@wopr-network/platform-core 1.18.0 → 1.20.0

package/dist/fleet/rollout-strategy.js

@@ -0,0 +1,91 @@
+/**
+ * Rolling wave strategy — processes bots in configurable percentage batches.
+ * Create a new instance per rollout; totalFailures accumulates across waves
+ * within a single rollout. Call reset() if reusing across rollouts.
+ */
+export class RollingWaveStrategy {
+    batchPercent;
+    pauseMs;
+    maxFailures;
+    totalFailures = 0;
+    constructor(opts = {}) {
+        this.batchPercent = opts.batchPercent ?? 25;
+        this.pauseMs = opts.pauseMs ?? 60_000;
+        this.maxFailures = opts.maxFailures ?? 3;
+    }
+    nextBatch(remaining) {
+        if (remaining.length === 0)
+            return [];
+        const count = Math.max(1, Math.ceil((remaining.length * this.batchPercent) / 100));
+        return remaining.slice(0, count);
+    }
+    pauseDuration() {
+        return this.pauseMs;
+    }
+    onBotFailure(_botId, _error, attempt) {
+        if (attempt < this.maxRetries())
+            return "retry";
+        this.totalFailures++;
+        if (this.totalFailures >= this.maxFailures)
+            return "abort";
+        return "skip";
+    }
+    maxRetries() {
+        return 2;
+    }
+    healthCheckTimeout() {
+        return 120_000;
+    }
+    /** Reset failure counters for reuse across rollouts. */
+    reset() {
+        this.totalFailures = 0;
+    }
+}
+export class SingleBotStrategy {
+    nextBatch(remaining) {
+        if (remaining.length === 0)
+            return [];
+        return remaining.slice(0, 1);
+    }
+    pauseDuration() {
+        return 0;
+    }
+    onBotFailure(_botId, _error, attempt) {
+        if (attempt < this.maxRetries())
+            return "retry";
+        return "abort";
+    }
+    maxRetries() {
+        return 3;
+    }
+    healthCheckTimeout() {
+        return 120_000;
+    }
+}
+export class ImmediateStrategy {
+    nextBatch(remaining) {
+        return [...remaining];
+    }
+    pauseDuration() {
+        return 0;
+    }
+    onBotFailure(_botId, _error, _attempt) {
+        return "skip";
+    }
+    maxRetries() {
+        return 1;
+    }
+    healthCheckTimeout() {
+        return 60_000;
+    }
+}
+export function createRolloutStrategy(type, options) {
+    switch (type) {
+        case "rolling-wave":
+            return new RollingWaveStrategy(options);
+        case "single-bot":
+            return new SingleBotStrategy();
+        case "immediate":
+            return new ImmediateStrategy();
+    }
+}

package/dist/fleet/volume-snapshot-manager.d.ts

@@ -0,0 +1,35 @@
+import type Docker from "dockerode";
+export interface VolumeSnapshot {
+    id: string;
+    volumeName: string;
+    archivePath: string;
+    createdAt: Date;
+    sizeBytes: number;
+}
+/**
+ * Snapshots and restores Docker named volumes using temporary alpine containers.
+ * Used for nuclear rollback during fleet updates — if a container update fails,
+ * we roll back both the image AND the data volumes.
+ */
+export declare class VolumeSnapshotManager {
+    private readonly docker;
+    private readonly backupDir;
+    constructor(docker: Docker, backupDir?: string);
+    /** Create a snapshot of a Docker named volume */
+    snapshot(volumeName: string): Promise<VolumeSnapshot>;
+    /** Restore a volume from a snapshot */
+    restore(snapshotId: string): Promise<void>;
+    /** List all snapshots for a volume */
+    list(volumeName: string): Promise<VolumeSnapshot[]>;
+    /** Delete a snapshot archive */
+    delete(snapshotId: string): Promise<void>;
+    /** Delete all snapshots older than maxAge ms */
+    cleanup(maxAgeMs: number): Promise<number>;
+    /**
+     * Extract volume name from snapshot ID.
+     * Snapshot IDs are `${volumeName}-${ISO timestamp with colons/dots replaced}`.
+     * ISO timestamps start with 4 digits (year), so we find the last occurrence
+     * of `-YYYY` pattern to split.
+     */
+    private extractVolumeName;
+}

package/dist/fleet/volume-snapshot-manager.js

@@ -0,0 +1,185 @@
+import { mkdir, readdir, rm, stat } from "node:fs/promises";
+import { join } from "node:path";
+import { logger } from "../config/logger.js";
+const ALPINE_IMAGE = "alpine:latest";
+/** Strict validation for snapshot IDs — prevents path traversal and shell injection. */
+const SNAPSHOT_ID_RE = /^[A-Za-z0-9._-]+$/;
+function validateSnapshotId(snapshotId) {
+    if (!SNAPSHOT_ID_RE.test(snapshotId)) {
+        throw new Error(`Invalid snapshot ID: ${snapshotId}`);
+    }
+}
+/**
+ * Snapshots and restores Docker named volumes using temporary alpine containers.
+ * Used for nuclear rollback during fleet updates — if a container update fails,
+ * we roll back both the image AND the data volumes.
+ */
+export class VolumeSnapshotManager {
+    docker;
+    backupDir;
+    constructor(docker, backupDir = "/data/fleet/snapshots") {
+        this.docker = docker;
+        this.backupDir = backupDir;
+    }
+    /** Create a snapshot of a Docker named volume */
+    async snapshot(volumeName) {
+        await mkdir(this.backupDir, { recursive: true });
+        const timestamp = new Date().toISOString().replace(/[:.]/g, "-");
+        const id = `${volumeName}-${timestamp}`;
+        const archivePath = join(this.backupDir, `${id}.tar`);
+        const container = await this.docker.createContainer({
+            Image: ALPINE_IMAGE,
+            Cmd: ["tar", "cf", `/backup/${id}.tar`, "-C", "/source", "."],
+            HostConfig: {
+                Binds: [`${volumeName}:/source:ro`, `${this.backupDir}:/backup`],
+                AutoRemove: true,
+            },
+        });
+        try {
+            await container.start();
+            const result = await container.wait();
+            if (result.StatusCode !== 0) {
+                throw new Error(`Snapshot container exited with code ${result.StatusCode}`);
+            }
+        }
+        catch (err) {
+            // AutoRemove handles cleanup, but if start failed the container may still exist
+            try {
+                await container.remove({ force: true });
+            }
+            catch {
+                // already removed by AutoRemove
+            }
+            throw err;
+        }
+        const info = await stat(archivePath);
+        const snapshot = {
+            id,
+            volumeName,
+            archivePath,
+            createdAt: new Date(),
+            sizeBytes: info.size,
+        };
+        logger.info(`Volume snapshot created: ${id} (${info.size} bytes)`);
+        return snapshot;
+    }
+    /** Restore a volume from a snapshot */
+    async restore(snapshotId) {
+        validateSnapshotId(snapshotId);
+        const archivePath = join(this.backupDir, `${snapshotId}.tar`);
+        // Verify archive exists
+        await stat(archivePath);
+        // Extract volume name from snapshot ID (everything before the last ISO timestamp)
+        const volumeName = this.extractVolumeName(snapshotId);
+        const container = await this.docker.createContainer({
+            Image: ALPINE_IMAGE,
+            Cmd: ["sh", "-c", `cd /target && rm -rf ./* ./.??* && tar xf /backup/${snapshotId}.tar -C /target`],
+            HostConfig: {
+                Binds: [`${volumeName}:/target`, `${this.backupDir}:/backup:ro`],
+                AutoRemove: true,
+            },
+        });
+        try {
+            await container.start();
+            const result = await container.wait();
+            if (result.StatusCode !== 0) {
+                throw new Error(`Restore container exited with code ${result.StatusCode}`);
+            }
+        }
+        catch (err) {
+            try {
+                await container.remove({ force: true });
+            }
+            catch {
+                // already removed by AutoRemove
+            }
+            throw err;
+        }
+        logger.info(`Volume restored from snapshot: ${snapshotId}`);
+    }
+    /** List all snapshots for a volume */
+    async list(volumeName) {
+        let files;
+        try {
+            files = await readdir(this.backupDir);
+        }
+        catch {
+            return [];
+        }
+        const prefix = `${volumeName}-`;
+        const matching = files.filter((f) => f.startsWith(prefix) && f.endsWith(".tar"));
+        const snapshots = [];
+        for (const file of matching) {
+            const id = file.replace(/\.tar$/, "");
+            const archivePath = join(this.backupDir, file);
+            try {
+                const info = await stat(archivePath);
+                snapshots.push({
+                    id,
+                    volumeName,
+                    archivePath,
+                    createdAt: info.mtime,
+                    sizeBytes: info.size,
+                });
+            }
+            catch {
+                // File disappeared between readdir and stat — skip
+            }
+        }
+        // Sort newest first
+        snapshots.sort((a, b) => b.createdAt.getTime() - a.createdAt.getTime());
+        return snapshots;
+    }
+    /** Delete a snapshot archive */
+    async delete(snapshotId) {
+        validateSnapshotId(snapshotId);
+        const archivePath = join(this.backupDir, `${snapshotId}.tar`);
+        await rm(archivePath, { force: true });
+        logger.info(`Volume snapshot deleted: ${snapshotId}`);
+    }
+    /** Delete all snapshots older than maxAge ms */
+    async cleanup(maxAgeMs) {
+        let files;
+        try {
+            files = await readdir(this.backupDir);
+        }
+        catch {
+            return 0;
+        }
+        const cutoff = Date.now() - maxAgeMs;
+        let deleted = 0;
+        for (const file of files) {
+            if (!file.endsWith(".tar"))
+                continue;
+            const archivePath = join(this.backupDir, file);
+            try {
+                const info = await stat(archivePath);
+                if (info.mtime.getTime() < cutoff) {
+                    await rm(archivePath, { force: true });
+                    deleted++;
+                }
+            }
+            catch {
+                // File disappeared — skip
+            }
+        }
+        if (deleted > 0) {
+            logger.info(`Volume snapshot cleanup: removed ${deleted} old snapshots`);
+        }
+        return deleted;
+    }
+    /**
+     * Extract volume name from snapshot ID.
+     * Snapshot IDs are `${volumeName}-${ISO timestamp with colons/dots replaced}`.
+     * ISO timestamps start with 4 digits (year), so we find the last occurrence
+     * of `-YYYY` pattern to split.
+     */
+    extractVolumeName(snapshotId) {
+        // Match the timestamp part: -YYYY-MM-DDTHH-MM-SS-MMMZ
+        const match = snapshotId.match(/^(.+)-\d{4}-\d{2}-\d{2}T/);
+        if (!match) {
+            throw new Error(`Cannot extract volume name from snapshot ID: ${snapshotId}`);
+        }
+        return match[1];
+    }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@wopr-network/platform-core",
-  "version": "1.18.0",
+  "version": "1.20.0",
   "type": "module",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -128,8 +128,10 @@
   },
   "packageManager": "pnpm@10.31.0",
   "dependencies": {
+    "@noble/hashes": "^2.0.1",
     "@scure/base": "^2.0.0",
     "@scure/bip32": "^2.0.1",
+    "@scure/bip39": "^2.0.1",
     "js-yaml": "^4.1.1",
     "viem": "^2.47.4",
     "yaml": "^2.8.2"

package/src/api/routes/admin-audit-helper.ts

@@ -2,7 +2,7 @@ import type { AuditEntry } from "../../admin/audit-log.js";
 
 /** Minimal interface for admin audit logging in route factories. */
 export interface AdminAuditLogger {
-  log(entry: AuditEntry): void | Promise<unknown>;
+  log(entry: AuditEntry): undefined | Promise<unknown>;
 }
 
 /** Safely log an admin audit entry — never throws. */

package/src/billing/crypto/btc/__tests__/address-gen.test.ts

@@ -0,0 +1,53 @@
+import { HDKey } from "@scure/bip32";
+import { describe, expect, it } from "vitest";
+import { deriveBtcAddress, deriveBtcTreasury } from "../address-gen.js";
+
+function makeTestXpub(): string {
+  const seed = new Uint8Array(32);
+  seed[0] = 1;
+  const master = HDKey.fromMasterSeed(seed);
+  return master.derive("m/44'/0'/0'").publicExtendedKey;
+}
+
+const TEST_XPUB = makeTestXpub();
+
+describe("deriveBtcAddress", () => {
+  it("derives a valid bech32 address", () => {
+    const addr = deriveBtcAddress(TEST_XPUB, 0);
+    expect(addr).toMatch(/^bc1q[a-z0-9]+$/);
+  });
+
+  it("derives different addresses for different indices", () => {
+    const a = deriveBtcAddress(TEST_XPUB, 0);
+    const b = deriveBtcAddress(TEST_XPUB, 1);
+    expect(a).not.toBe(b);
+  });
+
+  it("is deterministic", () => {
+    const a = deriveBtcAddress(TEST_XPUB, 42);
+    const b = deriveBtcAddress(TEST_XPUB, 42);
+    expect(a).toBe(b);
+  });
+
+  it("uses tb prefix for testnet/regtest", () => {
+    const addr = deriveBtcAddress(TEST_XPUB, 0, "testnet");
+    expect(addr).toMatch(/^tb1q[a-z0-9]+$/);
+  });
+
+  it("rejects negative index", () => {
+    expect(() => deriveBtcAddress(TEST_XPUB, -1)).toThrow("Invalid");
+  });
+});
+
+describe("deriveBtcTreasury", () => {
+  it("derives a valid bech32 address", () => {
+    const addr = deriveBtcTreasury(TEST_XPUB);
+    expect(addr).toMatch(/^bc1q[a-z0-9]+$/);
+  });
+
+  it("differs from deposit address at index 0", () => {
+    const deposit = deriveBtcAddress(TEST_XPUB, 0);
+    const treasury = deriveBtcTreasury(TEST_XPUB);
+    expect(deposit).not.toBe(treasury);
+  });
+});

package/src/billing/crypto/btc/__tests__/config.test.ts

@@ -0,0 +1,28 @@
+import { describe, expect, it } from "vitest";
+import { centsToSats, satsToCents } from "../config.js";
+
+describe("centsToSats", () => {
+  it("converts $10 at $100k BTC", () => {
+    // $10 = 1000 cents, BTC at $100,000
+    // 10 / 100000 = 0.0001 BTC = 10000 sats
+    expect(centsToSats(1000, 100_000)).toBe(10000);
+  });
+
+  it("converts $100 at $50k BTC", () => {
+    // $100 = 10000 cents, BTC at $50,000
+    // 100 / 50000 = 0.002 BTC = 200000 sats
+    expect(centsToSats(10000, 50_000)).toBe(200000);
+  });
+});
+
+describe("satsToCents", () => {
+  it("converts 10000 sats at $100k BTC", () => {
+    // 10000 sats = 0.0001 BTC, at $100k = $10 = 1000 cents
+    expect(satsToCents(10000, 100_000)).toBe(1000);
+  });
+
+  it("rounds to nearest cent", () => {
+    // 15000 sats at $100k = 0.00015 BTC = $15 = 1500 cents
+    expect(satsToCents(15000, 100_000)).toBe(1500);
+  });
+});

package/src/billing/crypto/btc/__tests__/settler.test.ts

@@ -0,0 +1,103 @@
+import { describe, expect, it, vi } from "vitest";
+import { settleBtcPayment } from "../settler.js";
+import type { BtcPaymentEvent } from "../types.js";
+
+const mockEvent: BtcPaymentEvent = {
+  address: "bc1qtest",
+  txid: "abc123",
+  amountSats: 15000,
+  amountUsdCents: 1000,
+  confirmations: 6,
+};
+
+describe("settleBtcPayment", () => {
+  it("credits ledger when charge found", async () => {
+    const deps = {
+      chargeStore: {
+        getByDepositAddress: vi.fn().mockResolvedValue({
+          referenceId: "btc:test",
+          tenantId: "t1",
+          amountUsdCents: 1000,
+          creditedAt: null,
+        }),
+        updateStatus: vi.fn().mockResolvedValue(undefined),
+        markCredited: vi.fn().mockResolvedValue(undefined),
+      },
+      creditLedger: {
+        hasReferenceId: vi.fn().mockResolvedValue(false),
+        credit: vi.fn().mockResolvedValue({}),
+      },
+      onCreditsPurchased: vi.fn().mockResolvedValue([]),
+    };
+
+    const result = await settleBtcPayment(deps as never, mockEvent);
+    expect(result.handled).toBe(true);
+    expect(result.creditedCents).toBe(1000);
+    expect(deps.creditLedger.credit).toHaveBeenCalledOnce();
+
+    // Verify Credit.fromCents was used
+    const creditArg = deps.creditLedger.credit.mock.calls[0][1];
+    expect(creditArg.toCentsRounded()).toBe(1000);
+  });
+
+  it("rejects double-credit on already-credited charge", async () => {
+    const deps = {
+      chargeStore: {
+        getByDepositAddress: vi.fn().mockResolvedValue({
+          referenceId: "btc:test",
+          tenantId: "t1",
+          amountUsdCents: 1000,
+          creditedAt: "2026-01-01",
+        }),
+        updateStatus: vi.fn().mockResolvedValue(undefined),
+        markCredited: vi.fn(),
+      },
+      creditLedger: {
+        hasReferenceId: vi.fn().mockResolvedValue(false),
+        credit: vi.fn(),
+      },
+    };
+
+    const result = await settleBtcPayment(deps as never, mockEvent);
+    expect(result.creditedCents).toBe(0);
+    expect(deps.creditLedger.credit).not.toHaveBeenCalled();
+  });
+
+  it("rejects underpayment", async () => {
+    const underpaid = { ...mockEvent, amountUsdCents: 500 };
+    const deps = {
+      chargeStore: {
+        getByDepositAddress: vi.fn().mockResolvedValue({
+          referenceId: "btc:test",
+          tenantId: "t1",
+          amountUsdCents: 1000,
+          creditedAt: null,
+        }),
+        updateStatus: vi.fn().mockResolvedValue(undefined),
+        markCredited: vi.fn(),
+      },
+      creditLedger: {
+        hasReferenceId: vi.fn().mockResolvedValue(false),
+        credit: vi.fn(),
+      },
+    };
+
+    const result = await settleBtcPayment(deps as never, underpaid);
+    expect(result.creditedCents).toBe(0);
+    expect(deps.creditLedger.credit).not.toHaveBeenCalled();
+  });
+
+  it("returns handled:false when no charge found", async () => {
+    const deps = {
+      chargeStore: {
+        getByDepositAddress: vi.fn().mockResolvedValue(null),
+        updateStatus: vi.fn(),
+        markCredited: vi.fn(),
+      },
+      creditLedger: { hasReferenceId: vi.fn(), credit: vi.fn() },
+    };
+
+    const result = await settleBtcPayment(deps as never, mockEvent);
+    expect(result.handled).toBe(false);
+  });
+});

package/src/billing/crypto/btc/address-gen.ts

@@ -0,0 +1,41 @@
+import { ripemd160 } from "@noble/hashes/legacy.js";
+import { sha256 } from "@noble/hashes/sha2.js";
+import { bech32 } from "@scure/base";
+import { HDKey } from "@scure/bip32";
+
+/**
+ * Derive a native segwit (bech32, bc1q...) BTC address from an xpub at a given index.
+ * Path: xpub / 0 / index (external chain).
+ * No private keys involved.
+ */
+export function deriveBtcAddress(
+  xpub: string,
+  index: number,
+  network: "mainnet" | "testnet" | "regtest" = "mainnet",
+): string {
+  if (!Number.isInteger(index) || index < 0) throw new Error(`Invalid derivation index: ${index}`);
+
+  const master = HDKey.fromExtendedKey(xpub);
+  const child = master.deriveChild(0).deriveChild(index);
+  if (!child.publicKey) throw new Error("Failed to derive public key");
+
+  // HASH160 = RIPEMD160(SHA256(compressedPubKey))
+  const hash160 = ripemd160(sha256(child.publicKey));
+
+  // Bech32 encode: witness version 0 + 20-byte hash
+  const prefix = network === "mainnet" ? "bc" : "tb";
+  const words = bech32.toWords(hash160);
+  return bech32.encode(prefix, [0, ...words]);
+}
+
+/** Derive the BTC treasury address (internal chain, index 0). */
+export function deriveBtcTreasury(xpub: string, network: "mainnet" | "testnet" | "regtest" = "mainnet"): string {
+  const master = HDKey.fromExtendedKey(xpub);
+  const child = master.deriveChild(1).deriveChild(0); // internal chain
+  if (!child.publicKey) throw new Error("Failed to derive public key");
+
+  const hash160 = ripemd160(sha256(child.publicKey));
+  const prefix = network === "mainnet" ? "bc" : "tb";
+  const words = bech32.toWords(hash160);
+  return bech32.encode(prefix, [0, ...words]);
+}

package/src/billing/crypto/btc/checkout.ts

@@ -0,0 +1,61 @@
+import { Credit } from "../../../credits/credit.js";
+import type { ICryptoChargeRepository } from "../charge-store.js";
+import { deriveBtcAddress } from "./address-gen.js";
+import type { BtcCheckoutOpts } from "./types.js";
+
+export const MIN_BTC_USD = 10;
+
+export interface BtcCheckoutDeps {
+  chargeStore: Pick<ICryptoChargeRepository, "getNextDerivationIndex" | "createStablecoinCharge">;
+  xpub: string;
+  network?: "mainnet" | "testnet" | "regtest";
+}
+
+export interface BtcCheckoutResult {
+  depositAddress: string;
+  amountUsd: number;
+  referenceId: string;
+}
+
+/**
+ * Create a BTC checkout — derive a unique deposit address, store the charge.
+ *
+ * Same pattern as stablecoin checkout: HD derivation + charge store + retry on conflict.
+ *
+ * CRITICAL: amountUsd → integer cents via Credit.fromDollars().toCentsRounded().
+ */
+export async function createBtcCheckout(deps: BtcCheckoutDeps, opts: BtcCheckoutOpts): Promise<BtcCheckoutResult> {
+  if (!Number.isFinite(opts.amountUsd) || opts.amountUsd < MIN_BTC_USD) {
+    throw new Error(`Minimum payment amount is $${MIN_BTC_USD}`);
+  }
+
+  const amountUsdCents = Credit.fromDollars(opts.amountUsd).toCentsRounded();
+  const network = deps.network ?? "mainnet";
+  const maxRetries = 3;
+
+  for (let attempt = 0; attempt <= maxRetries; attempt++) {
+    const derivationIndex = await deps.chargeStore.getNextDerivationIndex();
+    const depositAddress = deriveBtcAddress(deps.xpub, derivationIndex, network);
+    const referenceId = `btc:${depositAddress}`;
+
+    try {
+      await deps.chargeStore.createStablecoinCharge({
+        referenceId,
+        tenantId: opts.tenant,
+        amountUsdCents,
+        chain: "bitcoin",
+        token: "BTC",
+        depositAddress,
+        derivationIndex,
+      });
+
+      return { depositAddress, amountUsd: opts.amountUsd, referenceId };
+    } catch (err: unknown) {
+      const code = (err as { code?: string }).code;
+      const isConflict = code === "23505" || (err instanceof Error && err.message.includes("unique_violation"));
+      if (!isConflict || attempt === maxRetries) throw err;
+    }
+  }
+
+  throw new Error("Failed to claim derivation index after retries");
+}

package/src/billing/crypto/btc/config.ts

@@ -0,0 +1,33 @@
+import type { BitcoindConfig } from "./types.js";
+
+export function loadBitcoindConfig(): BitcoindConfig | null {
+  const rpcUrl = process.env.BITCOIND_RPC_URL;
+  const rpcUser = process.env.BITCOIND_RPC_USER;
+  const rpcPassword = process.env.BITCOIND_RPC_PASSWORD;
+  if (!rpcUrl || !rpcUser || !rpcPassword) return null;
+
+  const network = (process.env.BITCOIND_NETWORK ?? "mainnet") as BitcoindConfig["network"];
+  const confirmations = network === "regtest" ? 1 : 6;
+
+  return { rpcUrl, rpcUser, rpcPassword, network, confirmations };
+}
+
+/**
+ * Convert USD cents to satoshis given a BTC/USD price.
+ * Integer math only.
+ */
+export function centsToSats(cents: number, btcPriceUsd: number): number {
+  // 1 BTC = 100_000_000 sats, price is in dollars
+  // cents / 100 = dollars, dollars / btcPrice = BTC, BTC * 1e8 = sats
+  // To avoid float: (cents * 1e8) / (btcPrice * 100)
+  return Math.round((cents * 100_000_000) / (btcPriceUsd * 100));
+}
+
+/**
+ * Convert satoshis to USD cents given a BTC/USD price.
+ * Integer math only (rounds to nearest cent).
+ */
+export function satsToCents(sats: number, btcPriceUsd: number): number {
+  // sats / 1e8 = BTC, BTC * btcPrice = dollars, dollars * 100 = cents
+  return Math.round((sats * btcPriceUsd * 100) / 100_000_000);
+}

package/src/billing/crypto/btc/index.ts

@@ -0,0 +1,9 @@
+export { deriveBtcAddress, deriveBtcTreasury } from "./address-gen.js";
+export type { BtcCheckoutDeps, BtcCheckoutResult } from "./checkout.js";
+export { createBtcCheckout, MIN_BTC_USD } from "./checkout.js";
+export { centsToSats, loadBitcoindConfig, satsToCents } from "./config.js";
+export type { BtcSettlerDeps } from "./settler.js";
+export { settleBtcPayment } from "./settler.js";
+export type { BitcoindConfig, BtcCheckoutOpts, BtcPaymentEvent } from "./types.js";
+export type { BtcWatcherOpts } from "./watcher.js";
+export { BtcWatcher, createBitcoindRpc } from "./watcher.js";