenData) {
     decimals: 0,
     amount: "0"
   };
+  if (engine && typeof tokenData === "string" && looksLikeTokenBlob(tokenData)) {
+    try {
+      const token = await engine.decodeToken(decodeTokenBlob(hexToBytes2(tokenData)));
+      const first = engine.readValue(token)?.assets[0];
+      if (first) {
+        return enrichWithRegistry({
+          coinId: first.coinId,
+          symbol: first.coinId.slice(0, 8),
+          name: `Token ${first.coinId.slice(0, 8)}`,
+          decimals: 0,
+          amount: String(first.amount),
+          tokenId: engine.tokenId(token)
+        });
+      }
+      return { ...defaultInfo, tokenId: engine.tokenId(token) };
+    } catch (error) {
+      logger.warn("Payments", "Failed to parse token info via engine:", error);
+    }
+  }
   try {
     const data = typeof tokenData === "string" ? JSON.parse(tokenData) : tokenData;
     try {
@@ -8959,27 +8920,41 @@ async function parseTokenInfo(tokenData) {
 }
 var sdkDataCache = /* @__PURE__ */ new Map();
 var SDK_DATA_CACHE_MAX = 2e3;
+function looksLikeTokenBlob(sdkData) {
+  return sdkData.length >= 2 && sdkData.length % 2 === 0 && sdkData[0] !== "{" && /^[0-9a-f]+$/i.test(sdkData);
+}
+function tryParseBlobKeys(sdkData) {
+  try {
+    const blob = decodeTokenBlob(hexToBytes2(sdkData));
+    return { tokenId: blob.tokenId, stateHash: sha2562(bytesToHex3(blob.token), "hex") };
+  } catch {
+    return null;
+  }
+}
 function parseSdkDataCached(sdkData) {
   const cached = sdkDataCache.get(sdkData);
   if (cached) return cached;
-  let tokenId = null;
-  let stateHash = "";
-  try {
-    const txf = JSON.parse(sdkData);
-    tokenId = txf.genesis?.data?.tokenId || null;
-    stateHash = getCurrentStateHash(txf) || "";
-    if (!stateHash) {
-      if (txf.state?.hash) {
-        stateHash = txf.state.hash;
-      } else if (txf.stateHash) {
-        stateHash = txf.stateHash;
-      } else if (txf.currentStateHash) {
-        stateHash = txf.currentStateHash;
+  let entry = looksLikeTokenBlob(sdkData) ? tryParseBlobKeys(sdkData) : null;
+  if (!entry) {
+    let tokenId = null;
+    let stateHash = "";
+    try {
+      const txf = JSON.parse(sdkData);
+      tokenId = txf.genesis?.data?.tokenId || null;
+      stateHash = getCurrentStateHash(txf) || "";
+      if (!stateHash) {
+        if (txf.state?.hash) {
+          stateHash = txf.state.hash;
+        } else if (txf.stateHash) {
+          stateHash = txf.stateHash;
+        } else if (txf.currentStateHash) {
+          stateHash = txf.currentStateHash;
+        }
       }
+    } catch {
     }
-  } catch {
+    entry = { tokenId, stateHash };
   }
-  const entry = { tokenId, stateHash };
   if (sdkDataCache.size >= SDK_DATA_CACHE_MAX) {
     sdkDataCache.clear();
   }
@@ -9256,6 +9231,7 @@ var PaymentsModule = class _PaymentsModule {
     );
     this.deps = deps;
     this.priceProvider = deps.price ?? null;
+    this.spendPlanner.setEngine(deps.tokenEngine);
     if (this.l1) {
       this.l1.initialize({
         identity: deps.identity,
@@ -9480,7 +9456,59 @@ var PaymentsModule = class _PaymentsModule {
         request.invoiceRefundAddress,
         request.invoiceContact
       );
-      if (transferMode === "conservative") {
+      if (this.deps?.tokenEngine && peerInfo?.chainPubkey) {
+        const engine = this.deps.tokenEngine;
+        const recipientChainPubkey = hexToBytes2(peerInfo.chainPubkey);
+        const memoData = onChainMessage ?? void 0;
+        const handToRecipient = async (finished) => {
+          const tokenBlob = bytesToHex3(encodeTokenBlob(engine.encodeToken(finished)));
+          await this.deps.transport.sendTokenTransfer(recipientPubkey, {
+            type: "V2_TRANSFER",
+            version: "2.0",
+            tokenBlob,
+            memo: request.memo
+          });
+        };
+        for (const tw of splitPlan.tokensToTransferDirectly) {
+          const finished = await engine.transfer({
+            token: tw.sdkToken,
+            recipientPubkey: recipientChainPubkey,
+            data: memoData
+          });
+          await handToRecipient(finished);
+          result.tokenTransfers.push({ sourceTokenId: tw.uiToken.id, method: "direct" });
+          await this.removeToken(tw.uiToken.id, result.id);
+        }
+        if (splitPlan.requiresSplit && splitPlan.tokenToSplit) {
+          const selfChainPubkey = hexToBytes2(this.deps.identity.chainPubkey);
+          const { outputs } = await engine.split({
+            token: splitPlan.tokenToSplit.sdkToken,
+            outputs: [
+              { recipientPubkey: recipientChainPubkey, coinId: request.coinId, amount: splitPlan.splitAmount, data: memoData },
+              { recipientPubkey: selfChainPubkey, coinId: request.coinId, amount: splitPlan.remainderAmount }
+            ]
+          });
+          await handToRecipient(outputs[0]);
+          const changeToken = outputs[1];
+          const changeBlob = bytesToHex3(encodeTokenBlob(engine.encodeToken(changeToken)));
+          const changeInfo = await parseTokenInfo(changeBlob, engine);
+          const registry = TokenRegistry.getInstance();
+          await this.addToken({
+            id: `v2_${engine.tokenId(changeToken)}`,
+            coinId: changeInfo.coinId,
+            symbol: registry.getSymbol(changeInfo.coinId) || changeInfo.symbol,
+            name: registry.getName(changeInfo.coinId) || changeInfo.name,
+            decimals: registry.getDecimals(changeInfo.coinId) ?? changeInfo.decimals,
+            amount: changeInfo.amount,
+            status: "confirmed",
+            createdAt: Date.now(),
+            updatedAt: Date.now(),
+            sdkData: changeBlob
+          });
+          result.tokenTransfers.push({ sourceTokenId: splitPlan.tokenToSplit.uiToken.id, method: "split" });
+          await this.removeToken(splitPlan.tokenToSplit.uiToken.id, result.id);
+        }
+      } else if (transferMode === "conservative") {
         if (splitPlan.requiresSplit && splitPlan.tokenToSplit) {
           logger.debug("Payments", "Executing conservative split...");
           const splitExecutor = new TokenSplitExecutor({
@@ -10076,7 +10104,7 @@ var PaymentsModule = class _PaymentsModule {
    *   because bundle-level dedup protects against replays, and split children share genesis IDs.
    */
   async saveCommitmentOnlyToken(sourceTokenInput, commitmentInput, senderPubkey, deferPersistence = false, skipGenesisDedup = false) {
-    const tokenInfo = await parseTokenInfo(sourceTokenInput);
+    const tokenInfo = await parseTokenInfo(sourceTokenInput, this.deps?.tokenEngine);
     const sdkData = typeof sourceTokenInput === "string" ? sourceTokenInput : JSON.stringify(sourceTokenInput);
     const nostrTokenId = extractTokenIdFromSdkData(sdkData);
     const nostrStateHash = extractStateHashFromSdkData(sdkData);
@@ -11168,8 +11196,8 @@ var PaymentsModule = class _PaymentsModule {
       if (pending2.stage === "RECEIVED") {
         logger.debug("Payments", `[V5-RESOLVE] ${tokenId.slice(0, 12)}: RECEIVED \u2192 submitting mint commitment...`);
         const mintDataJson = JSON.parse(bundle.recipientMintData);
-        const mintData = await MintTransactionData3.fromJSON(mintDataJson);
-        const mintCommitment = await MintCommitment3.create(mintData);
+        const mintData = await MintTransactionData2.fromJSON(mintDataJson);
+        const mintCommitment = await MintCommitment2.create(mintData);
         const mintResponse = await stClient.submitMintCommitment(mintCommitment);
         logger.debug("Payments", `[V5-RESOLVE] ${tokenId.slice(0, 12)}: mint response status=${mintResponse.status}`);
         if (mintResponse.status !== "SUCCESS" && mintResponse.status !== "REQUEST_ID_EXISTS") {
@@ -11181,8 +11209,8 @@ var PaymentsModule = class _PaymentsModule {
       if (pending2.stage === "MINT_SUBMITTED") {
         logger.debug("Payments", `[V5-RESOLVE] ${tokenId.slice(0, 12)}: MINT_SUBMITTED \u2192 checking mint proof...`);
         const mintDataJson = JSON.parse(bundle.recipientMintData);
-        const mintData = await MintTransactionData3.fromJSON(mintDataJson);
-        const mintCommitment = await MintCommitment3.create(mintData);
+        const mintData = await MintTransactionData2.fromJSON(mintDataJson);
+        const mintCommitment = await MintCommitment2.create(mintData);
         const proof = await this.quickProofCheck(stClient, trustBase, mintCommitment);
         if (!proof) {
           logger.debug("Payments", `[V5-RESOLVE] ${tokenId.slice(0, 12)}: mint proof not yet available, staying MINT_SUBMITTED`);
@@ -11279,10 +11307,10 @@ var PaymentsModule = class _PaymentsModule {
    */
   async finalizeFromV5Bundle(bundle, pending2, signingService, stClient, trustBase) {
     const mintDataJson = JSON.parse(bundle.recipientMintData);
-    const mintData = await MintTransactionData3.fromJSON(mintDataJson);
-    const mintCommitment = await MintCommitment3.create(mintData);
+    const mintData = await MintTransactionData2.fromJSON(mintDataJson);
+    const mintCommitment = await MintCommitment2.create(mintData);
     const mintProofJson = JSON.parse(pending2.mintProofJson);
-    const mintProof = InclusionProof.fromJSON(mintProofJson);
+    const mintProof = InclusionProof2.fromJSON(mintProofJson);
     const mintTransaction = mintCommitment.toTransaction(mintProof);
     const tokenType = new TokenType3(fromHex4(bundle.tokenTypeHex));
     const senderMintedStateJson = JSON.parse(bundle.mintedTokenStateJson);
@@ -11299,14 +11327,14 @@ var PaymentsModule = class _PaymentsModule {
     const transferProof = await waitInclusionProof5(trustBase, stClient, transferCommitment);
     const transferTransaction = transferCommitment.toTransaction(transferProof);
     const transferSalt = fromHex4(bundle.transferSaltHex);
-    const recipientPredicate = await UnmaskedPredicate5.create(
+    const recipientPredicate = await UnmaskedPredicate4.create(
       mintData.tokenId,
       tokenType,
       signingService,
       HashAlgorithm5.SHA256,
       transferSalt
     );
-    const recipientState = new TokenState5(recipientPredicate, null);
+    const recipientState = new TokenState4(recipientPredicate, null);
     let nametagTokens = [];
     const recipientAddressStr = bundle.recipientAddressJson;
     if (recipientAddressStr.startsWith("PROXY://")) {
@@ -12043,68 +12071,6 @@ var PaymentsModule = class _PaymentsModule {
       }
     }
   }
-  /**
-   * Mint a nametag token on-chain (like Sphere wallet and lottery)
-   * This creates the nametag token required for receiving tokens via PROXY addresses
-   *
-   * @param nametag - The nametag to mint (e.g., "alice" or "@alice")
-   * @returns MintNametagResult with success status and token if successful
-   */
-  async mintNametag(nametag) {
-    this.ensureInitialized();
-    const stClient = this.deps.oracle.getStateTransitionClient?.();
-    if (!stClient) {
-      return {
-        success: false,
-        error: "State transition client not available. Oracle provider must implement getStateTransitionClient()"
-      };
-    }
-    const trustBase = this.deps.oracle.getTrustBase?.();
-    if (!trustBase) {
-      return {
-        success: false,
-        error: "Trust base not available. Oracle provider must implement getTrustBase()"
-      };
-    }
-    try {
-      const signingService = await this.createSigningService();
-      const { UnmaskedPredicateReference: UnmaskedPredicateReference4 } = await import("@unicitylabs/state-transition-sdk/lib/predicate/embedded/UnmaskedPredicateReference");
-      const { TokenType: TokenType6 } = await import("@unicitylabs/state-transition-sdk/lib/token/TokenType");
-      const UNICITY_TOKEN_TYPE_HEX3 = "f8aa13834268d29355ff12183066f0cb902003629bbc5eb9ef0efbe397867509";
-      const tokenType = new TokenType6(Buffer.from(UNICITY_TOKEN_TYPE_HEX3, "hex"));
-      const addressRef = await UnmaskedPredicateReference4.create(
-        tokenType,
-        signingService.algorithm,
-        signingService.publicKey,
-        HashAlgorithm5.SHA256
-      );
-      const ownerAddress = await addressRef.toAddress();
-      const minter = new NametagMinter({
-        stateTransitionClient: stClient,
-        trustBase,
-        signingService,
-        debug: this.moduleConfig.debug
-      });
-      const result = await minter.mintNametag(nametag, ownerAddress);
-      if (result.success && result.nametagData) {
-        await this.setNametag(result.nametagData);
-        logger.debug("Payments", `Unicity ID minted and saved: ${result.nametagData.name}`);
-        this.deps.emitEvent("nametag:registered", {
-          nametag: result.nametagData.name,
-          addressIndex: 0
-          // Primary address
-        });
-      }
-      return result;
-    } catch (error) {
-      const errorMsg = error instanceof Error ? error.message : String(error);
-      logger.debug("Payments", "mintNametag failed:", errorMsg);
-      return {
-        success: false,
-        error: errorMsg
-      };
-    }
-  }
   /**
    * Mint a fungible token directly to this wallet (genesis mint).
    *
@@ -12145,18 +12111,18 @@ var PaymentsModule = class _PaymentsModule {
     }
     try {
       const signingService = await this.createSigningService();
-      const { TokenId: TokenId5 } = await import("@unicitylabs/state-transition-sdk/lib/token/TokenId");
+      const { TokenId: TokenId4 } = await import("@unicitylabs/state-transition-sdk/lib/token/TokenId");
       const { TokenCoinData: TokenCoinData3 } = await import("@unicitylabs/state-transition-sdk/lib/token/fungible/TokenCoinData");
-      const { UnmaskedPredicateReference: UnmaskedPredicateReference4 } = await import("@unicitylabs/state-transition-sdk/lib/predicate/embedded/UnmaskedPredicateReference");
+      const { UnmaskedPredicateReference: UnmaskedPredicateReference3 } = await import("@unicitylabs/state-transition-sdk/lib/predicate/embedded/UnmaskedPredicateReference");
       const tokenTypeBytes = fromHex4("f8aa13834268d29355ff12183066f0cb902003629bbc5eb9ef0efbe397867509");
       const tokenType = new TokenType3(tokenTypeBytes);
       const tokenIdBytes = new Uint8Array(32);
       crypto.getRandomValues(tokenIdBytes);
-      const tokenId = new TokenId5(tokenIdBytes);
+      const tokenId = new TokenId4(tokenIdBytes);
       const coinIdBytes = fromHex4(coinIdHex);
       const coinId = new CoinId4(coinIdBytes);
       const coinData = TokenCoinData3.create([[coinId, amount]]);
-      const addressRef = await UnmaskedPredicateReference4.create(
+      const addressRef = await UnmaskedPredicateReference3.create(
         tokenType,
         signingService.algorithm,
         signingService.publicKey,
@@ -12165,7 +12131,7 @@ var PaymentsModule = class _PaymentsModule {
       const ownerAddress = await addressRef.toAddress();
       const salt = new Uint8Array(32);
       crypto.getRandomValues(salt);
-      const mintData = await MintTransactionData3.create(
+      const mintData = await MintTransactionData2.create(
         tokenId,
         tokenType,
         null,
@@ -12180,7 +12146,7 @@ var PaymentsModule = class _PaymentsModule {
         null
         // reason: null (genesis, no burn predecessor)
       );
-      const commitment = await MintCommitment3.create(mintData);
+      const commitment = await MintCommitment2.create(mintData);
       const MAX_RETRIES = 3;
       let lastStatus;
       for (let attempt = 1; attempt <= MAX_RETRIES; attempt++) {
@@ -12197,14 +12163,14 @@ var PaymentsModule = class _PaymentsModule {
       }
       const inclusionProof = await waitInclusionProof5(trustBase, stClient, commitment);
       const genesisTransaction = commitment.toTransaction(inclusionProof);
-      const predicate = await UnmaskedPredicate5.create(
+      const predicate = await UnmaskedPredicate4.create(
         tokenId,
         tokenType,
         signingService,
         HashAlgorithm5.SHA256,
         salt
       );
-      const tokenState = new TokenState5(predicate, null);
+      const tokenState = new TokenState4(predicate, null);
       const sdkToken = await SdkToken2.mint(trustBase, tokenState, genesisTransaction);
       const tokenIdHex = tokenId.toJSON();
       const symbol = this.getCoinSymbol(coinIdHex);
@@ -12231,29 +12197,6 @@ var PaymentsModule = class _PaymentsModule {
       return { success: false, error: `Local mint failed: ${msg}` };
     }
   }
-  /**
-   * Check if a nametag is available for minting
-   * @param nametag - The nametag to check (e.g., "alice" or "@alice")
-   */
-  async isNametagAvailable(nametag) {
-    this.ensureInitialized();
-    const stClient = this.deps.oracle.getStateTransitionClient?.();
-    const trustBase = this.deps.oracle.getTrustBase?.();
-    if (!stClient || !trustBase) {
-      return false;
-    }
-    try {
-      const signingService = await this.createSigningService();
-      const minter = new NametagMinter({
-        stateTransitionClient: stClient,
-        trustBase,
-        signingService
-      });
-      return await minter.isNametagAvailable(nametag);
-    } catch {
-      return false;
-    }
-  }
   // ===========================================================================
   // Public API - Sync & Validate
   // ===========================================================================
@@ -12569,7 +12512,7 @@ var PaymentsModule = class _PaymentsModule {
     const privateKeyBytes = new Uint8Array(
       privateKeyHex.match(/.{1,2}/g).map((byte) => parseInt(byte, 16))
     );
-    return SigningService.createFromSecret(privateKeyBytes);
+    return SigningService2.createFromSecret(privateKeyBytes);
   }
   /**
    * Get the wallet's signing public key (used for token ownership predicates).
@@ -12584,14 +12527,14 @@ var PaymentsModule = class _PaymentsModule {
    * Create DirectAddress from a public key using UnmaskedPredicateReference
    */
   async createDirectAddressFromPubkey(pubkeyHex) {
-    const { UnmaskedPredicateReference: UnmaskedPredicateReference4 } = await import("@unicitylabs/state-transition-sdk/lib/predicate/embedded/UnmaskedPredicateReference");
-    const { TokenType: TokenType6 } = await import("@unicitylabs/state-transition-sdk/lib/token/TokenType");
-    const UNICITY_TOKEN_TYPE_HEX3 = "f8aa13834268d29355ff12183066f0cb902003629bbc5eb9ef0efbe397867509";
-    const tokenType = new TokenType6(Buffer.from(UNICITY_TOKEN_TYPE_HEX3, "hex"));
+    const { UnmaskedPredicateReference: UnmaskedPredicateReference3 } = await import("@unicitylabs/state-transition-sdk/lib/predicate/embedded/UnmaskedPredicateReference");
+    const { TokenType: TokenType4 } = await import("@unicitylabs/state-transition-sdk/lib/token/TokenType");
+    const UNICITY_TOKEN_TYPE_HEX2 = "f8aa13834268d29355ff12183066f0cb902003629bbc5eb9ef0efbe397867509";
+    const tokenType = new TokenType4(Buffer.from(UNICITY_TOKEN_TYPE_HEX2, "hex"));
     const pubkeyBytes = new Uint8Array(
       pubkeyHex.match(/.{1,2}/g).map((byte) => parseInt(byte, 16))
     );
-    const addressRef = await UnmaskedPredicateReference4.create(
+    const addressRef = await UnmaskedPredicateReference3.create(
       tokenType,
       "secp256k1",
       pubkeyBytes,
@@ -12603,10 +12546,9 @@ var PaymentsModule = class _PaymentsModule {
    * Resolve recipient to IAddress for L3 transfers.
    * Uses pre-resolved PeerInfo when available to avoid redundant network queries.
    */
-  async resolveRecipientAddress(recipient, addressMode = "auto", peerInfo) {
+  async resolveRecipientAddress(recipient, _addressMode = "auto", peerInfo) {
     const { AddressFactory } = await import("@unicitylabs/state-transition-sdk/lib/address/AddressFactory");
-    const { ProxyAddress } = await import("@unicitylabs/state-transition-sdk/lib/address/ProxyAddress");
-    if (recipient.startsWith("PROXY:") || recipient.startsWith("DIRECT:")) {
+    if (recipient.startsWith("DIRECT:")) {
       return AddressFactory.createAddress(recipient);
     }
     if (recipient.length === 66 && /^[0-9a-fA-F]+$/.test(recipient)) {
@@ -12616,28 +12558,19 @@ var PaymentsModule = class _PaymentsModule {
     const info = peerInfo ?? await this.deps?.transport.resolve?.(recipient) ?? null;
     if (!info) {
       throw new SphereError(
-        `Recipient "${recipient}" not found. Use @nametag, a valid PROXY:/DIRECT: address, or a 33-byte hex pubkey.`,
+        `Recipient "${recipient}" not found. Use @nametag, a DIRECT: address, or a 33-byte hex pubkey.`,
         "INVALID_RECIPIENT"
       );
     }
     const nametag = recipient.startsWith("@") ? recipient.slice(1) : info.nametag || recipient;
-    if (addressMode === "proxy") {
-      logger.debug("Payments", `Using PROXY address for "${nametag}" (forced)`);
-      return ProxyAddress.fromNameTag(nametag);
-    }
-    if (addressMode === "direct") {
-      if (!info.directAddress) {
-        throw new SphereError(`"${nametag}" has no DirectAddress stored. It may be a legacy registration.`, "INVALID_RECIPIENT");
-      }
-      logger.debug("Payments", `Using DirectAddress for "${nametag}" (forced): ${info.directAddress.slice(0, 30)}...`);
-      return AddressFactory.createAddress(info.directAddress);
-    }
-    if (info.directAddress) {
-      logger.debug("Payments", `Using DirectAddress for "${nametag}": ${info.directAddress.slice(0, 30)}...`);
-      return AddressFactory.createAddress(info.directAddress);
+    if (!info.directAddress) {
+      throw new SphereError(
+        `"${nametag}" has no DirectAddress \u2014 the recipient must publish a key-based identity binding.`,
+        "INVALID_RECIPIENT"
+      );
     }
-    logger.debug("Payments", `Using PROXY address for legacy nametag "${nametag}"`);
-    return ProxyAddress.fromNameTag(nametag);
+    logger.debug("Payments", `Using DirectAddress for "${nametag}": ${info.directAddress.slice(0, 30)}...`);
+    return AddressFactory.createAddress(info.directAddress);
   }
   /**
    * Handle NOSTR-FIRST commitment-only transfer (recipient side)
@@ -12692,14 +12625,14 @@ var PaymentsModule = class _PaymentsModule {
     const addressScheme = recipientAddress.scheme;
     const signingService = await this.createSigningService();
     const transferSalt = transferTx.data.salt;
-    const recipientPredicate = await UnmaskedPredicate5.create(
+    const recipientPredicate = await UnmaskedPredicate4.create(
       sourceToken.id,
       sourceToken.type,
       signingService,
       HashAlgorithm5.SHA256,
       transferSalt
     );
-    const recipientState = new TokenState5(recipientPredicate, null);
+    const recipientState = new TokenState4(recipientPredicate, null);
     let nametagTokens = [];
     if (addressScheme === AddressScheme.PROXY) {
       const { ProxyAddress } = await import("@unicitylabs/state-transition-sdk/lib/address/ProxyAddress");
@@ -12796,6 +12729,67 @@ var PaymentsModule = class _PaymentsModule {
       }
     }
   }
+  /**
+   * v2 engine transfer (sender-driven): the sender handed us a FINISHED token.
+   * Decode the blob, dedup by the genesis-stable token id, store it as a
+   * confirmed token, and emit/record the receipt. No commitment / inclusion-proof
+   * / finalization round-trip (contrast the v1 sourceToken+transferTx path).
+   */
+  async handleV2Transfer(payload, senderPubkey) {
+    this.ensureInitialized();
+    if (!this.loaded && this.loadedPromise) {
+      await this.loadedPromise;
+    }
+    const engine = this.deps.tokenEngine;
+    if (!engine) return;
+    let token;
+    try {
+      token = await engine.decodeToken(decodeTokenBlob(hexToBytes2(payload.tokenBlob)));
+    } catch (err) {
+      logger.error("Payments", "V2 transfer: failed to decode token blob:", err);
+      return;
+    }
+    const id = `v2_${engine.tokenId(token)}`;
+    if (this.tokens.has(id)) {
+      logger.debug("Payments", `V2 transfer ${id.slice(0, 16)}... already present, skipping`);
+      return;
+    }
+    const info = await parseTokenInfo(payload.tokenBlob, engine);
+    const registry = TokenRegistry.getInstance();
+    const uiToken = {
+      id,
+      coinId: info.coinId,
+      symbol: registry.getSymbol(info.coinId) || info.symbol,
+      name: registry.getName(info.coinId) || info.name,
+      decimals: registry.getDecimals(info.coinId) ?? info.decimals,
+      amount: info.amount,
+      status: "confirmed",
+      createdAt: Date.now(),
+      updatedAt: Date.now(),
+      sdkData: payload.tokenBlob
+    };
+    await this.addToken(uiToken);
+    const senderInfo = await this.resolveSenderInfo(senderPubkey);
+    this.deps.emitEvent("transfer:incoming", {
+      id,
+      senderPubkey,
+      senderNametag: senderInfo.senderNametag,
+      tokens: [uiToken],
+      memo: payload.memo,
+      receivedAt: Date.now()
+    });
+    await this.addToHistory({
+      type: "RECEIVED",
+      amount: info.amount,
+      coinId: info.coinId,
+      symbol: uiToken.symbol,
+      timestamp: Date.now(),
+      senderPubkey,
+      ...senderInfo,
+      memo: payload.memo,
+      tokenId: id
+    });
+  }
   async handleIncomingTransfer(transfer) {
     if (!this.loaded && this.loadedPromise) {
       await this.loadedPromise;
@@ -12803,6 +12797,10 @@ var PaymentsModule = class _PaymentsModule {
     try {
       const payload = transfer.payload;
       logger.debug("Payments", "handleIncomingTransfer: keys=", Object.keys(payload).join(","));
+      if (this.deps.tokenEngine && isV2TransferPayload(transfer.payload)) {
+        await this.handleV2Transfer(transfer.payload, transfer.senderTransportPubkey);
+        return;
+      }
       let combinedBundle = null;
       if (isCombinedTransferBundleV6(payload)) {
         combinedBundle = payload;
@@ -12884,7 +12882,7 @@ var PaymentsModule = class _PaymentsModule {
           const hasTransactionData = transferTxInput.transactionData !== void 0;
           const hasAuthenticator = transferTxInput.authenticator !== void 0;
           if (hasData && hasInclusionProof) {
-            transferTx = await TransferTransaction2.fromJSON(transferTxInput);
+            transferTx = await TransferTransaction3.fromJSON(transferTxInput);
           } else if (hasTransactionData && hasAuthenticator) {
             const commitment = await TransferCommitment4.fromJSON(transferTxInput);
             const stClient = this.deps.oracle.getStateTransitionClient?.();
@@ -12905,7 +12903,7 @@ var PaymentsModule = class _PaymentsModule {
             transferTx = commitment.toTransaction(inclusionProof);
           } else {
             try {
-              transferTx = await TransferTransaction2.fromJSON(transferTxInput);
+              transferTx = await TransferTransaction3.fromJSON(transferTxInput);
             } catch {
               const commitment = await TransferCommitment4.fromJSON(transferTxInput);
               const stClient = this.deps.oracle.getStateTransitionClient?.();
@@ -12947,7 +12945,7 @@ var PaymentsModule = class _PaymentsModule {
         logger.warn("Payments", "Received invalid token");
         return;
       }
-      const tokenInfo = await parseTokenInfo(tokenData);
+      const tokenInfo = await parseTokenInfo(tokenData, this.deps?.tokenEngine);
       const token = {
         id: tokenInfo.tokenId ?? crypto.randomUUID(),
         coinId: tokenInfo.coinId,
@@ -13253,24 +13251,6 @@ function createPaymentsModule(config) {
   return new PaymentsModule(config);
 }
 
-// modules/payments/TokenSplitCalculator.ts
-init_logger();
-import { Token as SdkToken3 } from "@unicitylabs/state-transition-sdk/lib/token/Token";
-import { CoinId as CoinId5 } from "@unicitylabs/state-transition-sdk/lib/token/fungible/CoinId";
-
-// modules/payments/BackgroundCommitmentService.ts
-init_logger();
-init_errors();
-
-// modules/payments/TokenRecoveryService.ts
-init_logger();
-import { TokenId as TokenId4 } from "@unicitylabs/state-transition-sdk/lib/token/TokenId";
-import { TokenState as TokenState6 } from "@unicitylabs/state-transition-sdk/lib/token/TokenState";
-import { TokenType as TokenType4 } from "@unicitylabs/state-transition-sdk/lib/token/TokenType";
-import { CoinId as CoinId6 } from "@unicitylabs/state-transition-sdk/lib/token/fungible/CoinId";
-import { HashAlgorithm as HashAlgorithm6 } from "@unicitylabs/state-transition-sdk/lib/hash/HashAlgorithm";
-import { UnmaskedPredicate as UnmaskedPredicate6 } from "@unicitylabs/state-transition-sdk/lib/predicate/embedded/UnmaskedPredicate";
-
 // modules/communications/CommunicationsModule.ts
 init_logger();
 init_errors();
@@ -16912,7 +16892,7 @@ function ecdsa(Point, hash, ecdsaOpts = {}) {
     const sizer = format === "compact" ? size : format === "recovered" ? size + 1 : void 0;
     return abytes(bytes, sizer);
   }
-  class Signature {
+  class Signature2 {
     r;
     s;
     recovery;
@@ -16932,7 +16912,7 @@ function ecdsa(Point, hash, ecdsaOpts = {}) {
       let recid;
       if (format === "der") {
         const { r: r2, s: s2 } = DER.toSig(abytes(bytes));
-        return new Signature(r2, s2);
+        return new Signature2(r2, s2);
       }
       if (format === "recovered") {
         recid = bytes[0];
@@ -16942,7 +16922,7 @@ function ecdsa(Point, hash, ecdsaOpts = {}) {
       const L = lengths.signature / 2;
       const r = bytes.subarray(0, L);
       const s = bytes.subarray(L, L * 2);
-      return new Signature(Fn.fromBytes(r), Fn.fromBytes(s), recid);
+      return new Signature2(Fn.fromBytes(r), Fn.fromBytes(s), recid);
     }
     static fromHex(hex, format) {
       return this.fromBytes(hexToBytes(hex), format);
@@ -16954,7 +16934,7 @@ function ecdsa(Point, hash, ecdsaOpts = {}) {
       return recovery;
     }
     addRecoveryBit(recovery) {
-      return new Signature(this.r, this.s, recovery);
+      return new Signature2(this.r, this.s, recovery);
     }
     recoverPublicKey(messageHash) {
       const { r, s } = this;
@@ -17046,7 +17026,7 @@ function ecdsa(Point, hash, ecdsaOpts = {}) {
         normS = Fn.neg(s);
         recovery ^= 1;
       }
-      return new Signature(r, normS, hasLargeCofactor ? void 0 : recovery);
+      return new Signature2(r, normS, hasLargeCofactor ? void 0 : recovery);
     }
     return { seed, k2sig };
   }
@@ -17061,12 +17041,12 @@ function ecdsa(Point, hash, ecdsaOpts = {}) {
     publicKey = abytes(publicKey, void 0, "publicKey");
     message = validateMsgAndHash(message, prehash);
     if (!isBytes(signature)) {
-      const end = signature instanceof Signature ? ", use sig.toBytes()" : "";
+      const end = signature instanceof Signature2 ? ", use sig.toBytes()" : "";
       throw new Error("verify expects Uint8Array signature" + end);
     }
     validateSigLength(signature, format);
     try {
-      const sig = Signature.fromBytes(signature, format);
+      const sig = Signature2.fromBytes(signature, format);
       const P = Point.fromBytes(publicKey);
       if (lowS && sig.hasHighS())
         return false;
@@ -17087,7 +17067,7 @@ function ecdsa(Point, hash, ecdsaOpts = {}) {
   function recoverPublicKey(signature, message, opts = {}) {
     const { prehash } = validateSigOpts(opts, defaultSigOpts);
     message = validateMsgAndHash(message, prehash);
-    return Signature.fromBytes(signature, "recovered").recoverPublicKey(message).toBytes();
+    return Signature2.fromBytes(signature, "recovered").recoverPublicKey(message).toBytes();
   }
   return Object.freeze({
     keygen,
@@ -17099,7 +17079,7 @@ function ecdsa(Point, hash, ecdsaOpts = {}) {
     sign,
     verify,
     recoverPublicKey,
-    Signature,
+    Signature: Signature2,
     hash
   });
 }
@@ -18371,7 +18351,7 @@ function freezeCoinAsset(coinAsset, state, latestSender) {
 }
 
 // modules/accounting/AccountingModule.ts
-import { Token as SdkToken4 } from "@unicitylabs/state-transition-sdk/lib/token/Token.js";
+import { Token as SdkToken3 } from "@unicitylabs/state-transition-sdk/lib/token/Token.js";
 var LOG_TAG2 = "Accounting";
 var INV_LEDGER_PREFIX = "inv_ledger:";
 var AccountingModule = class _AccountingModule {
@@ -19024,129 +19004,146 @@ var AccountingModule = class _AccountingModule {
       );
     }
     try {
-      const { TokenId: TokenId5 } = await import("@unicitylabs/state-transition-sdk/lib/token/TokenId.js");
-      const { TokenType: TokenType6 } = await import("@unicitylabs/state-transition-sdk/lib/token/TokenType.js");
-      const { MintTransactionData: MintTransactionData4 } = await import("@unicitylabs/state-transition-sdk/lib/transaction/MintTransactionData.js");
-      const { MintCommitment: MintCommitment4 } = await import("@unicitylabs/state-transition-sdk/lib/transaction/MintCommitment.js");
-      const { SigningService: SigningService3 } = await import("@unicitylabs/state-transition-sdk/lib/sign/SigningService.js");
-      const { HashAlgorithm: HashAlgorithm8 } = await import("@unicitylabs/state-transition-sdk/lib/hash/HashAlgorithm.js");
-      const { DataHasher } = await import("@unicitylabs/state-transition-sdk/lib/hash/DataHasher.js");
-      const { UnmaskedPredicate: UnmaskedPredicate7 } = await import("@unicitylabs/state-transition-sdk/lib/predicate/embedded/UnmaskedPredicate.js");
-      const { UnmaskedPredicateReference: UnmaskedPredicateReference4 } = await import("@unicitylabs/state-transition-sdk/lib/predicate/embedded/UnmaskedPredicateReference.js");
-      const { TokenState: TokenState7 } = await import("@unicitylabs/state-transition-sdk/lib/token/TokenState.js");
-      const { Token: SdkToken5 } = await import("@unicitylabs/state-transition-sdk/lib/token/Token.js");
-      const { waitInclusionProof: waitInclusionProof6 } = await import("@unicitylabs/state-transition-sdk/lib/util/InclusionProofUtils.js");
-      const hash = await new DataHasher(HashAlgorithm8.SHA256).update(invoiceBytesEncoded).digest();
-      const invoiceTokenId = new TokenId5(hash.imprint);
-      const invoiceId = invoiceTokenId.toJSON();
-      if (this.invoiceTermsCache.has(invoiceId)) {
-        throw new SphereError(
-          `Invoice already exists locally: ${invoiceId}`,
-          "INVOICE_ALREADY_EXISTS"
-        );
-      }
-      const invoiceTokenType = new TokenType6(
-        Buffer.from(INVOICE_TOKEN_TYPE_HEX, "hex")
-      );
-      const signingService = await SigningService3.createFromSecret(signingKeyBytes);
-      const addressRef = await UnmaskedPredicateReference4.create(
-        invoiceTokenType,
-        signingService.algorithm,
-        signingService.publicKey,
-        HashAlgorithm8.SHA256
-      );
-      const ownerAddress = await addressRef.toAddress();
-      const mintData = await MintTransactionData4.create(
-        invoiceTokenId,
-        invoiceTokenType,
-        invoiceBytesEncoded,
-        // tokenData: serialized InvoiceTerms (UTF-8 JSON)
-        null,
-        // coinData: null (non-fungible invoice token)
-        ownerAddress,
-        salt,
-        null,
-        // recipientDataHash: null
-        null
-        // reason: null
-      );
-      if (this.config.debug) {
-        logger.debug(LOG_TAG2, `Created MintTransactionData for invoice ${invoiceId}`);
-      }
-      const commitment = await MintCommitment4.create(mintData);
-      if (this.config.debug) {
-        logger.debug(LOG_TAG2, "Created MintCommitment for invoice");
-      }
-      const MAX_RETRIES = 3;
-      let submitSuccess = false;
-      for (let attempt = 1; attempt <= MAX_RETRIES; attempt++) {
-        try {
-          if (this.config.debug) {
-            logger.debug(
-              LOG_TAG2,
-              `Submitting invoice commitment (attempt ${attempt}/${MAX_RETRIES})...`
-            );
-          }
-          const response = await stClient.submitMintCommitment(commitment);
-          if (response.status === "SUCCESS" || response.status === "REQUEST_ID_EXISTS") {
+      let invoiceId;
+      let sdkData;
+      const engine = deps.tokenEngine;
+      if (engine) {
+        const invoiceToken = await engine.mintDataToken({
+          recipientPubkey: hexToBytes(deps.identity.chainPubkey),
+          data: invoiceBytesEncoded,
+          tokenType: hexToBytes(INVOICE_TOKEN_TYPE_HEX),
+          salt
+        });
+        invoiceId = engine.tokenId(invoiceToken);
+        if (this.invoiceTermsCache.has(invoiceId)) {
+          throw new SphereError(`Invoice already exists locally: ${invoiceId}`, "INVOICE_ALREADY_EXISTS");
+        }
+        sdkData = bytesToHex(encodeTokenBlob(engine.encodeToken(invoiceToken)));
+      } else {
+        const { TokenId: TokenId4 } = await import("@unicitylabs/state-transition-sdk/lib/token/TokenId.js");
+        const { TokenType: TokenType4 } = await import("@unicitylabs/state-transition-sdk/lib/token/TokenType.js");
+        const { MintTransactionData: MintTransactionData3 } = await import("@unicitylabs/state-transition-sdk/lib/transaction/MintTransactionData.js");
+        const { MintCommitment: MintCommitment3 } = await import("@unicitylabs/state-transition-sdk/lib/transaction/MintCommitment.js");
+        const { SigningService: SigningService3 } = await import("@unicitylabs/state-transition-sdk/lib/sign/SigningService.js");
+        const { HashAlgorithm: HashAlgorithm6 } = await import("@unicitylabs/state-transition-sdk/lib/hash/HashAlgorithm.js");
+        const { DataHasher: DataHasher2 } = await import("@unicitylabs/state-transition-sdk/lib/hash/DataHasher.js");
+        const { UnmaskedPredicate: UnmaskedPredicate5 } = await import("@unicitylabs/state-transition-sdk/lib/predicate/embedded/UnmaskedPredicate.js");
+        const { UnmaskedPredicateReference: UnmaskedPredicateReference3 } = await import("@unicitylabs/state-transition-sdk/lib/predicate/embedded/UnmaskedPredicateReference.js");
+        const { TokenState: TokenState5 } = await import("@unicitylabs/state-transition-sdk/lib/token/TokenState.js");
+        const { Token: SdkToken4 } = await import("@unicitylabs/state-transition-sdk/lib/token/Token.js");
+        const { waitInclusionProof: waitInclusionProof6 } = await import("@unicitylabs/state-transition-sdk/lib/util/InclusionProofUtils.js");
+        const hash = await new DataHasher2(HashAlgorithm6.SHA256).update(invoiceBytesEncoded).digest();
+        const invoiceTokenId = new TokenId4(hash.imprint);
+        invoiceId = invoiceTokenId.toJSON();
+        if (this.invoiceTermsCache.has(invoiceId)) {
+          throw new SphereError(
+            `Invoice already exists locally: ${invoiceId}`,
+            "INVOICE_ALREADY_EXISTS"
+          );
+        }
+        const invoiceTokenType = new TokenType4(
+          Buffer.from(INVOICE_TOKEN_TYPE_HEX, "hex")
+        );
+        const signingService = await SigningService3.createFromSecret(signingKeyBytes);
+        const addressRef = await UnmaskedPredicateReference3.create(
+          invoiceTokenType,
+          signingService.algorithm,
+          signingService.publicKey,
+          HashAlgorithm6.SHA256
+        );
+        const ownerAddress = await addressRef.toAddress();
+        const mintData = await MintTransactionData3.create(
+          invoiceTokenId,
+          invoiceTokenType,
+          invoiceBytesEncoded,
+          // tokenData: serialized InvoiceTerms (UTF-8 JSON)
+          null,
+          // coinData: null (non-fungible invoice token)
+          ownerAddress,
+          salt,
+          null,
+          // recipientDataHash: null
+          null
+          // reason: null
+        );
+        if (this.config.debug) {
+          logger.debug(LOG_TAG2, `Created MintTransactionData for invoice ${invoiceId}`);
+        }
+        const commitment = await MintCommitment3.create(mintData);
+        if (this.config.debug) {
+          logger.debug(LOG_TAG2, "Created MintCommitment for invoice");
+        }
+        const MAX_RETRIES = 3;
+        let submitSuccess = false;
+        for (let attempt = 1; attempt <= MAX_RETRIES; attempt++) {
+          try {
             if (this.config.debug) {
               logger.debug(
                 LOG_TAG2,
-                response.status === "REQUEST_ID_EXISTS" ? "Invoice commitment already exists (idempotent re-mint)" : "Invoice commitment submitted successfully"
+                `Submitting invoice commitment (attempt ${attempt}/${MAX_RETRIES})...`
               );
             }
-            submitSuccess = true;
-            break;
-          } else {
-            logger.warn(LOG_TAG2, `Invoice commitment submission failed: ${response.status}`);
+            const response = await stClient.submitMintCommitment(commitment);
+            if (response.status === "SUCCESS" || response.status === "REQUEST_ID_EXISTS") {
+              if (this.config.debug) {
+                logger.debug(
+                  LOG_TAG2,
+                  response.status === "REQUEST_ID_EXISTS" ? "Invoice commitment already exists (idempotent re-mint)" : "Invoice commitment submitted successfully"
+                );
+              }
+              submitSuccess = true;
+              break;
+            } else {
+              logger.warn(LOG_TAG2, `Invoice commitment submission failed: ${response.status}`);
+              if (attempt === MAX_RETRIES) {
+                throw new SphereError(
+                  `Failed to mint invoice token: commitment rejected after ${MAX_RETRIES} attempts: ${response.status}`,
+                  "INVOICE_MINT_FAILED"
+                );
+              }
+              await new Promise((r) => setTimeout(r, 1e3 * attempt));
+            }
+          } catch (retryErr) {
+            if (retryErr instanceof SphereError && (retryErr.code === "INVOICE_ORACLE_REQUIRED" || retryErr.code === "INVOICE_INVALID_PROOF" || retryErr.code === "INVOICE_MINT_FAILED" || retryErr.code === "NOT_INITIALIZED" || retryErr.code === "MODULE_DESTROYED")) throw retryErr;
+            logger.warn(LOG_TAG2, `Invoice commitment attempt ${attempt} error:`, retryErr);
             if (attempt === MAX_RETRIES) {
               throw new SphereError(
-                `Failed to mint invoice token: commitment rejected after ${MAX_RETRIES} attempts: ${response.status}`,
-                "INVOICE_MINT_FAILED"
+                `Failed to mint invoice token: ${retryErr instanceof Error ? retryErr.message : String(retryErr)}`,
+                "INVOICE_MINT_FAILED",
+                retryErr
               );
             }
             await new Promise((r) => setTimeout(r, 1e3 * attempt));
           }
-        } catch (retryErr) {
-          if (retryErr instanceof SphereError && (retryErr.code === "INVOICE_ORACLE_REQUIRED" || retryErr.code === "INVOICE_INVALID_PROOF" || retryErr.code === "INVOICE_MINT_FAILED" || retryErr.code === "NOT_INITIALIZED" || retryErr.code === "MODULE_DESTROYED")) throw retryErr;
-          logger.warn(LOG_TAG2, `Invoice commitment attempt ${attempt} error:`, retryErr);
-          if (attempt === MAX_RETRIES) {
-            throw new SphereError(
-              `Failed to mint invoice token: ${retryErr instanceof Error ? retryErr.message : String(retryErr)}`,
-              "INVOICE_MINT_FAILED",
-              retryErr
-            );
-          }
-          await new Promise((r) => setTimeout(r, 1e3 * attempt));
         }
-      }
-      if (!submitSuccess) {
-        throw new SphereError(
-          "Failed to mint invoice token: commitment submission failed after retries",
-          "INVOICE_MINT_FAILED"
+        if (!submitSuccess) {
+          throw new SphereError(
+            "Failed to mint invoice token: commitment submission failed after retries",
+            "INVOICE_MINT_FAILED"
+          );
+        }
+        if (this.config.debug) {
+          logger.debug(LOG_TAG2, "Waiting for invoice inclusion proof...");
+        }
+        const inclusionProof = await waitInclusionProof6(trustBase, stClient, commitment);
+        if (this.config.debug) {
+          logger.debug(LOG_TAG2, "Invoice inclusion proof received");
+        }
+        const genesisTransaction = commitment.toTransaction(inclusionProof);
+        const invoicePredicate = await UnmaskedPredicate5.create(
+          invoiceTokenId,
+          invoiceTokenType,
+          signingService,
+          HashAlgorithm6.SHA256,
+          salt
         );
+        const tokenState = new TokenState5(invoicePredicate, null);
+        const sdkToken = await SdkToken4.mint(trustBase, tokenState, genesisTransaction);
+        if (this.config.debug) {
+          logger.debug(LOG_TAG2, "Invoice token minted successfully");
+        }
+        sdkData = JSON.stringify(sdkToken.toJSON());
       }
-      if (this.config.debug) {
-        logger.debug(LOG_TAG2, "Waiting for invoice inclusion proof...");
-      }
-      const inclusionProof = await waitInclusionProof6(trustBase, stClient, commitment);
-      if (this.config.debug) {
-        logger.debug(LOG_TAG2, "Invoice inclusion proof received");
-      }
-      const genesisTransaction = commitment.toTransaction(inclusionProof);
-      const invoicePredicate = await UnmaskedPredicate7.create(
-        invoiceTokenId,
-        invoiceTokenType,
-        signingService,
-        HashAlgorithm8.SHA256,
-        salt
-      );
-      const tokenState = new TokenState7(invoicePredicate, null);
-      const sdkToken = await SdkToken5.mint(trustBase, tokenState, genesisTransaction);
-      if (this.config.debug) {
-        logger.debug(LOG_TAG2, "Invoice token minted successfully");
-      }
-      const sdkTokenJson = sdkToken.toJSON();
       const uiToken = {
         id: invoiceId,
         coinId: INVOICE_TOKEN_TYPE_HEX,
@@ -19157,7 +19154,7 @@ var AccountingModule = class _AccountingModule {
         status: "confirmed",
         createdAt: terms.createdAt,
         updatedAt: terms.createdAt,
-        sdkData: JSON.stringify(sdkTokenJson)
+        sdkData
       };
       await deps.payments.addToken(uiToken);
       this.invoiceTermsCache.set(invoiceId, this._normalizeInvoiceTerms(terms));
@@ -19168,17 +19165,7 @@ var AccountingModule = class _AccountingModule {
       const allTokens = deps.payments.getTokens();
       let anyScanDirty = false;
       for (const token of allTokens) {
-        if (!token.sdkData) continue;
-        let txf;
-        try {
-          txf = JSON.parse(token.sdkData);
-        } catch {
-          continue;
-        }
-        const txCount = txf.transactions?.length ?? 0;
-        if (txCount === 0) continue;
-        this._processTokenTransactions(token.id, txf, 0);
-        anyScanDirty = true;
+        if (await this._scanTokenForAttribution(token, 0)) anyScanDirty = true;
       }
       const archivedTokensForScan = deps.payments.getArchivedTokens();
       for (const [archivedId, txf] of archivedTokensForScan) {
@@ -19194,7 +19181,7 @@ var AccountingModule = class _AccountingModule {
       if (this.config.debug) {
         logger.debug(LOG_TAG2, `Invoice created and stored: ${invoiceId}`);
       }
-      const txfToken = sdkTokenJson;
+      const txfToken = engine ? sdkData : JSON.parse(sdkData);
       return {
         success: true,
         invoiceId,
@@ -19235,36 +19222,60 @@ var AccountingModule = class _AccountingModule {
     this.ensureNotDestroyed();
     this.ensureInitialized();
     const deps = this.deps;
-    const tokenType = token.genesis?.data?.tokenType;
-    if (tokenType !== INVOICE_TOKEN_TYPE_HEX) {
-      throw new SphereError(
-        `Invoice import failed: token type "${tokenType}" is not the expected invoice type.`,
-        "INVOICE_WRONG_TOKEN_TYPE"
-      );
-    }
-    const tokenData = token.genesis?.data?.tokenData;
-    if (!tokenData || typeof tokenData !== "string") {
-      throw new SphereError(
-        "Invoice import failed: missing or invalid tokenData field.",
-        "INVOICE_INVALID_DATA"
-      );
-    }
-    let jsonString = tokenData;
-    if (!/^\s*[\[{"]/.test(tokenData)) {
+    let terms;
+    let tokenId;
+    let sdkDataForStore;
+    const engine = deps.tokenEngine;
+    const isV2 = !!engine && typeof token === "string";
+    if (isV2) {
+      const sphereToken = await engine.decodeToken(decodeTokenBlob(hexToBytes(token)));
+      const verifyResult = await engine.verify(sphereToken);
+      if (!verifyResult.ok) {
+        throw new SphereError("Invoice import failed: inclusion proof is invalid.", "INVOICE_INVALID_PROOF");
+      }
+      tokenId = engine.tokenId(sphereToken);
+      const data = engine.readTokenData(sphereToken);
+      if (!data) {
+        throw new SphereError("Invoice import failed: missing or invalid tokenData field.", "INVOICE_INVALID_DATA");
+      }
       try {
-        const bytes = hexToBytes(tokenData);
-        jsonString = new TextDecoder().decode(bytes);
+        terms = JSON.parse(new TextDecoder().decode(data));
       } catch {
+        throw new SphereError("Invoice import failed: tokenData is not valid JSON.", "INVOICE_INVALID_DATA");
       }
-    }
-    let terms;
-    try {
-      terms = JSON.parse(jsonString);
-    } catch {
-      throw new SphereError(
-        "Invoice import failed: tokenData is not valid JSON.",
-        "INVOICE_INVALID_DATA"
-      );
+      sdkDataForStore = token;
+    } else {
+      const tokenType = token.genesis?.data?.tokenType;
+      if (tokenType !== INVOICE_TOKEN_TYPE_HEX) {
+        throw new SphereError(
+          `Invoice import failed: token type "${tokenType}" is not the expected invoice type.`,
+          "INVOICE_WRONG_TOKEN_TYPE"
+        );
+      }
+      const tokenData = token.genesis?.data?.tokenData;
+      if (!tokenData || typeof tokenData !== "string") {
+        throw new SphereError(
+          "Invoice import failed: missing or invalid tokenData field.",
+          "INVOICE_INVALID_DATA"
+        );
+      }
+      let jsonString = tokenData;
+      if (!/^\s*[[{"]/.test(tokenData)) {
+        try {
+          const bytes = hexToBytes(tokenData);
+          jsonString = new TextDecoder().decode(bytes);
+        } catch {
+        }
+      }
+      try {
+        terms = JSON.parse(jsonString);
+      } catch {
+        throw new SphereError(
+          "Invoice import failed: tokenData is not valid JSON.",
+          "INVOICE_INVALID_DATA"
+        );
+      }
+      sdkDataForStore = JSON.stringify(token);
     }
     if (!terms || typeof terms !== "object") {
       throw new SphereError(
@@ -19351,7 +19362,7 @@ var AccountingModule = class _AccountingModule {
         }
       }
     }
-    const tokenId = token.genesis?.data?.tokenId;
+    if (!isV2) tokenId = token.genesis?.data?.tokenId;
     if (!tokenId || typeof tokenId !== "string") {
       throw new SphereError(
         "Invoice import failed: missing tokenId in genesis data.",
@@ -19364,13 +19375,13 @@ var AccountingModule = class _AccountingModule {
         "INVOICE_ALREADY_EXISTS"
       );
     }
-    {
-      const { DataHasher } = await import("@unicitylabs/state-transition-sdk/lib/hash/DataHasher.js");
-      const { HashAlgorithm: HashAlgorithm8 } = await import("@unicitylabs/state-transition-sdk/lib/hash/HashAlgorithm.js");
-      const { TokenId: TokenId5 } = await import("@unicitylabs/state-transition-sdk/lib/token/TokenId.js");
+    if (!isV2) {
+      const { DataHasher: DataHasher2 } = await import("@unicitylabs/state-transition-sdk/lib/hash/DataHasher.js");
+      const { HashAlgorithm: HashAlgorithm6 } = await import("@unicitylabs/state-transition-sdk/lib/hash/HashAlgorithm.js");
+      const { TokenId: TokenId4 } = await import("@unicitylabs/state-transition-sdk/lib/token/TokenId.js");
       const reSerializedBytes = new TextEncoder().encode(canonicalSerialize(terms));
-      const hash = await new DataHasher(HashAlgorithm8.SHA256).update(reSerializedBytes).digest();
-      const reTokenId = new TokenId5(hash.imprint).toJSON();
+      const hash = await new DataHasher2(HashAlgorithm6.SHA256).update(reSerializedBytes).digest();
+      const reTokenId = new TokenId4(hash.imprint).toJSON();
       if (reTokenId !== tokenId) {
         throw new SphereError(
           "Invoice import failed: parsed terms do not match on-chain token ID (canonical hash mismatch).",
@@ -19378,35 +19389,37 @@ var AccountingModule = class _AccountingModule {
         );
       }
     }
-    if (!deps.trustBase || deps.trustBase instanceof Uint8Array && deps.trustBase.length === 0) {
-      throw new SphereError(
-        "Trust base unavailable \u2014 cannot verify invoice proof. Ensure oracle supports getTrustBase().",
-        "INVOICE_INVALID_PROOF"
-      );
-    }
-    try {
-      const sdkToken = await SdkToken4.fromJSON(token);
-      const verifyResult = await sdkToken.verify(deps.trustBase);
-      const verifyOk = verifyResult.isSuccessful === true;
-      if (!verifyOk) {
+    if (!isV2) {
+      if (!deps.trustBase || deps.trustBase instanceof Uint8Array && deps.trustBase.length === 0) {
         throw new SphereError(
-          "Invoice import failed: inclusion proof is invalid.",
+          "Trust base unavailable \u2014 cannot verify invoice proof. Ensure oracle supports getTrustBase().",
           "INVOICE_INVALID_PROOF"
         );
       }
-      const canonicalTokenId = sdkToken.id?.toJSON?.() ?? null;
-      if (!canonicalTokenId || canonicalTokenId !== tokenId) {
+      try {
+        const sdkToken = await SdkToken3.fromJSON(token);
+        const verifyResult = await sdkToken.verify(deps.trustBase);
+        const verifyOk = verifyResult.isSuccessful === true;
+        if (!verifyOk) {
+          throw new SphereError(
+            "Invoice import failed: inclusion proof is invalid.",
+            "INVOICE_INVALID_PROOF"
+          );
+        }
+        const canonicalTokenId = sdkToken.id?.toJSON?.() ?? null;
+        if (!canonicalTokenId || canonicalTokenId !== tokenId) {
+          throw new SphereError(
+            `Invoice import failed: tokenId mismatch or unverifiable \u2014 JSON claims ${tokenId}, cryptographic identity is ${canonicalTokenId ?? "unknown"}`,
+            "INVOICE_INVALID_DATA"
+          );
+        }
+      } catch (err) {
+        if (err instanceof SphereError) throw err;
         throw new SphereError(
-          `Invoice import failed: tokenId mismatch or unverifiable \u2014 JSON claims ${tokenId}, cryptographic identity is ${canonicalTokenId ?? "unknown"}`,
-          "INVOICE_INVALID_DATA"
+          `Invoice import failed: proof verification error \u2014 ${err instanceof Error ? err.message : String(err)}`,
+          "INVOICE_INVALID_PROOF"
         );
       }
-    } catch (err) {
-      if (err instanceof SphereError) throw err;
-      throw new SphereError(
-        `Invoice import failed: proof verification error \u2014 ${err instanceof Error ? err.message : String(err)}`,
-        "INVOICE_INVALID_PROOF"
-      );
     }
     try {
       const uiToken = {
@@ -19419,7 +19432,7 @@ var AccountingModule = class _AccountingModule {
         status: "confirmed",
         createdAt: terms.createdAt,
         updatedAt: terms.createdAt,
-        sdkData: JSON.stringify(token)
+        sdkData: sdkDataForStore
       };
       await deps.payments.addToken(uiToken);
     } catch (err) {
@@ -19474,17 +19487,8 @@ var AccountingModule = class _AccountingModule {
     const allTokens = deps.payments.getTokens();
     let anyDirty = false;
     for (const existingToken of allTokens) {
-      if (!existingToken.sdkData) continue;
-      let txf;
-      try {
-        txf = JSON.parse(existingToken.sdkData);
-      } catch {
-        continue;
-      }
-      const transactions = txf.transactions ?? [];
       const startIndex = this.tokenScanState.get(existingToken.id) ?? 0;
-      if (transactions.length > startIndex) {
-        this._processTokenTransactions(existingToken.id, txf, startIndex);
+      if (await this._scanTokenForAttribution(existingToken, startIndex)) {
         anyDirty = true;
       }
     }
@@ -21374,17 +21378,8 @@ var AccountingModule = class _AccountingModule {
     const allTokens = deps.payments.getTokens();
     let anyDirty = false;
     for (const token of allTokens) {
-      if (!token.sdkData) continue;
-      let txf;
-      try {
-        txf = JSON.parse(token.sdkData);
-      } catch {
-        continue;
-      }
-      const transactions = txf.transactions ?? [];
       const startIndex = this.tokenScanState.get(token.id) ?? 0;
-      if (transactions.length > startIndex) {
-        this._processTokenTransactions(token.id, txf, startIndex);
+      if (await this._scanTokenForAttribution(token, startIndex)) {
         anyDirty = true;
       }
     }
@@ -21439,6 +21434,53 @@ var AccountingModule = class _AccountingModule {
    * @param txf        - Parsed TxfToken.
    * @param startIndex - First unprocessed transaction index.
    */
+  /**
+   * Attribute one payment token's invoice memo(s) to the ledger.
+   *
+   * v2 (engine blob): the token carries a single on-chain memo. We decode it and
+   * shim the token into a v1-shaped `txf` (coinData ← engine.readValue, the memo
+   * ← engine.readMemo) so the battle-hardened `_processTokenTransactions` runs
+   * UNCHANGED — same dedup, direction, provisional/synthetic/orphan handling.
+   * v1 (TXF JSON): parse and scan transactions directly.
+   *
+   * `startIndex` is the per-token watermark (0 for a full retroactive scan).
+   * Returns true when the token was scanned. Async because engine.decodeToken is.
+   */
+  async _scanTokenForAttribution(token, startIndex) {
+    if (!token.sdkData) return false;
+    const engine = this.deps?.tokenEngine;
+    const isBlob = token.sdkData.length >= 2 && token.sdkData.length % 2 === 0 && token.sdkData[0] !== "{" && /^[0-9a-f]+$/i.test(token.sdkData);
+    if (engine && isBlob) {
+      let syntheticTxf;
+      try {
+        const sphereToken = await engine.decodeToken(decodeTokenBlob(hexToBytes(token.sdkData)));
+        const memo = engine.readMemo(sphereToken);
+        if (!memo) return false;
+        const coinData = (engine.readValue(sphereToken)?.assets ?? []).map(
+          (a) => [a.coinId, a.amount.toString()]
+        );
+        syntheticTxf = {
+          genesis: { data: { coinData } },
+          transactions: [{ data: { message: bytesToHex(memo) }, inclusionProof: {} }]
+        };
+      } catch {
+        return false;
+      }
+      this._processTokenTransactions(token.id, syntheticTxf, startIndex);
+      return true;
+    }
+    let txf;
+    try {
+      txf = JSON.parse(token.sdkData);
+    } catch {
+      return false;
+    }
+    if ((txf.transactions?.length ?? 0) > startIndex) {
+      this._processTokenTransactions(token.id, txf, startIndex);
+      return true;
+    }
+    return false;
+  }
   _processTokenTransactions(tokenId, txf, startIndex) {
     const transactions = txf.transactions ?? [];
     let lastSuccessIdx = startIndex;
@@ -21718,17 +21760,7 @@ var AccountingModule = class _AccountingModule {
   async _handleIncomingTransfer(transfer) {
     if (this.destroyed) return;
     for (const token of transfer.tokens) {
-      if (!token.sdkData) continue;
-      let txf;
-      try {
-        txf = JSON.parse(token.sdkData);
-      } catch {
-        continue;
-      }
-      const startIndex = this.tokenScanState.get(token.id) ?? 0;
-      if ((txf.transactions?.length ?? 0) > startIndex) {
-        this._processTokenTransactions(token.id, txf, startIndex);
-      }
+      await this._scanTokenForAttribution(token, this.tokenScanState.get(token.id) ?? 0);
     }
     if (this.destroyed) return;
     await this._flushDirtyLedgerEntries();
@@ -21866,16 +21898,7 @@ var AccountingModule = class _AccountingModule {
     if (this.destroyed) return;
     for (const token of result.tokens) {
       if (!token.sdkData) continue;
-      let txf;
-      try {
-        txf = JSON.parse(token.sdkData);
-      } catch {
-        continue;
-      }
-      const startIndex = this.tokenScanState.get(token.id) ?? 0;
-      if ((txf.transactions?.length ?? 0) > startIndex) {
-        this._processTokenTransactions(token.id, txf, startIndex);
-      }
+      await this._scanTokenForAttribution(token, this.tokenScanState.get(token.id) ?? 0);
       const relatedInvoices = this.tokenInvoiceMap.get(token.id);
       if (relatedInvoices) {
         for (const invoiceId of relatedInvoices) {
@@ -21946,15 +21969,8 @@ var AccountingModule = class _AccountingModule {
     const tokens = this.deps.payments.getTokens();
     const token = tokens.find((t) => t.id === tokenId);
     if (!token?.sdkData) return;
-    let txf;
-    try {
-      txf = JSON.parse(token.sdkData);
-    } catch {
-      return;
-    }
     const startIndex = this.tokenScanState.get(tokenId) ?? 0;
-    if ((txf.transactions?.length ?? 0) > startIndex) {
-      this._processTokenTransactions(tokenId, txf, startIndex);
+    if (await this._scanTokenForAttribution(token, startIndex)) {
       if (this.destroyed) return;
       await this._flushDirtyLedgerEntries();
     }
@@ -27392,29 +27408,421 @@ async function parseAndDecryptWalletDat(data, password, onProgress) {
   };
 }
 
+// token-engine/identity.ts
+var UNICITY_TOKEN_TYPE_HEX = "f8aa13834268d29355ff12183066f0cb902003629bbc5eb9ef0efbe397867509";
+var SIGNING_ALGORITHM = "secp256k1";
+var EMBEDDED_PREDICATE_UNMASKED = 0;
+var HASH_ALGORITHM_SHA256 = 0n;
+var SHA256_IMPRINT_PREFIX = new Uint8Array([0, 0]);
+function hexToBytes4(hex) {
+  const bytes = new Uint8Array(hex.length / 2);
+  for (let i = 0; i < bytes.length; i++) {
+    bytes[i] = parseInt(hex.slice(i * 2, i * 2 + 2), 16);
+  }
+  return bytes;
+}
+function sha2565(data) {
+  return new DataHasher(HashAlgorithm2.SHA256).update(data).digest().then((h) => h.data);
+}
+async function deriveDirectAddress(publicKey) {
+  const tokenTypeCbor = CborSerializer.encodeByteString(hexToBytes4(UNICITY_TOKEN_TYPE_HEX));
+  const reference = CborSerializer.encodeArray(
+    CborSerializer.encodeByteString(new Uint8Array([EMBEDDED_PREDICATE_UNMASKED])),
+    CborSerializer.encodeByteString(tokenTypeCbor),
+    CborSerializer.encodeTextString(SIGNING_ALGORITHM),
+    CborSerializer.encodeUnsignedInteger(HASH_ALGORITHM_SHA256),
+    CborSerializer.encodeByteString(publicKey)
+  );
+  const refHash = await sha2565(reference);
+  const imprint = new Uint8Array([...SHA256_IMPRINT_PREFIX, ...refHash]);
+  const checksum = (await sha2565(imprint)).slice(0, 4);
+  return `DIRECT://${HexConverter.encode(imprint)}${HexConverter.encode(checksum)}`;
+}
+
+// token-engine/factory.ts
+init_errors();
+
+// token-engine/SpherePaymentData.ts
+init_errors();
+var COIN_ID_PATTERN = /^([0-9a-f]{2})+$/;
+function assertAsset(coinId, amount) {
+  if (!COIN_ID_PATTERN.test(coinId)) {
+    throw new SphereError(`Invalid coin id (expected even-length lowercase hex): "${coinId}"`, "VALIDATION_ERROR");
+  }
+  if (amount < 0n) {
+    throw new SphereError(`Asset amount must be non-negative: ${amount.toString()}`, "VALIDATION_ERROR");
+  }
+}
+function sphereAssetToSdk(coinId, amount) {
+  assertAsset(coinId, amount);
+  return new Asset(new AssetId(HexConverter.decode(coinId)), amount);
+}
+var SpherePaymentData = class _SpherePaymentData {
+  constructor(assets, _memo = null) {
+    this.assets = assets;
+    this._memo = _memo;
+  }
+  /** Sphere-private CBOR tag (verified free in the v2 SDK tag space). */
+  static CBOR_TAG = 39050n;
+  /** Envelope version; bump when the structure changes. */
+  static VERSION = 1n;
+  /** Opaque, app-defined memo carried alongside the value (e.g. invoice attribution). */
+  get memo() {
+    return this._memo ? new Uint8Array(this._memo) : null;
+  }
+  /** Wrap an existing SDK asset collection (+ optional opaque memo). */
+  static create(assets, memo = null) {
+    return new _SpherePaymentData(assets, memo);
+  }
+  /** Build from a sphere-domain value (hex coin id → bigint amount) + optional opaque memo. */
+  static fromValue(value, memo = null) {
+    const assets = value.assets.map((a) => sphereAssetToSdk(a.coinId, a.amount));
+    return new _SpherePaymentData(PaymentAssetCollection.create(...assets), memo);
+  }
+  /** Decode from the CBOR envelope produced by {@link encode}. */
+  static fromCBOR(bytes) {
+    const tag = CborDeserializer.decodeTag(bytes);
+    if (tag.tag !== _SpherePaymentData.CBOR_TAG) {
+      throw new CborError(`Invalid SpherePaymentData tag: ${tag.tag}`);
+    }
+    const fields = CborDeserializer.decodeArray(tag.data, 3);
+    const version = CborDeserializer.decodeUnsignedInteger(fields[0]);
+    if (version !== _SpherePaymentData.VERSION) {
+      throw new CborError(`Unsupported SpherePaymentData version: ${version}`);
+    }
+    const memo = CborDeserializer.decodeNullable(fields[2], CborDeserializer.decodeByteString);
+    return new _SpherePaymentData(PaymentAssetCollection.fromCBOR(fields[1]), memo);
+  }
+  /** Deterministic, versioned, tagged CBOR: `tag(39050)[ version, assets, memo? ]`. */
+  encode() {
+    return Promise.resolve(
+      CborSerializer.encodeTag(
+        _SpherePaymentData.CBOR_TAG,
+        CborSerializer.encodeArray(
+          CborSerializer.encodeUnsignedInteger(_SpherePaymentData.VERSION),
+          this.assets.toCBOR(),
+          CborSerializer.encodeNullable(this._memo, CborSerializer.encodeByteString)
+        )
+      )
+    );
+  }
+  /** Project to a sphere-domain value (hex coin id + bigint amount), preserving order. */
+  toValue() {
+    return {
+      assets: this.assets.toArray().map((a) => ({
+        coinId: HexConverter.encode(a.id.bytes),
+        amount: a.value
+      }))
+    };
+  }
+  /** Balance of a single coin within this payload (0n when absent). */
+  balanceOf(coinId) {
+    if (!COIN_ID_PATTERN.test(coinId)) {
+      throw new SphereError(`Invalid coin id (expected even-length lowercase hex): "${coinId}"`, "VALIDATION_ERROR");
+    }
+    const asset = this.assets.get(new AssetId(HexConverter.decode(coinId)));
+    return asset ? asset.value : 0n;
+  }
+};
+function decodeSpherePaymentData(bytes) {
+  return Promise.resolve(SpherePaymentData.fromCBOR(bytes));
+}
+
+// token-engine/SphereTokenEngine.ts
+init_errors();
+var SphereTokenEngine = class {
+  constructor(deps) {
+    this.deps = deps;
+  }
+  // ── identity ────────────────────────────────────────────────────────────────
+  getIdentity() {
+    return { chainPubkey: new Uint8Array(this.deps.signingService.publicKey) };
+  }
+  /** Legacy DIRECT:// address (Path A). Async: the derivation hashes via the SDK. */
+  deriveIdentityAddress(pubkey) {
+    return deriveDirectAddress(pubkey ?? this.deps.signingService.publicKey);
+  }
+  // ── value (read) ─────────────────────────────────────────────────────────────
+  readValue(token) {
+    return token.value;
+  }
+  balanceOf(token, coinId) {
+    let sum = 0n;
+    for (const asset of token.value?.assets ?? []) {
+      if (asset.coinId === coinId) sum += asset.amount;
+    }
+    return sum;
+  }
+  tokenId(token) {
+    return token.blob.tokenId;
+  }
+  readMemo(token) {
+    const sdkToken = token.sdkToken;
+    if (sdkToken.transactions.length > 0) {
+      return sdkToken.latestTransaction.data;
+    }
+    const data = sdkToken.genesis.data;
+    if (data && this.isSpherePaymentData(data)) {
+      return SpherePaymentData.fromCBOR(data).memo;
+    }
+    return null;
+  }
+  readTokenData(token) {
+    const data = token.sdkToken.genesis.data;
+    return data ? new Uint8Array(data) : null;
+  }
+  // ── lifecycle ────────────────────────────────────────────────────────────────
+  async mint(params, options) {
+    const recipient = SignaturePredicate.create(params.recipientPubkey);
+    const data = params.value ? await SpherePaymentData.fromValue(params.value).encode() : null;
+    const mintTx = await MintTransaction.create(this.deps.networkId, recipient, data);
+    const certificationData = await CertificationData.fromMintTransaction(mintTx);
+    const response = await this.deps.client.submitCertificationRequest(certificationData);
+    if (response.status !== CertificationStatus.SUCCESS) {
+      throw new SphereError(`Mint certification failed: ${response.status}`, "AGGREGATOR_ERROR");
+    }
+    const proof = await waitInclusionProof2(
+      this.deps.client,
+      this.deps.trustBase,
+      this.deps.predicateVerifier,
+      mintTx,
+      options?.signal
+    );
+    const certified = await mintTx.toCertifiedTransaction(this.deps.trustBase, this.deps.predicateVerifier, proof);
+    const token = await Token2.mint(
+      this.deps.trustBase,
+      this.deps.predicateVerifier,
+      this.deps.mintJustificationVerifier,
+      certified
+    );
+    return this.wrapToken(token);
+  }
+  async mintDataToken(params, options) {
+    const recipient = SignaturePredicate.create(params.recipientPubkey);
+    const tokenType = params.tokenType ? new TokenType(params.tokenType) : TokenType.generate();
+    const salt = params.salt ? TokenSalt.fromBytes(params.salt) : TokenSalt.generate();
+    const mintTx = await MintTransaction.create(this.deps.networkId, recipient, params.data, tokenType, salt);
+    const certificationData = await CertificationData.fromMintTransaction(mintTx);
+    const response = await this.deps.client.submitCertificationRequest(certificationData);
+    if (response.status !== CertificationStatus.SUCCESS) {
+      throw new SphereError(`Data-token mint failed: ${response.status}`, "AGGREGATOR_ERROR");
+    }
+    const proof = await waitInclusionProof2(
+      this.deps.client,
+      this.deps.trustBase,
+      this.deps.predicateVerifier,
+      mintTx,
+      options?.signal
+    );
+    const certified = await mintTx.toCertifiedTransaction(this.deps.trustBase, this.deps.predicateVerifier, proof);
+    const token = await Token2.mint(
+      this.deps.trustBase,
+      this.deps.predicateVerifier,
+      this.deps.mintJustificationVerifier,
+      certified
+    );
+    return this.wrapToken(token);
+  }
+  async transfer(params, options) {
+    this.assertOwned(params.token);
+    const recipient = SignaturePredicate.create(params.recipientPubkey);
+    const stateMask = crypto.getRandomValues(new Uint8Array(32));
+    const transferTx = await TransferTransaction.create(params.token.sdkToken, recipient, stateMask, params.data ?? null);
+    const unlockScript = await SignaturePredicateUnlockScript.create(transferTx, this.deps.signingService);
+    const certificationData = await CertificationData.fromTransaction(transferTx, unlockScript);
+    const response = await this.deps.client.submitCertificationRequest(certificationData);
+    if (response.status !== CertificationStatus.SUCCESS) {
+      throw new SphereError(`Transfer certification failed: ${response.status}`, "TRANSFER_FAILED");
+    }
+    const proof = await waitInclusionProof2(
+      this.deps.client,
+      this.deps.trustBase,
+      this.deps.predicateVerifier,
+      transferTx,
+      options?.signal
+    );
+    const certified = await transferTx.toCertifiedTransaction(this.deps.trustBase, this.deps.predicateVerifier, proof);
+    const transferred = await params.token.sdkToken.transfer(this.deps.trustBase, this.deps.predicateVerifier, certified);
+    return this.wrapToken(transferred);
+  }
+  async split(params, options) {
+    this.assertOwned(params.token);
+    if (params.outputs.length === 0) {
+      throw new SphereError("Split requires at least one output", "VALIDATION_ERROR");
+    }
+    const requests = params.outputs.map(
+      (o) => SplitTokenRequest.create(
+        SignaturePredicate.create(o.recipientPubkey),
+        PaymentAssetCollection.create(sphereAssetToSdk(o.coinId, o.amount))
+      )
+    );
+    const split = await TokenSplit.split(params.token.sdkToken, decodeSpherePaymentData, requests);
+    const burnUnlock = await SignaturePredicateUnlockScript.create(split.burn.transaction, this.deps.signingService);
+    const burnCert = await CertificationData.fromTransaction(split.burn.transaction, burnUnlock);
+    const burnResponse = await this.deps.client.submitCertificationRequest(burnCert);
+    if (burnResponse.status !== CertificationStatus.SUCCESS) {
+      throw new SphereError(`Split burn failed: ${burnResponse.status}`, "TRANSFER_FAILED");
+    }
+    const burnProof = await waitInclusionProof2(
+      this.deps.client,
+      this.deps.trustBase,
+      this.deps.predicateVerifier,
+      split.burn.transaction,
+      options?.signal
+    );
+    const burnCertified = await split.burn.transaction.toCertifiedTransaction(
+      this.deps.trustBase,
+      this.deps.predicateVerifier,
+      burnProof
+    );
+    const burntToken = await params.token.sdkToken.transfer(
+      this.deps.trustBase,
+      this.deps.predicateVerifier,
+      burnCertified
+    );
+    const outputs = [];
+    for (let i = 0; i < split.tokens.length; i++) {
+      const splitToken = split.tokens[i];
+      const data = await SpherePaymentData.create(splitToken.assets, params.outputs[i].data ?? null).encode();
+      const justification = SplitMintJustification.create(burntToken, splitToken.proofs).toCBOR();
+      const mintTx = await MintTransaction.create(
+        splitToken.networkId,
+        splitToken.recipient,
+        data,
+        splitToken.tokenType,
+        splitToken.salt,
+        justification
+      );
+      const certData = await CertificationData.fromMintTransaction(mintTx);
+      const response = await this.deps.client.submitCertificationRequest(certData);
+      if (response.status !== CertificationStatus.SUCCESS) {
+        throw new SphereError(`Split mint failed: ${response.status}`, "AGGREGATOR_ERROR");
+      }
+      const proof = await waitInclusionProof2(
+        this.deps.client,
+        this.deps.trustBase,
+        this.deps.predicateVerifier,
+        mintTx,
+        options?.signal
+      );
+      const certified = await mintTx.toCertifiedTransaction(this.deps.trustBase, this.deps.predicateVerifier, proof);
+      const token = await Token2.mint(
+        this.deps.trustBase,
+        this.deps.predicateVerifier,
+        this.deps.mintJustificationVerifier,
+        certified
+      );
+      outputs.push(this.wrapToken(token));
+    }
+    return { outputs };
+  }
+  // ── verification ─────────────────────────────────────────────────────────────
+  async verify(token, _options) {
+    const result = await token.sdkToken.verify(
+      this.deps.trustBase,
+      this.deps.predicateVerifier,
+      this.deps.mintJustificationVerifier
+    );
+    return result.status === VerificationStatus.OK ? { ok: true } : { ok: false, reason: String(result.status) };
+  }
+  async isSpent(token, _options) {
+    const probe = await TransferTransaction.create(
+      token.sdkToken,
+      SignaturePredicate.create(this.deps.signingService.publicKey),
+      new Uint8Array(32)
+    );
+    const stateId = await StateId.fromTransaction(probe);
+    const response = await this.deps.client.getInclusionProof(stateId);
+    return response.inclusionProof.inclusionCertificate !== null;
+  }
+  // ── serialization ────────────────────────────────────────────────────────────
+  encodeToken(token) {
+    return token.blob;
+  }
+  async decodeToken(blob) {
+    const sdkToken = await Token2.fromCBOR(blob.token);
+    if (sdkToken.genesis.networkId.id !== this.deps.networkId.id) {
+      throw new SphereError(
+        `Token network mismatch: token is on network ${sdkToken.genesis.networkId.id}, engine on ${this.deps.networkId.id}`,
+        "VALIDATION_ERROR"
+      );
+    }
+    return this.wrapToken(sdkToken);
+  }
+  // ── internals ────────────────────────────────────────────────────────────────
+  /** Fail fast if this engine's key does not own the token's current state. */
+  assertOwned(token) {
+    const owner = token.sdkToken.latestTransaction.recipient;
+    const mine = EncodedPredicate.fromPredicate(SignaturePredicate.create(this.deps.signingService.publicKey));
+    if (!EncodedPredicate.equals(owner, mine)) {
+      throw new SphereError("Cannot transfer a token not owned by this engine identity", "VALIDATION_ERROR");
+    }
+  }
+  /** Wrap an SDK token into a SphereToken: cache its blob (incl. stable tokenId) + decoded value. */
+  wrapToken(sdkToken) {
+    const data = sdkToken.genesis.data;
+    let value = null;
+    if (data && this.isSpherePaymentData(data)) {
+      try {
+        value = SpherePaymentData.fromCBOR(data).toValue();
+      } catch (err) {
+        throw new SphereError(
+          `Failed to decode token payment data: ${err instanceof Error ? err.message : String(err)}`,
+          "VALIDATION_ERROR"
+        );
+      }
+    }
+    const blob = {
+      v: TOKEN_BLOB_VERSION,
+      network: sdkToken.genesis.networkId.id,
+      tokenId: HexConverter.encode(sdkToken.id.bytes),
+      token: sdkToken.toCBOR()
+    };
+    return { sdkToken, blob, value };
+  }
+  /** True if the bytes are a SpherePaymentData envelope (value token) vs a raw data token. */
+  isSpherePaymentData(data) {
+    try {
+      return CborDeserializer.decodeTag(data).tag === SpherePaymentData.CBOR_TAG;
+    } catch {
+      return false;
+    }
+  }
+};
+
+// token-engine/factory.ts
+async function createSphereTokenEngine(config) {
+  if (config.trustBaseJson == null) {
+    throw new SphereError("Engine config requires a trust base (trustBaseJson)", "INVALID_CONFIG");
+  }
+  const trustBase = RootTrustBase.fromJSON(config.trustBaseJson);
+  const predicateVerifier = PredicateVerifierService.create();
+  const mintJustificationVerifier = new MintJustificationVerifierService();
+  mintJustificationVerifier.register(
+    new SplitMintJustificationVerifier(trustBase, predicateVerifier, decodeSpherePaymentData)
+  );
+  const deps = {
+    client: new StateTransitionClient(new AggregatorClient(config.aggregatorUrl, config.apiKey ?? null)),
+    trustBase,
+    predicateVerifier,
+    mintJustificationVerifier,
+    signingService: new SigningService(config.privateKey),
+    // The trust base is the single source of truth for the network id (it carries
+    // NetworkId.fromId, so any id works — e.g. testnet2 = 4 — with no enum entry).
+    networkId: trustBase.networkId
+  };
+  return new SphereTokenEngine(deps);
+}
+
 // core/Sphere.ts
-import { SigningService as SigningService2 } from "@unicitylabs/state-transition-sdk/lib/sign/SigningService";
-import { TokenType as TokenType5 } from "@unicitylabs/state-transition-sdk/lib/token/TokenType";
-import { HashAlgorithm as HashAlgorithm7 } from "@unicitylabs/state-transition-sdk/lib/hash/HashAlgorithm";
-import { UnmaskedPredicateReference as UnmaskedPredicateReference3 } from "@unicitylabs/state-transition-sdk/lib/predicate/embedded/UnmaskedPredicateReference";
-import { normalizeNametag as normalizeNametag2, isPhoneNumber } from "@unicitylabs/nostr-js-sdk";
+import { normalizeNametag, isPhoneNumber } from "@unicitylabs/nostr-js-sdk";
 function isValidNametag2(nametag) {
   if (isPhoneNumber(nametag)) return true;
   return /^[a-z0-9_-]{3,20}$/.test(nametag);
 }
-var UNICITY_TOKEN_TYPE_HEX2 = "f8aa13834268d29355ff12183066f0cb902003629bbc5eb9ef0efbe397867509";
 async function deriveL3PredicateAddress(privateKey) {
-  const secret = Buffer.from(privateKey, "hex");
-  const signingService = await SigningService2.createFromSecret(secret);
-  const tokenTypeBytes = Buffer.from(UNICITY_TOKEN_TYPE_HEX2, "hex");
-  const tokenType = new TokenType5(tokenTypeBytes);
-  const predicateRef = UnmaskedPredicateReference3.create(
-    tokenType,
-    signingService.algorithm,
-    signingService.publicKey,
-    HashAlgorithm7.SHA256
-  );
-  return (await (await predicateRef).toAddress()).toString();
+  const prehashedPublicKey = getPublicKey(sha2562(privateKey, "hex"));
+  return deriveDirectAddress(hexToBytes2(prehashedPublicKey));
 }
 var Sphere = class _Sphere {
   // Singleton
@@ -27436,14 +27844,14 @@ var Sphere = class _Sphere {
   _addressIdToIndex = /* @__PURE__ */ new Map();
   /** Nametag cache: addressId -> (nametagIndex -> nametag). Separate from tracked addresses. */
   _addressNametags = /* @__PURE__ */ new Map();
-  /** Cached PROXY address (computed once when nametag is set) */
-  _cachedProxyAddress = void 0;
   // Providers
   _storage;
   _tokenStorageProviders = /* @__PURE__ */ new Map();
   _transport;
   _oracle;
   _priceProvider;
+  /** v2 token engine (built per active address from the oracle); injected into modules. */
+  _tokenEngine;
   // Modules (single-instance — backward compat, delegates to active address)
   _payments;
   _communications;
@@ -27784,20 +28192,6 @@ var Sphere = class _Sphere {
     await sphere.syncIdentityWithTransport();
     sphere._initialized = true;
     _Sphere.instance = sphere;
-    if (sphere._identity?.nametag && !sphere._payments.hasNametag()) {
-      progress?.({ step: "registering_nametag", message: "Restoring nametag token..." });
-      logger.debug("Sphere", `Unicity ID @${sphere._identity.nametag} has no token, attempting to mint...`);
-      try {
-        const result = await sphere.mintNametag(sphere._identity.nametag);
-        if (result.success) {
-          logger.debug("Sphere", `Nametag token minted successfully on load`);
-        } else {
-          logger.warn("Sphere", `Could not mint nametag token: ${result.error}`);
-        }
-      } catch (err) {
-        logger.warn("Sphere", `Nametag token mint failed:`, err);
-      }
-    }
     if (options.discoverAddresses !== false && sphere._transport.discoverAddresses && sphere._masterKey) {
       progress?.({ step: "discovering_addresses", message: "Discovering addresses..." });
       try {
@@ -28849,13 +29243,13 @@ var Sphere = class _Sphere {
           oracle: this._oracle,
           emitEvent: this.emitEvent.bind(this),
           chainCode: this._masterKey?.chainCode || void 0,
-          price: this._priceProvider ?? void 0
+          price: this._priceProvider ?? void 0,
+          tokenEngine: moduleSet.tokenEngine
         });
       }
     }
     this._identity = newIdentity;
     this._currentAddressIndex = index;
-    await this._updateCachedProxyAddress();
     const activeModules = this._addressModules.get(index);
     this._payments = activeModules.payments;
     this._communications = activeModules.communications;
@@ -28893,35 +29287,10 @@ var Sphere = class _Sphere {
     }
     if (newNametag) {
       await this.persistAddressNametags();
-      if (!this._payments.hasNametag()) {
-        logger.debug("Sphere", `Minting nametag token for @${newNametag}...`);
-        try {
-          const result = await this.mintNametag(newNametag);
-          if (result.success) {
-            logger.debug("Sphere", `Nametag token minted successfully`);
-          } else {
-            logger.warn("Sphere", `Could not mint nametag token: ${result.error}`);
-          }
-        } catch (err) {
-          logger.warn("Sphere", `Nametag token mint failed:`, err);
-        }
-      }
       this.emitEvent("nametag:registered", {
         nametag: newNametag,
         addressIndex: index
       });
-    } else if (this._identity?.nametag && !this._payments.hasNametag()) {
-      logger.debug("Sphere", `Unicity ID @${this._identity.nametag} has no token after switch, minting...`);
-      try {
-        const result = await this.mintNametag(this._identity.nametag);
-        if (result.success) {
-          logger.debug("Sphere", `Nametag token minted successfully after switch`);
-        } else {
-          logger.warn("Sphere", `Could not mint nametag token after switch: ${result.error}`);
-        }
-      } catch (err) {
-        logger.warn("Sphere", `Nametag token mint failed after switch:`, err);
-      }
     }
   }
   /**
@@ -28951,6 +29320,7 @@ var Sphere = class _Sphere {
     const communications = createCommunicationsModule(this._communicationsConfig);
     const groupChat = this._groupChatConfig ? createGroupChatModule(this._groupChatConfig) : null;
     const market = this._marketConfig ? createMarketModule(this._marketConfig) : null;
+    const tokenEngine = await this.buildTokenEngine(identity);
     payments.initialize({
       identity,
       storage: this._storage,
@@ -28959,7 +29329,8 @@ var Sphere = class _Sphere {
       oracle: this._oracle,
       emitEvent,
       chainCode: this._masterKey?.chainCode || void 0,
-      price: this._priceProvider ?? void 0
+      price: this._priceProvider ?? void 0,
+      tokenEngine
     });
     communications.initialize({
       identity,
@@ -28995,7 +29366,8 @@ var Sphere = class _Sphere {
           emitEvent,
           on: this.on.bind(this),
           storage: this._storage,
-          communications
+          communications,
+          tokenEngine
         });
       } else {
         logger.warn("Sphere", "Accounting module enabled but no token storage available \u2014 disabling");
@@ -29055,6 +29427,7 @@ var Sphere = class _Sphere {
       market,
       transportAdapter: adapter,
       tokenStorageProviders: new Map(tokenStorageProviders),
+      tokenEngine,
       initialized: true
     };
     this._addressModules.set(index, moduleSet);
@@ -29610,15 +29983,6 @@ var Sphere = class _Sphere {
   hasNametag() {
     return !!this._identity?.nametag;
   }
-  /**
-   * Get the PROXY address for the current nametag
-   * PROXY addresses are derived from the nametag hash and require
-   * the nametag token to claim funds sent to them
-   * @returns PROXY address string or undefined if no nametag
-   */
-  getProxyAddress() {
-    return this._cachedProxyAddress;
-  }
   /**
    * Resolve any identifier to full peer information.
    * Accepts @nametag, bare nametag, DIRECT://, PROXY://, L1 address, or transport pubkey.
@@ -29653,17 +30017,6 @@ var Sphere = class _Sphere {
       throw new SphereError(`Cannot resolve address: ${address.slice(0, 30)}`, "INVALID_RECIPIENT");
     }
   }
-  /** Compute and cache the PROXY address from the current nametag */
-  async _updateCachedProxyAddress() {
-    const nametag = this._identity?.nametag;
-    if (!nametag) {
-      this._cachedProxyAddress = void 0;
-      return;
-    }
-    const { ProxyAddress } = await import("@unicitylabs/state-transition-sdk/lib/address/ProxyAddress");
-    const proxyAddr = await ProxyAddress.fromNameTag(nametag);
-    this._cachedProxyAddress = proxyAddr.toString();
-  }
   /**
    * Register a nametag for the current active address
    * Each address can have its own independent nametag
@@ -29691,17 +30044,6 @@ var Sphere = class _Sphere {
     if (this._identity?.nametag) {
       throw new SphereError(`Unicity ID already registered for address ${this._currentAddressIndex}: @${this._identity.nametag}`, "ALREADY_INITIALIZED");
     }
-    if (!this._payments.hasNametag()) {
-      logger.debug("Sphere", `Minting nametag token for @${cleanNametag}...`);
-      const result = await this.mintNametag(cleanNametag);
-      if (!result.success) {
-        throw new SphereError(
-          `Failed to mint nametag token: ${result.error}`,
-          "AGGREGATOR_ERROR"
-        );
-      }
-      logger.debug("Sphere", `Nametag token minted successfully`);
-    }
     if (this._transport.publishIdentityBinding) {
       const success = await this._transport.publishIdentityBinding(
         this._identity.chainPubkey,
@@ -29714,7 +30056,6 @@ var Sphere = class _Sphere {
       }
     }
     this._identity.nametag = cleanNametag;
-    await this._updateCachedProxyAddress();
     const currentAddressId = this._trackedAddresses.get(this._currentAddressIndex)?.addressId;
     if (currentAddressId) {
       let nametags = this._addressNametags.get(currentAddressId);
@@ -29747,35 +30088,19 @@ var Sphere = class _Sphere {
     await this._storage.saveTrackedAddresses(entries);
   }
   /**
-   * Mint a nametag token on-chain (like Sphere wallet and lottery)
-   * This creates the nametag token required for receiving tokens via PROXY addresses (@nametag)
+   * Check whether a nametag is available to register.
    *
-   * @param nametag - The nametag to mint (e.g., "alice" or "@alice")
-   * @returns MintNametagResult with success status and token if successful
+   * D5: nametags are Nostr bindings (name ↔ chainPubkey), not on-chain tokens. Availability is
+   * first-seen-wins — a name is available iff no binding resolves for it.
    *
-   * @example
-   * ```typescript
-   * // Mint nametag token for receiving via @alice
-   * const result = await sphere.mintNametag('alice');
-   * if (result.success) {
-   *   console.log('Nametag minted:', result.nametagData?.name);
-   * } else {
-   *   console.error('Mint failed:', result.error);
-   * }
-   * ```
-   */
-  async mintNametag(nametag) {
-    this.ensureReady();
-    return this._payments.mintNametag(nametag);
-  }
-  /**
-   * Check if a nametag is available for minting
    * @param nametag - The nametag to check (e.g., "alice" or "@alice")
-   * @returns true if available, false if taken or error
+   * @returns true if available, false if already taken
    */
   async isNametagAvailable(nametag) {
     this.ensureReady();
-    return this._payments.isNametagAvailable(nametag);
+    if (!this._transport.resolveNametag) return true;
+    const bound = await this._transport.resolveNametag(this.cleanNametag(nametag));
+    return bound == null;
   }
   /**
    * Load tracked addresses from storage.
@@ -29950,7 +30275,6 @@ var Sphere = class _Sphere {
             }
             if (recoveredNametag && !this._identity?.nametag) {
               this._identity.nametag = recoveredNametag;
-              await this._updateCachedProxyAddress();
               const entry = await this.ensureAddressTracked(this._currentAddressIndex);
               let nametags = this._addressNametags.get(entry.addressId);
               if (!nametags) {
@@ -30039,7 +30363,6 @@ var Sphere = class _Sphere {
     try {
       if (this._identity) {
         this._identity.nametag = recoveredNametag;
-        await this._updateCachedProxyAddress();
       }
       const entry = await this.ensureAddressTracked(this._currentAddressIndex);
       let nametags = this._addressNametags.get(entry.addressId);
@@ -30059,7 +30382,7 @@ var Sphere = class _Sphere {
    */
   cleanNametag(raw) {
     const stripped = raw.startsWith("@") ? raw.slice(1) : raw;
-    return normalizeNametag2(stripped);
+    return normalizeNametag(stripped);
   }
   // ===========================================================================
   // Public Methods - Lifecycle
@@ -30239,7 +30562,6 @@ var Sphere = class _Sphere {
     } else if (this._identity && nametag) {
       this._identity.nametag = nametag;
     }
-    await this._updateCachedProxyAddress();
   }
   async initializeIdentityFromMnemonic(mnemonic, derivationPath) {
     const basePath = derivationPath ?? DEFAULT_BASE_PATH;
@@ -30390,10 +30712,45 @@ var Sphere = class _Sphere {
     this._providerEventCleanups = [];
     this._lastProviderConnected.clear();
   }
+  /**
+   * Construct the v2 token engine for a given address identity (defaults to the
+   * active one) from the oracle's gateway URL + trust base and that address's
+   * signing key. The engine is per-address — each address signs with its own key.
+   * The trust base is the single source of truth for the network id (so any id
+   * works — e.g. testnet2 = 4 — with no enum entry). Returns undefined (modules
+   * keep their legacy path) when the oracle can't supply a trust base / url, or
+   * construction fails — a misconfigured oracle never breaks initialization.
+   */
+  async buildTokenEngine(identity) {
+    const oracle = this._oracle;
+    const privateKey = (identity ?? this._identity)?.privateKey;
+    const trustBaseJson = oracle.getTrustBaseJson?.() ?? null;
+    const aggregatorUrl = oracle.getAggregatorUrl?.();
+    if (!trustBaseJson || !aggregatorUrl || !privateKey) {
+      logger.warn("Sphere", "v2 token engine not constructed (oracle has no trust base / url, or no identity) \u2014 legacy path");
+      return void 0;
+    }
+    try {
+      return await createSphereTokenEngine({
+        aggregatorUrl,
+        apiKey: oracle.getApiKey?.(),
+        privateKey: hexToBytes2(privateKey),
+        trustBaseJson
+      });
+    } catch (err) {
+      logger.warn(
+        "Sphere",
+        `Failed to construct v2 token engine \u2014 modules use the legacy path: ${err instanceof Error ? err.message : String(err)}`
+      );
+      return void 0;
+    }
+  }
   async initializeModules() {
     const emitEvent = this.emitEvent.bind(this);
     const adapter = await this.ensureTransportMux(this._currentAddressIndex, this._identity);
     const moduleTransport = adapter ?? this._transport;
+    this._tokenEngine = await this.buildTokenEngine();
+    const tokenEngine = this._tokenEngine;
     this._payments.initialize({
       identity: this._identity,
       storage: this._storage,
@@ -30404,7 +30761,8 @@ var Sphere = class _Sphere {
       // Pass chain code for L1 HD derivation
       chainCode: this._masterKey?.chainCode || void 0,
       price: this._priceProvider ?? void 0,
-      disabledProviderIds: this._disabledProviders
+      disabledProviderIds: this._disabledProviders,
+      tokenEngine
     });
     this._communications.initialize({
       identity: this._identity,
@@ -30440,7 +30798,8 @@ var Sphere = class _Sphere {
           emitEvent,
           on: this.on.bind(this),
           storage: this._storage,
-          communications: this._communications
+          communications: this._communications,
+          tokenEngine
         });
       } else {
         logger.warn("Sphere", "Accounting module enabled but no token storage available \u2014 disabling");
@@ -30502,6 +30861,7 @@ var Sphere = class _Sphere {
       market: this._market,
       transportAdapter: adapter,
       tokenStorageProviders: new Map(this._tokenStorageProviders),
+      tokenEngine: this._tokenEngine,
       initialized: true
     });
   }