@withgordon/core 0.1.0

package/README.md

@@ -0,0 +1,148 @@
+# @withgordon/core
+
+TypeScript SDK for Gordon agent payments.
+
+Gordon lets agents call policy-governed paid services, including x402 APIs, without holding private keys. The SDK is a thin client: it detects provider `402 Payment Required` responses, asks the Gordon Platform to authorize and sign payment from the agent wallet, retries the provider request with payment headers, and returns a receipt.
+
+## Install
+
+```bash
+npm install @withgordon/core
+```
+
+## Quick Start
+
+```ts
+import { Gordon } from "@withgordon/core";
+
+const gordon = new Gordon({
+  evaluatorUrl: "https://evaluator.withgordon.ai",
+  platformUrl: "https://api.withgordon.ai",
+  agentApiKey: process.env.GORDON_AGENT_KEY!,
+  agentApiSecret: process.env.GORDON_AGENT_SECRET!,
+});
+
+const { response, receipt } = await gordon.fetch("https://api.exa.ai/search", {
+  method: "POST",
+  headers: { "content-type": "application/json" },
+  body: JSON.stringify({
+    query: "latest x402 integrations",
+    numResults: 3,
+  }),
+  serviceId: "exa",
+  operationId: "search.web",
+  maxPaymentUnits: 20_000, // $0.02 cap; 1,000,000 units = $1.00
+});
+
+const data = await response.json();
+console.log(data, receipt);
+```
+
+For normal non-402 responses, `receipt` is `null` and the original `Response` is returned unchanged.
+
+## Payment Flow
+
+1. The SDK makes the original HTTP request.
+2. If the provider returns `402`, the SDK parses the x402 payment requirement.
+3. The SDK sends `{ paymentRequirement, requestMetadata }` to the Gordon Platform.
+4. The Platform checks the agent's policy and signs payment from the agent's custodial wallet.
+5. The SDK retries the original provider request with the returned payment headers.
+6. The SDK completes the settlement and returns `{ response, receipt }`.
+
+The SDK does not sign payments and never handles private keys.
+
+## `gordon.fetch()`
+
+```ts
+const result = await gordon.fetch(url, options);
+```
+
+`options` extends standard `RequestInit` with Gordon fields:
+
+| Option | Type | Purpose |
+| --- | --- | --- |
+| `serviceId` | `string` | Catalog service slug, such as `exa` or `firecrawl`. |
+| `operationId` | `string` | Catalog operation ID, such as `search.web` or `scrape.url`. |
+| `maxPaymentUnits` | `number` | Maximum spend for this call. `1_000_000 = $1.00`. Defaults to `$0.10`. |
+| `idempotencyKey` | `string` | Stable key for safe retries without double-paying. |
+| `targetUrl` | `string` | For scrape/crawl calls, the customer URL being scraped. Used for domain policy. |
+| `allowUnconfirmed` | `boolean` | Development escape hatch for providers that return `2xx` without x402 receipt proof. Leave false in production. |
+
+## Receipts
+
+When payment succeeds, `receipt` contains:
+
+```ts
+{
+  settlement_id: string;
+  transaction_id: string;
+  amount_units: number;
+  network: string;
+  pay_to: string;
+  confirmed: boolean;
+}
+```
+
+`confirmed: true` means the provider returned payment proof and the Platform accepted completion.
+
+## Policy Guard
+
+The SDK also exposes the lower-level policy evaluator guard:
+
+```ts
+import { Gordon, GordonBlockedError, GordonEscalateError } from "@withgordon/core";
+
+await gordon.guard(
+  {
+    action_type: "purchase",
+    vendor: "example.com",
+    amount: 45_000_000, // $45.00
+    currency: "USD",
+    category: "software",
+    metadata: { invoice: "inv_123" },
+  },
+  async () => {
+    // Only runs when policy allows.
+    return doThePurchase();
+  },
+);
+```
+
+## Money Units
+
+Gordon uses integer micro-units:
+
+```ts
+import { MICRO_PER_USD, formatMoney, parseMoney } from "@withgordon/core/currency";
+
+MICRO_PER_USD; // 1_000_000
+formatMoney(7_000); // "$0.007"
+parseMoney("$0.02"); // 20000
+```
+
+This matches USDC's six-decimal base-unit precision.
+
+## Public Exports
+
+```ts
+import { Gordon } from "@withgordon/core";
+import type { X402PaymentRequirement } from "@withgordon/core/types";
+import { formatMoney } from "@withgordon/core/currency";
+```
+
+## Runtime Support
+
+This package is ESM and uses `fetch`, `Response`, and `Headers`.
+
+Recommended runtime:
+
+- Node.js 18+
+- Modern edge/server runtimes with Fetch API support
+- TypeScript 5+
+
+## Security Notes
+
+- Do not expose `GORDON_AGENT_SECRET` in browser code.
+- Keep agent secrets server-side or inside trusted agent runtimes.
+- Rotate any key that has been pasted into logs, chat, or a ticket.
+- Leave `allowUnconfirmed` disabled for production payment flows.

package/dist/currency.d.ts

@@ -0,0 +1,32 @@
+/**
+ * One source of truth for the system's money representation.
+ *
+ * Money is stored as a non-negative integer count of "micro-units":
+ *   1 micro-unit     = 0.000001 USD = 1/100th of a milli-cent
+ *   1,000,000 units  = 1 USD
+ *
+ * This matches USDC's 6-decimal base-unit precision exactly, so no conversion
+ * is needed between on-chain USDC atoms and Gordon's internal ledger amounts.
+ * The integer-only contract makes sums exact and avoids float drift.
+ *
+ * Per-currency precision is intentionally global here (matches the
+ * multi-currency naivety flagged as audit gap #5 in CLAUDE.md). When real
+ * multi-currency support lands, this becomes a per-currency `decimals` lookup
+ * (Stripe-style).
+ */
+export declare const MICRO_PER_USD = 1000000;
+/**
+ * Render an integer micro-unit amount as a localized currency string.
+ *
+ * Adaptive precision: at least 2 decimals (so `$50.00` doesn't look broken),
+ * at most 4 (so `$0.0003` keeps its precision). Trailing zeros past the
+ * 2-decimal floor are trimmed by `Intl.NumberFormat`.
+ */
+export declare function formatMoney(units: number, currency?: string): string;
+/**
+ * Parse a user-typed dollar string into integer micro-units. Strips currency
+ * symbols, commas, and whitespace. Returns null on unparseable / negative
+ * input so callers can drive UI validation.
+ */
+export declare function parseMoney(text: string): number | null;
+//# sourceMappingURL=currency.d.ts.map

package/dist/currency.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"currency.d.ts","sourceRoot":"","sources":["../currency.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,aAAa,UAAY,CAAC;AAEvC;;;;;;GAMG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,SAAQ,GAAG,MAAM,CAanE;AAED;;;;GAIG;AACH,wBAAgB,UAAU,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAMtD"}

package/dist/currency.js

@@ -0,0 +1,54 @@
+/**
+ * One source of truth for the system's money representation.
+ *
+ * Money is stored as a non-negative integer count of "micro-units":
+ *   1 micro-unit     = 0.000001 USD = 1/100th of a milli-cent
+ *   1,000,000 units  = 1 USD
+ *
+ * This matches USDC's 6-decimal base-unit precision exactly, so no conversion
+ * is needed between on-chain USDC atoms and Gordon's internal ledger amounts.
+ * The integer-only contract makes sums exact and avoids float drift.
+ *
+ * Per-currency precision is intentionally global here (matches the
+ * multi-currency naivety flagged as audit gap #5 in CLAUDE.md). When real
+ * multi-currency support lands, this becomes a per-currency `decimals` lookup
+ * (Stripe-style).
+ */
+export const MICRO_PER_USD = 1_000_000;
+/**
+ * Render an integer micro-unit amount as a localized currency string.
+ *
+ * Adaptive precision: at least 2 decimals (so `$50.00` doesn't look broken),
+ * at most 4 (so `$0.0003` keeps its precision). Trailing zeros past the
+ * 2-decimal floor are trimmed by `Intl.NumberFormat`.
+ */
+export function formatMoney(units, currency = 'USD') {
+    const major = units / MICRO_PER_USD;
+    try {
+        return new Intl.NumberFormat('en-US', {
+            style: 'currency',
+            currency,
+            currencyDisplay: 'narrowSymbol',
+            minimumFractionDigits: 2,
+            maximumFractionDigits: 6,
+        }).format(major);
+    }
+    catch {
+        return `${major.toFixed(2)} ${currency}`;
+    }
+}
+/**
+ * Parse a user-typed dollar string into integer micro-units. Strips currency
+ * symbols, commas, and whitespace. Returns null on unparseable / negative
+ * input so callers can drive UI validation.
+ */
+export function parseMoney(text) {
+    const cleaned = text.trim().replace(/[^0-9.\-]/g, '');
+    if (cleaned === '' || cleaned === '-' || cleaned === '.')
+        return null;
+    const parsed = Number(cleaned);
+    if (!Number.isFinite(parsed) || parsed < 0)
+        return null;
+    return Math.round(parsed * MICRO_PER_USD);
+}
+//# sourceMappingURL=currency.js.map

package/dist/currency.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"currency.js","sourceRoot":"","sources":["../currency.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,SAAS,CAAC;AAEvC;;;;;;GAMG;AACH,MAAM,UAAU,WAAW,CAAC,KAAa,EAAE,QAAQ,GAAG,KAAK;IACzD,MAAM,KAAK,GAAG,KAAK,GAAG,aAAa,CAAC;IACpC,IAAI,CAAC;QACH,OAAO,IAAI,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE;YACpC,KAAK,EAAE,UAAU;YACjB,QAAQ;YACR,eAAe,EAAE,cAAc;YAC/B,qBAAqB,EAAE,CAAC;YACxB,qBAAqB,EAAE,CAAC;SACzB,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACnB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,QAAQ,EAAE,CAAC;IAC3C,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,UAAU,CAAC,IAAY;IACrC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;IACtD,IAAI,OAAO,KAAK,EAAE,IAAI,OAAO,KAAK,GAAG,IAAI,OAAO,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IACtE,MAAM,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC;IAC/B,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,MAAM,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IACxD,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,aAAa,CAAC,CAAC;AAC5C,CAAC"}

package/dist/sdk/index.d.ts

@@ -0,0 +1,141 @@
+import type { TransactionRequest, Decision, EvaluateResponse, ApprovalStatus } from '../types.js';
+export interface GordonConfig {
+    evaluatorUrl: string;
+    /** Platform API base URL (e.g. https://api.withgordon.ai). Required for gordon.fetch(). */
+    platformUrl?: string;
+    agentApiKey: string;
+    agentApiSecret: string;
+    fetch?: typeof fetch;
+}
+export interface GordonFetchOptions extends RequestInit {
+    /** Catalog service slug (e.g. 'firecrawl'). Omit for unlisted endpoints. */
+    serviceId?: string;
+    /** Catalog operation id (e.g. 'scrape.url'). Required when serviceId is set. */
+    operationId?: string;
+    /**
+     * Caller-supplied idempotency key. A stable UUID for this logical request —
+     * the same key on retry returns the existing authorization without re-paying.
+     * Defaults to a random UUID per call if not provided.
+     */
+    idempotencyKey?: string;
+    /**
+     * Maximum amount (micro-units, 1,000,000 = $1.00) this call is allowed to spend.
+     * Gordon rejects any 402 whose amount exceeds this ceiling.
+     * Defaults to 100,000 ($0.10).
+     */
+    maxPaymentUnits?: number;
+    /**
+     * For scrape/crawl operations: the URL being fetched by the provider
+     * (not the provider's own API endpoint). Gordon uses this for
+     * allowed_domains policy enforcement. Example: for a Firecrawl scrape of
+     * https://example.com/page, set targetUrl to that URL while `url` stays
+     * as https://api.firecrawl.dev/v1/scrape.
+     */
+    targetUrl?: string;
+    /**
+     * Development escape hatch for providers that return 2xx but omit
+     * X-Payment-Response. Production callers should leave this false so a
+     * provider result is not mistaken for a confirmed settlement.
+     */
+    allowUnconfirmed?: boolean;
+}
+export interface GordonFetchResult {
+    response: Response;
+    /** Set when a payment was made. Null for non-402 responses. */
+    receipt: {
+        settlement_id: string;
+        transaction_id: string;
+        amount_units: number;
+        network: string;
+        pay_to: string;
+        /**
+         * True when the Platform accepted the /complete call and flipped the
+         * settlement to confirmed. False when the provider returned a 2xx but
+         * Platform rejected completion (e.g. no X-Payment-Response in production
+         * mode) — the settlement remains pending and will expire.
+         */
+        confirmed: boolean;
+    } | null;
+}
+/** Body fields the agent supplies to /evaluate. `agent_id` comes from the
+ *  Bearer credential; `timestamp` is server-stamped (closes audit gap #4). */
+export type RequestPayload = Omit<TransactionRequest, 'agent_id' | 'timestamp'>;
+export interface GuardOptions {
+    /** Pass the approval_id from a prior `GordonEscalateError` to retry that
+     *  same logical transaction. The evaluator gates the call against the
+     *  approval's resolved state — see evaluator/server.ts for full semantics. */
+    approvalId?: string;
+}
+export declare class GordonBlockedError extends Error {
+    readonly decision: EvaluateResponse;
+    readonly name = "GordonBlockedError";
+    constructor(decision: EvaluateResponse);
+}
+export declare class GordonEscalateError extends Error {
+    readonly decision: EvaluateResponse;
+    readonly name = "GordonEscalateError";
+    readonly approvalId: string | null;
+    constructor(decision: EvaluateResponse);
+}
+/**
+ * Gordon SDK — single HTTP call per transaction.
+ *
+ * The evaluator is the single source of truth for "this decision happened":
+ * it generates the transaction_id (always) and approval_id (on escalate),
+ * pushes the record to a Redis stream, and returns both IDs in the response.
+ * The ledger worker drains the stream into Postgres asynchronously.
+ *
+ * Escalate retry pattern:
+ *   try { await gordon.guard(req, exec) }
+ *   catch (e) {
+ *     if (e instanceof GordonEscalateError) {
+ *       // poll until resolved (or webhook, or whatever the agent runtime supports)
+ *       while ((await gordon.checkApproval(e.approvalId!)).status === 'pending') {
+ *         await sleep(2000);
+ *       }
+ *       // retry with the approvalId — evaluator gates against the resolved state
+ *       await gordon.guard(req, exec, { approvalId: e.approvalId! });
+ *     }
+ *   }
+ */
+export declare class Gordon {
+    private readonly cfg;
+    private readonly fetchImpl;
+    private readonly authHeader;
+    constructor(cfg: GordonConfig);
+    evaluate(request: RequestPayload, opts?: GuardOptions): Promise<EvaluateResponse>;
+    guard<T>(request: RequestPayload, exec: () => Promise<T>, opts?: GuardOptions): Promise<T>;
+    /**
+     * Poll the status of an approval the evaluator previously issued.
+     * Returns `{status: 'pending'}` for unknown ids — the worker may not have
+     * drained yet, or the cache may have expired (7-day TTL).
+     */
+    checkApproval(approvalId: string): Promise<{
+        status: ApprovalStatus;
+        resolvedAt: number | null;
+        resolvedBy: string | null;
+    }>;
+    /**
+     * Drop-in replacement for `fetch` that handles the x402 payment cycle.
+     *
+     * Flow:
+     *   1. Make the original request.
+     *   2. If 402, extract `X-Payment-Required`, call Platform /x402/authorize.
+     *   3. Retry the original request with the `X-Payment` header.
+     *   4. On success (2xx), call Platform /x402/settlements/:id/complete.
+     *   5. Return the provider response + a Gordon receipt.
+     *
+     * Non-402 responses are returned as-is (receipt: null).
+     * If Platform rejects the payment (policy, spend limit, etc.), throws
+     * `GordonPaymentError` — do not retry without user intervention.
+     */
+    fetch(url: string, options?: GordonFetchOptions): Promise<GordonFetchResult>;
+}
+export declare class GordonPaymentError extends Error {
+    readonly statusCode?: number | undefined;
+    readonly body?: Record<string, unknown> | undefined;
+    readonly name = "GordonPaymentError";
+    constructor(message: string, statusCode?: number | undefined, body?: Record<string, unknown> | undefined);
+}
+export type { Decision, EvaluateResponse, ApprovalStatus };
+//# sourceMappingURL=index.d.ts.map

package/dist/sdk/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../sdk/index.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,kBAAkB,EAClB,QAAQ,EACR,gBAAgB,EAChB,cAAc,EAIf,MAAM,aAAa,CAAC;AAErB,MAAM,WAAW,YAAY;IAC3B,YAAY,EAAE,MAAM,CAAC;IACrB,2FAA2F;IAC3F,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,KAAK,CAAC,EAAE,OAAO,KAAK,CAAC;CACtB;AAID,MAAM,WAAW,kBAAmB,SAAQ,WAAW;IACrD,4EAA4E;IAC5E,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,gFAAgF;IAChF,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB;;;;OAIG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB;;;;OAIG;IACH,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB;;;;;;OAMG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,OAAO,CAAC;CAC5B;AAED,MAAM,WAAW,iBAAiB;IAChC,QAAQ,EAAE,QAAQ,CAAC;IACnB,+DAA+D;IAC/D,OAAO,EAAE;QACP,aAAa,EAAE,MAAM,CAAC;QACtB,cAAc,EAAE,MAAM,CAAC;QACvB,YAAY,EAAE,MAAM,CAAC;QACrB,OAAO,EAAE,MAAM,CAAC;QAChB,MAAM,EAAE,MAAM,CAAC;QACf;;;;;WAKG;QACH,SAAS,EAAE,OAAO,CAAC;KACpB,GAAG,IAAI,CAAC;CACV;AAED;8EAC8E;AAC9E,MAAM,MAAM,cAAc,GAAG,IAAI,CAAC,kBAAkB,EAAE,UAAU,GAAG,WAAW,CAAC,CAAC;AAEhF,MAAM,WAAW,YAAY;IAC3B;;kFAE8E;IAC9E,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,qBAAa,kBAAmB,SAAQ,KAAK;IAE/B,QAAQ,CAAC,QAAQ,EAAE,gBAAgB;IAD/C,SAAkB,IAAI,wBAAwB;gBACzB,QAAQ,EAAE,gBAAgB;CAGhD;AAED,qBAAa,mBAAoB,SAAQ,KAAK;IAGhC,QAAQ,CAAC,QAAQ,EAAE,gBAAgB;IAF/C,SAAkB,IAAI,yBAAyB;IAC/C,QAAQ,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;gBACd,QAAQ,EAAE,gBAAgB;CAIhD;AAWD;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,qBAAa,MAAM;IAIL,OAAO,CAAC,QAAQ,CAAC,GAAG;IAHhC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAe;IACzC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;gBAEP,GAAG,EAAE,YAAY;IAcxC,QAAQ,CAAC,OAAO,EAAE,cAAc,EAAE,IAAI,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAmBjF,KAAK,CAAC,CAAC,EACX,OAAO,EAAE,cAAc,EACvB,IAAI,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACtB,IAAI,CAAC,EAAE,YAAY,GAClB,OAAO,CAAC,CAAC,CAAC;IAOb;;;;OAIG;IACG,aAAa,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC;QAC/C,MAAM,EAAE,cAAc,CAAC;QACvB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;QAC1B,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;KAC3B,CAAC;IA0BF;;;;;;;;;;;;;OAaG;IACG,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,GAAE,kBAAuB,GAAG,OAAO,CAAC,iBAAiB,CAAC;CA0KvF;AAED,qBAAa,kBAAmB,SAAQ,KAAK;IAIzC,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM;IAC5B,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IAJzC,SAAkB,IAAI,wBAAwB;gBAE5C,OAAO,EAAE,MAAM,EACN,UAAU,CAAC,EAAE,MAAM,YAAA,EACnB,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,YAAA;CAI1C;AAID,YAAY,EAAE,QAAQ,EAAE,gBAAgB,EAAE,cAAc,EAAE,CAAC"}

package/dist/sdk/index.js

@@ -0,0 +1,300 @@
+import { createHash, randomBytes } from 'node:crypto';
+import { normalizeX402PaymentRequirement } from '../types.js';
+export class GordonBlockedError extends Error {
+    decision;
+    name = 'GordonBlockedError';
+    constructor(decision) {
+        super(`gordon_blocked: ${decision.reason}`);
+        this.decision = decision;
+    }
+}
+export class GordonEscalateError extends Error {
+    decision;
+    name = 'GordonEscalateError';
+    approvalId;
+    constructor(decision) {
+        super(`gordon_escalate: ${decision.reason}`);
+        this.decision = decision;
+        this.approvalId = decision.approval_id;
+    }
+}
+const failClosed = (reason) => ({
+    result: 'block',
+    reason,
+    rule_triggered: null,
+    latency_ms: 0,
+    transaction_id: '00000000-0000-0000-0000-000000000000',
+    approval_id: null,
+});
+/**
+ * Gordon SDK — single HTTP call per transaction.
+ *
+ * The evaluator is the single source of truth for "this decision happened":
+ * it generates the transaction_id (always) and approval_id (on escalate),
+ * pushes the record to a Redis stream, and returns both IDs in the response.
+ * The ledger worker drains the stream into Postgres asynchronously.
+ *
+ * Escalate retry pattern:
+ *   try { await gordon.guard(req, exec) }
+ *   catch (e) {
+ *     if (e instanceof GordonEscalateError) {
+ *       // poll until resolved (or webhook, or whatever the agent runtime supports)
+ *       while ((await gordon.checkApproval(e.approvalId!)).status === 'pending') {
+ *         await sleep(2000);
+ *       }
+ *       // retry with the approvalId — evaluator gates against the resolved state
+ *       await gordon.guard(req, exec, { approvalId: e.approvalId! });
+ *     }
+ *   }
+ */
+export class Gordon {
+    cfg;
+    fetchImpl;
+    authHeader;
+    constructor(cfg) {
+        this.cfg = cfg;
+        const globalFetch = globalThis.fetch;
+        if (cfg.fetch) {
+            this.fetchImpl = cfg.fetch;
+        }
+        else if (globalFetch) {
+            this.fetchImpl = globalFetch.bind(globalThis);
+        }
+        else {
+            throw new Error('Gordon SDK requires a Fetch API runtime. Use Node.js 18+ or pass a custom fetch implementation.');
+        }
+        this.authHeader = `Bearer ${cfg.agentApiKey}:${cfg.agentApiSecret}`;
+    }
+    async evaluate(request, opts) {
+        try {
+            const body = { request };
+            if (opts?.approvalId)
+                body.idempotency_key = opts.approvalId;
+            const res = await this.fetchImpl(`${this.cfg.evaluatorUrl}/evaluate`, {
+                method: 'POST',
+                headers: {
+                    'content-type': 'application/json',
+                    authorization: this.authHeader,
+                },
+                body: JSON.stringify(body),
+            });
+            if (!res.ok)
+                return failClosed(`evaluator_status_${res.status}`);
+            return (await res.json());
+        }
+        catch {
+            return failClosed('evaluator_unreachable');
+        }
+    }
+    async guard(request, exec, opts) {
+        const decision = await this.evaluate(request, opts);
+        if (decision.result === 'block')
+            throw new GordonBlockedError(decision);
+        if (decision.result === 'escalate')
+            throw new GordonEscalateError(decision);
+        return await exec();
+    }
+    /**
+     * Poll the status of an approval the evaluator previously issued.
+     * Returns `{status: 'pending'}` for unknown ids — the worker may not have
+     * drained yet, or the cache may have expired (7-day TTL).
+     */
+    async checkApproval(approvalId) {
+        try {
+            const res = await this.fetchImpl(`${this.cfg.evaluatorUrl}/approvals/${encodeURIComponent(approvalId)}`, {
+                method: 'GET',
+                headers: { authorization: this.authHeader },
+            });
+            if (res.status === 404) {
+                return { status: 'pending', resolvedAt: null, resolvedBy: null };
+            }
+            if (!res.ok) {
+                return { status: 'pending', resolvedAt: null, resolvedBy: null };
+            }
+            const body = (await res.json());
+            return {
+                status: body.status,
+                resolvedAt: body.resolved_at,
+                resolvedBy: body.resolved_by,
+            };
+        }
+        catch {
+            return { status: 'pending', resolvedAt: null, resolvedBy: null };
+        }
+    }
+    /**
+     * Drop-in replacement for `fetch` that handles the x402 payment cycle.
+     *
+     * Flow:
+     *   1. Make the original request.
+     *   2. If 402, extract `X-Payment-Required`, call Platform /x402/authorize.
+     *   3. Retry the original request with the `X-Payment` header.
+     *   4. On success (2xx), call Platform /x402/settlements/:id/complete.
+     *   5. Return the provider response + a Gordon receipt.
+     *
+     * Non-402 responses are returned as-is (receipt: null).
+     * If Platform rejects the payment (policy, spend limit, etc.), throws
+     * `GordonPaymentError` — do not retry without user intervention.
+     */
+    async fetch(url, options = {}) {
+        const platformUrl = this.cfg.platformUrl;
+        if (!platformUrl) {
+            throw new Error('gordon.fetch() requires GordonConfig.platformUrl');
+        }
+        const { serviceId, operationId, idempotencyKey, maxPaymentUnits = 100_000, targetUrl, ...fetchOpts } = options;
+        const idemKey = idempotencyKey ?? randomBytes(16).toString('hex');
+        // ── 1. Initial request ──────────────────────────────────────────────
+        const originalRes = await this.fetchImpl(url, fetchOpts);
+        if (originalRes.status !== 402) {
+            return { response: originalRes, receipt: null };
+        }
+        // ── 2. Parse x402 payment requirement ──────────────────────────────
+        // x402v1: requirement comes as `X-Payment-Required` base64-encoded header.
+        // x402v2: requirement comes in the 402 response body (e.g. Exa, most CDP Bazaar providers).
+        // Try header first, fall back to body.
+        const paymentReqHeader = originalRes.headers.get('X-Payment-Required') ??
+            originalRes.headers.get('x-payment-required') ??
+            originalRes.headers.get('PAYMENT-REQUIRED');
+        let paymentRequirement;
+        try {
+            if (paymentReqHeader) {
+                // Header path (x402v1 or base64-encoded v2 header)
+                let raw;
+                try {
+                    raw = JSON.parse(Buffer.from(paymentReqHeader, 'base64url').toString('utf-8'));
+                }
+                catch {
+                    raw = JSON.parse(paymentReqHeader);
+                }
+                paymentRequirement = normalizeX402PaymentRequirement(raw);
+            }
+            else {
+                // Body path (x402v2 — parse response body as JSON payment requirement)
+                let bodyRaw;
+                try {
+                    bodyRaw = await originalRes.clone().json();
+                }
+                catch {
+                    // 402 with no parseable body and no header — not our protocol
+                    return { response: originalRes, receipt: null };
+                }
+                // Must look like an x402 response (has accepts[], x402Version, or payment fields)
+                const looksLikeX402 = Array.isArray(bodyRaw.accepts) ||
+                    typeof bodyRaw.x402Version === 'number' ||
+                    typeof bodyRaw.payTo === 'string' ||
+                    typeof bodyRaw.pay_to === 'string';
+                if (!looksLikeX402) {
+                    return { response: originalRes, receipt: null };
+                }
+                paymentRequirement = normalizeX402PaymentRequirement(bodyRaw);
+            }
+        }
+        catch {
+            throw new GordonPaymentError('failed to parse x402 payment requirement');
+        }
+        if (!paymentRequirement.pay_to || !paymentRequirement.network) {
+            // Looks like x402 but missing required fields — not our protocol
+            return { response: originalRes, receipt: null };
+        }
+        // ── 3. Hash the request body for the authorize call ─────────────────
+        let bodyHash = '';
+        if (fetchOpts.body) {
+            const bodyBytes = typeof fetchOpts.body === 'string'
+                ? Buffer.from(fetchOpts.body, 'utf-8')
+                : fetchOpts.body instanceof Uint8Array
+                    ? fetchOpts.body
+                    : Buffer.from(String(fetchOpts.body), 'utf-8');
+            bodyHash = createHash('sha256').update(bodyBytes).digest('hex');
+        }
+        // ── 4. Call Platform /x402/authorize ────────────────────────────────
+        const authorizeBody = {
+            agent_id: '', // server derives from key — placeholder satisfies type
+            ...(serviceId ? { service_id: serviceId } : {}),
+            ...(operationId ? { operation_id: operationId } : {}),
+            original_request: {
+                url,
+                method: (fetchOpts.method ?? 'GET').toUpperCase(),
+                body_hash: bodyHash,
+                ...(targetUrl ? { target_url: targetUrl } : {}),
+            },
+            payment_requirement: paymentRequirement,
+            max_payment_units: maxPaymentUnits,
+            currency: 'USDC',
+            idempotency_key: idemKey,
+        };
+        const authorizeRes = await this.fetchImpl(`${platformUrl}/x402/authorize`, {
+            method: 'POST',
+            headers: {
+                'content-type': 'application/json',
+                authorization: this.authHeader,
+            },
+            body: JSON.stringify(authorizeBody),
+        });
+        if (!authorizeRes.ok) {
+            const errBody = await authorizeRes.json().catch(() => ({}));
+            throw new GordonPaymentError(`platform rejected payment: ${errBody.error ?? authorizeRes.status}`, authorizeRes.status, errBody);
+        }
+        const authorization = (await authorizeRes.json());
+        // ── 5. Retry provider with payment headers ──────────────────────────
+        const retryHeaders = new Headers(fetchOpts.headers);
+        for (const [k, v] of Object.entries(authorization.payment_headers)) {
+            retryHeaders.set(k, v);
+        }
+        const providerRes = await this.fetchImpl(url, { ...fetchOpts, headers: retryHeaders });
+        // ── 6. Report completion to Platform ────────────────────────────────
+        // Only flip the settlement to confirmed when the provider accepted the
+        // payment (2xx). A rejected retry (4xx/5xx/repeated 402) leaves the
+        // settlement in 'pending' — it will expire rather than be confirmed.
+        let confirmed = false;
+        let completionStatus = 'provider_not_successful';
+        if (providerRes.ok) {
+            const xPaymentResponse = providerRes.headers.get('X-Payment-Response') ?? providerRes.headers.get('x-payment-response');
+            if (xPaymentResponse) {
+                const completeRes = await this.fetchImpl(`${platformUrl}/x402/settlements/${authorization.settlement_id}/complete`, {
+                    method: 'POST',
+                    headers: {
+                        'content-type': 'application/json',
+                        authorization: this.authHeader,
+                    },
+                    body: JSON.stringify({ payment_response_header: xPaymentResponse }),
+                }).catch(() => null);
+                confirmed = completeRes?.ok === true;
+                completionStatus = confirmed ? 'confirmed' : 'platform_completion_failed';
+            }
+            else {
+                completionStatus = 'missing_x_payment_response';
+            }
+        }
+        if (providerRes.ok && !confirmed && !options.allowUnconfirmed) {
+            throw new GordonPaymentError(`x402 settlement was not confirmed: ${completionStatus}`, 502, {
+                settlement_id: authorization.settlement_id,
+                transaction_id: authorization.transaction_id,
+                completion_status: completionStatus,
+            });
+        }
+        // USDC base units (10^6) == Gordon micro-units (10^6) — direct cast.
+        const amountUnits = Number(paymentRequirement.amount);
+        return {
+            response: providerRes,
+            receipt: {
+                settlement_id: authorization.settlement_id,
+                transaction_id: authorization.transaction_id,
+                amount_units: amountUnits,
+                network: paymentRequirement.network,
+                pay_to: paymentRequirement.pay_to,
+                confirmed,
+            },
+        };
+    }
+}
+export class GordonPaymentError extends Error {
+    statusCode;
+    body;
+    name = 'GordonPaymentError';
+    constructor(message, statusCode, body) {
+        super(message);
+        this.statusCode = statusCode;
+        this.body = body;
+    }
+}
+//# sourceMappingURL=index.js.map

package/dist/sdk/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../sdk/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AACtD,OAAO,EAAE,+BAA+B,EAAE,MAAM,aAAa,CAAC;AAqF9D,MAAM,OAAO,kBAAmB,SAAQ,KAAK;IAEtB;IADH,IAAI,GAAG,oBAAoB,CAAC;IAC9C,YAAqB,QAA0B;QAC7C,KAAK,CAAC,mBAAmB,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QADzB,aAAQ,GAAR,QAAQ,CAAkB;IAE/C,CAAC;CACF;AAED,MAAM,OAAO,mBAAoB,SAAQ,KAAK;IAGvB;IAFH,IAAI,GAAG,qBAAqB,CAAC;IACtC,UAAU,CAAgB;IACnC,YAAqB,QAA0B;QAC7C,KAAK,CAAC,oBAAoB,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QAD1B,aAAQ,GAAR,QAAQ,CAAkB;QAE7C,IAAI,CAAC,UAAU,GAAG,QAAQ,CAAC,WAAW,CAAC;IACzC,CAAC;CACF;AAED,MAAM,UAAU,GAAG,CAAC,MAAc,EAAoB,EAAE,CAAC,CAAC;IACxD,MAAM,EAAE,OAAO;IACf,MAAM;IACN,cAAc,EAAE,IAAI;IACpB,UAAU,EAAE,CAAC;IACb,cAAc,EAAE,sCAAsC;IACtD,WAAW,EAAE,IAAI;CAClB,CAAC,CAAC;AAEH;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,MAAM,OAAO,MAAM;IAIY;IAHZ,SAAS,CAAe;IACxB,UAAU,CAAS;IAEpC,YAA6B,GAAiB;QAAjB,QAAG,GAAH,GAAG,CAAc;QAC5C,MAAM,WAAW,GAAG,UAAU,CAAC,KAAK,CAAC;QACrC,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;YACd,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC,KAAK,CAAC;QAC7B,CAAC;aAAM,IAAI,WAAW,EAAE,CAAC;YACvB,IAAI,CAAC,SAAS,GAAG,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAChD,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CACb,iGAAiG,CAClG,CAAC;QACJ,CAAC;QACD,IAAI,CAAC,UAAU,GAAG,UAAU,GAAG,CAAC,WAAW,IAAI,GAAG,CAAC,cAAc,EAAE,CAAC;IACtE,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,OAAuB,EAAE,IAAmB;QACzD,IAAI,CAAC;YACH,MAAM,IAAI,GAA0D,EAAE,OAAO,EAAE,CAAC;YAChF,IAAI,IAAI,EAAE,UAAU;gBAAE,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,UAAU,CAAC;YAC7D,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,YAAY,WAAW,EAAE;gBACpE,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,aAAa,EAAE,IAAI,CAAC,UAAU;iBAC/B;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;aAC3B,CAAC,CAAC;YACH,IAAI,CAAC,GAAG,CAAC,EAAE;gBAAE,OAAO,UAAU,CAAC,oBAAoB,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;YACjE,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAqB,CAAC;QAChD,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,UAAU,CAAC,uBAAuB,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;IAED,KAAK,CAAC,KAAK,CACT,OAAuB,EACvB,IAAsB,EACtB,IAAmB;QAEnB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QACpD,IAAI,QAAQ,CAAC,MAAM,KAAK,OAAO;YAAE,MAAM,IAAI,kBAAkB,CAAC,QAAQ,CAAC,CAAC;QACxE,IAAI,QAAQ,CAAC,MAAM,KAAK,UAAU;YAAE,MAAM,IAAI,mBAAmB,CAAC,QAAQ,CAAC,CAAC;QAC5E,OAAO,MAAM,IAAI,EAAE,CAAC;IACtB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,aAAa,CAAC,UAAkB;QAKpC,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,SAAS,CAC9B,GAAG,IAAI,CAAC,GAAG,CAAC,YAAY,cAAc,kBAAkB,CAAC,UAAU,CAAC,EAAE,EACtE;gBACE,MAAM,EAAE,KAAK;gBACb,OAAO,EAAE,EAAE,aAAa,EAAE,IAAI,CAAC,UAAU,EAAE;aAC5C,CACF,CAAC;YACF,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBACvB,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;YACnE,CAAC;YACD,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;YACnE,CAAC;YACD,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAA2B,CAAC;YAC1D,OAAO;gBACL,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,UAAU,EAAE,IAAI,CAAC,WAAW;gBAC5B,UAAU,EAAE,IAAI,CAAC,WAAW;aAC7B,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;QACnE,CAAC;IACH,CAAC;IAED;;;;;;;;;;;;;OAaG;IACH,KAAK,CAAC,KAAK,CAAC,GAAW,EAAE,UAA8B,EAAE;QACvD,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC;QACzC,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACtE,CAAC;QAED,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,cAAc,EAAE,eAAe,GAAG,OAAO,EAAE,SAAS,EAAE,GAAG,SAAS,EAAE,GAAG,OAAO,CAAC;QAC/G,MAAM,OAAO,GAAG,cAAc,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAElE,uEAAuE;QACvE,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;QAEzD,IAAI,WAAW,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC/B,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAClD,CAAC;QAED,sEAAsE;QACtE,2EAA2E;QAC3E,4FAA4F;QAC5F,uCAAuC;QACvC,MAAM,gBAAgB,GAAG,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC;YACpE,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC;YAC7C,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;QAE9C,IAAI,kBAAsE,CAAC;QAC3E,IAAI,CAAC;YACH,IAAI,gBAAgB,EAAE,CAAC;gBACrB,mDAAmD;gBACnD,IAAI,GAA4B,CAAC;gBACjC,IAAI,CAAC;oBACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;gBACjF,CAAC;gBAAC,MAAM,CAAC;oBACP,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;gBACrC,CAAC;gBACD,kBAAkB,GAAG,+BAA+B,CAAC,GAAG,CAAC,CAAC;YAC5D,CAAC;iBAAM,CAAC;gBACN,uEAAuE;gBACvE,IAAI,OAAgC,CAAC;gBACrC,IAAI,CAAC;oBACH,OAAO,GAAG,MAAM,WAAW,CAAC,KAAK,EAAE,CAAC,IAAI,EAA6B,CAAC;gBACxE,CAAC;gBAAC,MAAM,CAAC;oBACP,8DAA8D;oBAC9D,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;gBAClD,CAAC;gBACD,kFAAkF;gBAClF,MAAM,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC;oBAClD,OAAO,OAAO,CAAC,WAAW,KAAK,QAAQ;oBACvC,OAAO,OAAO,CAAC,KAAK,KAAK,QAAQ;oBACjC,OAAO,OAAO,CAAC,MAAM,KAAK,QAAQ,CAAC;gBACrC,IAAI,CAAC,aAAa,EAAE,CAAC;oBACnB,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;gBAClD,CAAC;gBACD,kBAAkB,GAAG,+BAA+B,CAAC,OAAO,CAAC,CAAC;YAChE,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,kBAAkB,CAAC,0CAA0C,CAAC,CAAC;QAC3E,CAAC;QAED,IAAI,CAAC,kBAAkB,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,OAAO,EAAE,CAAC;YAC9D,iEAAiE;YACjE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAClD,CAAC;QAED,uEAAuE;QACvE,IAAI,QAAQ,GAAG,EAAE,CAAC;QAClB,IAAI,SAAS,CAAC,IAAI,EAAE,CAAC;YACnB,MAAM,SAAS,GAAG,OAAO,SAAS,CAAC,IAAI,KAAK,QAAQ;gBAClD,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,OAAO,CAAC;gBACtC,CAAC,CAAC,SAAS,CAAC,IAAI,YAAY,UAAU;oBACpC,CAAC,CAAC,SAAS,CAAC,IAAI;oBAChB,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,OAAO,CAAC,CAAC;YACnD,QAAQ,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAClE,CAAC;QAED,uEAAuE;QACvE,MAAM,aAAa,GAAyB;YAC1C,QAAQ,EAAE,EAAE,EAAE,uDAAuD;YACrE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/C,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACrD,gBAAgB,EAAE;gBAChB,GAAG;gBACH,MAAM,EAAE,CAAC,SAAS,CAAC,MAAM,IAAI,KAAK,CAAC,CAAC,WAAW,EAAE;gBACjD,SAAS,EAAE,QAAQ;gBACnB,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aAChD;YACD,mBAAmB,EAAE,kBAAkB;YACvC,iBAAiB,EAAE,eAAe;YAClC,QAAQ,EAAE,MAAM;YAChB,eAAe,EAAE,OAAO;SACzB,CAAC;QAEF,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,GAAG,WAAW,iBAAiB,EAAE;YACzE,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,aAAa,EAAE,IAAI,CAAC,UAAU;aAC/B;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC;SACpC,CAAC,CAAC;QAEH,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,CAAC;YACrB,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAA4B,CAAC;YACvF,MAAM,IAAI,kBAAkB,CAC1B,8BAA8B,OAAO,CAAC,KAAK,IAAI,YAAY,CAAC,MAAM,EAAE,EACpE,YAAY,CAAC,MAAM,EACnB,OAAO,CACR,CAAC;QACJ,CAAC;QAED,MAAM,aAAa,GAAG,CAAC,MAAM,YAAY,CAAC,IAAI,EAAE,CAA0B,CAAC;QAE3E,uEAAuE;QACvE,MAAM,YAAY,GAAG,IAAI,OAAO,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACpD,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC,eAAe,CAAC,EAAE,CAAC;YACnE,YAAY,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACzB,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,GAAG,SAAS,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC,CAAC;QAEvF,uEAAuE;QACvE,uEAAuE;QACvE,oEAAoE;QACpE,qEAAqE;QACrE,IAAI,SAAS,GAAG,KAAK,CAAC;QACtB,IAAI,gBAAgB,GAAG,yBAAyB,CAAC;QACjD,IAAI,WAAW,CAAC,EAAE,EAAE,CAAC;YACnB,MAAM,gBAAgB,GAAG,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,IAAI,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;YACxH,IAAI,gBAAgB,EAAE,CAAC;gBACrB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,GAAG,WAAW,qBAAqB,aAAa,CAAC,aAAa,WAAW,EAAE;oBAClH,MAAM,EAAE,MAAM;oBACd,OAAO,EAAE;wBACP,cAAc,EAAE,kBAAkB;wBAClC,aAAa,EAAE,IAAI,CAAC,UAAU;qBAC/B;oBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,uBAAuB,EAAE,gBAAgB,EAAE,CAAC;iBACpE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;gBACrB,SAAS,GAAG,WAAW,EAAE,EAAE,KAAK,IAAI,CAAC;gBACrC,gBAAgB,GAAG,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,4BAA4B,CAAC;YAC5E,CAAC;iBAAM,CAAC;gBACN,gBAAgB,GAAG,4BAA4B,CAAC;YAClD,CAAC;QACH,CAAC;QAED,IAAI,WAAW,CAAC,EAAE,IAAI,CAAC,SAAS,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAAE,CAAC;YAC9D,MAAM,IAAI,kBAAkB,CAC1B,sCAAsC,gBAAgB,EAAE,EACxD,GAAG,EACH;gBACE,aAAa,EAAE,aAAa,CAAC,aAAa;gBAC1C,cAAc,EAAE,aAAa,CAAC,cAAc;gBAC5C,iBAAiB,EAAE,gBAAgB;aACpC,CACF,CAAC;QACJ,CAAC;QAED,qEAAqE;QACrE,MAAM,WAAW,GAAG,MAAM,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC;QAEtD,OAAO;YACL,QAAQ,EAAE,WAAW;YACrB,OAAO,EAAE;gBACP,aAAa,EAAE,aAAa,CAAC,aAAa;gBAC1C,cAAc,EAAE,aAAa,CAAC,cAAc;gBAC5C,YAAY,EAAE,WAAW;gBACzB,OAAO,EAAE,kBAAkB,CAAC,OAAO;gBACnC,MAAM,EAAE,kBAAkB,CAAC,MAAM;gBACjC,SAAS;aACV;SACF,CAAC;IACJ,CAAC;CACF;AAED,MAAM,OAAO,kBAAmB,SAAQ,KAAK;IAIhC;IACA;IAJO,IAAI,GAAG,oBAAoB,CAAC;IAC9C,YACE,OAAe,EACN,UAAmB,EACnB,IAA8B;QAEvC,KAAK,CAAC,OAAO,CAAC,CAAC;QAHN,eAAU,GAAV,UAAU,CAAS;QACnB,SAAI,GAAJ,IAAI,CAA0B;IAGzC,CAAC;CACF"}

package/dist/types.d.ts

@@ -0,0 +1,140 @@
+export type ActionType = 'purchase' | 'service_call';
+export type ServiceCategory = 'search' | 'scrape' | 'ai' | 'data' | 'infrastructure' | 'security' | 'finance' | 'creative';
+/** State machine: listed → discovered → probe_passed → gordon_verified | disabled */
+export type TrustStatus = 'listed' | 'discovered' | 'probe_passed' | 'gordon_verified' | 'disabled';
+export type X402Scheme = 'exact' | 'upto';
+/** Parsed from the X-Payment-Request header on a 402 response. */
+export interface X402PaymentRequirement {
+    scheme: X402Scheme;
+    network: string;
+    token: string;
+    /** Merchant/payTo address. */
+    pay_to: string;
+    facilitator_url?: string;
+    /** Amount in token base units (e.g. USDC has 6 decimals). */
+    amount: string;
+    /** For upto scheme: maximum the merchant may charge. */
+    max_amount?: string;
+    /** Opaque nonce from the server — must be echoed in the payment. */
+    nonce?: string;
+    /** Raw parsed JSON from the header for audit storage. */
+    raw: Record<string, unknown>;
+}
+export declare function normalizeX402PaymentRequirement(raw: Record<string, unknown>): X402PaymentRequirement;
+/**
+ * SDK → Platform: request to authorize and execute an x402 payment.
+ * Must be idempotent: repeated calls with the same idempotency_key
+ * return the same response without double-paying.
+ */
+export interface X402AuthorizeRequest {
+    agent_id: string;
+    /** Known slug (e.g. 'firecrawl') — null if calling an unlisted endpoint. */
+    service_id?: string;
+    /** Known operation (e.g. 'scrape.url') — null if unlisted. */
+    operation_id?: string;
+    original_request: {
+        url: string;
+        method: string;
+        /** SHA-256 of the request body, hex-encoded. Empty string for GET. */
+        body_hash: string;
+        /**
+         * For scrape/crawl operations: the URL being fetched by the provider,
+         * not the provider's own API endpoint. Platform uses this for
+         * allowed_domains enforcement. Omit for non-URL operations.
+         */
+        target_url?: string;
+        /**
+         * Optional caller-supplied session identifier (e.g. a Claude Managed Agent
+         * session_id). When present, Gordon stores it on the settlement row so the
+         * dashboard can show per-session spend and activity.
+         */
+        session_id?: string;
+    };
+    payment_requirement: X402PaymentRequirement;
+    /**
+     * SDK-supplied ceiling in micro-units (1,000,000 = $1.00).
+     * Platform will reject if the required amount exceeds this.
+     */
+    max_payment_units: number;
+    currency: string;
+    /** Caller-supplied UUID, stable across retries. */
+    idempotency_key: string;
+}
+/** Platform → SDK: payment approved and signed. SDK retries the original request. */
+export interface X402AuthorizeResponse {
+    transaction_id: string;
+    settlement_id: string;
+    /** Headers to add to the retry request (e.g. X-Payment). */
+    payment_headers: Record<string, string>;
+    /** ISO timestamp after which this payment proof expires. */
+    expires_at: string;
+}
+export interface TransactionRequest {
+    agent_id: string;
+    action_type: ActionType;
+    vendor: string;
+    /** Non-negative integer micro-units. 1 unit = 0.000001 USD (1,000,000 = $1.00). See currency.ts. */
+    amount: number;
+    currency: string;
+    category: string;
+    metadata: Record<string, unknown>;
+    /** Server-set: the evaluator's processing time (ms since epoch) — NOT
+     *  agent-supplied. Used to compute the UTC daily/monthly spend bucket.
+     *  Closes audit gap #4 (no clock-skew exploit possible). */
+    timestamp: number;
+}
+export type RuleType = 'budget_limit' | 'vendor_allowlist' | 'category_block' | 'approval_required' | 'service_allowlist';
+export type RuleScope = 'per_transaction' | 'daily' | 'monthly';
+export interface Rule {
+    id: string;
+    type: RuleType;
+    scope: RuleScope;
+    /** Money rules (`budget_limit`, `approval_required`) carry an integer
+     *  micro-unit threshold (1 unit = 0.000001 USD; 1,000,000 = $1.00); list rules carry a string
+     *  array (vendor allowlist, blocked categories, service slugs). */
+    value: number | string[];
+    priority: number;
+}
+export interface Policy {
+    /** Owner — identifies which user this policy belongs to. The engine doesn't
+     *  read it; it's there for debuggability when inspecting a Redis snapshot. */
+    user_id: string;
+    rules: Rule[];
+}
+export type DecisionResult = 'allow' | 'block' | 'escalate';
+export interface Decision {
+    result: DecisionResult;
+    reason: string;
+    rule_triggered: string | null;
+    latency_ms: number;
+}
+/**
+ * The HTTP response body of POST /evaluate. Wraps a pure engine `Decision`
+ * with identifiers generated by the evaluator's HTTP handler:
+ *   - `transaction_id`: always set; the eventual `transactions.id` row
+ *   - `approval_id`:    set on initial escalate AND echoed back on retries
+ *                       that carry an `idempotency_key` (so the agent keeps
+ *                       polling the same approval). Null on plain allow/block.
+ *
+ * Both are pushed to the `ledger_stream` Redis stream and drained into
+ * Postgres asynchronously by the ledger worker. The IDs are returned to
+ * the caller immediately so the SDK can throw `GordonEscalateError` with
+ * the approval id without waiting on the DB write.
+ */
+export interface EvaluateResponse extends Decision {
+    transaction_id: string;
+    approval_id: string | null;
+}
+export type ApprovalStatus = 'pending' | 'approved' | 'denied';
+/**
+ * Response body of GET /approvals/:id on the evaluator. Backed by Redis —
+ * see `evaluator/cache.ts → keys.approval`. Polled by agents after they
+ * receive a `GordonEscalateError`.
+ */
+export interface ApprovalStatusResponse {
+    approval_id: string;
+    status: ApprovalStatus;
+    resolved_at: number | null;
+    resolved_by: string | null;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,UAAU,GAAG,UAAU,GAAG,cAAc,CAAC;AAIrD,MAAM,MAAM,eAAe,GACvB,QAAQ,GACR,QAAQ,GACR,IAAI,GACJ,MAAM,GACN,gBAAgB,GAChB,UAAU,GACV,SAAS,GACT,UAAU,CAAC;AAEf,qFAAqF;AACrF,MAAM,MAAM,WAAW,GACnB,QAAQ,GACR,YAAY,GACZ,cAAc,GACd,iBAAiB,GACjB,UAAU,CAAC;AAEf,MAAM,MAAM,UAAU,GAAG,OAAO,GAAG,MAAM,CAAC;AAI1C,kEAAkE;AAClE,MAAM,WAAW,sBAAsB;IACrC,MAAM,EAAE,UAAU,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,8BAA8B;IAC9B,MAAM,EAAE,MAAM,CAAC;IACf,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,6DAA6D;IAC7D,MAAM,EAAE,MAAM,CAAC;IACf,wDAAwD;IACxD,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,oEAAoE;IACpE,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,yDAAyD;IACzD,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAC9B;AAsBD,wBAAgB,+BAA+B,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,sBAAsB,CA8CpG;AAED;;;;GAIG;AACH,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,4EAA4E;IAC5E,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,8DAA8D;IAC9D,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,gBAAgB,EAAE;QAChB,GAAG,EAAE,MAAM,CAAC;QACZ,MAAM,EAAE,MAAM,CAAC;QACf,sEAAsE;QACtE,SAAS,EAAE,MAAM,CAAC;QAClB;;;;WAIG;QACH,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB;;;;WAIG;QACH,UAAU,CAAC,EAAE,MAAM,CAAC;KACrB,CAAC;IACF,mBAAmB,EAAE,sBAAsB,CAAC;IAC5C;;;OAGG;IACH,iBAAiB,EAAE,MAAM,CAAC;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,mDAAmD;IACnD,eAAe,EAAE,MAAM,CAAC;CACzB;AAED,qFAAqF;AACrF,MAAM,WAAW,qBAAqB;IACpC,cAAc,EAAE,MAAM,CAAC;IACvB,aAAa,EAAE,MAAM,CAAC;IACtB,4DAA4D;IAC5D,eAAe,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACxC,4DAA4D;IAC5D,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,UAAU,CAAC;IACxB,MAAM,EAAE,MAAM,CAAC;IACf,oGAAoG;IACpG,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC;;gEAE4D;IAC5D,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,MAAM,QAAQ,GAChB,cAAc,GACd,kBAAkB,GAClB,gBAAgB,GAChB,mBAAmB,GACnB,mBAAmB,CAAC;AAExB,MAAM,MAAM,SAAS,GAAG,iBAAiB,GAAG,OAAO,GAAG,SAAS,CAAC;AAEhE,MAAM,WAAW,IAAI;IACnB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,QAAQ,CAAC;IACf,KAAK,EAAE,SAAS,CAAC;IACjB;;uEAEmE;IACnE,KAAK,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,MAAM;IACrB;kFAC8E;IAC9E,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,IAAI,EAAE,CAAC;CACf;AAED,MAAM,MAAM,cAAc,GAAG,OAAO,GAAG,OAAO,GAAG,UAAU,CAAC;AAE5D,MAAM,WAAW,QAAQ;IACvB,MAAM,EAAE,cAAc,CAAC;IACvB,MAAM,EAAE,MAAM,CAAC;IACf,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,UAAU,EAAE,MAAM,CAAC;CACpB;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,WAAW,gBAAiB,SAAQ,QAAQ;IAChD,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;CAC5B;AAED,MAAM,MAAM,cAAc,GAAG,SAAS,GAAG,UAAU,GAAG,QAAQ,CAAC;AAE/D;;;;GAIG;AACH,MAAM,WAAW,sBAAsB;IACrC,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,cAAc,CAAC;IACvB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;CAC5B"}

package/dist/types.js

@@ -0,0 +1,62 @@
+// Known USDC ERC-20 contract addresses across supported chains.
+// Providers that use x402 v2 (e.g. Exa) send the contract address in the
+// `asset` field instead of the string "USDC". We normalize these back to
+// the canonical token name so the rest of the platform can do a simple
+// string comparison.
+const KNOWN_USDC_ADDRESSES = new Set([
+    '0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913', // Base mainnet
+    '0x036CbD53842c5426634e7929541eC2318f3dCF7e', // Base Sepolia
+    '0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48', // Ethereum mainnet
+    '0x1c7D4B196Cb0C7B01d743Fbc6116a902379C7238', // Ethereum Sepolia
+].map(a => a.toLowerCase()));
+function resolveTokenName(raw, selected) {
+    const raw_value = selected.token ?? selected.asset ?? raw.token ?? raw.asset ?? 'USDC';
+    const s = String(raw_value);
+    // If the token field contains an ERC-20 contract address, map to canonical name
+    if (s.startsWith('0x') && KNOWN_USDC_ADDRESSES.has(s.toLowerCase()))
+        return 'USDC';
+    return s;
+}
+export function normalizeX402PaymentRequirement(raw) {
+    const accepts = raw.accepts;
+    const selected = Array.isArray(accepts) && accepts.length > 0
+        ? accepts.find((entry) => {
+            const token = String(entry.token ?? entry.asset ?? '').toUpperCase();
+            const scheme = String(entry.scheme ?? 'exact');
+            // Accept entries where token is USDC (by name or known address) under exact scheme
+            const isUsdc = !token || token === 'USDC' || KNOWN_USDC_ADDRESSES.has(token.toLowerCase());
+            return isUsdc && scheme === 'exact';
+        }) ?? accepts[0]
+        : raw;
+    const token = resolveTokenName(raw, selected);
+    const payTo = selected.pay_to ??
+        selected.payTo ??
+        selected.payToAddress ??
+        raw.pay_to ??
+        raw.payTo ??
+        raw.payToAddress;
+    const amount = selected.amount ??
+        selected.max_amount ??
+        selected.maxAmountRequired ??
+        selected.maxAmount ??
+        raw.amount ??
+        raw.max_amount ??
+        raw.maxAmountRequired ??
+        raw.maxAmount;
+    return {
+        scheme: (selected.scheme ?? raw.scheme ?? 'exact'),
+        network: String(selected.network ?? raw.network ?? ''),
+        token: String(token),
+        pay_to: String(payTo ?? ''),
+        ...(selected.facilitator_url ?? raw.facilitator_url
+            ? { facilitator_url: String(selected.facilitator_url ?? raw.facilitator_url) }
+            : {}),
+        amount: String(amount ?? ''),
+        ...(selected.max_amount ?? selected.maxAmountRequired ?? selected.maxAmount ?? raw.max_amount ?? raw.maxAmountRequired ?? raw.maxAmount
+            ? { max_amount: String(selected.max_amount ?? selected.maxAmountRequired ?? selected.maxAmount ?? raw.max_amount ?? raw.maxAmountRequired ?? raw.maxAmount) }
+            : {}),
+        ...(selected.nonce ?? raw.nonce ? { nonce: String(selected.nonce ?? raw.nonce) } : {}),
+        raw,
+    };
+}
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../types.ts"],"names":[],"mappings":"AA4CA,gEAAgE;AAChE,yEAAyE;AACzE,yEAAyE;AACzE,uEAAuE;AACvE,qBAAqB;AACrB,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC;IACnC,4CAA4C,EAAE,eAAe;IAC7D,4CAA4C,EAAE,eAAe;IAC7D,4CAA4C,EAAE,mBAAmB;IACjE,4CAA4C,EAAE,mBAAmB;CAClE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;AAE7B,SAAS,gBAAgB,CAAC,GAA4B,EAAE,QAAiC;IACvF,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,IAAI,QAAQ,CAAC,KAAK,IAAI,GAAG,CAAC,KAAK,IAAI,GAAG,CAAC,KAAK,IAAI,MAAM,CAAC;IACvF,MAAM,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;IAC5B,gFAAgF;IAChF,IAAI,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,oBAAoB,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;QAAE,OAAO,MAAM,CAAC;IACnF,OAAO,CAAC,CAAC;AACX,CAAC;AAED,MAAM,UAAU,+BAA+B,CAAC,GAA4B;IAC1E,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC;IAC5B,MAAM,QAAQ,GACZ,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC;QAC1C,CAAC,CAAE,OAAqC,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE;YACpD,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,IAAI,KAAK,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;YACrE,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,IAAI,OAAO,CAAC,CAAC;YAC/C,mFAAmF;YACnF,MAAM,MAAM,GAAG,CAAC,KAAK,IAAI,KAAK,KAAK,MAAM,IAAI,oBAAoB,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC;YAC3F,OAAO,MAAM,IAAI,MAAM,KAAK,OAAO,CAAC;QACtC,CAAC,CAAC,IAAK,OAAO,CAAC,CAAC,CAA6B;QAC/C,CAAC,CAAC,GAAG,CAAC;IAEV,MAAM,KAAK,GAAG,gBAAgB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IAC9C,MAAM,KAAK,GACT,QAAQ,CAAC,MAAM;QACf,QAAQ,CAAC,KAAK;QACd,QAAQ,CAAC,YAAY;QACrB,GAAG,CAAC,MAAM;QACV,GAAG,CAAC,KAAK;QACT,GAAG,CAAC,YAAY,CAAC;IACnB,MAAM,MAAM,GACV,QAAQ,CAAC,MAAM;QACf,QAAQ,CAAC,UAAU;QACnB,QAAQ,CAAC,iBAAiB;QAC1B,QAAQ,CAAC,SAAS;QAClB,GAAG,CAAC,MAAM;QACV,GAAG,CAAC,UAAU;QACd,GAAG,CAAC,iBAAiB;QACrB,GAAG,CAAC,SAAS,CAAC;IAEhB,OAAO;QACL,MAAM,EAAE,CAAC,QAAQ,CAAC,MAAM,IAAI,GAAG,CAAC,MAAM,IAAI,OAAO,CAAe;QAChE,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,OAAO,IAAI,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC;QACtD,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC;QACpB,MAAM,EAAE,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC;QAC3B,GAAG,CAAC,QAAQ,CAAC,eAAe,IAAI,GAAG,CAAC,eAAe;YACjD,CAAC,CAAC,EAAE,eAAe,EAAE,MAAM,CAAC,QAAQ,CAAC,eAAe,IAAI,GAAG,CAAC,eAAe,CAAC,EAAE;YAC9E,CAAC,CAAC,EAAE,CAAC;QACP,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC;QAC5B,GAAG,CAAC,QAAQ,CAAC,UAAU,IAAI,QAAQ,CAAC,iBAAiB,IAAI,QAAQ,CAAC,SAAS,IAAI,GAAG,CAAC,UAAU,IAAI,GAAG,CAAC,iBAAiB,IAAI,GAAG,CAAC,SAAS;YACrI,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,UAAU,IAAI,QAAQ,CAAC,iBAAiB,IAAI,QAAQ,CAAC,SAAS,IAAI,GAAG,CAAC,UAAU,IAAI,GAAG,CAAC,iBAAiB,IAAI,GAAG,CAAC,SAAS,CAAC,EAAE;YAC7J,CAAC,CAAC,EAAE,CAAC;QACP,GAAG,CAAC,QAAQ,CAAC,KAAK,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,KAAK,IAAI,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACtF,GAAG;KACJ,CAAC;AACJ,CAAC"}

package/package.json

@@ -0,0 +1,70 @@
+{
+  "name": "@withgordon/core",
+  "version": "0.1.0",
+  "description": "Gordon SDK for policy-governed agent payments and x402 service settlement.",
+  "type": "module",
+  "main": "./dist/sdk/index.js",
+  "types": "./dist/sdk/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/sdk/index.d.ts",
+      "import": "./dist/sdk/index.js"
+    },
+    "./sdk": {
+      "types": "./dist/sdk/index.d.ts",
+      "import": "./dist/sdk/index.js"
+    },
+    "./types": {
+      "types": "./dist/types.d.ts",
+      "import": "./dist/types.js"
+    },
+    "./currency": {
+      "types": "./dist/currency.d.ts",
+      "import": "./dist/currency.js"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "scripts": {
+    "build": "tsc -p tsconfig.build.json",
+    "prepack": "npm run build",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "typecheck": "tsc --noEmit",
+    "evaluator:dev": "node --import tsx evaluator/index.ts",
+    "platform:dev": "node --import tsx platform/index.ts",
+    "worker:ledger:dev": "node --import tsx workers/index.ts",
+    "db:init": "node --import tsx scripts/init-db.ts",
+    "e2e:buyer-agent": "AUTH_SECRET=buyer-agent-e2e-auth-secret INTERNAL_API_SECRET=buyer-agent-e2e-internal-secret GORDON_X402_ENABLE_EXPERIMENTAL_SIGNER=true node --import tsx scripts/buyer-agent-e2e.ts"
+  },
+  "devDependencies": {
+    "@electric-sql/pglite": "^0.4.5",
+    "@types/express": "^5.0.6",
+    "@types/ioredis-mock": "^8.2.7",
+    "@types/node": "^22.7.5",
+    "@types/pg": "^8.20.0",
+    "@types/supertest": "^7.2.0",
+    "ioredis-mock": "^8.13.1",
+    "supertest": "^7.2.2",
+    "tsx": "^4.21.0",
+    "typescript": "^5.6.3",
+    "vitest": "^2.1.3"
+  },
+  "dependencies": {
+    "@coinbase/cdp-sdk": "^1.48.3",
+    "@sendgrid/mail": "^8.1.6",
+    "dotenv": "^17.4.2",
+    "drizzle-orm": "^0.45.2",
+    "express": "^5.2.1",
+    "fast-jwt": "^6.2.4",
+    "fastify": "^5.8.5",
+    "ioredis": "^5.10.1",
+    "nanoid": "^5.1.11",
+    "pg": "^8.20.0"
+  }
+}