npm - @usemilkyway/agent-sdk - Versions diffs - 0.1.2 → 0.1.3 - Mend

@usemilkyway/agent-sdk 0.1.2 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/verify.d.ts CHANGED Viewed

@@ -1,2 +1,2 @@
-export declare function verifyPayment(paymentHeader: string, _resource: string, amountUsdc: string): Promise<void>;
+export declare function verifyPayment(paymentHeader: string, resource: string, amountUsdc: string, network?: string): Promise<void>;
 //# sourceMappingURL=verify.d.ts.map

package/dist/verify.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"~~AAmCA~~,wBAAsB,aAAa,CACjC,aAAa,EAAE,MAAM,EACrB,~~SAAS~~,~~EAAE~~,MAAM,~~EACjB~~,UAAU,~~EAAE~~,MAAM,~~GACjB~~,OAAO,CAAC,IAAI,CAAC,~~CAqEf~~"}
1	+ {"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAIA,wBAAsB,aAAa,CACjC,aAAa,EAAE,MAAM,EACrB,QAAQ,EAAO,MAAM,EACrB,UAAU,EAAK,MAAM,EACrB,OAAO,CAAC,EAAO,MAAM,GACpB,OAAO,CAAC,IAAI,CAAC,CAoDf"}

package/dist/verify.js CHANGED Viewed

@@ -1,83 +1,50 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.verifyPayment = verifyPayment;
-const ethers_1 = require("ethers");
 const errors_js_1 = require("./errors.js");
-const USDC_ADDRESS = "0xaf88d065e77c8cC2239327C5EDb3A432268e5831";
-const ARBITRUM_RPC = process.env.ARBITRUM_RPC || "https://arb1.arbitrum.io/rpc";
-const CHAIN_ID = 42161;
-const EIP_3009_TYPES = {
-    TransferWithAuthorization: [
-        { name: "from", type: "address" },
-        { name: "to", type: "address" },
-        { name: "value", type: "uint256" },
-        { name: "validAfter", type: "uint256" },
-        { name: "validBefore", type: "uint256" },
-        { name: "nonce", type: "bytes32" },
-    ],
-};
-const DOMAIN = {
-    name: "USD Coin",
-    version: "2",
-    chainId: CHAIN_ID,
-    verifyingContract: USDC_ADDRESS,
-};
-async function verifyPayment(paymentHeader, _resource, amountUsdc) {
-    const rawAmount = BigInt(Math.round(parseFloat(amountUsdc) * 1000000));
-    let payload;
+const MILKYWAY_FACILITATOR = "https://facilitator.usemilkyway.com";
+async function verifyPayment(paymentHeader, resource, amountUsdc, network) {
+    const facilitatorUrl = process.env.X402_FACILITATOR_URL || MILKYWAY_FACILITATOR;
+    const secret = process.env.FACILITATOR_SECRET;
+    if (!secret) {
+        throw new errors_js_1.PaymentError("FACILITATOR_SECRET is not set. " +
+            "Get it from usemilkyway.com/settings and add it to your .env");
+    }
+    const resolvedNetwork = network
+        || process.env.X402_NETWORK
+        || (process.env.NODE_ENV === "production"
+            ? "eip155:42161"
+            : "eip155:421614");
+    const rawAmount = String(Math.round(parseFloat(amountUsdc) * 1000000));
+    let res;
     try {
-        payload = JSON.parse(Buffer.from(paymentHeader, "base64").toString("utf8"));
-    }
-    catch {
-        throw new errors_js_1.PaymentError("Invalid payment header format");
-    }
-    // Verify amount is sufficient
-    if (BigInt(payload.value) < rawAmount) {
-        throw new errors_js_1.PaymentError(`Insufficient payment: got ${payload.value} raw units, need ${rawAmount}`);
-    }
-    // Verify deadline
-    const now = Math.floor(Date.now() / 1000);
-    if (now < Number(payload.validAfter)) {
-        throw new errors_js_1.PaymentError("Payment not yet valid");
-    }
-    if (now > Number(payload.validBefore)) {
-        throw new errors_js_1.PaymentError("Payment authorization expired");
-    }
-    // Recover signer from EIP-712 signature
-    try {
-        const recovered = ethers_1.ethers.verifyTypedData(DOMAIN, EIP_3009_TYPES, {
-            from: payload.from,
-            to: payload.to,
-            value: payload.value,
-            validAfter: payload.validAfter,
-            validBefore: payload.validBefore,
-            nonce: payload.nonce,
-        }, payload.signature);
-        if (recovered.toLowerCase() !== payload.from.toLowerCase()) {
-            throw new errors_js_1.PaymentError("Signature does not match payer address");
-        }
+        res = await fetch(`${facilitatorUrl}/verify`, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json",
+                "X-Facilitator-Secret": secret,
+            },
+            body: JSON.stringify({
+                payment: paymentHeader,
+                resource,
+                amount: rawAmount,
+                network: resolvedNetwork,
+            }),
+        });
     }
     catch (err) {
-        if (err instanceof errors_js_1.PaymentError)
-            throw err;
         const message = err instanceof Error ? err.message : String(err);
-        throw new errors_js_1.PaymentError(`Signature verification failed: ${message}`);
+        throw new errors_js_1.PaymentError(`Facilitator unreachable at ${facilitatorUrl}: ${message}`);
+    }
+    if (res.status === 401) {
+        throw new errors_js_1.PaymentError("Facilitator rejected the request — check FACILITATOR_SECRET");
+    }
+    if (!res.ok) {
+        throw new errors_js_1.PaymentError(`Facilitator returned HTTP ${res.status}`);
     }
-    // Optionally verify on-chain that the USDC balance exists
-    if (process.env.VERIFY_ONCHAIN === "true") {
-        try {
-            const provider = new ethers_1.ethers.JsonRpcProvider(ARBITRUM_RPC);
-            const usdc = new ethers_1.ethers.Contract(USDC_ADDRESS, ["function balanceOf(address) view returns (uint256)"], provider);
-            const balance = await usdc.balanceOf(payload.from);
-            if (balance < rawAmount) {
-                throw new errors_js_1.PaymentError("Payer has insufficient USDC balance on-chain");
-            }
-        }
-        catch (err) {
-            if (err instanceof errors_js_1.PaymentError)
-                throw err;
-            // RPC errors are non-fatal — trust the signature
-        }
+    const result = await res.json();
+    if (!result.isValid) {
+        throw new errors_js_1.PaymentError(result.invalidReason || "Payment invalid");
     }
 }
 //# sourceMappingURL=verify.js.map

package/dist/verify.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"verify.js","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":";;~~AAmCA~~,~~sCAyEC~~;~~AA5GD~~,~~mCAAgC;AAChC,~~2CAA2C;AAE3C,MAAM,~~YAAY~~,~~GAAI~~,~~4CAA4C~~,CAAC;~~AACnE~~,~~MAAM~~,~~YAAY~~,~~GAAI~~,~~OAAO~~,~~CAAC~~,~~GAAG~~,~~CAAC~~,~~YAAY~~,~~IAAI~~,~~8BAA8B~~,~~CAAC~~;~~AACjF~~,MAAM,~~QAAQ~~,~~GAAQ~~,~~KAAK~~,CAAC~~;AAE5B~~,~~MAAM,cAAc,~~GAAG~~;IACrB~~,~~yBAAyB~~,~~EAAE;QACzB~~,~~EAAE,~~IAAI,~~EAAE~~,~~MAAM,EAAS,IAAI,EAAE,SAAS,EAAE~~;~~QACxC~~,~~EAAE~~,~~IAAI~~,~~EAAE~~,~~IAAI~~,~~EAAW~~,~~IAAI~~,~~EAAE~~,~~SAAS~~,~~EAAE~~;~~QACxC~~,~~EAAE,~~IAAI,~~EAAE~~,~~OAAO~~,~~EAAQ,IAAI,~~EAAE,~~SAAS,EAAE~~;~~QACxC~~,~~EAAE~~,IAAI,~~EAAE~~,~~YAAY~~,~~EAAG~~,~~IAAI~~,~~EAAE~~,~~SAAS~~,~~EAAE~~;~~QACxC~~,~~EAAE~~,~~IAAI~~,~~EAAE~~,~~aAAa,EAAE,IAAI,EAAE,SAAS,EAAE~~;~~QACxC~~,~~EAAE,IAAI,EAAE,~~OAAO,~~EAAQ~~,~~IAAI~~,~~EAAE~~,~~SAAS,EAAE~~;~~KACzC;CACF~~,CAAC~~;AAEF~~,~~MAAM,MAAM,GAAG;IACb,IAAI,EAAe,UAAU;IAC7B,~~OAAO,~~EAAY~~,GAAG~~;IACtB~~,~~OAAO~~,~~EAAY,~~QAAQ~~;IAC3B~~,~~iBAAiB~~,~~EAAE,~~YAAY;~~CAChC~~,CAAC~~;AAYK~~,~~KAAK~~,~~UAAU~~,~~aAAa~~,~~CACjC~~,~~aAAqB~~,~~EACrB~~,~~SAAiB,EACjB,UAAkB~~;~~IAElB~~,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,GAAG,OAAS,CAAC,CAAC,CAAC;IAEzE,IAAI,~~OAAuB~~,CAAC;~~IAC5B~~,IAAI,CAAC;QACH,~~OAAO~~,GAAG,~~IAAI~~,~~CAAC,~~KAAK,CAAC,~~MAAM~~,~~CAAC~~,~~IAAI~~,~~CAAC,aAAa,~~EAAE~~,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAmB,CAAC~~;~~IAChG~~,~~CAAC;IAAC,~~MAAM,~~CAAC;QACP~~,MAAM~~,IAAI,wBAAY,CAAC,+BAA+B,CAAC,CAAC~~;~~IAC1D~~,~~CAAC;IAED,8BAA8B;IAC9B,IAAI,MAAM,CAAC,~~OAAO,~~CAAC,KAAK,CAAC,GAAG,SAAS,~~EAAE~~,CAAC~~;~~QACtC~~,~~MAAM~~,~~IAAI~~,~~wBAAY,CACpB,6BAA6B,OAAO,CAAC,KAAK,oBAAoB,SAAS,EAAE,CAC1E,CAAC;IACJ,CAAC;IAED,~~kBAAkB;~~IAClB~~,~~MAAM~~,~~GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,~~EAAE,~~GAAG,IAAI,CAAC,CAAC;IAC1C,IAAI,GAAG,GAAG,~~MAAM~~,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC~~;~~QACrC,MAAM,IAAI,wBAAY,CAAC,uBAAuB,CAAC,CAAC~~;~~IAClD~~,~~CAAC;IACD,~~IAAI,~~GAAG,GAAG,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,~~EAAE,~~CAAC;QACtC,MAAM,~~IAAI,~~wBAAY,~~CAAC~~,+BAA+B~~,~~CAAC,CAAC;IAC1D,CAAC;IAED,wCAAwC;IACxC,IAAI,CAAC;QACH,MAAM,~~SAAS,~~GAAG,eAAM,~~CAAC~~,eAAe,CACtC,MAAM,EACN,cAAc,EACd~~;~~YACE~~,~~IAAI,EAAS,~~OAAO,~~CAAC,IAAI;YACzB,EAAE,EAAW,OAAO,CAAC,EAAE;YACvB,KAAK,EAAQ,OAAO,CAAC,KAAK;YAC1B,UAAU,~~EAAG,~~OAAO,CAAC,UAAU~~;~~YAC/B~~,~~WAAW,EAAE,OAAO,CAAC,WAAW~~;~~YAChC~~,~~KAAK~~,~~EAAQ~~,~~OAAO,CAAC,KAAK~~;~~SAC3B~~,~~EACD,~~OAAO,~~CAAC~~,~~SAAS,CAClB,CAAC~~;~~QAEF~~,~~IAAI,SAAS,~~CAAC~~,WAAW,EAAE,KAAK,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC~~;~~YAC3D~~,~~MAAM,IAAI,wBAAY,~~CAAC,~~wCAAwC,~~CAAC~~,CAAC~~;~~QACnE~~,CAAC;~~IACH,CAAC;~~IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,~~IAAI,GAAG,YAAY,wBAAY;YAAE,~~MAAM,~~GAAG,CAAC;QAC3C,MAAM,~~OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,MAAM,IAAI,wBAAY,CAAC,~~kCAAkC~~,OAAO,EAAE,CAAC,CAAC;~~IACtE~~,CAAC;IAED,~~0DAA0D;IAC1D,~~IAAI,~~OAAO,CAAC,~~GAAG,CAAC,~~cAAc~~,KAAK,~~MAAM~~,EAAE,CAAC;~~QAC1C~~,~~IAAI,CAAC;YACH,~~MAAM,~~QAAQ,GAAG,~~IAAI,~~eAAM~~,CAAC,~~eAAe~~,CAAC,~~YAAY,~~CAAC,CAAC;~~YAC1D~~,~~MAAM,~~IAAI,GAAG,~~IAAI~~,~~eAAM~~,CAAC,~~QAAQ~~,~~CAC9B~~,~~YAAY~~,~~EACZ,~~CAAC,~~oDAAoD~~,CAAC,~~EACtD~~,~~QAAQ~~,~~CACT~~,CAAC;~~YACF~~,MAAM,~~OAAO~~,GAAG,MAAM,~~IAAI~~,CAAC,~~SAAS~~,CAAC,~~OAAO~~,CAAC,~~IAAI~~,~~CAAW,~~CAAC~~;YAC7D~~,~~IAAI,~~OAAO,~~GAAG,SAAS,~~EAAE,CAAC;~~gBACxB~~,MAAM,IAAI,wBAAY,CAAC,~~8CAA8C~~,CAAC,~~CAAC;YACzE~~,~~CAAC;QACH,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,~~IAAI,~~GAAG~~,~~YAAY,wBAAY;gBAAE,MAAM,GAAG,~~CAAC~~;YAC3C~~,~~iDAAiD;QACnD,~~CAAC;~~IACH~~,CAAC;AACH,CAAC"}
1	+ {"version":3,"file":"verify.js","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":";;AAIA,sCAyDC;AA7DD,2CAA2C;AAE3C,MAAM,oBAAoB,GAAG,qCAAqC,CAAC;AAE5D,KAAK,UAAU,aAAa,CACjC,aAAqB,EACrB,QAAqB,EACrB,UAAqB,EACrB,OAAqB;IAErB,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,oBAAoB,CAAC;IAEhF,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;IAC9C,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,wBAAY,CACpB,iCAAiC;YACjC,8DAA8D,CAC/D,CAAC;IACJ,CAAC;IAED,MAAM,eAAe,GAAG,OAAO;WAC1B,OAAO,CAAC,GAAG,CAAC,YAAY;WACxB,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;YACrC,CAAC,CAAC,cAAc;YAChB,CAAC,CAAC,eAAe,CAAC,CAAC;IAEzB,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,GAAG,OAAS,CAAC,CAAC,CAAC;IAEzE,IAAI,GAAa,CAAC;IAClB,IAAI,CAAC;QACH,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,cAAc,SAAS,EAAE;YAC5C,MAAM,EAAG,MAAM;YACf,OAAO,EAAE;gBACP,cAAc,EAAU,kBAAkB;gBAC1C,sBAAsB,EAAE,MAAM;aAC/B;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,OAAO,EAAG,aAAa;gBACvB,QAAQ;gBACR,MAAM,EAAI,SAAS;gBACnB,OAAO,EAAG,eAAe;aAC1B,CAAC;SACH,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,MAAM,IAAI,wBAAY,CAAC,8BAA8B,cAAc,KAAK,OAAO,EAAE,CAAC,CAAC;IACrF,CAAC;IAED,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;QACvB,MAAM,IAAI,wBAAY,CAAC,6DAA6D,CAAC,CAAC;IACxF,CAAC;IAED,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,wBAAY,CAAC,6BAA6B,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;IACpE,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,IAAI,EAAkD,CAAC;IAEhF,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,MAAM,IAAI,wBAAY,CAAC,MAAM,CAAC,aAAa,IAAI,iBAAiB,CAAC,CAAC;IACpE,CAAC;AACH,CAAC"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@usemilkyway/agent-sdk",
-  "version": "0.1.2",
+  "version": "0.1.3",
   "description": "Build and monetize AI agents on MilkyWay",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -16,7 +16,6 @@
     "clean": "rm -rf dist"
   },
   "dependencies": {
-    "@coinbase/x402": "^0.4.0",
     "express": "^4.18.0",
     "ethers": "^6.0.0",
     "zod": "^3.22.0"