@waffo/waffo-node 2.0.3 → 2.1.0

package/dist/index.js

@@ -2,1794 +2,1246 @@
 
 var crypto = require('crypto');
 
-function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
+function _interopNamespace(e) {
+  if (e && e.__esModule) return e;
+  var n = Object.create(null);
+  if (e) {
+    Object.keys(e).forEach(function (k) {
+      if (k !== 'default') {
+        var d = Object.getOwnPropertyDescriptor(e, k);
+        Object.defineProperty(n, k, d.get ? d : {
+          enumerable: true,
+          get: function () { return e[k]; }
+        });
+      }
+    });
+  }
+  n.default = e;
+  return Object.freeze(n);
+}
 
-var crypto__default = /*#__PURE__*/_interopDefault(crypto);
+var crypto__namespace = /*#__PURE__*/_interopNamespace(crypto);
 
-// src/types/config.ts
+// src/types/config/environment.ts
 var Environment = /* @__PURE__ */ ((Environment2) => {
-  Environment2["SANDBOX"] = "sandbox";
-  Environment2["PRODUCTION"] = "production";
+  Environment2["SANDBOX"] = "SANDBOX";
+  Environment2["PRODUCTION"] = "PRODUCTION";
   return Environment2;
 })(Environment || {});
-var EnvironmentUrls = {
-  ["sandbox" /* SANDBOX */]: "https://api-sandbox.waffo.com/api/v1",
-  ["production" /* PRODUCTION */]: "https://api.waffo.com/api/v1"
-};
-var EnvironmentPublicKeys = {
-  ["sandbox" /* SANDBOX */]: "MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAhAbK3dBDZdCaX/5cqlO8EYYL4M4DyigqAMoIaT6R0SuSENu279dHZ3JiS8JukHx/xg85T9S3wDNwnu8KDypcwi8TxNQKgBE4czgAJ5GFEdJ+jtUS1dK46gjJFUnUlavb3uMLJJ0xZZKH0B5GtKOq75MwHWtXLK3zQrPqZosXqdgZhfbV+7bXlQaABdPlqif/ybN1DRrvcWmNVLAgsRiQvu4QnDOTMafzrSsF5tf8Ud3gK+JhcJs50NsXLPZZSc6NryZoH++xmz8atp0dOrBKmsJkZRWjrH+aXDZZT1sZDlgsKBMoRPf6F+lztFOPerrhSE81Y5MFaAp8R/QicMGCPueLhlebjx1OF0oowUD9b7ggZ8LiYpaR4HT9OmDpsu6NMN7zNG81qo7vnKCyy//xdOkpr4bQsm581r312y1UUjaYTZTlqAe+qbGZmZ7zS+ra0uwS6zLoZOY1ToOwlJbTwRPx2epweJcRnJVueiS1fPxaAlQz+tuVtIGONmZ836aHAgMBAAE=",
-  ["production" /* PRODUCTION */]: "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVHKdn76r6IhRXxWihdy+AiG0tzVR8LjDXC+0WFdTkn05Ga7ZS0WC3MRpxgRsbBWDlEVZYPUBdrtAmQeZYD7rwKSKSTdd62eZxehDI8DCzNhxppbeMPBhMn72eQvB/RQl1qhP7HLZx9IyTC7EbWWO0zhhomzf0hQ2K7KXDFq9bSYdBGAzSg+kOQFP2eifON8qm4TuwlxNSdTcgRWa8cRwy9h9aLra1iaeFRx9k68KxIcK0ZiGbD6KiR1a2NtZuxjB6bTJ7N/ydfKqQY+wB1CTWIlvouW1qajYYGBAcde9JN6o6CiWz3sPt42312CF3+k+gQeiuofdXkzVlMryVivfwIDAQAB"
+var EnvironmentBaseUrl = {
+  ["SANDBOX" /* SANDBOX */]: "https://api-sandbox.waffo.com/api/v1",
+  ["PRODUCTION" /* PRODUCTION */]: "https://api.waffo.com/api/v1"
 };
 
-// src/types/network.ts
-var HttpStatusCode = /* @__PURE__ */ ((HttpStatusCode2) => {
-  HttpStatusCode2[HttpStatusCode2["OK"] = 200] = "OK";
-  HttpStatusCode2[HttpStatusCode2["BAD_REQUEST"] = 400] = "BAD_REQUEST";
-  HttpStatusCode2[HttpStatusCode2["UNAUTHORIZED"] = 401] = "UNAUTHORIZED";
-  HttpStatusCode2[HttpStatusCode2["PAYMENT_REQUIRED"] = 402] = "PAYMENT_REQUIRED";
-  HttpStatusCode2[HttpStatusCode2["FORBIDDEN"] = 403] = "FORBIDDEN";
-  HttpStatusCode2[HttpStatusCode2["NOT_FOUND"] = 404] = "NOT_FOUND";
-  HttpStatusCode2[HttpStatusCode2["METHOD_NOT_ALLOWED"] = 405] = "METHOD_NOT_ALLOWED";
-  HttpStatusCode2[HttpStatusCode2["REQUEST_TIMEOUT"] = 408] = "REQUEST_TIMEOUT";
-  HttpStatusCode2[HttpStatusCode2["INTERNAL_SERVER_ERROR"] = 500] = "INTERNAL_SERVER_ERROR";
-  HttpStatusCode2[HttpStatusCode2["NOT_IMPLEMENTED"] = 501] = "NOT_IMPLEMENTED";
-  HttpStatusCode2[HttpStatusCode2["BAD_GATEWAY"] = 502] = "BAD_GATEWAY";
-  HttpStatusCode2[HttpStatusCode2["SERVICE_UNAVAILABLE"] = 503] = "SERVICE_UNAVAILABLE";
-  HttpStatusCode2[HttpStatusCode2["GATEWAY_TIMEOUT"] = 504] = "GATEWAY_TIMEOUT";
-  return HttpStatusCode2;
-})(HttpStatusCode || {});
-
-// src/types/webhook.ts
-var WebhookEventType = /* @__PURE__ */ ((WebhookEventType2) => {
-  WebhookEventType2["PAYMENT_NOTIFICATION"] = "PAYMENT_NOTIFICATION";
-  WebhookEventType2["REFUND_NOTIFICATION"] = "REFUND_NOTIFICATION";
-  WebhookEventType2["SUBSCRIPTION_STATUS_NOTIFICATION"] = "SUBSCRIPTION_STATUS_NOTIFICATION";
-  return WebhookEventType2;
-})(WebhookEventType || {});
-var WebhookResponseStatus = /* @__PURE__ */ ((WebhookResponseStatus2) => {
-  WebhookResponseStatus2["SUCCESS"] = "success";
-  WebhookResponseStatus2["FAILED"] = "failed";
-  WebhookResponseStatus2["UNKNOWN"] = "unknown";
-  return WebhookResponseStatus2;
-})(WebhookResponseStatus || {});
-
-// src/types/iso.ts
-var CountryCode = /* @__PURE__ */ ((CountryCode2) => {
-  CountryCode2["AFG"] = "AFG";
-  CountryCode2["ALB"] = "ALB";
-  CountryCode2["DZA"] = "DZA";
-  CountryCode2["ASM"] = "ASM";
-  CountryCode2["AND"] = "AND";
-  CountryCode2["AGO"] = "AGO";
-  CountryCode2["AIA"] = "AIA";
-  CountryCode2["ATA"] = "ATA";
-  CountryCode2["ATG"] = "ATG";
-  CountryCode2["ARG"] = "ARG";
-  CountryCode2["ARM"] = "ARM";
-  CountryCode2["ABW"] = "ABW";
-  CountryCode2["AUS"] = "AUS";
-  CountryCode2["AUT"] = "AUT";
-  CountryCode2["AZE"] = "AZE";
-  CountryCode2["BHS"] = "BHS";
-  CountryCode2["BHR"] = "BHR";
-  CountryCode2["BGD"] = "BGD";
-  CountryCode2["BRB"] = "BRB";
-  CountryCode2["BLR"] = "BLR";
-  CountryCode2["BEL"] = "BEL";
-  CountryCode2["BLZ"] = "BLZ";
-  CountryCode2["BEN"] = "BEN";
-  CountryCode2["BMU"] = "BMU";
-  CountryCode2["BTN"] = "BTN";
-  CountryCode2["BOL"] = "BOL";
-  CountryCode2["BES"] = "BES";
-  CountryCode2["BIH"] = "BIH";
-  CountryCode2["BWA"] = "BWA";
-  CountryCode2["BVT"] = "BVT";
-  CountryCode2["BRA"] = "BRA";
-  CountryCode2["IOT"] = "IOT";
-  CountryCode2["BRN"] = "BRN";
-  CountryCode2["BGR"] = "BGR";
-  CountryCode2["BFA"] = "BFA";
-  CountryCode2["BDI"] = "BDI";
-  CountryCode2["CPV"] = "CPV";
-  CountryCode2["KHM"] = "KHM";
-  CountryCode2["CMR"] = "CMR";
-  CountryCode2["CAN"] = "CAN";
-  CountryCode2["CYM"] = "CYM";
-  CountryCode2["CAF"] = "CAF";
-  CountryCode2["TCD"] = "TCD";
-  CountryCode2["CHL"] = "CHL";
-  CountryCode2["CHN"] = "CHN";
-  CountryCode2["CXR"] = "CXR";
-  CountryCode2["CCK"] = "CCK";
-  CountryCode2["COL"] = "COL";
-  CountryCode2["COM"] = "COM";
-  CountryCode2["COD"] = "COD";
-  CountryCode2["COG"] = "COG";
-  CountryCode2["COK"] = "COK";
-  CountryCode2["CRI"] = "CRI";
-  CountryCode2["HRV"] = "HRV";
-  CountryCode2["CUB"] = "CUB";
-  CountryCode2["CUW"] = "CUW";
-  CountryCode2["CYP"] = "CYP";
-  CountryCode2["CZE"] = "CZE";
-  CountryCode2["CIV"] = "CIV";
-  CountryCode2["DNK"] = "DNK";
-  CountryCode2["DJI"] = "DJI";
-  CountryCode2["DMA"] = "DMA";
-  CountryCode2["DOM"] = "DOM";
-  CountryCode2["ECU"] = "ECU";
-  CountryCode2["EGY"] = "EGY";
-  CountryCode2["SLV"] = "SLV";
-  CountryCode2["GNQ"] = "GNQ";
-  CountryCode2["ERI"] = "ERI";
-  CountryCode2["EST"] = "EST";
-  CountryCode2["SWZ"] = "SWZ";
-  CountryCode2["ETH"] = "ETH";
-  CountryCode2["FLK"] = "FLK";
-  CountryCode2["FRO"] = "FRO";
-  CountryCode2["FJI"] = "FJI";
-  CountryCode2["FIN"] = "FIN";
-  CountryCode2["FRA"] = "FRA";
-  CountryCode2["GUF"] = "GUF";
-  CountryCode2["PYF"] = "PYF";
-  CountryCode2["ATF"] = "ATF";
-  CountryCode2["GAB"] = "GAB";
-  CountryCode2["GMB"] = "GMB";
-  CountryCode2["GEO"] = "GEO";
-  CountryCode2["DEU"] = "DEU";
-  CountryCode2["GHA"] = "GHA";
-  CountryCode2["GIB"] = "GIB";
-  CountryCode2["GRC"] = "GRC";
-  CountryCode2["GRL"] = "GRL";
-  CountryCode2["GRD"] = "GRD";
-  CountryCode2["GLP"] = "GLP";
-  CountryCode2["GUM"] = "GUM";
-  CountryCode2["GTM"] = "GTM";
-  CountryCode2["GGY"] = "GGY";
-  CountryCode2["GIN"] = "GIN";
-  CountryCode2["GNB"] = "GNB";
-  CountryCode2["GUY"] = "GUY";
-  CountryCode2["HTI"] = "HTI";
-  CountryCode2["HMD"] = "HMD";
-  CountryCode2["VAT"] = "VAT";
-  CountryCode2["HND"] = "HND";
-  CountryCode2["HKG"] = "HKG";
-  CountryCode2["HUN"] = "HUN";
-  CountryCode2["ISL"] = "ISL";
-  CountryCode2["IND"] = "IND";
-  CountryCode2["IDN"] = "IDN";
-  CountryCode2["IRN"] = "IRN";
-  CountryCode2["IRQ"] = "IRQ";
-  CountryCode2["IRL"] = "IRL";
-  CountryCode2["IMN"] = "IMN";
-  CountryCode2["ISR"] = "ISR";
-  CountryCode2["ITA"] = "ITA";
-  CountryCode2["JAM"] = "JAM";
-  CountryCode2["JPN"] = "JPN";
-  CountryCode2["JEY"] = "JEY";
-  CountryCode2["JOR"] = "JOR";
-  CountryCode2["KAZ"] = "KAZ";
-  CountryCode2["KEN"] = "KEN";
-  CountryCode2["KIR"] = "KIR";
-  CountryCode2["PRK"] = "PRK";
-  CountryCode2["KOR"] = "KOR";
-  CountryCode2["KWT"] = "KWT";
-  CountryCode2["KGZ"] = "KGZ";
-  CountryCode2["LAO"] = "LAO";
-  CountryCode2["LVA"] = "LVA";
-  CountryCode2["LBN"] = "LBN";
-  CountryCode2["LSO"] = "LSO";
-  CountryCode2["LBR"] = "LBR";
-  CountryCode2["LBY"] = "LBY";
-  CountryCode2["LIE"] = "LIE";
-  CountryCode2["LTU"] = "LTU";
-  CountryCode2["LUX"] = "LUX";
-  CountryCode2["MAC"] = "MAC";
-  CountryCode2["MDG"] = "MDG";
-  CountryCode2["MWI"] = "MWI";
-  CountryCode2["MYS"] = "MYS";
-  CountryCode2["MDV"] = "MDV";
-  CountryCode2["MLI"] = "MLI";
-  CountryCode2["MLT"] = "MLT";
-  CountryCode2["MHL"] = "MHL";
-  CountryCode2["MTQ"] = "MTQ";
-  CountryCode2["MRT"] = "MRT";
-  CountryCode2["MUS"] = "MUS";
-  CountryCode2["MYT"] = "MYT";
-  CountryCode2["MEX"] = "MEX";
-  CountryCode2["FSM"] = "FSM";
-  CountryCode2["MDA"] = "MDA";
-  CountryCode2["MCO"] = "MCO";
-  CountryCode2["MNG"] = "MNG";
-  CountryCode2["MNE"] = "MNE";
-  CountryCode2["MSR"] = "MSR";
-  CountryCode2["MAR"] = "MAR";
-  CountryCode2["MOZ"] = "MOZ";
-  CountryCode2["MMR"] = "MMR";
-  CountryCode2["NAM"] = "NAM";
-  CountryCode2["NRU"] = "NRU";
-  CountryCode2["NPL"] = "NPL";
-  CountryCode2["NLD"] = "NLD";
-  CountryCode2["NCL"] = "NCL";
-  CountryCode2["NZL"] = "NZL";
-  CountryCode2["NIC"] = "NIC";
-  CountryCode2["NER"] = "NER";
-  CountryCode2["NGA"] = "NGA";
-  CountryCode2["NIU"] = "NIU";
-  CountryCode2["NFK"] = "NFK";
-  CountryCode2["MKD"] = "MKD";
-  CountryCode2["MNP"] = "MNP";
-  CountryCode2["NOR"] = "NOR";
-  CountryCode2["OMN"] = "OMN";
-  CountryCode2["PAK"] = "PAK";
-  CountryCode2["PLW"] = "PLW";
-  CountryCode2["PSE"] = "PSE";
-  CountryCode2["PAN"] = "PAN";
-  CountryCode2["PNG"] = "PNG";
-  CountryCode2["PRY"] = "PRY";
-  CountryCode2["PER"] = "PER";
-  CountryCode2["PHL"] = "PHL";
-  CountryCode2["PCN"] = "PCN";
-  CountryCode2["POL"] = "POL";
-  CountryCode2["PRT"] = "PRT";
-  CountryCode2["PRI"] = "PRI";
-  CountryCode2["QAT"] = "QAT";
-  CountryCode2["ROU"] = "ROU";
-  CountryCode2["RUS"] = "RUS";
-  CountryCode2["RWA"] = "RWA";
-  CountryCode2["REU"] = "REU";
-  CountryCode2["BLM"] = "BLM";
-  CountryCode2["SHN"] = "SHN";
-  CountryCode2["KNA"] = "KNA";
-  CountryCode2["LCA"] = "LCA";
-  CountryCode2["MAF"] = "MAF";
-  CountryCode2["SPM"] = "SPM";
-  CountryCode2["VCT"] = "VCT";
-  CountryCode2["WSM"] = "WSM";
-  CountryCode2["SMR"] = "SMR";
-  CountryCode2["STP"] = "STP";
-  CountryCode2["SAU"] = "SAU";
-  CountryCode2["SEN"] = "SEN";
-  CountryCode2["SRB"] = "SRB";
-  CountryCode2["SYC"] = "SYC";
-  CountryCode2["SLE"] = "SLE";
-  CountryCode2["SGP"] = "SGP";
-  CountryCode2["SXM"] = "SXM";
-  CountryCode2["SVK"] = "SVK";
-  CountryCode2["SVN"] = "SVN";
-  CountryCode2["SLB"] = "SLB";
-  CountryCode2["SOM"] = "SOM";
-  CountryCode2["ZAF"] = "ZAF";
-  CountryCode2["SGS"] = "SGS";
-  CountryCode2["SSD"] = "SSD";
-  CountryCode2["ESP"] = "ESP";
-  CountryCode2["LKA"] = "LKA";
-  CountryCode2["SDN"] = "SDN";
-  CountryCode2["SUR"] = "SUR";
-  CountryCode2["SJM"] = "SJM";
-  CountryCode2["SWE"] = "SWE";
-  CountryCode2["CHE"] = "CHE";
-  CountryCode2["SYR"] = "SYR";
-  CountryCode2["TWN"] = "TWN";
-  CountryCode2["TJK"] = "TJK";
-  CountryCode2["TZA"] = "TZA";
-  CountryCode2["THA"] = "THA";
-  CountryCode2["TLS"] = "TLS";
-  CountryCode2["TGO"] = "TGO";
-  CountryCode2["TKL"] = "TKL";
-  CountryCode2["TON"] = "TON";
-  CountryCode2["TTO"] = "TTO";
-  CountryCode2["TUN"] = "TUN";
-  CountryCode2["TUR"] = "TUR";
-  CountryCode2["TKM"] = "TKM";
-  CountryCode2["TCA"] = "TCA";
-  CountryCode2["TUV"] = "TUV";
-  CountryCode2["UGA"] = "UGA";
-  CountryCode2["UKR"] = "UKR";
-  CountryCode2["ARE"] = "ARE";
-  CountryCode2["GBR"] = "GBR";
-  CountryCode2["UMI"] = "UMI";
-  CountryCode2["USA"] = "USA";
-  CountryCode2["URY"] = "URY";
-  CountryCode2["UZB"] = "UZB";
-  CountryCode2["VUT"] = "VUT";
-  CountryCode2["VEN"] = "VEN";
-  CountryCode2["VNM"] = "VNM";
-  CountryCode2["VGB"] = "VGB";
-  CountryCode2["VIR"] = "VIR";
-  CountryCode2["WLF"] = "WLF";
-  CountryCode2["ESH"] = "ESH";
-  CountryCode2["YEM"] = "YEM";
-  CountryCode2["ZMB"] = "ZMB";
-  CountryCode2["ZWE"] = "ZWE";
-  CountryCode2["ALA"] = "ALA";
-  return CountryCode2;
-})(CountryCode || {});
-var CurrencyCode = /* @__PURE__ */ ((CurrencyCode2) => {
-  CurrencyCode2["AED"] = "AED";
-  CurrencyCode2["AFN"] = "AFN";
-  CurrencyCode2["ALL"] = "ALL";
-  CurrencyCode2["AMD"] = "AMD";
-  CurrencyCode2["ANG"] = "ANG";
-  CurrencyCode2["AOA"] = "AOA";
-  CurrencyCode2["ARS"] = "ARS";
-  CurrencyCode2["AUD"] = "AUD";
-  CurrencyCode2["AWG"] = "AWG";
-  CurrencyCode2["AZN"] = "AZN";
-  CurrencyCode2["BAM"] = "BAM";
-  CurrencyCode2["BBD"] = "BBD";
-  CurrencyCode2["BDT"] = "BDT";
-  CurrencyCode2["BGN"] = "BGN";
-  CurrencyCode2["BHD"] = "BHD";
-  CurrencyCode2["BIF"] = "BIF";
-  CurrencyCode2["BMD"] = "BMD";
-  CurrencyCode2["BND"] = "BND";
-  CurrencyCode2["BOB"] = "BOB";
-  CurrencyCode2["BOV"] = "BOV";
-  CurrencyCode2["BRL"] = "BRL";
-  CurrencyCode2["BSD"] = "BSD";
-  CurrencyCode2["BTN"] = "BTN";
-  CurrencyCode2["BWP"] = "BWP";
-  CurrencyCode2["BYN"] = "BYN";
-  CurrencyCode2["BZD"] = "BZD";
-  CurrencyCode2["CAD"] = "CAD";
-  CurrencyCode2["CDF"] = "CDF";
-  CurrencyCode2["CHE"] = "CHE";
-  CurrencyCode2["CHF"] = "CHF";
-  CurrencyCode2["CHW"] = "CHW";
-  CurrencyCode2["CLF"] = "CLF";
-  CurrencyCode2["CLP"] = "CLP";
-  CurrencyCode2["CNY"] = "CNY";
-  CurrencyCode2["COP"] = "COP";
-  CurrencyCode2["COU"] = "COU";
-  CurrencyCode2["CRC"] = "CRC";
-  CurrencyCode2["CUC"] = "CUC";
-  CurrencyCode2["CUP"] = "CUP";
-  CurrencyCode2["CVE"] = "CVE";
-  CurrencyCode2["CZK"] = "CZK";
-  CurrencyCode2["DJF"] = "DJF";
-  CurrencyCode2["DKK"] = "DKK";
-  CurrencyCode2["DOP"] = "DOP";
-  CurrencyCode2["DZD"] = "DZD";
-  CurrencyCode2["EGP"] = "EGP";
-  CurrencyCode2["ERN"] = "ERN";
-  CurrencyCode2["ETB"] = "ETB";
-  CurrencyCode2["EUR"] = "EUR";
-  CurrencyCode2["FJD"] = "FJD";
-  CurrencyCode2["FKP"] = "FKP";
-  CurrencyCode2["GBP"] = "GBP";
-  CurrencyCode2["GEL"] = "GEL";
-  CurrencyCode2["GHS"] = "GHS";
-  CurrencyCode2["GIP"] = "GIP";
-  CurrencyCode2["GMD"] = "GMD";
-  CurrencyCode2["GNF"] = "GNF";
-  CurrencyCode2["GTQ"] = "GTQ";
-  CurrencyCode2["GYD"] = "GYD";
-  CurrencyCode2["HKD"] = "HKD";
-  CurrencyCode2["HNL"] = "HNL";
-  CurrencyCode2["HRK"] = "HRK";
-  CurrencyCode2["HTG"] = "HTG";
-  CurrencyCode2["HUF"] = "HUF";
-  CurrencyCode2["IDR"] = "IDR";
-  CurrencyCode2["ILS"] = "ILS";
-  CurrencyCode2["INR"] = "INR";
-  CurrencyCode2["IQD"] = "IQD";
-  CurrencyCode2["IRR"] = "IRR";
-  CurrencyCode2["ISK"] = "ISK";
-  CurrencyCode2["JMD"] = "JMD";
-  CurrencyCode2["JOD"] = "JOD";
-  CurrencyCode2["JPY"] = "JPY";
-  CurrencyCode2["KES"] = "KES";
-  CurrencyCode2["KGS"] = "KGS";
-  CurrencyCode2["KHR"] = "KHR";
-  CurrencyCode2["KMF"] = "KMF";
-  CurrencyCode2["KPW"] = "KPW";
-  CurrencyCode2["KRW"] = "KRW";
-  CurrencyCode2["KWD"] = "KWD";
-  CurrencyCode2["KYD"] = "KYD";
-  CurrencyCode2["KZT"] = "KZT";
-  CurrencyCode2["LAK"] = "LAK";
-  CurrencyCode2["LBP"] = "LBP";
-  CurrencyCode2["LKR"] = "LKR";
-  CurrencyCode2["LRD"] = "LRD";
-  CurrencyCode2["LSL"] = "LSL";
-  CurrencyCode2["LYD"] = "LYD";
-  CurrencyCode2["MAD"] = "MAD";
-  CurrencyCode2["MDL"] = "MDL";
-  CurrencyCode2["MGA"] = "MGA";
-  CurrencyCode2["MKD"] = "MKD";
-  CurrencyCode2["MMK"] = "MMK";
-  CurrencyCode2["MNT"] = "MNT";
-  CurrencyCode2["MOP"] = "MOP";
-  CurrencyCode2["MRU"] = "MRU";
-  CurrencyCode2["MUR"] = "MUR";
-  CurrencyCode2["MVR"] = "MVR";
-  CurrencyCode2["MWK"] = "MWK";
-  CurrencyCode2["MXN"] = "MXN";
-  CurrencyCode2["MXV"] = "MXV";
-  CurrencyCode2["MYR"] = "MYR";
-  CurrencyCode2["MZN"] = "MZN";
-  CurrencyCode2["NAD"] = "NAD";
-  CurrencyCode2["NGN"] = "NGN";
-  CurrencyCode2["NIO"] = "NIO";
-  CurrencyCode2["NOK"] = "NOK";
-  CurrencyCode2["NPR"] = "NPR";
-  CurrencyCode2["NZD"] = "NZD";
-  CurrencyCode2["OMR"] = "OMR";
-  CurrencyCode2["PAB"] = "PAB";
-  CurrencyCode2["PEN"] = "PEN";
-  CurrencyCode2["PGK"] = "PGK";
-  CurrencyCode2["PHP"] = "PHP";
-  CurrencyCode2["PKR"] = "PKR";
-  CurrencyCode2["PLN"] = "PLN";
-  CurrencyCode2["PYG"] = "PYG";
-  CurrencyCode2["QAR"] = "QAR";
-  CurrencyCode2["RON"] = "RON";
-  CurrencyCode2["RSD"] = "RSD";
-  CurrencyCode2["RUB"] = "RUB";
-  CurrencyCode2["RWF"] = "RWF";
-  CurrencyCode2["SAR"] = "SAR";
-  CurrencyCode2["SBD"] = "SBD";
-  CurrencyCode2["SCR"] = "SCR";
-  CurrencyCode2["SDG"] = "SDG";
-  CurrencyCode2["SEK"] = "SEK";
-  CurrencyCode2["SGD"] = "SGD";
-  CurrencyCode2["SHP"] = "SHP";
-  CurrencyCode2["SLE"] = "SLE";
-  CurrencyCode2["SLL"] = "SLL";
-  CurrencyCode2["SOS"] = "SOS";
-  CurrencyCode2["SRD"] = "SRD";
-  CurrencyCode2["SSP"] = "SSP";
-  CurrencyCode2["STN"] = "STN";
-  CurrencyCode2["SVC"] = "SVC";
-  CurrencyCode2["SYP"] = "SYP";
-  CurrencyCode2["SZL"] = "SZL";
-  CurrencyCode2["THB"] = "THB";
-  CurrencyCode2["TJS"] = "TJS";
-  CurrencyCode2["TMT"] = "TMT";
-  CurrencyCode2["TND"] = "TND";
-  CurrencyCode2["TOP"] = "TOP";
-  CurrencyCode2["TRY"] = "TRY";
-  CurrencyCode2["TTD"] = "TTD";
-  CurrencyCode2["TWD"] = "TWD";
-  CurrencyCode2["TZS"] = "TZS";
-  CurrencyCode2["UAH"] = "UAH";
-  CurrencyCode2["UGX"] = "UGX";
-  CurrencyCode2["USD"] = "USD";
-  CurrencyCode2["USN"] = "USN";
-  CurrencyCode2["UYI"] = "UYI";
-  CurrencyCode2["UYU"] = "UYU";
-  CurrencyCode2["UYW"] = "UYW";
-  CurrencyCode2["UZS"] = "UZS";
-  CurrencyCode2["VED"] = "VED";
-  CurrencyCode2["VES"] = "VES";
-  CurrencyCode2["VND"] = "VND";
-  CurrencyCode2["VUV"] = "VUV";
-  CurrencyCode2["WST"] = "WST";
-  CurrencyCode2["XAF"] = "XAF";
-  CurrencyCode2["XAG"] = "XAG";
-  CurrencyCode2["XAU"] = "XAU";
-  CurrencyCode2["XBA"] = "XBA";
-  CurrencyCode2["XBB"] = "XBB";
-  CurrencyCode2["XBC"] = "XBC";
-  CurrencyCode2["XBD"] = "XBD";
-  CurrencyCode2["XCD"] = "XCD";
-  CurrencyCode2["XDR"] = "XDR";
-  CurrencyCode2["XOF"] = "XOF";
-  CurrencyCode2["XPD"] = "XPD";
-  CurrencyCode2["XPF"] = "XPF";
-  CurrencyCode2["XPT"] = "XPT";
-  CurrencyCode2["XSU"] = "XSU";
-  CurrencyCode2["XTS"] = "XTS";
-  CurrencyCode2["XUA"] = "XUA";
-  CurrencyCode2["XXX"] = "XXX";
-  CurrencyCode2["YER"] = "YER";
-  CurrencyCode2["ZAR"] = "ZAR";
-  CurrencyCode2["ZMW"] = "ZMW";
-  CurrencyCode2["ZWL"] = "ZWL";
-  return CurrencyCode2;
-})(CurrencyCode || {});
-
-// src/types/payment.ts
-var ProductName = /* @__PURE__ */ ((ProductName2) => {
-  ProductName2["ONE_TIME_PAYMENT"] = "ONE_TIME_PAYMENT";
-  ProductName2["MINI_PROGRAM_PAYMENT"] = "MINI_PROGRAM_PAYMENT";
-  ProductName2["DIRECT_PAYMENT"] = "DIRECT_PAYMENT";
-  return ProductName2;
-})(ProductName || {});
-var SubscriptionProductName = /* @__PURE__ */ ((SubscriptionProductName2) => {
-  SubscriptionProductName2["SUBSCRIPTION"] = "SUBSCRIPTION";
-  SubscriptionProductName2["MINI_PROGRAM_SUBSCRIPTION"] = "MINI_PROGRAM_SUBSCRIPTION";
-  return SubscriptionProductName2;
-})(SubscriptionProductName || {});
-
-// src/types/order.ts
-var UserTerminalType = /* @__PURE__ */ ((UserTerminalType2) => {
-  UserTerminalType2["WEB"] = "WEB";
-  UserTerminalType2["APP"] = "APP";
-  UserTerminalType2["IN_WALLET_APP"] = "IN_WALLET_APP";
-  UserTerminalType2["IN_MINI_PROGRAM"] = "IN_MINI_PROGRAM";
-  return UserTerminalType2;
-})(UserTerminalType || {});
-var OrderStatus = /* @__PURE__ */ ((OrderStatus2) => {
-  OrderStatus2["PAY_IN_PROGRESS"] = "PAY_IN_PROGRESS";
-  OrderStatus2["AUTHORIZATION_REQUIRED"] = "AUTHORIZATION_REQUIRED";
-  OrderStatus2["AUTHED_WAITING_CAPTURE"] = "AUTHED_WAITING_CAPTURE";
-  OrderStatus2["PAY_SUCCESS"] = "PAY_SUCCESS";
-  OrderStatus2["ORDER_CLOSE"] = "ORDER_CLOSE";
-  OrderStatus2["CAPTURE_IN_PROGRESS"] = "CAPTURE_IN_PROGRESS";
-  return OrderStatus2;
-})(OrderStatus || {});
-var OrderActionType = /* @__PURE__ */ ((OrderActionType2) => {
-  OrderActionType2["WEB"] = "WEB";
-  OrderActionType2["DEEPLINK"] = "DEEPLINK";
-  return OrderActionType2;
-})(OrderActionType || {});
-var PayMethodUserAccountType = /* @__PURE__ */ ((PayMethodUserAccountType2) => {
-  PayMethodUserAccountType2["EMAIL"] = "EMAIL";
-  PayMethodUserAccountType2["PHONE_NO"] = "PHONE_NO";
-  PayMethodUserAccountType2["ACCOUNT_ID"] = "ACCOUNT_ID";
-  return PayMethodUserAccountType2;
-})(PayMethodUserAccountType || {});
-var CaptureMode = /* @__PURE__ */ ((CaptureMode2) => {
-  CaptureMode2["MANUAL_CAPTURE"] = "manualCapture";
-  return CaptureMode2;
-})(CaptureMode || {});
-var MerchantInitiatedMode = /* @__PURE__ */ ((MerchantInitiatedMode2) => {
-  MerchantInitiatedMode2["SCHEDULED"] = "scheduled";
-  MerchantInitiatedMode2["UNSCHEDULED"] = "unscheduled";
-  return MerchantInitiatedMode2;
-})(MerchantInitiatedMode || {});
-var ThreeDsDecision = /* @__PURE__ */ ((ThreeDsDecision2) => {
-  ThreeDsDecision2["FORCE"] = "3DS_FORCE";
-  ThreeDsDecision2["ATTEMPT"] = "3DS_ATTEMPT";
-  ThreeDsDecision2["NO_3DS"] = "NO_3DS";
-  return ThreeDsDecision2;
-})(ThreeDsDecision || {});
+// src/errors/waffo-error.ts
+var WaffoError = class _WaffoError extends Error {
+  /** Error code identifying the type of error */
+  errorCode;
+  /** The underlying error that caused this error, if any */
+  cause;
+  /**
+   * Creates a new WaffoError.
+   *
+   * @param errorCode - The error code (e.g., "S0003" for signing failure)
+   * @param message - Human-readable error message
+   * @param cause - The underlying error that caused this error
+   */
+  constructor(errorCode, message, cause) {
+    super(message);
+    this.name = "WaffoError";
+    this.errorCode = errorCode;
+    this.cause = cause;
+    if (Error.captureStackTrace) {
+      Error.captureStackTrace(this, _WaffoError);
+    }
+  }
+  /**
+   * Returns a string representation of the error.
+   */
+  toString() {
+    return `[${this.errorCode}] ${this.message}`;
+  }
+};
+var WaffoErrorCode = {
+  /** Invalid public key */
+  INVALID_PUBLIC_KEY: "S0002",
+  /** Failed to sign data */
+  SIGN_FAILED: "S0003",
+  /** Response signature verification failed */
+  VERIFY_FAILED: "S0004",
+  /** Request serialization failed */
+  SERIALIZE_FAILED: "S0005",
+  /** Unexpected error */
+  UNEXPECTED: "S0006",
+  /** Invalid private key */
+  INVALID_PRIVATE_KEY: "S0007"
+};
 
-// src/types/refund.ts
-var RefundStatus = /* @__PURE__ */ ((RefundStatus2) => {
-  RefundStatus2["REFUND_IN_PROGRESS"] = "REFUND_IN_PROGRESS";
-  RefundStatus2["ORDER_PARTIALLY_REFUNDED"] = "ORDER_PARTIALLY_REFUNDED";
-  RefundStatus2["ORDER_FULLY_REFUNDED"] = "ORDER_FULLY_REFUNDED";
-  RefundStatus2["ORDER_REFUND_FAILED"] = "ORDER_REFUND_FAILED";
-  return RefundStatus2;
-})(RefundStatus || {});
+// src/errors/waffo-unknown-status-error.ts
+var WaffoUnknownStatusError = class _WaffoUnknownStatusError extends Error {
+  /** Error code for network errors */
+  static CODE_NETWORK_ERROR = "S0001";
+  /** Error code for unknown server status */
+  static CODE_UNKNOWN_STATUS = "E0001";
+  /** Error code identifying the type of error */
+  errorCode;
+  /** The underlying error that caused this error, if any */
+  cause;
+  /**
+   * Creates a new WaffoUnknownStatusError.
+   *
+   * @param errorCode - The error code (e.g., "S0001" for network error)
+   * @param message - Human-readable error message
+   * @param cause - The underlying error that caused this error
+   */
+  constructor(errorCode, message, cause) {
+    super(message);
+    this.name = "WaffoUnknownStatusError";
+    this.errorCode = errorCode;
+    this.cause = cause;
+    if (Error.captureStackTrace) {
+      Error.captureStackTrace(this, _WaffoUnknownStatusError);
+    }
+  }
+  /**
+   * Returns a string representation of the error.
+   */
+  toString() {
+    return `[${this.errorCode}] ${this.message}`;
+  }
+};
 
-// src/types/subscription.ts
-var SubscriptionStatus = /* @__PURE__ */ ((SubscriptionStatus2) => {
-  SubscriptionStatus2["AUTHORIZATION_REQUIRED"] = "AUTHORIZATION_REQUIRED";
-  SubscriptionStatus2["IN_PROGRESS"] = "IN_PROGRESS";
-  SubscriptionStatus2["ACTIVE"] = "ACTIVE";
-  SubscriptionStatus2["CLOSE"] = "CLOSE";
-  SubscriptionStatus2["MERCHANT_CANCELLED"] = "MERCHANT_CANCELLED";
-  SubscriptionStatus2["USER_CANCELLED"] = "USER_CANCELLED";
-  SubscriptionStatus2["CHANNEL_CANCELLED"] = "CHANNEL_CANCELLED";
-  SubscriptionStatus2["EXPIRED"] = "EXPIRED";
-  return SubscriptionStatus2;
-})(SubscriptionStatus || {});
-var PeriodType = /* @__PURE__ */ ((PeriodType2) => {
-  PeriodType2["DAILY"] = "DAILY";
-  PeriodType2["WEEKLY"] = "WEEKLY";
-  PeriodType2["MONTHLY"] = "MONTHLY";
-  return PeriodType2;
-})(PeriodType || {});
-var SubscriptionUserTerminalType = /* @__PURE__ */ ((SubscriptionUserTerminalType2) => {
-  SubscriptionUserTerminalType2["WEB"] = "WEB";
-  SubscriptionUserTerminalType2["APP"] = "APP";
-  return SubscriptionUserTerminalType2;
-})(SubscriptionUserTerminalType || {});
-var CashierLanguage = /* @__PURE__ */ ((CashierLanguage2) => {
-  CashierLanguage2["EN_HK"] = "en-HK";
-  CashierLanguage2["ZH_HANT_HK"] = "zh-Hant-HK";
-  CashierLanguage2["ZH_HANS_HK"] = "zh-Hans-HK";
-  return CashierLanguage2;
-})(CashierLanguage || {});
-var SubscriptionPayMethodUserAccountType = /* @__PURE__ */ ((SubscriptionPayMethodUserAccountType2) => {
-  SubscriptionPayMethodUserAccountType2["EMAIL"] = "EMAIL";
-  SubscriptionPayMethodUserAccountType2["PHONE_NO"] = "PHONE_NO";
-  SubscriptionPayMethodUserAccountType2["ACCOUNT_ID"] = "ACCOUNT_ID";
-  return SubscriptionPayMethodUserAccountType2;
-})(SubscriptionPayMethodUserAccountType || {});
-var SubscriptionOrderStatus = /* @__PURE__ */ ((SubscriptionOrderStatus2) => {
-  SubscriptionOrderStatus2["PAY_SUCCESS"] = "PAY_SUCCESS";
-  SubscriptionOrderStatus2["ORDER_CLOSE"] = "ORDER_CLOSE";
-  return SubscriptionOrderStatus2;
-})(SubscriptionOrderStatus || {});
-var SubscriptionEventType = /* @__PURE__ */ ((SubscriptionEventType2) => {
-  SubscriptionEventType2["SUBSCRIPTION_STATUS_NOTIFICATION"] = "SUBSCRIPTION_STATUS_NOTIFICATION";
-  SubscriptionEventType2["PAYMENT_NOTIFICATION"] = "PAYMENT_NOTIFICATION";
-  return SubscriptionEventType2;
-})(SubscriptionEventType || {});
-var SIGN_ALGORITHMS = "RSA-SHA256";
-function signForRSA(body, privateKey, charSet = "utf8", onError) {
+// src/utils/rsa-utils.ts
+var ALGORITHM = "RSA-SHA256";
+var KEY_SIZE = 2048;
+function sign(data, base64PrivateKey) {
   try {
-    const privateKeyDer = Buffer.from(privateKey, "base64");
-    const privateKeyPem = `-----BEGIN PRIVATE KEY-----
-${privateKeyDer.toString("base64").match(/.{1,64}/g)?.join("\n")}
------END PRIVATE KEY-----`;
-    const signature = crypto__default.default.createSign(SIGN_ALGORITHMS);
-    signature.update(body, charSet);
-    const signed = signature.sign(privateKeyPem, "base64");
-    return signed;
-  } catch (e) {
-    onError?.(e instanceof Error ? e : new Error(String(e)));
-    return null;
+    const privateKeyBuffer = Buffer.from(base64PrivateKey, "base64");
+    const signer = crypto__namespace.createSign(ALGORITHM);
+    signer.update(data, "utf8");
+    const signature = signer.sign({
+      key: privateKeyBuffer,
+      format: "der",
+      type: "pkcs8"
+    });
+    return signature.toString("base64");
+  } catch (error) {
+    throw new WaffoError(
+      WaffoErrorCode.SIGN_FAILED,
+      `Failed to sign data: ${error instanceof Error ? error.message : String(error)}`,
+      error instanceof Error ? error : void 0
+    );
   }
 }
-function verify(body, sign, publicKey, charSet = "utf8", onError) {
+function verify(data, base64Signature, base64PublicKey) {
   try {
-    const publicKeyDer = Buffer.from(publicKey, "base64");
-    const publicKeyPem = `-----BEGIN PUBLIC KEY-----
-${publicKeyDer.toString("base64").match(/.{1,64}/g)?.join("\n")}
------END PUBLIC KEY-----`;
-    const verifier = crypto__default.default.createVerify(SIGN_ALGORITHMS);
-    verifier.update(body, charSet);
-    const signatureBuffer = Buffer.from(sign, "base64");
-    return verifier.verify(publicKeyPem, signatureBuffer);
-  } catch (e) {
-    onError?.(e instanceof Error ? e : new Error(String(e)));
+    const publicKeyBuffer = Buffer.from(base64PublicKey, "base64");
+    const signatureBuffer = Buffer.from(base64Signature, "base64");
+    const verifier = crypto__namespace.createVerify(ALGORITHM);
+    verifier.update(data, "utf8");
+    return verifier.verify(
+      {
+        key: publicKeyBuffer,
+        format: "der",
+        type: "spki"
+      },
+      signatureBuffer
+    );
+  } catch {
     return false;
   }
 }
-function createKeyPair() {
-  const { publicKey, privateKey } = crypto__default.default.generateKeyPairSync("rsa", {
-    modulusLength: 2048,
-    publicKeyEncoding: {
-      type: "spki",
-      format: "der"
-    },
-    privateKeyEncoding: {
-      type: "pkcs8",
-      format: "der"
+function validatePrivateKey(base64PrivateKey) {
+  if (!base64PrivateKey || base64PrivateKey.trim() === "") {
+    throw new WaffoError(
+      WaffoErrorCode.INVALID_PRIVATE_KEY,
+      "Private key is null or empty"
+    );
+  }
+  try {
+    const keyBuffer = Buffer.from(base64PrivateKey, "base64");
+    crypto__namespace.createPrivateKey({
+      key: keyBuffer,
+      format: "der",
+      type: "pkcs8"
+    });
+  } catch (error) {
+    if (error instanceof WaffoError) throw error;
+    const message = error instanceof Error ? error.message : String(error);
+    if (message.includes("bad base64")) {
+      throw new WaffoError(
+        WaffoErrorCode.INVALID_PRIVATE_KEY,
+        "Invalid private key: not valid Base64 encoding",
+        error instanceof Error ? error : void 0
+      );
     }
-  });
-  const keyMap = {
-    PRIVATE_KEY_NAME: privateKey.toString("base64"),
-    PUBLIC_KEY_NAME: publicKey.toString("base64")
-  };
-  return keyMap;
+    throw new WaffoError(
+      WaffoErrorCode.INVALID_PRIVATE_KEY,
+      `Invalid private key: ${message}`,
+      error instanceof Error ? error : void 0
+    );
+  }
 }
-
-// src/utils/webhook.ts
-function verifyWebhookSignature(requestBody, signature, waffoPublicKey) {
+function validatePublicKey(base64PublicKey) {
+  if (!base64PublicKey || base64PublicKey.trim() === "") {
+    throw new WaffoError(
+      WaffoErrorCode.INVALID_PUBLIC_KEY,
+      "Public key is null or empty"
+    );
+  }
   try {
-    const isValid = verify(requestBody, signature, waffoPublicKey);
-    if (!isValid) {
-      return {
-        isValid: false,
-        error: "Signature verification failed"
-      };
+    const keyBuffer = Buffer.from(base64PublicKey, "base64");
+    crypto__namespace.createPublicKey({
+      key: keyBuffer,
+      format: "der",
+      type: "spki"
+    });
+  } catch (error) {
+    if (error instanceof WaffoError) throw error;
+    const message = error instanceof Error ? error.message : String(error);
+    if (message.includes("bad base64")) {
+      throw new WaffoError(
+        WaffoErrorCode.INVALID_PUBLIC_KEY,
+        "Invalid public key: not valid Base64 encoding",
+        error instanceof Error ? error : void 0
+      );
     }
-    const notification = JSON.parse(requestBody);
-    const eventType = notification.eventType;
+    throw new WaffoError(
+      WaffoErrorCode.INVALID_PUBLIC_KEY,
+      `Invalid public key: ${message}`,
+      error instanceof Error ? error : void 0
+    );
+  }
+}
+function generateKeyPair() {
+  try {
+    const { privateKey, publicKey } = crypto__namespace.generateKeyPairSync("rsa", {
+      modulusLength: KEY_SIZE,
+      publicKeyEncoding: {
+        type: "spki",
+        format: "der"
+      },
+      privateKeyEncoding: {
+        type: "pkcs8",
+        format: "der"
+      }
+    });
     return {
-      isValid: true,
-      notification,
-      eventType
+      privateKey: privateKey.toString("base64"),
+      publicKey: publicKey.toString("base64")
     };
   } catch (error) {
-    return {
-      isValid: false,
-      error: `Failed to verify webhook: ${error.message}`
-    };
+    throw new WaffoError(
+      WaffoErrorCode.SIGN_FAILED,
+      `Failed to generate key pair: ${error instanceof Error ? error.message : String(error)}`,
+      error instanceof Error ? error : void 0
+    );
   }
 }
-function buildWebhookResponse(status, merchantPrivateKey) {
-  const body = {
-    message: status
-  };
-  const bodyString = JSON.stringify(body);
-  const signature = signForRSA(bodyString, merchantPrivateKey);
-  if (!signature) {
-    throw new Error("Failed to sign webhook response");
+var RsaUtils = {
+  sign,
+  verify,
+  validatePrivateKey,
+  validatePublicKey,
+  generateKeyPair
+};
+
+// src/types/config/waffo-config.ts
+var WaffoConfigEnvVars = {
+  API_KEY: "WAFFO_API_KEY",
+  PRIVATE_KEY: "WAFFO_PRIVATE_KEY",
+  PUBLIC_KEY: "WAFFO_PUBLIC_KEY",
+  MERCHANT_ID: "WAFFO_MERCHANT_ID",
+  ENVIRONMENT: "WAFFO_ENVIRONMENT"
+};
+var WaffoConfigDefaults = {
+  CONNECT_TIMEOUT: 1e4,
+  READ_TIMEOUT: 3e4
+};
+function createWaffoConfig(config) {
+  if (!config.apiKey) {
+    throw new Error("apiKey is required");
+  }
+  if (!config.privateKey) {
+    throw new Error("privateKey is required");
+  }
+  if (!config.waffoPublicKey) {
+    throw new Error("waffoPublicKey is required");
   }
+  if (!config.environment) {
+    throw new Error("environment is required (SANDBOX or PRODUCTION)");
+  }
+  if (!config.merchantId) {
+    throw new Error("merchantId is required");
+  }
+  RsaUtils.validatePrivateKey(config.privateKey);
+  RsaUtils.validatePublicKey(config.waffoPublicKey);
   return {
-    header: {
-      "Content-Type": "application/json",
-      "X-SIGNATURE": signature
-    },
-    body
+    ...config,
+    connectTimeout: config.connectTimeout ?? WaffoConfigDefaults.CONNECT_TIMEOUT,
+    readTimeout: config.readTimeout ?? WaffoConfigDefaults.READ_TIMEOUT
   };
 }
-function buildSuccessResponse(merchantPrivateKey) {
-  return buildWebhookResponse(
-    "success" /* SUCCESS */,
-    merchantPrivateKey
-  );
-}
-function buildFailedResponse(merchantPrivateKey) {
-  return buildWebhookResponse("failed" /* FAILED */, merchantPrivateKey);
-}
-function getWebhookEventType(notification) {
-  try {
-    const parsed = typeof notification === "string" ? JSON.parse(notification) : notification;
-    return parsed.eventType;
-  } catch {
-    return void 0;
+function fromEnv() {
+  const getEnv = (name, required = true) => {
+    const value = process.env[name];
+    if (required && (!value || value.trim() === "")) {
+      throw new Error(`Required environment variable ${name} is not set`);
+    }
+    return value || "";
+  };
+  const apiKey = getEnv(WaffoConfigEnvVars.API_KEY);
+  const privateKey = getEnv(WaffoConfigEnvVars.PRIVATE_KEY);
+  const waffoPublicKey = getEnv(WaffoConfigEnvVars.PUBLIC_KEY);
+  const envStr = getEnv(WaffoConfigEnvVars.ENVIRONMENT);
+  const merchantId = getEnv(WaffoConfigEnvVars.MERCHANT_ID);
+  const environment = envStr.toUpperCase();
+  if (environment !== "SANDBOX" /* SANDBOX */ && environment !== "PRODUCTION" /* PRODUCTION */) {
+    throw new Error(
+      `Invalid ${WaffoConfigEnvVars.ENVIRONMENT} value: ${envStr}. Must be SANDBOX or PRODUCTION`
+    );
   }
-}
-function isPaymentNotification(notification) {
-  return notification.eventType === "PAYMENT_NOTIFICATION" /* PAYMENT_NOTIFICATION */;
-}
-function isRefundNotification(notification) {
-  return notification.eventType === "REFUND_NOTIFICATION" /* REFUND_NOTIFICATION */;
-}
-function isSubscriptionStatusNotification(notification) {
-  return notification.eventType === "SUBSCRIPTION_STATUS_NOTIFICATION" /* SUBSCRIPTION_STATUS_NOTIFICATION */;
-}
-function isSubscriptionPaymentNotification(notification) {
-  return notification.eventType === "PAYMENT_NOTIFICATION" /* PAYMENT_NOTIFICATION */ && "subscriptionId" in notification.result;
+  return createWaffoConfig({
+    apiKey,
+    privateKey,
+    waffoPublicKey,
+    environment,
+    merchantId
+  });
 }
 
-// src/core/httpClient.ts
-var HttpClient = class {
+// src/types/api-response.ts
+var ApiResponse = class _ApiResponse {
+  /** Response code. "0" indicates success, other values indicate errors. */
+  code;
+  /** Response data (present when code is "0") */
+  data;
+  /** Error message (present when code is not "0") */
+  message;
+  constructor(code, data, message) {
+    this.code = code;
+    this.data = data;
+    this.message = message;
+  }
   /**
-   * Creates an HTTP client instance with the provided SDK configuration.
-   *
-   * Resolves environment-specific settings such as API base URL and public key.
+   * Creates a successful response.
    *
-   * @param {WaffoConfig} config - Waffo SDK configuration object
-   * @param {string} config.apiKey - API key assigned by Waffo
-   * @param {string} config.privateKey - Merchant private key (Base64 encoded PKCS8 DER)
-   * @param {string} [config.waffoPublicKey] - Waffo public key for response verification
-   * @param {Environment} [config.environment=Environment.PRODUCTION] - API environment
-   * @param {number} [config.timeout=30000] - Request timeout in milliseconds
-   * @param {Logger} [config.logger] - Logger instance for debugging
-   *
-   * @example
-   * const client = new HttpClient({
-   *   apiKey: 'your-api-key',
-   *   privateKey: 'your-private-key',
-   *   environment: Environment.SANDBOX,
-   * });
-   *
-   * @see {@link WaffoConfig} for configuration options
+   * @param data - The response data
    */
-  constructor(config) {
-    const environment = config.environment || "production" /* PRODUCTION */;
-    this.config = {
-      apiKey: config.apiKey,
-      privateKey: config.privateKey,
-      waffoPublicKey: config.waffoPublicKey || EnvironmentPublicKeys[environment],
-      baseUrl: EnvironmentUrls[environment],
-      timeout: config.timeout || 3e4,
-      logger: config.logger
-    };
-    this.config.logger?.debug("[Waffo SDK] HttpClient initialized", {
-      environment,
-      baseUrl: this.config.baseUrl,
-      timeout: this.config.timeout
-    });
+  static success(data) {
+    return new _ApiResponse("0", data);
   }
   /**
-   * Generates an RSA-SHA256 signature for the request body.
+   * Creates an error response.
    *
-   * @param {string} payload - Request body string to sign (JSON serialized)
-   * @returns {string} Base64 encoded RSA-SHA256 signature
-   * @throws {Error} "Failed to generate RSA signature" when signing fails
-   * @private
+   * @param code - The error code
+   * @param message - The error message
    */
-  generateSignature(payload) {
-    const signature = signForRSA(payload, this.config.privateKey);
-    if (!signature) {
-      throw new Error("Failed to generate RSA signature");
-    }
-    return signature;
+  static error(code, message) {
+    return new _ApiResponse(code, void 0, message);
   }
   /**
-   * Verifies the RSA-SHA256 signature of the response body.
-   *
-   * Ensures the response has not been tampered with during transmission.
+   * Checks if the response indicates success.
    *
-   * @param {string} responseBody - Response body string (raw JSON)
-   * @param {string} signature - X-SIGNATURE header value (Base64 encoded)
-   * @returns {boolean} `true` if signature is valid, `false` otherwise
-   * @private
+   * @returns true if the response code is "0"
    */
-  verifyResponseSignature(responseBody, signature) {
-    return verify(responseBody, signature, this.config.waffoPublicKey);
+  isSuccess() {
+    return this.code === "0";
   }
   /**
-   * Sends an HTTP POST request with automatic signing and verification.
-   *
-   * **Request Flow:**
-   * 1. Serializes the request body to JSON
-   * 2. Signs the request body using RSA-SHA256
-   * 3. Sends the request with X-API-KEY and X-SIGNATURE headers
-   * 4. Verifies the response signature using Waffo's public key
-   * 5. Parses and returns the response in standardized format
-   *
-   * **Error Handling:**
-   * - Network errors: `{ success: false, error: message }`
-   * - Timeout: status code 408 (REQUEST_TIMEOUT)
-   * - Invalid signature: returns error
-   * - Business errors (code !== "0"): parsed and returned as errors
-   *
-   * @template T - Expected response data type
-   * @template B - Request body type (must extend object)
+   * Gets the response data.
    *
-   * @param {string} endpoint - API endpoint path (e.g., '/order/create')
-   * @param {RequestOptions<B>} [options={}] - Request options
-   * @param {B} [options.body] - Request body object (will be JSON serialized)
-   * @param {Record<string, string>} [options.headers] - Additional request headers
+   * @returns The response data, or undefined if the response is an error
+   */
+  getData() {
+    return this.data;
+  }
+  /**
+   * Gets the error message.
    *
-   * @returns {Promise<ApiResponse<T>>} Response object with success status and data/error
+   * @returns The error message, or undefined if the response is successful
+   */
+  getMessage() {
+    return this.message;
+  }
+  /**
+   * Gets the response code.
    *
-   * @example
-   * // Make a POST request
-   * const result = await httpClient.post<CreateOrderData>('/order/create', {
-   *   body: {
-   *     paymentRequestId: 'req-123',
-   *     merchantOrderId: 'order-456',
-   *     // ... other fields
-   *   },
-   * });
+   * @returns The response code
+   */
+  getCode() {
+    return this.code;
+  }
+  /**
+   * Gets the response data or throws an error.
    *
-   * if (result.success) {
-   *   console.log('Order created:', result.data.acquiringOrderId);
-   * } else {
-   *   console.error('Error:', result.error);
-   * }
+   * @returns The response data
+   * @throws Error if the response is not successful or data is undefined
+   */
+  getDataOrThrow() {
+    if (!this.isSuccess()) {
+      throw new Error(`[${this.code}] ${this.message ?? "API error"}`);
+    }
+    if (this.data === void 0) {
+      throw new Error("Response data is undefined");
+    }
+    return this.data;
+  }
+};
+
+// src/net/default-http-transport.ts
+var DefaultHttpTransport = class {
+  /**
+   * Sends an HTTP request using native fetch.
    *
-   * @example
-   * // Handle timeout errors
-   * const result = await httpClient.post('/order/create', { body: params });
-   * if (!result.success && result.statusCode === HttpStatusCode.REQUEST_TIMEOUT) {
-   *   console.log('Request timed out, please retry');
-   * }
+   * @param request - The HTTP request to send
+   * @returns The HTTP response
+   * @throws Error if the request fails (network error, timeout, etc.)
+   */
+  async send(request) {
+    const connectController = new AbortController();
+    let connectTimeoutId;
+    let readTimeoutId;
+    let timeoutPhase = "connect";
+    try {
+      connectTimeoutId = setTimeout(() => {
+        connectController.abort();
+      }, request.connectTimeout);
+      const response = await fetch(request.url, {
+        method: request.method,
+        headers: request.headers,
+        body: request.body,
+        signal: connectController.signal
+      });
+      clearTimeout(connectTimeoutId);
+      connectTimeoutId = void 0;
+      timeoutPhase = "read";
+      const readController = new AbortController();
+      readTimeoutId = setTimeout(() => {
+        readController.abort();
+      }, request.readTimeout);
+      const body = await Promise.race([
+        response.text(),
+        new Promise((_, reject) => {
+          readController.signal.addEventListener("abort", () => {
+            reject(new Error("AbortError"));
+          });
+        })
+      ]);
+      clearTimeout(readTimeoutId);
+      readTimeoutId = void 0;
+      const headers = {};
+      response.headers.forEach((value, key) => {
+        headers[key.toLowerCase()] = value;
+      });
+      return {
+        statusCode: response.status,
+        headers,
+        body
+      };
+    } catch (error) {
+      if (error instanceof Error) {
+        if (error.name === "AbortError" || error.message === "AbortError") {
+          const timeout = timeoutPhase === "connect" ? request.connectTimeout : request.readTimeout;
+          throw new Error(`Request ${timeoutPhase} timeout after ${timeout}ms`);
+        }
+        throw error;
+      }
+      throw new Error(`HTTP request failed: ${String(error)}`);
+    } finally {
+      if (connectTimeoutId) clearTimeout(connectTimeoutId);
+      if (readTimeoutId) clearTimeout(readTimeoutId);
+    }
+  }
+};
+
+// src/core/waffo-http-client.ts
+var HEADER_API_KEY = "x-api-key";
+var HEADER_SIGNATURE = "x-signature";
+var HEADER_API_VERSION = "x-api-version";
+var HEADER_SDK_VERSION = "x-sdk-version";
+var HEADER_CONTENT_TYPE = "content-type";
+var CONTENT_TYPE_JSON = "application/json";
+var API_VERSION = "1.0.0";
+var SDK_VERSION = "waffo-node/2.1.0";
+var WaffoHttpClient = class {
+  baseUrl;
+  apiKey;
+  privateKey;
+  waffoPublicKey;
+  merchantId;
+  connectTimeout;
+  readTimeout;
+  logger;
+  httpTransport;
+  constructor(config) {
+    this.baseUrl = EnvironmentBaseUrl[config.environment];
+    this.apiKey = config.apiKey;
+    this.privateKey = config.privateKey;
+    this.waffoPublicKey = config.waffoPublicKey;
+    this.merchantId = config.merchantId;
+    this.connectTimeout = config.connectTimeout ?? WaffoConfigDefaults.CONNECT_TIMEOUT;
+    this.readTimeout = config.readTimeout ?? WaffoConfigDefaults.READ_TIMEOUT;
+    this.logger = config.logger;
+    this.httpTransport = config.httpTransport ?? new DefaultHttpTransport();
+  }
+  /**
+   * Sends a POST request to the Waffo API.
    *
-   * @see {@link ApiResponse} for the response format
-   * @see {@link RequestOptions} for request options
+   * @param path - API endpoint path (e.g., "/order/create")
+   * @param request - Request body
+   * @param options - Per-request options
+   * @returns API response
+   * @throws WaffoUnknownStatusError for network errors or unknown status
    */
-  async post(endpoint, options = {}) {
-    const { body, headers = {} } = options;
-    const payload = body ? JSON.stringify(body) : "";
-    const signature = this.generateSignature(payload);
-    const url = `${this.config.baseUrl}${endpoint}`;
-    this.config.logger?.debug("[Waffo SDK] Sending request", {
-      method: "POST",
-      url,
-      body
-    });
-    const controller = new AbortController();
-    const timeoutId = setTimeout(() => controller.abort(), this.config.timeout);
+  async post(path, request, options) {
+    const url = this.baseUrl + path;
+    const effectiveConnectTimeout = options?.connectTimeout ?? this.connectTimeout;
+    const effectiveReadTimeout = options?.readTimeout ?? this.readTimeout;
     try {
-      const response = await fetch(url, {
+      this.injectMerchantIdIfNeeded(request);
+      const requestBody = JSON.stringify(request);
+      const signature = RsaUtils.sign(requestBody, this.privateKey);
+      this.logger?.debug(`Request URL: ${url}`);
+      this.logger?.debug(`Request Body: ${requestBody}`);
+      const httpResponse = await this.httpTransport.send({
+        url,
         method: "POST",
         headers: {
-          "Content-Type": "application/json",
-          "X-API-KEY": this.config.apiKey,
-          "X-SIGNATURE": signature,
-          ...headers
+          [HEADER_CONTENT_TYPE]: CONTENT_TYPE_JSON,
+          [HEADER_API_KEY]: this.apiKey,
+          [HEADER_SIGNATURE]: signature,
+          [HEADER_API_VERSION]: API_VERSION,
+          [HEADER_SDK_VERSION]: SDK_VERSION
         },
-        body: payload || void 0,
-        signal: controller.signal
-      });
-      clearTimeout(timeoutId);
-      const statusCode = response.status;
-      const responseSignature = response.headers.get("X-SIGNATURE");
-      const responseBody = await response.text();
-      this.config.logger?.debug("[Waffo SDK] Received response", {
-        statusCode,
-        hasSignature: !!responseSignature,
-        body: responseBody
+        body: requestBody,
+        connectTimeout: effectiveConnectTimeout,
+        readTimeout: effectiveReadTimeout
       });
-      if (!responseSignature) {
-        this.config.logger?.warn(
-          "[Waffo SDK] Missing X-SIGNATURE in response headers"
+      this.logger?.debug(`Response Status: ${httpResponse.statusCode}`);
+      this.logger?.debug(`Response Body: ${httpResponse.body}`);
+      const responseSignature = httpResponse.headers[HEADER_SIGNATURE];
+      if (responseSignature) {
+        const isValid = RsaUtils.verify(
+          httpResponse.body,
+          responseSignature,
+          this.waffoPublicKey
         );
-        return {
-          success: false,
-          statusCode,
-          error: "Missing X-SIGNATURE in response headers"
-        };
+        if (!isValid) {
+          this.logger?.error("Response signature verification failed");
+          return ApiResponse.error(
+            WaffoErrorCode.VERIFY_FAILED,
+            "Response signature verification failed"
+          );
+        }
       }
-      const isValid = this.verifyResponseSignature(
-        responseBody,
-        responseSignature
-      );
-      if (!isValid) {
-        this.config.logger?.warn("[Waffo SDK] Invalid response signature");
-        return {
-          success: false,
-          statusCode,
-          error: "Invalid response signature"
-        };
+      const response = this.parseResponse(httpResponse.body);
+      if (response.code === "E0001") {
+        throw new WaffoUnknownStatusError(
+          WaffoUnknownStatusError.CODE_UNKNOWN_STATUS,
+          response.getMessage() ?? "Unknown status from server"
+        );
       }
-      let parsedBody = null;
-      try {
-        parsedBody = JSON.parse(responseBody);
-      } catch {
+      return response;
+    } catch (error) {
+      if (error instanceof WaffoUnknownStatusError) {
+        throw error;
       }
-      const isWaffoFormat = (body2) => {
-        return body2 !== null && typeof body2 === "object" && "code" in body2;
-      };
-      if (!response.ok) {
-        const errorMsg = isWaffoFormat(parsedBody) && parsedBody.msg ? `[${parsedBody.code}] ${parsedBody.msg}` : `HTTP ${response.status}: ${response.statusText}`;
-        this.config.logger?.error("[Waffo SDK] HTTP error", {
-          statusCode,
-          error: errorMsg
-        });
-        return {
-          success: false,
-          statusCode,
-          error: errorMsg
-        };
+      if (this.isNetworkError(error)) {
+        this.logger?.error("Network error", error);
+        throw new WaffoUnknownStatusError(
+          WaffoUnknownStatusError.CODE_NETWORK_ERROR,
+          `Network error, payment status unknown: ${error instanceof Error ? error.message : String(error)}`,
+          error instanceof Error ? error : void 0
+        );
       }
-      if (isWaffoFormat(parsedBody) && parsedBody.code && parsedBody.code !== "0") {
-        const errorMsg = `[${parsedBody.code}] ${parsedBody.msg || "Unknown error"}`;
-        this.config.logger?.error("[Waffo SDK] Business error", {
-          code: parsedBody.code,
-          msg: parsedBody.msg
-        });
-        return {
-          success: false,
-          statusCode,
-          error: errorMsg
-        };
+      if (error instanceof SyntaxError) {
+        this.logger?.error("JSON serialization error", error);
+        return ApiResponse.error(
+          WaffoErrorCode.SERIALIZE_FAILED,
+          `Request serialization failed: ${error.message}`
+        );
       }
-      const data = isWaffoFormat(parsedBody) ? parsedBody.data : parsedBody;
-      this.config.logger?.debug("[Waffo SDK] Request successful", { data });
-      return { success: true, statusCode, data };
-    } catch (error) {
-      clearTimeout(timeoutId);
-      if (error instanceof Error && error.name === "AbortError") {
-        this.config.logger?.error("[Waffo SDK] Request timeout", {
-          timeout: this.config.timeout,
-          url
-        });
-        return {
-          success: false,
-          statusCode: 408 /* REQUEST_TIMEOUT */,
-          error: `Request timeout after ${this.config.timeout}ms`
-        };
+      this.logger?.error("Unexpected error", error);
+      return ApiResponse.error(
+        WaffoErrorCode.UNEXPECTED,
+        `Unexpected error: ${error instanceof Error ? error.message : String(error)}`
+      );
+    }
+  }
+  /**
+   * Parses the API response body.
+   */
+  parseResponse(responseBody) {
+    try {
+      const parsed = JSON.parse(responseBody);
+      const { code, msg, data } = parsed;
+      if (code === "0") {
+        return ApiResponse.success(data);
+      } else {
+        return ApiResponse.error(code ?? "UNKNOWN", msg);
       }
-      const errorMessage = error instanceof Error ? error.message : "Unknown error";
-      this.config.logger?.error("[Waffo SDK] Request failed", {
-        error: errorMessage,
-        url
-      });
-      return {
-        success: false,
-        statusCode: 500 /* INTERNAL_SERVER_ERROR */,
-        error: errorMessage
-      };
+    } catch (error) {
+      this.logger?.error("Failed to parse response", error);
+      return ApiResponse.error(
+        "C0001",
+        `Failed to parse response: ${error instanceof Error ? error.message : String(error)}`
+      );
+    }
+  }
+  /**
+   * Auto-injects merchantId into the request if configured.
+   */
+  injectMerchantIdIfNeeded(request) {
+    if (!this.merchantId) return;
+    const req = request;
+    if (typeof req.merchantInfo === "object" && req.merchantInfo !== null && !("merchantId" in req.merchantInfo && req.merchantInfo.merchantId)) {
+      req.merchantInfo.merchantId = this.merchantId;
+    } else if ("merchantId" in req && !req.merchantId) {
+      req.merchantId = this.merchantId;
     }
   }
+  /**
+   * Checks if the error is a network-related error.
+   */
+  isNetworkError(error) {
+    if (!(error instanceof Error)) return false;
+    const message = error.message.toLowerCase();
+    return error.name === "AbortError" || message.includes("timeout") || message.includes("econnrefused") || message.includes("enotfound") || message.includes("network") || message.includes("socket") || message.includes("connection");
+  }
 };
 
-// src/core/webhook.ts
+// src/core/webhook-handler.ts
+var WebhookEventType = /* @__PURE__ */ ((WebhookEventType2) => {
+  WebhookEventType2["PAYMENT_NOTIFICATION"] = "PAYMENT_NOTIFICATION";
+  WebhookEventType2["REFUND_NOTIFICATION"] = "REFUND_NOTIFICATION";
+  WebhookEventType2["SUBSCRIPTION_STATUS_NOTIFICATION"] = "SUBSCRIPTION_STATUS_NOTIFICATION";
+  WebhookEventType2["SUBSCRIPTION_PAYMENT_NOTIFICATION"] = "SUBSCRIPTION_PAYMENT_NOTIFICATION";
+  WebhookEventType2["SUBSCRIPTION_PERIOD_CHANGED_NOTIFICATION"] = "SUBSCRIPTION_PERIOD_CHANGED_NOTIFICATION";
+  return WebhookEventType2;
+})(WebhookEventType || {});
 var WebhookHandler = class {
+  waffoPublicKey;
+  privateKey;
+  logger;
+  paymentHandler;
+  refundHandler;
+  subscriptionStatusHandler;
+  subscriptionPaymentHandler;
+  subscriptionPeriodChangedHandler;
+  constructor(config) {
+    this.waffoPublicKey = config.waffoPublicKey;
+    this.privateKey = config.privateKey;
+    this.logger = config.logger;
+  }
   /**
-   * Creates a webhook handler instance.
-   *
-   * Initializes the handler with SDK configuration and resolves
-   * environment-specific settings such as Waffo's public key.
-   *
-   * @param {WaffoConfig} config - Waffo SDK configuration object
-   * @param {string} config.privateKey - Merchant private key (Base64 encoded PKCS8 DER)
-   * @param {string} [config.waffoPublicKey] - Waffo public key for request verification
-   * @param {Environment} [config.environment=Environment.PRODUCTION] - API environment
-   *
-   * @example
-   * // Typically created automatically by Waffo SDK
-   * const waffo = new Waffo(config);
-   * // Access via: waffo.webhook
-   *
-   * @see {@link WaffoConfig} for configuration options
+   * Registers a handler for payment notifications.
    */
-  constructor(config) {
-    const environment = config.environment || "production" /* PRODUCTION */;
-    this.config = {
-      privateKey: config.privateKey,
-      waffoPublicKey: config.waffoPublicKey || EnvironmentPublicKeys[environment]
-    };
+  onPayment(handler) {
+    this.paymentHandler = handler;
+    return this;
   }
   /**
-   * Processes an incoming webhook notification from Waffo.
-   *
-   * **Processing Flow:**
-   * 1. Verifies the request signature using Waffo's public key
-   * 2. Parses the notification and determines its type
-   * 3. Routes to the appropriate handler based on event type
-   * 4. Returns a signed response to acknowledge receipt
-   *
-   * **Supported Event Types:**
-   * - `PAYMENT_NOTIFICATION` - Payment order status changes
-   * - `REFUND_NOTIFICATION` - Refund status changes
-   * - `SUBSCRIPTION_STATUS_NOTIFICATION` - Subscription status changes
-   * - `PAYMENT_NOTIFICATION` with subscriptionId - Subscription payments
-   *
-   * @param {string} requestBody - Raw request body string (JSON)
-   * @param {string} signature - X-SIGNATURE header value from Waffo
-   * @param {WebhookHandlerOptions} options - Handler configuration options
-   *
-   * @returns {Promise<WebhookHandlerResult>} Result with success status and signed response
-   *
-   * @example
-   * // Express.js endpoint
-   * app.post('/webhook', async (req, res) => {
-   *   const result = await waffo.webhook.handle(
-   *     JSON.stringify(req.body),
-   *     req.headers['x-signature'],
-   *     {
-   *       onPayment: async ({ notification }) => {
-   *         const { orderStatus, acquiringOrderId } = notification.result;
-   *         await db.orders.updateStatus(acquiringOrderId, orderStatus);
-   *       },
-   *       onRefund: async ({ notification }) => {
-   *         const { refundStatus } = notification.result;
-   *         await db.refunds.update(notification.result);
-   *       },
-   *       onSubscriptionStatus: async ({ notification }) => {
-   *         await db.subscriptions.update(notification.result);
-   *       },
-   *       onSubscriptionPayment: async ({ notification }) => {
-   *         await db.payments.create(notification.result);
-   *       },
-   *       onError: async (error) => {
-   *         logger.error('Webhook error', error);
-   *       },
-   *     }
-   *   );
-   *
-   *   // Return signed response to Waffo
-   *   res.set(result.response.header).json(result.response.body);
-   * });
-   *
-   * @example
-   * // Next.js API route
-   * export async function POST(request: Request) {
-   *   const body = await request.text();
-   *   const signature = request.headers.get('x-signature') || '';
-   *
-   *   const result = await waffo.webhook.handle(body, signature, {
-   *     onPayment: async (ctx) => { ... },
-   *   });
-   *
-   *   return new Response(JSON.stringify(result.response.body), {
-   *     headers: result.response.header,
-   *   });
-   * }
+   * Registers a handler for refund notifications.
+   */
+  onRefund(handler) {
+    this.refundHandler = handler;
+    return this;
+  }
+  /**
+   * Registers a handler for subscription status notifications.
+   */
+  onSubscriptionStatus(handler) {
+    this.subscriptionStatusHandler = handler;
+    return this;
+  }
+  /**
+   * Registers a handler for subscription payment notifications.
+   */
+  onSubscriptionPayment(handler) {
+    this.subscriptionPaymentHandler = handler;
+    return this;
+  }
+  /**
+   * Registers a handler for subscription period changed notifications.
+   */
+  onSubscriptionPeriodChanged(handler) {
+    this.subscriptionPeriodChangedHandler = handler;
+    return this;
+  }
+  /**
+   * Processes a webhook notification.
    *
-   * @see {@link WebhookHandlerOptions} for handler configuration
-   * @see {@link WebhookHandlerResult} for return type
+   * @param body - The raw webhook body
+   * @param signature - The X-SIGNATURE header value
+   * @returns Result with response body and signature
    */
-  async handle(requestBody, signature, options = {}) {
-    const {
-      onPayment,
-      onRefund,
-      onSubscriptionStatus,
-      onSubscriptionPayment,
-      onError
-    } = options;
+  async handleWebhook(body, signature) {
     try {
-      const verificationResult = verifyWebhookSignature(
-        requestBody,
-        signature,
-        this.config.waffoPublicKey
-      );
-      if (!verificationResult.isValid) {
-        const error = new Error(
-          verificationResult.error || "Signature verification failed"
-        );
-        await onError?.(error);
-        return {
-          success: false,
-          response: buildWebhookResponse(
-            "failed" /* FAILED */,
-            this.config.privateKey
-          ),
-          error: verificationResult.error
-        };
+      if (!signature) {
+        this.logger?.warn("Missing webhook signature");
+        return this.createFailedResult("Missing signature");
       }
-      const { notification, eventType } = verificationResult;
-      if (!notification || !eventType) {
-        const error = new Error("Invalid notification format");
-        await onError?.(error);
-        return {
-          success: false,
-          response: buildWebhookResponse(
-            "failed" /* FAILED */,
-            this.config.privateKey
-          ),
-          error: "Invalid notification format"
-        };
+      const isValid = RsaUtils.verify(body, signature, this.waffoPublicKey);
+      if (!isValid) {
+        this.logger?.error("Invalid webhook signature");
+        return this.createFailedResult("Invalid signature");
       }
-      if (isSubscriptionPaymentNotification(notification)) {
-        await onSubscriptionPayment?.({
-          notification,
-          rawBody: requestBody,
-          eventType
-        });
-      } else if (isPaymentNotification(notification)) {
-        await onPayment?.({
-          notification,
-          rawBody: requestBody,
-          eventType
-        });
-      } else if (isRefundNotification(notification)) {
-        await onRefund?.({
-          notification,
-          rawBody: requestBody,
-          eventType
-        });
-      } else if (isSubscriptionStatusNotification(notification)) {
-        await onSubscriptionStatus?.({
-          notification,
-          rawBody: requestBody,
-          eventType
-        });
+      const parsed = JSON.parse(body);
+      const eventType = parsed.eventType;
+      switch (eventType) {
+        case "PAYMENT_NOTIFICATION" /* PAYMENT_NOTIFICATION */:
+          if (this.paymentHandler) {
+            await this.paymentHandler(parsed);
+          }
+          break;
+        case "REFUND_NOTIFICATION" /* REFUND_NOTIFICATION */:
+          if (this.refundHandler) {
+            await this.refundHandler(parsed);
+          }
+          break;
+        case "SUBSCRIPTION_STATUS_NOTIFICATION" /* SUBSCRIPTION_STATUS_NOTIFICATION */:
+          if (this.subscriptionStatusHandler) {
+            await this.subscriptionStatusHandler(parsed);
+          }
+          break;
+        case "SUBSCRIPTION_PAYMENT_NOTIFICATION" /* SUBSCRIPTION_PAYMENT_NOTIFICATION */:
+          if (this.subscriptionPaymentHandler) {
+            await this.subscriptionPaymentHandler(parsed);
+          }
+          break;
+        case "SUBSCRIPTION_PERIOD_CHANGED_NOTIFICATION" /* SUBSCRIPTION_PERIOD_CHANGED_NOTIFICATION */:
+          if (this.subscriptionPeriodChangedHandler) {
+            await this.subscriptionPeriodChangedHandler(parsed);
+          }
+          break;
+        default:
+          this.logger?.warn(`Unknown webhook event type: ${eventType}`);
+          return this.createFailedResult(`Unknown event type: ${eventType}`);
       }
-      return {
-        success: true,
-        response: buildWebhookResponse(
-          "success" /* SUCCESS */,
-          this.config.privateKey
-        )
-      };
+      return this.createSuccessResult();
     } catch (error) {
-      const err = error instanceof Error ? error : new Error(String(error));
-      await onError?.(err);
-      return {
-        success: false,
-        response: buildWebhookResponse(
-          "failed" /* FAILED */,
-          this.config.privateKey
-        ),
-        error: err.message
-      };
+      this.logger?.error("Error handling webhook", error);
+      return this.createFailedResult(
+        `Error handling webhook: ${error instanceof Error ? error.message : String(error)}`
+      );
     }
   }
-};
-
-// src/resources/base.ts
-var BaseResource = class {
   /**
-   * Initializes the base resource with HTTP client and base path.
+   * Verifies a webhook signature.
    *
-   * @param {HttpClient} client - HTTP client instance
-   * @param {string} basePath - Base path for API endpoints
-   * @protected
+   * @param body - The raw webhook body
+   * @param signature - The X-SIGNATURE header value
+   * @returns true if signature is valid
    */
-  constructor(client, basePath) {
-    this.client = client;
-    this.basePath = basePath;
+  verifySignature(body, signature) {
+    return RsaUtils.verify(body, signature, this.waffoPublicKey);
+  }
+  /**
+   * Builds a success response with signature.
+   */
+  buildSuccessResponse() {
+    const body = JSON.stringify({ status: "success" });
+    const signature = RsaUtils.sign(body, this.privateKey);
+    return { body, signature };
+  }
+  /**
+   * Builds a failed response with signature.
+   */
+  buildFailedResponse(message) {
+    const body = JSON.stringify({ status: "failed", message });
+    const signature = RsaUtils.sign(body, this.privateKey);
+    return { body, signature };
+  }
+  createSuccessResult() {
+    const { body, signature } = this.buildSuccessResponse();
+    return {
+      success: true,
+      responseBody: body,
+      responseSignature: signature
+    };
+  }
+  createFailedResult(error) {
+    const { body, signature } = this.buildFailedResponse(error);
+    return {
+      success: false,
+      responseBody: body,
+      responseSignature: signature,
+      error
+    };
   }
 };
 
-// src/resources/order/resource.ts
-var OrderResource = class extends BaseResource {
+// src/resources/base-resource.ts
+var BaseResource = class {
+  httpClient;
+  basePath;
+  constructor(httpClient, basePath) {
+    this.httpClient = httpClient;
+    this.basePath = basePath;
+  }
   /**
-   * Creates an Order resource instance.
-   * @param {HttpClient} client - HTTP client instance
+   * Gets the full path for an endpoint.
+   *
+   * @param endpoint - The endpoint (e.g., "/create")
+   * @returns Full path (e.g., "/order/create")
    */
-  constructor(client) {
-    super(client, "/order");
+  getPath(endpoint) {
+    return this.basePath + endpoint;
   }
+};
+
+// src/resources/order-resource.ts
+var OrderResource = class _OrderResource extends BaseResource {
+  static PATH_CREATE = "/create";
+  static PATH_INQUIRY = "/inquiry";
+  static PATH_CANCEL = "/cancel";
+  static PATH_REFUND = "/refund";
+  static PATH_CAPTURE = "/capture";
   /**
    * Creates a new payment order.
    *
-   * Supports multiple payment methods including e-wallet, credit card,
-   * bank transfer, and more.
-   *
-   * @param {CreateOrderParams} params - Order creation parameters
-   * @returns {Promise<ApiResponse<CreateOrderData>>} Order creation result
-   *
-   * @example
-   * const result = await waffo.order.create({
-   *   paymentRequestId: 'req-' + Date.now(),
-   *   merchantOrderId: 'order-456',
-   *   orderCurrency: 'IDR',
-   *   orderAmount: '100000',
-   *   orderDescription: 'Product purchase',
-   *   merchantInfo: { merchantId: 'M001' },
-   *   userInfo: {
-   *     userId: 'U001',
-   *     userEmail: 'user@example.com',
-   *     userTerminal: 'WEB',
-   *   },
-   *   goodsInfo: {
-   *     goodsName: 'Premium Plan',
-   *     goodsUrl: 'https://example.com/product',
-   *   },
-   *   paymentInfo: {
-   *     productName: 'ONE_TIME_PAYMENT',
-   *     payMethodName: 'DANA',
-   *   },
-   *   notifyUrl: 'https://example.com/webhook',
-   *   successRedirectUrl: 'https://example.com/success',
-   * });
-   *
-   * if (result.success) {
-   *   // Redirect user to payment page
-   *   const redirectUrl = result.data.orderAction?.webUrl;
-   * }
-   *
-   * @see {@link CreateOrderParams} for all available parameters
+   * @param params - Order creation parameters
+   * @param options - Optional request options
+   * @returns API response with order data
+   * @throws WaffoUnknownStatusError for network errors
    */
-  async create(params) {
-    const body = {
-      ...params,
-      orderRequestedAt: params.orderRequestedAt ?? (/* @__PURE__ */ new Date()).toISOString()
-    };
-    return this.client.post(
-      `${this.basePath}/create`,
-      { body }
+  async create(params, options) {
+    return this.httpClient.post(
+      this.getPath(_OrderResource.PATH_CREATE),
+      params,
+      options
     );
   }
   /**
-   * Queries current order status and details.
-   *
-   * Provide either `paymentRequestId` or `acquiringOrderId` to identify the order.
+   * Queries an existing order.
    *
-   * @param {InquiryOrderParams} params - Query parameters
-   * @returns {Promise<ApiResponse<InquiryOrderData>>} Order details
-   *
-   * @example
-   * // Query by acquiring order ID
-   * const result = await waffo.order.inquiry({
-   *   acquiringOrderId: 'ACQ123456789',
-   * });
-   *
-   * if (result.success) {
-   *   console.log('Order status:', result.data.orderStatus);
-   *   console.log('Amount:', result.data.orderAmount, result.data.orderCurrency);
-   * }
-   *
-   * @example
-   * // Query by payment request ID
-   * const result = await waffo.order.inquiry({
-   *   paymentRequestId: 'req-123',
-   * });
-   *
-   * @see {@link InquiryOrderData} for response structure
+   * @param params - Order inquiry parameters
+   * @param options - Optional request options
+   * @returns API response with order data
+   * @throws WaffoUnknownStatusError for network errors
    */
-  async inquiry(params) {
-    return this.client.post(
-      `${this.basePath}/inquiry`,
-      { body: params }
+  async inquiry(params, options) {
+    return this.httpClient.post(
+      this.getPath(_OrderResource.PATH_INQUIRY),
+      params,
+      options
     );
   }
   /**
-   * Cancels an unpaid order.
-   *
-   * Only orders with status `AUTHORIZATION_REQUIRED` or `PAY_IN_PROGRESS` can be canceled.
-   *
-   * @param {CancelOrderParams} params - Cancel parameters
-   * @returns {Promise<ApiResponse<CancelOrderData>>} Cancellation result
+   * Cancels an existing order.
    *
-   * @example
-   * const result = await waffo.order.cancel({
-   *   acquiringOrderId: 'ACQ123456789',
-   *   merchantId: 'M001',
-   * });
-   *
-   * if (result.success) {
-   *   console.log('Order canceled:', result.data.orderStatus);
-   *   // => 'ORDER_CLOSE'
-   * }
-   *
-   * @see {@link CancelOrderData} for response structure
+   * @param params - Order cancellation parameters
+   * @param options - Optional request options
+   * @returns API response with cancellation result
+   * @throws WaffoUnknownStatusError for network errors
    */
-  async cancel(params) {
-    const body = {
-      ...params,
-      orderRequestedAt: params.orderRequestedAt ?? (/* @__PURE__ */ new Date()).toISOString()
-    };
-    return this.client.post(
-      `${this.basePath}/cancel`,
-      { body }
+  async cancel(params, options) {
+    return this.httpClient.post(
+      this.getPath(_OrderResource.PATH_CANCEL),
+      params,
+      options
     );
   }
   /**
-   * Initiates a refund request for a paid order.
-   *
-   * Supports both full and partial refunds. Multiple partial refunds can be
-   * made until the total refunded amount equals the original order amount.
-   *
-   * @param {RefundOrderParams} params - Refund parameters
-   * @returns {Promise<ApiResponse<CreateRefundData>>} Refund request result
-   *
-   * @example
-   * // Full refund
-   * const result = await waffo.order.refund({
-   *   refundRequestId: 'refund-' + Date.now(),
-   *   acquiringOrderId: 'ACQ123456789',
-   *   merchantId: 'M001',
-   *   refundAmount: '100000',
-   *   refundReason: 'Customer request',
-   *   refundNotifyUrl: 'https://example.com/refund-webhook',
-   * });
-   *
-   * if (result.success) {
-   *   console.log('Refund status:', result.data.refundStatus);
-   *   console.log('Remaining refundable:', result.data.remainingRefundAmount);
-   * }
-   *
-   * @example
-   * // Partial refund
-   * const result = await waffo.order.refund({
-   *   refundRequestId: 'refund-partial-123',
-   *   acquiringOrderId: 'ACQ123456789',
-   *   merchantId: 'M001',
-   *   refundAmount: '50000', // Partial amount
-   *   refundReason: 'Partial refund',
-   * });
+   * Refunds an existing order.
    *
-   * @see {@link CreateRefundData} for response structure
+   * @param params - Order refund parameters
+   * @param options - Optional request options
+   * @returns API response with refund result
+   * @throws WaffoUnknownStatusError for network errors
    */
-  async refund(params) {
-    const body = {
-      ...params,
-      requestedAt: params.requestedAt ?? (/* @__PURE__ */ new Date()).toISOString()
-    };
-    return this.client.post(
-      `${this.basePath}/refund`,
-      { body }
+  async refund(params, options) {
+    return this.httpClient.post(
+      this.getPath(_OrderResource.PATH_REFUND),
+      params,
+      options
     );
   }
   /**
-   * Captures an authorized payment (manualCapture mode only).
-   *
-   * Converts an authorization to an actual charge. Supports both
-   * partial and full capture amounts.
-   *
-   * @param {CaptureOrderParams} params - Capture parameters
-   * @returns {Promise<ApiResponse<CaptureOrderData>>} Capture result
+   * Captures an authorized order.
    *
-   * @example
-   * // Full capture
-   * const result = await waffo.order.capture({
-   *   acquiringOrderId: 'ACQ123456789',
-   *   merchantId: 'M001',
-   *   captureAmount: '100000', // Full authorized amount
-   * });
-   *
-   * if (result.success) {
-   *   console.log('Capture status:', result.data.orderStatus);
-   * }
-   *
-   * @example
-   * // Partial capture
-   * const result = await waffo.order.capture({
-   *   acquiringOrderId: 'ACQ123456789',
-   *   merchantId: 'M001',
-   *   captureAmount: '75000', // Capture less than authorized
-   * });
-   *
-   * @see {@link CaptureOrderData} for response structure
+   * @param params - Order capture parameters
+   * @param options - Optional request options
+   * @returns API response with capture result
+   * @throws WaffoUnknownStatusError for network errors
    */
-  async capture(params) {
-    const body = {
-      ...params,
-      captureRequestedAt: params.captureRequestedAt ?? (/* @__PURE__ */ new Date()).toISOString()
-    };
-    return this.client.post(
-      `${this.basePath}/capture`,
-      { body }
+  async capture(params, options) {
+    return this.httpClient.post(
+      this.getPath(_OrderResource.PATH_CAPTURE),
+      params,
+      options
     );
   }
 };
 
-// src/resources/refund/resource.ts
-var RefundResource = class extends BaseResource {
+// src/resources/subscription-resource.ts
+var SubscriptionResource = class _SubscriptionResource extends BaseResource {
+  static PATH_CREATE = "/create";
+  static PATH_INQUIRY = "/inquiry";
+  static PATH_CANCEL = "/cancel";
+  static PATH_MANAGE = "/manage";
+  static PATH_CHANGE = "/change";
+  static PATH_CHANGE_INQUIRY = "/change/inquiry";
   /**
-   * Creates a Refund resource instance.
-   * @param {HttpClient} client - HTTP client instance
+   * Creates a new subscription.
+   *
+   * @param params - Subscription creation parameters
+   * @param options - Optional request options
+   * @returns API response with subscription data
+   * @throws WaffoUnknownStatusError for network errors
    */
-  constructor(client) {
-    super(client, "/refund");
+  async create(params, options) {
+    return this.httpClient.post(
+      this.getPath(_SubscriptionResource.PATH_CREATE),
+      params,
+      options
+    );
   }
   /**
-   * Queries current refund status and details.
-   *
-   * Provide either `refundRequestId` or `acquiringRefundOrderId` to identify the refund.
-   *
-   * @param {RefundInquiryParams} params - Query parameters
-   * @returns {Promise<ApiResponse<InquiryRefundData>>} Refund details
-   *
-   * @example
-   * // Query by refund request ID
-   * const result = await waffo.refund.inquiry({
-   *   refundRequestId: 'refund-123',
-   * });
-   *
-   * if (result.success) {
-   *   const { refundStatus, refundAmount, remainingRefundAmount } = result.data;
-   *   console.log(`Status: ${refundStatus}`);
-   *   console.log(`Refunded: ${refundAmount}`);
-   *   console.log(`Remaining: ${remainingRefundAmount}`);
-   * }
+   * Queries an existing subscription.
    *
-   * @example
-   * // Query by acquiring refund order ID
-   * const result = await waffo.refund.inquiry({
-   *   acquiringRefundOrderId: 'REF123456789',
-   * });
+   * @param params - Subscription inquiry parameters
+   * @param options - Optional request options
+   * @returns API response with subscription data
+   * @throws WaffoUnknownStatusError for network errors
+   */
+  async inquiry(params, options) {
+    return this.httpClient.post(
+      this.getPath(_SubscriptionResource.PATH_INQUIRY),
+      params,
+      options
+    );
+  }
+  /**
+   * Cancels an existing subscription.
    *
-   * @see {@link InquiryRefundData} for response structure
+   * @param params - Subscription cancellation parameters
+   * @param options - Optional request options
+   * @returns API response with cancellation result
+   * @throws WaffoUnknownStatusError for network errors
    */
-  async inquiry(params) {
-    return this.client.post(
-      `${this.basePath}/inquiry`,
-      { body: params }
+  async cancel(params, options) {
+    return this.httpClient.post(
+      this.getPath(_SubscriptionResource.PATH_CANCEL),
+      params,
+      options
     );
   }
-};
-
-// src/resources/subscription/resource.ts
-var SubscriptionResource = class extends BaseResource {
   /**
-   * Creates a Subscription resource instance.
-   * @param {HttpClient} client - HTTP client instance
+   * Manages an existing subscription (pause, resume, update).
+   *
+   * @param params - Subscription management parameters
+   * @param options - Optional request options
+   * @returns API response with management result
+   * @throws WaffoUnknownStatusError for network errors
    */
-  constructor(client) {
-    super(client, "/subscription");
+  async manage(params, options) {
+    return this.httpClient.post(
+      this.getPath(_SubscriptionResource.PATH_MANAGE),
+      params,
+      options
+    );
   }
   /**
-   * Creates a new subscription signing request for recurring payments.
+   * Changes (upgrades/downgrades) an existing subscription.
    *
-   * After creation, redirect the user to the signing URL to authorize
-   * the recurring payment agreement.
+   * This method allows changing an active subscription to a new plan with different
+   * pricing, billing period, or other terms. The remaining amount from the original
+   * subscription can be applied to the new subscription.
    *
-   * @param {CreateSubscriptionParams} params - Subscription creation parameters
-   * @returns {Promise<ApiResponse<CreateSubscriptionData>>} Subscription creation result
+   * @param params - Subscription change parameters
+   * @param options - Optional request options
+   * @returns API response with change result
+   * @throws WaffoUnknownStatusError for network errors
    *
    * @example
-   * const result = await waffo.subscription.create({
-   *   subscriptionRequest: 'sub-' + Date.now(),
+   * ```typescript
+   * const response = await waffo.subscription().change({
+   *   subscriptionRequest: 'new-request-id',
+   *   originSubscriptionRequest: 'original-request-id',
+   *   remainingAmount: '50.00',
    *   currency: 'HKD',
-   *   amount: '99.00',
-   *   productInfo: {
-   *     description: 'Premium Monthly Plan',
-   *     periodType: 'MONTHLY',
-   *     periodInterval: '1',
-   *     numberOfPeriod: '12', // 12 months
-   *   },
-   *   merchantInfo: { merchantId: 'M001' },
-   *   userInfo: {
-   *     userId: 'U001',
-   *     userEmail: 'user@example.com',
-   *   },
-   *   goodsInfo: {
-   *     goodsId: 'PREMIUM-PLAN',
-   *     goodsName: 'Premium Plan',
-   *     goodsUrl: 'https://example.com/plan',
-   *   },
-   *   paymentInfo: {
-   *     productName: 'SUBSCRIPTION',
-   *     payMethodName: 'ALIPAY_HK',
-   *   },
+   *   requestedAt: new Date().toISOString(),
    *   notifyUrl: 'https://example.com/webhook',
-   *   successRedirectUrl: 'https://example.com/success',
+   *   productInfoList: [{
+   *     description: 'Premium Monthly',
+   *     periodType: 'MONTH',
+   *     periodInterval: '1',
+   *     amount: '199.00',
+   *   }],
+   *   userInfo: { userId: 'user-123', userEmail: 'user@example.com' },
+   *   goodsInfo: { goodsId: 'premium', goodsName: 'Premium Plan' },
+   *   paymentInfo: { productName: 'SUBSCRIPTION' },
    * });
    *
-   * if (result.success) {
-   *   // Redirect user to subscription signing page
-   *   const signingUrl = result.data.subscriptionAction?.webUrl;
+   * if (response.isSuccess()) {
+   *   const data = response.getData();
+   *   if (data?.subscriptionChangeStatus === 'AUTHORIZATION_REQUIRED') {
+   *     // Redirect user to authorization URL
+   *     const webUrl = JSON.parse(data.subscriptionAction || '{}').webUrl;
+   *   }
    * }
-   *
-   * @see {@link CreateSubscriptionData} for response structure
+   * ```
    */
-  async create(params) {
-    const body = {
-      ...params,
-      requestedAt: params.requestedAt ?? (/* @__PURE__ */ new Date()).toISOString()
-    };
-    return this.client.post(
-      `${this.basePath}/create`,
-      { body }
+  async change(params, options) {
+    return this.httpClient.post(
+      this.getPath(_SubscriptionResource.PATH_CHANGE),
+      params,
+      options
     );
   }
   /**
-   * Queries subscription details and optionally payment history.
+   * Queries the status of a subscription change.
    *
-   * @param {InquirySubscriptionParams} params - Query parameters
-   * @returns {Promise<ApiResponse<InquirySubscriptionData>>} Subscription details
+   * Use this method to check the current status of a subscription change operation,
+   * especially after network errors or when status is uncertain.
    *
-   * @example
-   * // Query subscription status
-   * const result = await waffo.subscription.inquiry({
-   *   subscriptionId: 'SUB123456789',
-   * });
-   *
-   * if (result.success) {
-   *   console.log('Status:', result.data.subscriptionStatus);
-   *   console.log('Next payment:', result.data.productInfo.nextPaymentDateTime);
-   * }
+   * @param params - Change inquiry parameters
+   * @param options - Optional request options
+   * @returns API response with change inquiry data
    *
    * @example
-   * // Query with payment history
-   * const result = await waffo.subscription.inquiry({
-   *   subscriptionId: 'SUB123456789',
-   *   paymentDetails: '1', // Include payment history
+   * ```typescript
+   * const response = await waffo.subscription().changeInquiry({
+   *   subscriptionRequest: 'new-request-id',
+   *   originSubscriptionRequest: 'original-request-id',
    * });
    *
-   * if (result.success && result.data.paymentDetails) {
-   *   result.data.paymentDetails.forEach(payment => {
-   *     console.log(`Period ${payment.period}: ${payment.orderStatus}`);
-   *   });
+   * if (response.isSuccess()) {
+   *   const data = response.getData();
+   *   console.log('Change status:', data?.subscriptionChangeStatus);
    * }
+   * ```
+   */
+  async changeInquiry(params, options) {
+    try {
+      return await this.httpClient.post(
+        this.getPath(_SubscriptionResource.PATH_CHANGE_INQUIRY),
+        params,
+        options
+      );
+    } catch (error) {
+      if (error && typeof error === "object" && "errorCode" in error) {
+        return ApiResponse.error("E0001", String(error.message || "Unknown error"));
+      }
+      throw error;
+    }
+  }
+};
+
+// src/resources/refund-resource.ts
+var RefundResource = class _RefundResource extends BaseResource {
+  static PATH_INQUIRY = "/inquiry";
+  /**
+   * Queries the status of a refund.
    *
-   * @see {@link InquirySubscriptionData} for response structure
+   * @param params - Refund inquiry parameters
+   * @param options - Optional request options
+   * @returns API response with refund data
+   * @throws WaffoUnknownStatusError for network errors
    */
-  async inquiry(params) {
-    return this.client.post(
-      `${this.basePath}/inquiry`,
-      { body: params }
+  async inquiry(params, options) {
+    return this.httpClient.post(
+      this.getPath(_RefundResource.PATH_INQUIRY),
+      params,
+      options
     );
   }
+};
+
+// src/resources/merchant-config-resource.ts
+var MerchantConfigResource = class _MerchantConfigResource extends BaseResource {
+  static PATH_INQUIRY = "/inquiry";
   /**
-   * Cancels an active subscription.
-   *
-   * Once canceled, no further recurring payments will be processed.
-   *
-   * @param {CancelSubscriptionParams} params - Cancel parameters
-   * @returns {Promise<ApiResponse<CancelSubscriptionData>>} Cancellation result
+   * Queries merchant configuration.
    *
-   * @example
-   * const result = await waffo.subscription.cancel({
-   *   subscriptionId: 'SUB123456789',
-   *   merchantId: 'M001',
-   * });
-   *
-   * if (result.success) {
-   *   console.log('Subscription canceled:', result.data.orderStatus);
-   *   // => 'MERCHANT_CANCELLED'
-   * }
-   *
-   * @see {@link CancelSubscriptionData} for response structure
+   * @param params - Merchant config inquiry parameters
+   * @param options - Optional request options
+   * @returns API response with merchant config data
+   * @throws WaffoUnknownStatusError for network errors
    */
-  async cancel(params) {
-    const body = {
-      ...params,
-      requestedAt: params.requestedAt ?? (/* @__PURE__ */ new Date()).toISOString()
-    };
-    return this.client.post(
-      `${this.basePath}/cancel`,
-      { body }
+  async inquiry(params, options) {
+    return this.httpClient.post(
+      this.getPath(_MerchantConfigResource.PATH_INQUIRY),
+      params,
+      options
     );
   }
+};
+
+// src/resources/pay-method-config-resource.ts
+var PayMethodConfigResource = class _PayMethodConfigResource extends BaseResource {
+  static PATH_INQUIRY = "/inquiry";
   /**
-   * Generates a temporary management URL for users to manage their subscription.
-   *
-   * The URL allows users to view subscription details and cancel if needed.
-   * The URL expires after a certain period (check `expiredAt` in response).
-   *
-   * @param {ManageSubscriptionParams} params - Management parameters
-   * @returns {Promise<ApiResponse<ManageSubscriptionData>>} Management URL and expiration
-   *
-   * @example
-   * const result = await waffo.subscription.manage({
-   *   subscriptionId: 'SUB123456789',
-   * });
-   *
-   * if (result.success) {
-   *   console.log('Management URL:', result.data.managementUrl);
-   *   console.log('Expires at:', result.data.expiredAt);
-   *   // Send URL to user via email or display in app
-   * }
+   * Queries available payment methods.
    *
-   * @see {@link ManageSubscriptionData} for response structure
+   * @param params - Pay method config inquiry parameters
+   * @param options - Optional request options
+   * @returns API response with pay method config data
+   * @throws WaffoUnknownStatusError for network errors
    */
-  async manage(params) {
-    return this.client.post(
-      `${this.basePath}/manage`,
-      { body: params }
+  async inquiry(params, options) {
+    return this.httpClient.post(
+      this.getPath(_PayMethodConfigResource.PATH_INQUIRY),
+      params,
+      options
     );
   }
 };
 
-// src/resources/merchantconfig/resource.ts
-var MerchantConfigResource = class extends BaseResource {
+// src/waffo.ts
+var Waffo = class _Waffo {
+  config;
+  httpClient;
+  // Lazy-initialized resources
+  _order;
+  _subscription;
+  _refund;
+  _merchantConfig;
+  _payMethodConfig;
   /**
-   * Creates a Merchant Config resource instance.
-   * @param {HttpClient} client - HTTP client instance
+   * Creates a new Waffo SDK instance.
+   *
+   * @param config - SDK configuration
    */
-  constructor(client) {
-    super(client, "/merchantconfig");
+  constructor(config) {
+    this.config = config;
+    this.httpClient = new WaffoHttpClient(config);
   }
   /**
-   * Queries merchant configuration including transaction limits.
+   * Creates a Waffo SDK instance from environment variables.
    *
-   * @param {MerchantConfigInquiryParams} params - Query parameters
-   * @returns {Promise<ApiResponse<MerchantConfigInquiryData>>} Merchant configuration
+   * Required environment variables:
+   * - WAFFO_API_KEY
+   * - WAFFO_PRIVATE_KEY
+   * - WAFFO_PUBLIC_KEY
+   * - WAFFO_ENVIRONMENT (SANDBOX or PRODUCTION)
    *
-   * @example
-   * const result = await waffo.merchantConfig.inquiry({
-   *   merchantId: 'M001',
-   * });
+   * Optional environment variables:
+   * - WAFFO_MERCHANT_ID
+   * - WAFFO_CONNECT_TIMEOUT
+   * - WAFFO_READ_TIMEOUT
    *
-   * if (result.success) {
-   *   const { totalDailyLimit, remainingDailyLimit, transactionLimit } = result.data;
-   *
-   *   // Limits are returned as currency -> value maps
-   *   console.log('Daily limit (USD):', totalDailyLimit?.['USD']);
-   *   console.log('Remaining (USD):', remainingDailyLimit?.['USD']);
-   *   console.log('Per transaction (USD):', transactionLimit?.['USD']);
-   * }
-   *
-   * @see {@link MerchantConfigInquiryData} for response structure
+   * @returns Waffo SDK instance
    */
-  async inquiry(params) {
-    return this.client.post(`${this.basePath}/inquiry`, { body: params });
+  static fromEnv() {
+    return new _Waffo(fromEnv());
   }
-};
-
-// src/resources/paymethodconfig/resource.ts
-var PayMethodConfigResource = class extends BaseResource {
   /**
-   * Creates a Pay Method Config resource instance.
-   * @param {HttpClient} client - HTTP client instance
+   * Returns the order resource for managing payment orders.
+   *
+   * @returns Order resource
    */
-  constructor(client) {
-    super(client, "/paymethodconfig");
+  order() {
+    if (!this._order) {
+      this._order = new OrderResource(this.httpClient, "/order");
+    }
+    return this._order;
   }
   /**
-   * Queries available payment methods and their status.
-   *
-   * @param {PayMethodConfigInquiryParams} params - Query parameters
-   * @returns {Promise<ApiResponse<PayMethodConfigInquiryData>>} Payment method details
-   *
-   * @example
-   * const result = await waffo.payMethodConfig.inquiry({
-   *   merchantId: 'M001',
-   * });
+   * Returns the subscription resource for managing recurring payments.
    *
-   * if (result.success) {
-   *   result.data.payMethodDetails.forEach(method => {
-   *     const status = method.currentStatus === '1' ? 'Available' : 'Unavailable';
-   *     console.log(`${method.payMethodName} (${method.country}): ${status}`);
-   *
-   *     // Check maintenance windows
-   *     if (method.fixedMaintenanceRules?.length) {
-   *       console.log('  Maintenance:', method.fixedMaintenanceRules);
-   *     }
-   *   });
-   * }
-   *
-   * @example
-   * // Filter available e-wallet methods
-   * const ewallets = result.data.payMethodDetails.filter(
-   *   m => m.currentStatus === '1' && m.productName === 'ONE_TIME_PAYMENT'
-   * );
-   *
-   * @see {@link PayMethodConfigInquiryData} for response structure
+   * @returns Subscription resource
    */
-  async inquiry(params) {
-    return this.client.post(`${this.basePath}/inquiry`, { body: params });
+  subscription() {
+    if (!this._subscription) {
+      this._subscription = new SubscriptionResource(this.httpClient, "/subscription");
+    }
+    return this._subscription;
   }
-};
-
-// src/core/waffo.ts
-var Waffo = class {
   /**
-   * Creates a new Waffo SDK instance.
-   *
-   * Initializes the SDK with the provided configuration. The SDK automatically
-   * selects the appropriate API endpoint and public key based on the environment.
-   *
-   * @param {WaffoConfig} config - SDK configuration object
-   * @param {string} config.apiKey - API key assigned by Waffo (required)
-   * @param {string} config.privateKey - Merchant private key, Base64 encoded PKCS8 DER format (required)
-   * @param {string} [config.waffoPublicKey] - Waffo public key for response verification (optional)
-   * @param {Environment} [config.environment=Environment.PRODUCTION] - API environment (optional)
-   * @param {number} [config.timeout=30000] - Request timeout in milliseconds (optional)
-   * @param {Logger} [config.logger] - Logger instance for debugging (optional)
+   * Returns the refund resource for querying refund status.
    *
-   * @throws {Error} When API key or private key is missing or invalid
-   *
-   * @example
-   * // Production configuration
-   * const waffo = new Waffo({
-   *   apiKey: process.env.WAFFO_API_KEY,
-   *   privateKey: process.env.WAFFO_PRIVATE_KEY,
-   *   environment: Environment.PRODUCTION,
-   * });
-   *
-   * @example
-   * // Sandbox configuration with debugging
-   * const waffo = new Waffo({
-   *   apiKey: 'sandbox-api-key',
-   *   privateKey: 'sandbox-private-key',
-   *   environment: Environment.SANDBOX,
-   *   timeout: 60000,
-   *   logger: console,
-   * });
-   *
-   * @see {@link WaffoConfig} for configuration options
-   * @see {@link Environment} for available environments
+   * @returns Refund resource
    */
-  constructor(config) {
-    this.httpClient = new HttpClient(config);
-    this.webhook = new WebhookHandler(config);
-    this.order = new OrderResource(this.httpClient);
-    this.refund = new RefundResource(this.httpClient);
-    this.subscription = new SubscriptionResource(this.httpClient);
-    this.merchantConfig = new MerchantConfigResource(this.httpClient);
-    this.payMethodConfig = new PayMethodConfigResource(this.httpClient);
+  refund() {
+    if (!this._refund) {
+      this._refund = new RefundResource(this.httpClient, "/refund");
+    }
+    return this._refund;
   }
   /**
-   * Generates a new 2048-bit RSA key pair for API signing and verification.
+   * Returns the merchant config resource.
    *
-   * **Generated key formats:**
-   * - Private key: Base64 encoded PKCS8 DER format (for signing requests)
-   * - Public key: Base64 encoded X509/SPKI DER format (for verification)
+   * @returns Merchant config resource
+   */
+  merchantConfig() {
+    if (!this._merchantConfig) {
+      this._merchantConfig = new MerchantConfigResource(this.httpClient, "/merchant/config");
+    }
+    return this._merchantConfig;
+  }
+  /**
+   * Returns the pay method config resource.
    *
-   * **Usage:**
-   * 1. Generate a key pair using this method
-   * 2. Register the public key with Waffo via merchant dashboard
-   * 3. Store the private key securely on your server
-   * 4. Use the private key when initializing the SDK
+   * @returns Pay method config resource
+   */
+  payMethodConfig() {
+    if (!this._payMethodConfig) {
+      this._payMethodConfig = new PayMethodConfigResource(this.httpClient, "/paymethod/config");
+    }
+    return this._payMethodConfig;
+  }
+  /**
+   * Creates a webhook handler for processing Waffo webhook notifications.
    *
-   * @static
-   * @returns {KeyPair} Object containing the generated key pair
+   * @returns Webhook handler
    *
    * @example
-   * // Generate a new key pair
-   * const keys = Waffo.generateKeyPair();
-   * console.log('Private Key:', keys.privateKey);
-   * console.log('Public Key:', keys.publicKey);
+   * ```typescript
+   * // Setup webhook handler
+   * const handler = waffo.webhook()
+   *   .onPayment((notification) => {
+   *     console.log('Payment:', notification.orderStatus);
+   *   })
+   *   .onRefund((notification) => {
+   *     console.log('Refund:', notification.refundStatus);
+   *   })
+   *   .onSubscriptionStatus((notification) => {
+   *     console.log('Subscription:', notification.subscriptionStatus);
+   *   });
+   *
+   * // In Express.js route handler
+   * app.post('/webhook', async (req, res) => {
+   *   const body = req.body.toString();
+   *   const signature = req.headers['x-signature'] as string;
+   *   const result = await handler.handleWebhook(body, signature);
    *
-   * // Use the private key to initialize SDK
-   * const waffo = new Waffo({
-   *   apiKey: 'your-api-key',
-   *   privateKey: keys.privateKey,
+   *   res.setHeader('X-SIGNATURE', result.responseSignature);
+   *   res.status(200).send(result.responseBody);
    * });
+   * ```
+   */
+  webhook() {
+    return new WebhookHandler(this.config);
+  }
+  /**
+   * Returns the current configuration.
    *
-   * @see {@link KeyPair} for the return type structure
+   * @returns SDK configuration (with sensitive data)
    */
-  static generateKeyPair() {
-    const keys = createKeyPair();
-    return {
-      privateKey: keys.PRIVATE_KEY_NAME,
-      publicKey: keys.PUBLIC_KEY_NAME
-    };
+  getConfig() {
+    return this.config;
   }
 };
 
-exports.CaptureMode = CaptureMode;
-exports.CashierLanguage = CashierLanguage;
-exports.CountryCode = CountryCode;
-exports.CurrencyCode = CurrencyCode;
+exports.ApiResponse = ApiResponse;
 exports.Environment = Environment;
-exports.EnvironmentPublicKeys = EnvironmentPublicKeys;
-exports.EnvironmentUrls = EnvironmentUrls;
-exports.HttpClient = HttpClient;
-exports.HttpStatusCode = HttpStatusCode;
-exports.MerchantInitiatedMode = MerchantInitiatedMode;
-exports.OrderActionType = OrderActionType;
-exports.OrderStatus = OrderStatus;
-exports.PayMethodUserAccountType = PayMethodUserAccountType;
-exports.PeriodType = PeriodType;
-exports.ProductName = ProductName;
-exports.RefundStatus = RefundStatus;
-exports.SubscriptionEventType = SubscriptionEventType;
-exports.SubscriptionOrderStatus = SubscriptionOrderStatus;
-exports.SubscriptionPayMethodUserAccountType = SubscriptionPayMethodUserAccountType;
-exports.SubscriptionProductName = SubscriptionProductName;
-exports.SubscriptionStatus = SubscriptionStatus;
-exports.SubscriptionUserTerminalType = SubscriptionUserTerminalType;
-exports.ThreeDsDecision = ThreeDsDecision;
-exports.UserTerminalType = UserTerminalType;
+exports.EnvironmentBaseUrl = EnvironmentBaseUrl;
+exports.MerchantConfigResource = MerchantConfigResource;
+exports.OrderResource = OrderResource;
+exports.PayMethodConfigResource = PayMethodConfigResource;
+exports.RefundResource = RefundResource;
+exports.RsaUtils = RsaUtils;
+exports.SubscriptionResource = SubscriptionResource;
 exports.Waffo = Waffo;
+exports.WaffoConfigDefaults = WaffoConfigDefaults;
+exports.WaffoError = WaffoError;
+exports.WaffoErrorCode = WaffoErrorCode;
+exports.WaffoHttpClient = WaffoHttpClient;
+exports.WaffoUnknownStatusError = WaffoUnknownStatusError;
 exports.WebhookEventType = WebhookEventType;
 exports.WebhookHandler = WebhookHandler;
-exports.WebhookResponseStatus = WebhookResponseStatus;
-exports.buildFailedResponse = buildFailedResponse;
-exports.buildSuccessResponse = buildSuccessResponse;
-exports.buildWebhookResponse = buildWebhookResponse;
-exports.createKeyPair = createKeyPair;
-exports.getWebhookEventType = getWebhookEventType;
-exports.isPaymentNotification = isPaymentNotification;
-exports.isRefundNotification = isRefundNotification;
-exports.isSubscriptionPaymentNotification = isSubscriptionPaymentNotification;
-exports.isSubscriptionStatusNotification = isSubscriptionStatusNotification;
-exports.signForRSA = signForRSA;
-exports.verify = verify;
-exports.verifyWebhookSignature = verifyWebhookSignature;
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map