@useagentpay/sdk 0.1.0

package/dist/index.cjs

@@ -0,0 +1,1046 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// ../../node_modules/.pnpm/tsup@8.5.1_jiti@2.6.1_postcss@8.5.6_tsx@4.21.0_typescript@5.9.3/node_modules/tsup/assets/cjs_shims.js
+var init_cjs_shims = __esm({
+  "../../node_modules/.pnpm/tsup@8.5.1_jiti@2.6.1_postcss@8.5.6_tsx@4.21.0_typescript@5.9.3/node_modules/tsup/assets/cjs_shims.js"() {
+    "use strict";
+  }
+});
+
+// src/errors.ts
+var NotSetupError, DecryptError, InsufficientBalanceError, ExceedsTxLimitError, NotApprovedError, InvalidMandateError, AlreadyExecutedError, CheckoutFailedError, TimeoutError;
+var init_errors = __esm({
+  "src/errors.ts"() {
+    "use strict";
+    init_cjs_shims();
+    NotSetupError = class extends Error {
+      code = "NOT_SETUP";
+      constructor(message = "AgentPay has not been set up yet. Run `agentpay setup` first.") {
+        super(message);
+        this.name = "NotSetupError";
+      }
+    };
+    DecryptError = class extends Error {
+      code = "DECRYPT_FAILED";
+      constructor(message = "Failed to decrypt credentials. Wrong passphrase or corrupted file.") {
+        super(message);
+        this.name = "DecryptError";
+      }
+    };
+    InsufficientBalanceError = class extends Error {
+      code = "INSUFFICIENT_BALANCE";
+      constructor(amount, balance) {
+        const msg = amount !== void 0 && balance !== void 0 ? `Insufficient balance: requested $${amount.toFixed(2)} but only $${balance.toFixed(2)} available.` : "Insufficient balance for this transaction.";
+        super(msg);
+        this.name = "InsufficientBalanceError";
+      }
+    };
+    ExceedsTxLimitError = class extends Error {
+      code = "EXCEEDS_TX_LIMIT";
+      constructor(amount, limit) {
+        const msg = amount !== void 0 && limit !== void 0 ? `Amount $${amount.toFixed(2)} exceeds per-transaction limit of $${limit.toFixed(2)}.` : "Amount exceeds per-transaction limit.";
+        super(msg);
+        this.name = "ExceedsTxLimitError";
+      }
+    };
+    NotApprovedError = class extends Error {
+      code = "NOT_APPROVED";
+      constructor(txId) {
+        super(txId ? `Transaction ${txId} has not been approved.` : "Transaction has not been approved.");
+        this.name = "NotApprovedError";
+      }
+    };
+    InvalidMandateError = class extends Error {
+      code = "INVALID_MANDATE";
+      constructor(message = "Purchase mandate signature verification failed.") {
+        super(message);
+        this.name = "InvalidMandateError";
+      }
+    };
+    AlreadyExecutedError = class extends Error {
+      code = "ALREADY_EXECUTED";
+      constructor(txId) {
+        super(txId ? `Transaction ${txId} has already been executed.` : "Transaction has already been executed.");
+        this.name = "AlreadyExecutedError";
+      }
+    };
+    CheckoutFailedError = class extends Error {
+      code = "CHECKOUT_FAILED";
+      constructor(message = "Failed to complete checkout.") {
+        super(message);
+        this.name = "CheckoutFailedError";
+      }
+    };
+    TimeoutError = class extends Error {
+      code = "TIMEOUT";
+      constructor(message = "Operation timed out.") {
+        super(message);
+        this.name = "TimeoutError";
+      }
+    };
+  }
+});
+
+// src/transactions/poller.ts
+var poller_exports = {};
+__export(poller_exports, {
+  waitForApproval: () => waitForApproval
+});
+async function waitForApproval(txId, manager, options) {
+  const interval = options?.pollInterval ?? 2e3;
+  const timeout = options?.timeout ?? 3e5;
+  const deadline = Date.now() + timeout;
+  while (Date.now() < deadline) {
+    const tx = manager.get(txId);
+    if (!tx) throw new Error(`Transaction ${txId} not found.`);
+    if (tx.status === "approved") return { status: "approved" };
+    if (tx.status === "rejected") return { status: "rejected", reason: tx.rejectionReason };
+    await new Promise((resolve) => setTimeout(resolve, interval));
+  }
+  throw new TimeoutError(`Timed out waiting for approval of ${txId}`);
+}
+var init_poller = __esm({
+  "src/transactions/poller.ts"() {
+    "use strict";
+    init_cjs_shims();
+    init_errors();
+  }
+});
+
+// src/index.ts
+var src_exports = {};
+__export(src_exports, {
+  AgentPay: () => AgentPay,
+  AlreadyExecutedError: () => AlreadyExecutedError,
+  AuditLogger: () => AuditLogger,
+  BudgetManager: () => BudgetManager,
+  CheckoutFailedError: () => CheckoutFailedError,
+  DecryptError: () => DecryptError,
+  ExceedsTxLimitError: () => ExceedsTxLimitError,
+  InsufficientBalanceError: () => InsufficientBalanceError,
+  InvalidMandateError: () => InvalidMandateError,
+  NotApprovedError: () => NotApprovedError,
+  NotSetupError: () => NotSetupError,
+  PLACEHOLDER_MAP: () => PLACEHOLDER_MAP,
+  PurchaseExecutor: () => PurchaseExecutor,
+  TimeoutError: () => TimeoutError,
+  TransactionManager: () => TransactionManager,
+  VERSION: () => VERSION,
+  createMandate: () => createMandate,
+  credentialsToSwapMap: () => credentialsToSwapMap,
+  decrypt: () => decrypt,
+  encrypt: () => encrypt,
+  formatCurrency: () => formatCurrency,
+  formatStatus: () => formatStatus,
+  formatTable: () => formatTable,
+  formatTimestamp: () => formatTimestamp,
+  generateKeyPair: () => generateKeyPair,
+  generateTxId: () => generateTxId,
+  getAuditPath: () => getAuditPath,
+  getCredentialsPath: () => getCredentialsPath,
+  getHomePath: () => getHomePath,
+  getKeysPath: () => getKeysPath,
+  getPlaceholderVariables: () => getPlaceholderVariables,
+  getTransactionsPath: () => getTransactionsPath,
+  getWalletPath: () => getWalletPath,
+  loadPrivateKey: () => loadPrivateKey,
+  loadPublicKey: () => loadPublicKey,
+  loadVault: () => loadVault,
+  saveKeyPair: () => saveKeyPair,
+  saveVault: () => saveVault,
+  verifyMandate: () => verifyMandate,
+  waitForApproval: () => waitForApproval
+});
+module.exports = __toCommonJS(src_exports);
+init_cjs_shims();
+init_errors();
+
+// src/utils/ids.ts
+init_cjs_shims();
+var import_node_crypto = require("crypto");
+function generateTxId() {
+  return `tx_${(0, import_node_crypto.randomBytes)(4).toString("hex")}`;
+}
+
+// src/utils/display.ts
+init_cjs_shims();
+function formatCurrency(amount) {
+  return `$${amount.toFixed(2)}`;
+}
+function formatTimestamp(iso) {
+  const d = new Date(iso);
+  return d.toLocaleString("en-US", {
+    month: "short",
+    day: "numeric",
+    hour: "2-digit",
+    minute: "2-digit"
+  });
+}
+function formatTable(transactions) {
+  if (transactions.length === 0) return "No transactions.";
+  const header = "TX_ID         MERCHANT        AMOUNT    DESCRIPTION";
+  const separator = "\u2500".repeat(header.length);
+  const rows = transactions.map((tx) => {
+    const id = tx.id.padEnd(14);
+    const merchant = tx.merchant.padEnd(16);
+    const amount = formatCurrency(tx.amount).padStart(9);
+    return `${id}${merchant}${amount}    ${tx.description}`;
+  });
+  return [header, separator, ...rows].join("\n");
+}
+function formatStatus(data) {
+  const lines = [
+    "AgentPay Status",
+    "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500",
+    `Balance:            ${formatCurrency(data.balance)} / ${formatCurrency(data.budget)}`,
+    `Per-tx limit:       ${formatCurrency(data.limitPerTx)}`,
+    `Pending purchases:  ${data.pending.length}`
+  ];
+  if (data.recent.length > 0) {
+    lines.push("", "Recent:");
+    for (const tx of data.recent) {
+      const status = `[${tx.status}]`.padEnd(12);
+      lines.push(`  ${status} ${tx.id}  ${tx.merchant.padEnd(12)} ${formatCurrency(tx.amount).padStart(8)}  ${tx.description}`);
+    }
+  }
+  return lines.join("\n");
+}
+
+// src/utils/paths.ts
+init_cjs_shims();
+var import_node_os = require("os");
+var import_node_path = require("path");
+function getHomePath() {
+  return process.env.AGENTPAY_HOME || (0, import_node_path.join)((0, import_node_os.homedir)(), ".agentpay");
+}
+function getCredentialsPath() {
+  return (0, import_node_path.join)(getHomePath(), "credentials.enc");
+}
+function getKeysPath() {
+  return (0, import_node_path.join)(getHomePath(), "keys");
+}
+function getPublicKeyPath() {
+  return (0, import_node_path.join)(getKeysPath(), "public.pem");
+}
+function getPrivateKeyPath() {
+  return (0, import_node_path.join)(getKeysPath(), "private.pem");
+}
+function getWalletPath() {
+  return (0, import_node_path.join)(getHomePath(), "wallet.json");
+}
+function getTransactionsPath() {
+  return (0, import_node_path.join)(getHomePath(), "transactions.json");
+}
+function getAuditPath() {
+  return (0, import_node_path.join)(getHomePath(), "audit.log");
+}
+
+// src/vault/vault.ts
+init_cjs_shims();
+var import_node_crypto2 = require("crypto");
+var import_node_fs = require("fs");
+var import_node_path2 = require("path");
+init_errors();
+var ALGORITHM = "aes-256-gcm";
+var PBKDF2_ITERATIONS = 1e5;
+var PBKDF2_DIGEST = "sha512";
+var KEY_LENGTH = 32;
+var SALT_LENGTH = 32;
+var IV_LENGTH = 16;
+function deriveKey(passphrase, salt) {
+  return (0, import_node_crypto2.pbkdf2Sync)(passphrase, salt, PBKDF2_ITERATIONS, KEY_LENGTH, PBKDF2_DIGEST);
+}
+function encrypt(credentials, passphrase) {
+  const salt = (0, import_node_crypto2.randomBytes)(SALT_LENGTH);
+  const iv = (0, import_node_crypto2.randomBytes)(IV_LENGTH);
+  const key = deriveKey(passphrase, salt);
+  const cipher = (0, import_node_crypto2.createCipheriv)(ALGORITHM, key, iv);
+  const plaintext = JSON.stringify(credentials);
+  const encrypted = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
+  const authTag = cipher.getAuthTag();
+  return {
+    ciphertext: Buffer.concat([encrypted, authTag]).toString("base64"),
+    salt: salt.toString("base64"),
+    iv: iv.toString("base64")
+  };
+}
+function decrypt(vault, passphrase) {
+  try {
+    const salt = Buffer.from(vault.salt, "base64");
+    const iv = Buffer.from(vault.iv, "base64");
+    const data = Buffer.from(vault.ciphertext, "base64");
+    const key = deriveKey(passphrase, salt);
+    const authTag = data.subarray(data.length - 16);
+    const ciphertext = data.subarray(0, data.length - 16);
+    const decipher = (0, import_node_crypto2.createDecipheriv)(ALGORITHM, key, iv);
+    decipher.setAuthTag(authTag);
+    const decrypted = Buffer.concat([decipher.update(ciphertext), decipher.final()]);
+    return JSON.parse(decrypted.toString("utf8"));
+  } catch {
+    throw new DecryptError();
+  }
+}
+function saveVault(vault, path) {
+  const filePath = path ?? getCredentialsPath();
+  (0, import_node_fs.mkdirSync)((0, import_node_path2.dirname)(filePath), { recursive: true });
+  (0, import_node_fs.writeFileSync)(filePath, JSON.stringify(vault, null, 2), { mode: 384 });
+}
+function loadVault(path) {
+  const filePath = path ?? getCredentialsPath();
+  try {
+    const data = (0, import_node_fs.readFileSync)(filePath, "utf8");
+    return JSON.parse(data);
+  } catch {
+    throw new NotSetupError();
+  }
+}
+
+// src/auth/keypair.ts
+init_cjs_shims();
+var import_node_crypto3 = require("crypto");
+var import_node_fs2 = require("fs");
+var import_node_path3 = require("path");
+function generateKeyPair(passphrase) {
+  const { publicKey, privateKey } = (0, import_node_crypto3.generateKeyPairSync)("ed25519", {
+    publicKeyEncoding: { type: "spki", format: "pem" },
+    privateKeyEncoding: {
+      type: "pkcs8",
+      format: "pem",
+      cipher: "aes-256-cbc",
+      passphrase
+    }
+  });
+  return { publicKey, privateKey };
+}
+function saveKeyPair(keys, publicPath, privatePath) {
+  const pubPath = publicPath ?? getPublicKeyPath();
+  const privPath = privatePath ?? getPrivateKeyPath();
+  (0, import_node_fs2.mkdirSync)((0, import_node_path3.dirname)(pubPath), { recursive: true });
+  (0, import_node_fs2.writeFileSync)(pubPath, keys.publicKey, { mode: 420 });
+  (0, import_node_fs2.writeFileSync)(privPath, keys.privateKey, { mode: 384 });
+}
+function loadPublicKey(path) {
+  return (0, import_node_fs2.readFileSync)(path ?? getPublicKeyPath(), "utf8");
+}
+function loadPrivateKey(path) {
+  return (0, import_node_fs2.readFileSync)(path ?? getPrivateKeyPath(), "utf8");
+}
+
+// src/auth/mandate.ts
+init_cjs_shims();
+var import_node_crypto4 = require("crypto");
+function hashTransactionDetails(details) {
+  const canonical = JSON.stringify({
+    txId: details.txId,
+    merchant: details.merchant,
+    amount: details.amount,
+    description: details.description,
+    timestamp: details.timestamp
+  });
+  return (0, import_node_crypto4.createHash)("sha256").update(canonical).digest("hex");
+}
+function createMandate(txDetails, privateKeyPem, passphrase) {
+  const txHash = hashTransactionDetails(txDetails);
+  const data = Buffer.from(txHash);
+  const privateKey = (0, import_node_crypto4.createPrivateKey)({
+    key: privateKeyPem,
+    format: "pem",
+    type: "pkcs8",
+    passphrase
+  });
+  const signature = (0, import_node_crypto4.sign)(null, data, privateKey);
+  const publicKey = (0, import_node_crypto4.createPublicKey)(privateKey);
+  const publicKeyPem = publicKey.export({ type: "spki", format: "pem" });
+  return {
+    txId: txDetails.txId,
+    txHash,
+    signature: signature.toString("base64"),
+    publicKey: publicKeyPem,
+    timestamp: (/* @__PURE__ */ new Date()).toISOString()
+  };
+}
+function verifyMandate(mandate, txDetails) {
+  try {
+    const txHash = hashTransactionDetails(txDetails);
+    if (txHash !== mandate.txHash) return false;
+    const data = Buffer.from(txHash);
+    const signature = Buffer.from(mandate.signature, "base64");
+    const publicKey = (0, import_node_crypto4.createPublicKey)({
+      key: mandate.publicKey,
+      format: "pem",
+      type: "spki"
+    });
+    return (0, import_node_crypto4.verify)(null, data, publicKey, signature);
+  } catch {
+    return false;
+  }
+}
+
+// src/budget/budget.ts
+init_cjs_shims();
+var import_node_fs3 = require("fs");
+var import_node_path4 = require("path");
+init_errors();
+var BudgetManager = class {
+  walletPath;
+  constructor(walletPath) {
+    this.walletPath = walletPath ?? getWalletPath();
+  }
+  getWallet() {
+    try {
+      const data = (0, import_node_fs3.readFileSync)(this.walletPath, "utf8");
+      return JSON.parse(data);
+    } catch {
+      throw new NotSetupError();
+    }
+  }
+  saveWallet(wallet) {
+    (0, import_node_fs3.mkdirSync)((0, import_node_path4.dirname)(this.walletPath), { recursive: true });
+    (0, import_node_fs3.writeFileSync)(this.walletPath, JSON.stringify(wallet, null, 2), { mode: 384 });
+  }
+  setBudget(amount) {
+    let wallet;
+    try {
+      wallet = this.getWallet();
+    } catch {
+      wallet = { budget: 0, balance: 0, limitPerTx: 0, spent: 0 };
+    }
+    wallet.budget = amount;
+    wallet.balance = amount - wallet.spent;
+    this.saveWallet(wallet);
+  }
+  setLimitPerTx(limit) {
+    const wallet = this.getWallet();
+    wallet.limitPerTx = limit;
+    this.saveWallet(wallet);
+  }
+  deductBalance(amount) {
+    const wallet = this.getWallet();
+    if (amount > wallet.balance) {
+      throw new InsufficientBalanceError(amount, wallet.balance);
+    }
+    wallet.balance -= amount;
+    wallet.spent += amount;
+    this.saveWallet(wallet);
+  }
+  checkProposal(amount) {
+    const wallet = this.getWallet();
+    if (amount > wallet.balance) {
+      throw new InsufficientBalanceError(amount, wallet.balance);
+    }
+    if (wallet.limitPerTx > 0 && amount > wallet.limitPerTx) {
+      throw new ExceedsTxLimitError(amount, wallet.limitPerTx);
+    }
+  }
+  addFunds(amount) {
+    const wallet = this.getWallet();
+    wallet.budget += amount;
+    wallet.balance += amount;
+    this.saveWallet(wallet);
+    return wallet;
+  }
+  getBalance() {
+    const wallet = this.getWallet();
+    return {
+      budget: wallet.budget,
+      balance: wallet.balance,
+      limitPerTx: wallet.limitPerTx,
+      spent: wallet.spent
+    };
+  }
+  initWallet(budget, limitPerTx = 0) {
+    const wallet = { budget, balance: budget, limitPerTx, spent: 0 };
+    this.saveWallet(wallet);
+  }
+};
+
+// src/transactions/manager.ts
+init_cjs_shims();
+var import_node_fs4 = require("fs");
+var import_node_path5 = require("path");
+var TransactionManager = class {
+  txPath;
+  constructor(txPath) {
+    this.txPath = txPath ?? getTransactionsPath();
+  }
+  loadAll() {
+    try {
+      const data = (0, import_node_fs4.readFileSync)(this.txPath, "utf8");
+      return JSON.parse(data);
+    } catch {
+      return [];
+    }
+  }
+  saveAll(transactions) {
+    (0, import_node_fs4.mkdirSync)((0, import_node_path5.dirname)(this.txPath), { recursive: true });
+    (0, import_node_fs4.writeFileSync)(this.txPath, JSON.stringify(transactions, null, 2), { mode: 384 });
+  }
+  propose(options) {
+    const transactions = this.loadAll();
+    const tx = {
+      id: generateTxId(),
+      status: "pending",
+      merchant: options.merchant,
+      amount: options.amount,
+      description: options.description,
+      url: options.url,
+      createdAt: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    transactions.push(tx);
+    this.saveAll(transactions);
+    return tx;
+  }
+  get(txId) {
+    return this.loadAll().find((tx) => tx.id === txId);
+  }
+  approve(txId, mandate) {
+    const transactions = this.loadAll();
+    const tx = transactions.find((t) => t.id === txId);
+    if (!tx) throw new Error(`Transaction ${txId} not found.`);
+    if (tx.status !== "pending") throw new Error(`Cannot approve transaction in '${tx.status}' state.`);
+    tx.status = "approved";
+    tx.mandate = mandate;
+    this.saveAll(transactions);
+  }
+  reject(txId, reason) {
+    const transactions = this.loadAll();
+    const tx = transactions.find((t) => t.id === txId);
+    if (!tx) throw new Error(`Transaction ${txId} not found.`);
+    if (tx.status !== "pending") throw new Error(`Cannot reject transaction in '${tx.status}' state.`);
+    tx.status = "rejected";
+    tx.rejectionReason = reason;
+    this.saveAll(transactions);
+  }
+  markExecuting(txId) {
+    const transactions = this.loadAll();
+    const tx = transactions.find((t) => t.id === txId);
+    if (!tx) throw new Error(`Transaction ${txId} not found.`);
+    if (tx.status !== "approved") throw new Error(`Cannot execute transaction in '${tx.status}' state.`);
+    tx.status = "executing";
+    this.saveAll(transactions);
+  }
+  markCompleted(txId, receipt) {
+    const transactions = this.loadAll();
+    const tx = transactions.find((t) => t.id === txId);
+    if (!tx) throw new Error(`Transaction ${txId} not found.`);
+    if (tx.status !== "executing") throw new Error(`Cannot complete transaction in '${tx.status}' state.`);
+    tx.status = "completed";
+    tx.receipt = receipt;
+    this.saveAll(transactions);
+  }
+  markFailed(txId, error) {
+    const transactions = this.loadAll();
+    const tx = transactions.find((t) => t.id === txId);
+    if (!tx) throw new Error(`Transaction ${txId} not found.`);
+    if (tx.status !== "executing") throw new Error(`Cannot fail transaction in '${tx.status}' state.`);
+    tx.status = "failed";
+    tx.error = error;
+    this.saveAll(transactions);
+  }
+  list() {
+    return this.loadAll();
+  }
+  getPending() {
+    return this.loadAll().filter((tx) => tx.status === "pending");
+  }
+  getHistory() {
+    return this.loadAll().filter((tx) => tx.status !== "pending");
+  }
+};
+
+// src/index.ts
+init_poller();
+
+// src/audit/logger.ts
+init_cjs_shims();
+var import_node_fs5 = require("fs");
+var import_node_path6 = require("path");
+var AuditLogger = class {
+  logPath;
+  constructor(logPath) {
+    this.logPath = logPath ?? getAuditPath();
+  }
+  log(action, details) {
+    const timestamp = (/* @__PURE__ */ new Date()).toISOString();
+    const detailsStr = JSON.stringify(details);
+    const entry = `${timestamp}	${action}	${detailsStr}
+`;
+    (0, import_node_fs5.mkdirSync)((0, import_node_path6.dirname)(this.logPath), { recursive: true });
+    (0, import_node_fs5.appendFileSync)(this.logPath, entry, { mode: 384 });
+  }
+  getLog() {
+    try {
+      const data = (0, import_node_fs5.readFileSync)(this.logPath, "utf8");
+      return data.trim().split("\n").filter(Boolean);
+    } catch {
+      return [];
+    }
+  }
+};
+
+// src/executor/executor.ts
+init_cjs_shims();
+var import_stagehand = require("@browserbasehq/stagehand");
+init_errors();
+
+// src/executor/placeholder.ts
+init_cjs_shims();
+var PLACEHOLDER_MAP = {
+  card_number: "{{card_number}}",
+  cardholder_name: "{{cardholder_name}}",
+  card_expiry: "{{card_expiry}}",
+  card_cvv: "{{card_cvv}}",
+  billing_street: "{{billing_street}}",
+  billing_city: "{{billing_city}}",
+  billing_state: "{{billing_state}}",
+  billing_zip: "{{billing_zip}}",
+  billing_country: "{{billing_country}}",
+  shipping_street: "{{shipping_street}}",
+  shipping_city: "{{shipping_city}}",
+  shipping_state: "{{shipping_state}}",
+  shipping_zip: "{{shipping_zip}}",
+  shipping_country: "{{shipping_country}}",
+  email: "{{email}}",
+  phone: "{{phone}}"
+};
+function getPlaceholderVariables() {
+  return {
+    card_number: "%card_number%",
+    cardholder_name: "%cardholder_name%",
+    card_expiry: "%card_expiry%",
+    card_cvv: "%card_cvv%",
+    billing_street: "%billing_street%",
+    billing_city: "%billing_city%",
+    billing_state: "%billing_state%",
+    billing_zip: "%billing_zip%",
+    billing_country: "%billing_country%",
+    shipping_street: "%shipping_street%",
+    shipping_city: "%shipping_city%",
+    shipping_state: "%shipping_state%",
+    shipping_zip: "%shipping_zip%",
+    shipping_country: "%shipping_country%",
+    email: "%email%",
+    phone: "%phone%"
+  };
+}
+function credentialsToSwapMap(creds) {
+  return {
+    [PLACEHOLDER_MAP.card_number]: creds.card.number,
+    [PLACEHOLDER_MAP.cardholder_name]: creds.name,
+    [PLACEHOLDER_MAP.card_expiry]: creds.card.expiry,
+    [PLACEHOLDER_MAP.card_cvv]: creds.card.cvv,
+    [PLACEHOLDER_MAP.billing_street]: creds.billingAddress.street,
+    [PLACEHOLDER_MAP.billing_city]: creds.billingAddress.city,
+    [PLACEHOLDER_MAP.billing_state]: creds.billingAddress.state,
+    [PLACEHOLDER_MAP.billing_zip]: creds.billingAddress.zip,
+    [PLACEHOLDER_MAP.billing_country]: creds.billingAddress.country,
+    [PLACEHOLDER_MAP.shipping_street]: creds.shippingAddress.street,
+    [PLACEHOLDER_MAP.shipping_city]: creds.shippingAddress.city,
+    [PLACEHOLDER_MAP.shipping_state]: creds.shippingAddress.state,
+    [PLACEHOLDER_MAP.shipping_zip]: creds.shippingAddress.zip,
+    [PLACEHOLDER_MAP.shipping_country]: creds.shippingAddress.country,
+    [PLACEHOLDER_MAP.email]: creds.email,
+    [PLACEHOLDER_MAP.phone]: creds.phone
+  };
+}
+
+// src/executor/executor.ts
+var PurchaseExecutor = class {
+  config;
+  stagehand = null;
+  constructor(config) {
+    this.config = {
+      browserbaseApiKey: config?.browserbaseApiKey ?? process.env.BROWSERBASE_API_KEY,
+      browserbaseProjectId: config?.browserbaseProjectId ?? process.env.BROWSERBASE_PROJECT_ID,
+      modelApiKey: config?.modelApiKey ?? process.env.ANTHROPIC_API_KEY
+    };
+  }
+  createStagehand() {
+    return new import_stagehand.Stagehand({
+      env: "BROWSERBASE",
+      apiKey: this.config.browserbaseApiKey,
+      projectId: this.config.browserbaseProjectId,
+      model: this.config.modelApiKey ? { modelName: "claude-3-7-sonnet-latest", apiKey: this.config.modelApiKey } : void 0,
+      browserbaseSessionCreateParams: {
+        browserSettings: {
+          recordSession: false
+        }
+      }
+    });
+  }
+  /**
+   * Phase 1: Open browser, navigate to URL, extract price and product info.
+   * Keeps the session alive for fillAndComplete().
+   */
+  async openAndDiscover(url, instructions) {
+    this.stagehand = this.createStagehand();
+    await this.stagehand.init();
+    const page = this.stagehand.context.activePage();
+    await page.goto(url);
+    const addToCartInstructions = instructions ? `On this product page: ${instructions}. Then add the item to the cart.` : "Add this product to the cart.";
+    await this.stagehand.act(addToCartInstructions);
+    const extracted = await this.stagehand.extract(
+      'Extract the product name and the price (as a number without $ sign) from the page or cart. Return JSON: { "price": <number>, "productName": "<string>" }'
+    );
+    const price = parseFloat(extracted?.price ?? extracted?.extraction?.price ?? "0");
+    const productName = extracted?.productName ?? extracted?.extraction?.productName ?? "Unknown Product";
+    return { price, productName };
+  }
+  /**
+   * Phase 2: Proceed to checkout, fill forms, swap credentials, and submit.
+   * Must be called after openAndDiscover().
+   */
+  async fillAndComplete(credentials) {
+    if (!this.stagehand) {
+      throw new CheckoutFailedError("No active session. Call openAndDiscover() first.");
+    }
+    try {
+      await this.stagehand.act("Proceed to checkout from the cart.");
+      const variables = getPlaceholderVariables();
+      await this.stagehand.act(
+        `Fill in the checkout form with these values:
+          Name: ${variables.cardholder_name}
+          Card Number: ${variables.card_number}
+          Expiry: ${variables.card_expiry}
+          CVV: ${variables.card_cvv}
+          Email: ${variables.email}
+          Phone: ${variables.phone}
+          Billing Street: ${variables.billing_street}
+          Billing City: ${variables.billing_city}
+          Billing State: ${variables.billing_state}
+          Billing ZIP: ${variables.billing_zip}
+          Billing Country: ${variables.billing_country}
+          Shipping Street: ${variables.shipping_street}
+          Shipping City: ${variables.shipping_city}
+          Shipping State: ${variables.shipping_state}
+          Shipping ZIP: ${variables.shipping_zip}
+          Shipping Country: ${variables.shipping_country}`,
+        { variables }
+      );
+      const swapMap = credentialsToSwapMap(credentials);
+      const page = this.stagehand.context.activePage();
+      await page.evaluate((map) => {
+        const inputs = document.querySelectorAll("input, textarea, select");
+        for (const input of inputs) {
+          const el = input;
+          for (const [placeholder, value] of Object.entries(map)) {
+            if (el.value === placeholder) {
+              el.value = value;
+              el.dispatchEvent(new Event("input", { bubbles: true }));
+              el.dispatchEvent(new Event("change", { bubbles: true }));
+            }
+          }
+        }
+        const submitBtn = document.querySelector('button[type="submit"], input[type="submit"]');
+        if (submitBtn) submitBtn.click();
+      }, swapMap);
+      await page.waitForTimeout(5e3);
+      const result = await this.stagehand.extract(
+        "Extract the order confirmation number or ID from the page"
+      );
+      const confirmationId = result?.extraction;
+      if (!confirmationId || confirmationId === "null" || confirmationId === "UNKNOWN") {
+        throw new CheckoutFailedError("No order confirmation found. Checkout may not have completed.");
+      }
+      return {
+        success: true,
+        confirmationId
+      };
+    } catch (err) {
+      if (err instanceof CheckoutFailedError) throw err;
+      const message = err instanceof Error ? err.message : "Unknown checkout error";
+      throw new CheckoutFailedError(message);
+    }
+  }
+  /**
+   * Convenience: single-shot execute (navigate + checkout in one call).
+   * Used by AgentPay facade when amount is already known.
+   */
+  async execute(tx, credentials) {
+    this.stagehand = this.createStagehand();
+    try {
+      await this.stagehand.init();
+      const page = this.stagehand.context.activePage();
+      await page.goto(tx.url);
+      const variables = getPlaceholderVariables();
+      await this.stagehand.act(
+        `Find the product and proceed to checkout. Fill in the checkout form with these values:
+          Name: ${variables.cardholder_name}
+          Card Number: ${variables.card_number}
+          Expiry: ${variables.card_expiry}
+          CVV: ${variables.card_cvv}
+          Email: ${variables.email}
+          Phone: ${variables.phone}
+          Billing Street: ${variables.billing_street}
+          Billing City: ${variables.billing_city}
+          Billing State: ${variables.billing_state}
+          Billing ZIP: ${variables.billing_zip}
+          Billing Country: ${variables.billing_country}
+          Shipping Street: ${variables.shipping_street}
+          Shipping City: ${variables.shipping_city}
+          Shipping State: ${variables.shipping_state}
+          Shipping ZIP: ${variables.shipping_zip}
+          Shipping Country: ${variables.shipping_country}`,
+        { variables }
+      );
+      const swapMap = credentialsToSwapMap(credentials);
+      await page.evaluate((map) => {
+        const inputs = document.querySelectorAll("input, textarea, select");
+        for (const input of inputs) {
+          const el = input;
+          for (const [placeholder, value] of Object.entries(map)) {
+            if (el.value === placeholder) {
+              el.value = value;
+              el.dispatchEvent(new Event("input", { bubbles: true }));
+              el.dispatchEvent(new Event("change", { bubbles: true }));
+            }
+          }
+        }
+        const submitBtn = document.querySelector('button[type="submit"], input[type="submit"]');
+        if (submitBtn) submitBtn.click();
+      }, swapMap);
+      await page.waitForTimeout(5e3);
+      const result = await this.stagehand.extract(
+        "Extract the order confirmation number or ID from the page"
+      );
+      const confirmationId = result?.extraction;
+      if (!confirmationId || confirmationId === "null" || confirmationId === "UNKNOWN") {
+        throw new CheckoutFailedError("No order confirmation found. Checkout may not have completed.");
+      }
+      return {
+        success: true,
+        confirmationId
+      };
+    } catch (err) {
+      if (err instanceof CheckoutFailedError) throw err;
+      const message = err instanceof Error ? err.message : "Unknown checkout error";
+      throw new CheckoutFailedError(message);
+    } finally {
+      await this.close();
+    }
+  }
+  async close() {
+    try {
+      if (this.stagehand) {
+        await this.stagehand.close();
+        this.stagehand = null;
+      }
+    } catch {
+    }
+  }
+};
+
+// src/agentpay.ts
+init_cjs_shims();
+var import_node_path7 = require("path");
+init_errors();
+var AgentPay = class {
+  home;
+  passphrase;
+  budgetManager;
+  txManager;
+  auditLogger;
+  executor;
+  constructor(options) {
+    this.home = options?.home ?? getHomePath();
+    this.passphrase = options?.passphrase;
+    this.budgetManager = new BudgetManager((0, import_node_path7.join)(this.home, "wallet.json"));
+    this.txManager = new TransactionManager((0, import_node_path7.join)(this.home, "transactions.json"));
+    this.auditLogger = new AuditLogger((0, import_node_path7.join)(this.home, "audit.log"));
+    this.executor = new PurchaseExecutor(options?.executor);
+  }
+  get wallet() {
+    const bm = this.budgetManager;
+    return {
+      getBalance: () => bm.getBalance(),
+      getHistory: () => this.txManager.getHistory(),
+      getLimits: () => {
+        const w = bm.getBalance();
+        return { budget: w.budget, limitPerTx: w.limitPerTx, remaining: w.balance };
+      },
+      generateFundingQR: async (options) => {
+        const QRCode = await import("qrcode");
+        const params = new URLSearchParams();
+        if (options?.suggestedBudget) params.set("budget", String(options.suggestedBudget));
+        if (options?.message) params.set("msg", options.message);
+        const baseUrl = process.env.AGENTPAY_WEB_URL ?? "http://localhost:3000";
+        const url = `${baseUrl}/setup${params.toString() ? `?${params.toString()}` : ""}`;
+        const qrDataUrl = await QRCode.toDataURL(url);
+        return { url, qrDataUrl };
+      }
+    };
+  }
+  get transactions() {
+    return {
+      propose: (options) => {
+        this.budgetManager.checkProposal(options.amount);
+        const tx = this.txManager.propose(options);
+        this.auditLogger.log("PROPOSE", { txId: tx.id, merchant: tx.merchant, amount: tx.amount });
+        return tx;
+      },
+      get: (txId) => this.txManager.get(txId),
+      waitForApproval: async (txId, options) => {
+        const { waitForApproval: waitForApproval2 } = await Promise.resolve().then(() => (init_poller(), poller_exports));
+        return waitForApproval2(txId, this.txManager, options);
+      },
+      execute: async (txId) => {
+        const tx = this.txManager.get(txId);
+        if (!tx) throw new Error(`Transaction ${txId} not found.`);
+        if (tx.status === "completed" || tx.status === "failed") {
+          throw new AlreadyExecutedError(txId);
+        }
+        if (tx.status !== "approved") {
+          throw new NotApprovedError(txId);
+        }
+        if (!tx.mandate) {
+          throw new InvalidMandateError("No mandate found on approved transaction.");
+        }
+        const txDetails = {
+          txId: tx.id,
+          merchant: tx.merchant,
+          amount: tx.amount,
+          description: tx.description,
+          timestamp: tx.createdAt
+        };
+        if (!verifyMandate(tx.mandate, txDetails)) {
+          throw new InvalidMandateError();
+        }
+        this.budgetManager.checkProposal(tx.amount);
+        this.txManager.markExecuting(txId);
+        this.auditLogger.log("EXECUTE", { txId, browserbaseSessionStarted: true });
+        try {
+          if (!this.passphrase) {
+            throw new Error("Passphrase required for execution. Pass it to AgentPay constructor.");
+          }
+          const vaultPath = (0, import_node_path7.join)(this.home, "credentials.enc");
+          const vault = loadVault(vaultPath);
+          const credentials = decrypt(vault, this.passphrase);
+          const result = await this.executor.execute(tx, credentials);
+          const receipt = {
+            id: `rcpt_${txId.replace("tx_", "")}`,
+            merchant: tx.merchant,
+            amount: tx.amount,
+            confirmationId: result.confirmationId ?? "UNKNOWN",
+            completedAt: (/* @__PURE__ */ new Date()).toISOString()
+          };
+          this.txManager.markCompleted(txId, receipt);
+          this.budgetManager.deductBalance(tx.amount);
+          this.auditLogger.log("COMPLETE", { txId, confirmationId: receipt.confirmationId });
+          return receipt;
+        } catch (err) {
+          this.txManager.markFailed(txId, err instanceof Error ? err.message : "Unknown error");
+          this.auditLogger.log("FAILED", { txId, error: err instanceof Error ? err.message : "Unknown" });
+          throw err;
+        }
+      },
+      getReceipt: (txId) => {
+        const tx = this.txManager.get(txId);
+        return tx?.receipt;
+      }
+    };
+  }
+  get audit() {
+    return { getLog: () => this.auditLogger.getLog() };
+  }
+  status() {
+    try {
+      const wallet = this.budgetManager.getBalance();
+      const pending = this.txManager.getPending();
+      const recent = this.txManager.list().slice(-5);
+      return {
+        balance: wallet.balance,
+        budget: wallet.budget,
+        limitPerTx: wallet.limitPerTx,
+        pending,
+        recent,
+        isSetup: true
+      };
+    } catch {
+      return {
+        balance: 0,
+        budget: 0,
+        limitPerTx: 0,
+        pending: [],
+        recent: [],
+        isSetup: false
+      };
+    }
+  }
+};
+
+// src/index.ts
+var VERSION = "0.1.0";
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  AgentPay,
+  AlreadyExecutedError,
+  AuditLogger,
+  BudgetManager,
+  CheckoutFailedError,
+  DecryptError,
+  ExceedsTxLimitError,
+  InsufficientBalanceError,
+  InvalidMandateError,
+  NotApprovedError,
+  NotSetupError,
+  PLACEHOLDER_MAP,
+  PurchaseExecutor,
+  TimeoutError,
+  TransactionManager,
+  VERSION,
+  createMandate,
+  credentialsToSwapMap,
+  decrypt,
+  encrypt,
+  formatCurrency,
+  formatStatus,
+  formatTable,
+  formatTimestamp,
+  generateKeyPair,
+  generateTxId,
+  getAuditPath,
+  getCredentialsPath,
+  getHomePath,
+  getKeysPath,
+  getPlaceholderVariables,
+  getTransactionsPath,
+  getWalletPath,
+  loadPrivateKey,
+  loadPublicKey,
+  loadVault,
+  saveKeyPair,
+  saveVault,
+  verifyMandate,
+  waitForApproval
+});
+//# sourceMappingURL=index.cjs.map