@wopr-network/platform-core 1.42.3 → 1.43.0

package/src/billing/crypto/client.test.ts

@@ -1,132 +1,116 @@
 import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
-import { BTCPayClient, loadCryptoConfig } from "./client.js";
-
-describe("BTCPayClient", () => {
-  it("createInvoice sends correct request and returns id + checkoutLink", async () => {
-    const mockResponse = { id: "inv-001", checkoutLink: "https://btcpay.example.com/i/inv-001" };
-    const fetchSpy = vi
-      .spyOn(globalThis, "fetch")
-      .mockResolvedValue(new Response(JSON.stringify(mockResponse), { status: 200 }));
-
-    const client = new BTCPayClient({
-      apiKey: "test-key",
-      baseUrl: "https://btcpay.example.com",
-      storeId: "store-abc",
-    });
-
-    const result = await client.createInvoice({
-      amountUsd: 25,
-      orderId: "order-123",
-      buyerEmail: "test@example.com",
-    });
+import { BTCPayClient, CryptoServiceClient, loadCryptoConfig } from "./client.js";
 
-    expect(result.id).toBe("inv-001");
-    expect(result.checkoutLink).toBe("https://btcpay.example.com/i/inv-001");
+describe("CryptoServiceClient", () => {
+  afterEach(() => vi.restoreAllMocks());
 
-    expect(fetchSpy).toHaveBeenCalledOnce();
-    const [url, opts] = fetchSpy.mock.calls[0];
-    expect(url).toBe("https://btcpay.example.com/api/v1/stores/store-abc/invoices");
-    expect(opts?.method).toBe("POST");
+  it("deriveAddress sends POST /address with chain", async () => {
+    const mockResponse = { address: "bc1q...", index: 42, chain: "bitcoin", token: "BTC" };
+    vi.spyOn(globalThis, "fetch").mockResolvedValue(new Response(JSON.stringify(mockResponse), { status: 201 }));
 
-    const headers = opts?.headers as Record<string, string>;
-    expect(headers.Authorization).toBe("token test-key");
-    expect(headers["Content-Type"]).toBe("application/json");
+    const client = new CryptoServiceClient({ baseUrl: "http://localhost:3100" });
+    const result = await client.deriveAddress("btc");
 
-    const body = JSON.parse(opts?.body as string);
-    expect(body.amount).toBe("25");
-    expect(body.currency).toBe("USD");
-    expect(body.metadata.orderId).toBe("order-123");
-    expect(body.metadata.buyerEmail).toBe("test@example.com");
-    expect(body.checkout.speedPolicy).toBe("MediumSpeed");
+    expect(result.address).toBe("bc1q...");
+    expect(result.index).toBe(42);
 
-    fetchSpy.mockRestore();
+    const [url, opts] = vi.mocked(fetch).mock.calls[0];
+    expect(url).toBe("http://localhost:3100/address");
+    expect(opts?.method).toBe("POST");
+    expect(JSON.parse(opts?.body as string)).toEqual({ chain: "btc" });
   });
 
-  it("createInvoice includes redirectURL when provided", async () => {
-    const fetchSpy = vi.spyOn(globalThis, "fetch").mockResolvedValue(
-      new Response(JSON.stringify({ id: "inv-002", checkoutLink: "https://btcpay.example.com/i/inv-002" }), {
-        status: 200,
-      }),
-    );
-
-    const client = new BTCPayClient({ apiKey: "k", baseUrl: "https://btcpay.example.com", storeId: "s" });
-    await client.createInvoice({ amountUsd: 10, orderId: "o", redirectURL: "https://app.example.com/success" });
+  it("createCharge sends POST /charges", async () => {
+    const mockResponse = {
+      chargeId: "btc:bc1q...",
+      address: "bc1q...",
+      chain: "btc",
+      token: "BTC",
+      amountUsd: 50,
+      derivationIndex: 42,
+      expiresAt: "2026-03-20T04:00:00Z",
+    };
+    vi.spyOn(globalThis, "fetch").mockResolvedValue(new Response(JSON.stringify(mockResponse), { status: 201 }));
+
+    const client = new CryptoServiceClient({
+      baseUrl: "http://localhost:3100",
+      serviceKey: "sk-test",
+      tenantId: "tenant-1",
+    });
+    const result = await client.createCharge({ chain: "btc", amountUsd: 50 });
 
-    const body = JSON.parse(fetchSpy.mock.calls[0][1]?.body as string);
-    expect(body.checkout.redirectURL).toBe("https://app.example.com/success");
+    expect(result.chargeId).toBe("btc:bc1q...");
+    expect(result.address).toBe("bc1q...");
 
-    fetchSpy.mockRestore();
+    const [, opts] = vi.mocked(fetch).mock.calls[0];
+    const headers = opts?.headers as Record<string, string>;
+    expect(headers.Authorization).toBe("Bearer sk-test");
+    expect(headers["X-Tenant-Id"]).toBe("tenant-1");
   });
 
-  it("createInvoice throws on non-ok response", async () => {
-    const fetchSpy = vi.spyOn(globalThis, "fetch").mockResolvedValue(new Response("Unauthorized", { status: 401 }));
+  it("getCharge sends GET /charges/:id", async () => {
+    const mockResponse = { chargeId: "btc:bc1q...", status: "confirmed" };
+    vi.spyOn(globalThis, "fetch").mockResolvedValue(new Response(JSON.stringify(mockResponse), { status: 200 }));
 
-    const client = new BTCPayClient({ apiKey: "bad-key", baseUrl: "https://btcpay.example.com", storeId: "s" });
-    await expect(client.createInvoice({ amountUsd: 10, orderId: "o" })).rejects.toThrow(
-      "BTCPay createInvoice failed (401)",
-    );
+    const client = new CryptoServiceClient({ baseUrl: "http://localhost:3100" });
+    const result = await client.getCharge("btc:bc1q...");
 
-    fetchSpy.mockRestore();
+    expect(result.status).toBe("confirmed");
+    expect(vi.mocked(fetch).mock.calls[0][0]).toBe("http://localhost:3100/charges/btc%3Abc1q...");
   });
 
-  it("getInvoice sends correct request", async () => {
-    const fetchSpy = vi.spyOn(globalThis, "fetch").mockResolvedValue(
-      new Response(JSON.stringify({ id: "inv-001", status: "Settled", amount: "25", currency: "USD" }), {
-        status: 200,
-      }),
-    );
+  it("listChains sends GET /chains", async () => {
+    const mockResponse = [{ id: "btc", token: "BTC", chain: "bitcoin", decimals: 8 }];
+    vi.spyOn(globalThis, "fetch").mockResolvedValue(new Response(JSON.stringify(mockResponse), { status: 200 }));
 
-    const client = new BTCPayClient({ apiKey: "k", baseUrl: "https://btcpay.example.com", storeId: "store-abc" });
-    const result = await client.getInvoice("inv-001");
+    const client = new CryptoServiceClient({ baseUrl: "http://localhost:3100" });
+    const result = await client.listChains();
 
-    expect(result.status).toBe("Settled");
-    expect(fetchSpy.mock.calls[0][0]).toBe("https://btcpay.example.com/api/v1/stores/store-abc/invoices/inv-001");
-
-    fetchSpy.mockRestore();
+    expect(result).toHaveLength(1);
+    expect(result[0].token).toBe("BTC");
   });
-});
 
-describe("loadCryptoConfig", () => {
-  beforeEach(() => {
-    delete process.env.BTCPAY_API_KEY;
-    delete process.env.BTCPAY_BASE_URL;
-    delete process.env.BTCPAY_STORE_ID;
-  });
+  it("throws on non-ok response", async () => {
+    vi.spyOn(globalThis, "fetch").mockResolvedValue(new Response("Not found", { status: 404 }));
 
-  afterEach(() => {
-    vi.unstubAllEnvs();
+    const client = new CryptoServiceClient({ baseUrl: "http://localhost:3100" });
+    await expect(client.getCharge("missing")).rejects.toThrow("CryptoService getCharge failed (404)");
   });
+});
 
-  it("returns null when BTCPAY_API_KEY is missing", () => {
-    vi.stubEnv("BTCPAY_BASE_URL", "https://btcpay.test");
-    vi.stubEnv("BTCPAY_STORE_ID", "store-1");
-    expect(loadCryptoConfig()).toBeNull();
+describe("BTCPayClient (deprecated)", () => {
+  it("throws on createInvoice", async () => {
+    const client = new BTCPayClient({ apiKey: "k", baseUrl: "https://example.com", storeId: "s" });
+    await expect(client.createInvoice({ amountUsd: 10, orderId: "o" })).rejects.toThrow("deprecated");
   });
 
-  it("returns null when BTCPAY_BASE_URL is missing", () => {
-    vi.stubEnv("BTCPAY_API_KEY", "test-key");
-    vi.stubEnv("BTCPAY_STORE_ID", "store-1");
-    expect(loadCryptoConfig()).toBeNull();
+  it("throws on getInvoice", async () => {
+    const client = new BTCPayClient({ apiKey: "k", baseUrl: "https://example.com", storeId: "s" });
+    await expect(client.getInvoice("inv-1")).rejects.toThrow("deprecated");
   });
+});
 
-  it("returns null when BTCPAY_STORE_ID is missing", () => {
-    vi.stubEnv("BTCPAY_API_KEY", "test-key");
-    vi.stubEnv("BTCPAY_BASE_URL", "https://btcpay.test");
-    expect(loadCryptoConfig()).toBeNull();
+describe("loadCryptoConfig", () => {
+  beforeEach(() => {
+    delete process.env.CRYPTO_SERVICE_URL;
+    delete process.env.CRYPTO_SERVICE_KEY;
+    delete process.env.TENANT_ID;
   });
 
-  it("returns config when all env vars are set", () => {
-    vi.stubEnv("BTCPAY_API_KEY", "test-key");
-    vi.stubEnv("BTCPAY_BASE_URL", "https://btcpay.test");
-    vi.stubEnv("BTCPAY_STORE_ID", "store-1");
+  afterEach(() => vi.unstubAllEnvs());
+
+  it("returns config when CRYPTO_SERVICE_URL is set", () => {
+    vi.stubEnv("CRYPTO_SERVICE_URL", "http://10.120.0.5:3100");
+    vi.stubEnv("CRYPTO_SERVICE_KEY", "sk-test");
+    vi.stubEnv("TENANT_ID", "tenant-1");
     expect(loadCryptoConfig()).toEqual({
-      apiKey: "test-key",
-      baseUrl: "https://btcpay.test",
-      storeId: "store-1",
+      baseUrl: "http://10.120.0.5:3100",
+      serviceKey: "sk-test",
+      tenantId: "tenant-1",
     });
   });
 
-  it("returns null when all env vars are missing", () => {
+  it("returns null when CRYPTO_SERVICE_URL is missing", () => {
     expect(loadCryptoConfig()).toBeNull();
   });
 });

package/src/billing/crypto/client.ts

@@ -1,86 +1,166 @@
-import type { CryptoBillingConfig } from "./types.js";
+/**
+ * Crypto Key Server client — for products to call the shared service.
+ *
+ * Replaces BTCPayClient. Products set CRYPTO_SERVICE_URL instead of
+ * BTCPAY_API_KEY + BTCPAY_BASE_URL + BTCPAY_STORE_ID.
+ */
+
+export interface CryptoServiceConfig {
+  /** Base URL of the crypto key server (e.g. http://10.120.0.5:3100) */
+  baseUrl: string;
+  /** Service key for auth (reuses gateway service key) */
+  serviceKey?: string;
+  /** Tenant ID header */
+  tenantId?: string;
+}
+
+export interface DeriveAddressResult {
+  address: string;
+  index: number;
+  chain: string;
+  token: string;
+}
 
-export type { CryptoBillingConfig as CryptoConfig };
+export interface CreateChargeResult {
+  chargeId: string;
+  address: string;
+  chain: string;
+  token: string;
+  amountUsd: number;
+  derivationIndex: number;
+  expiresAt: string;
+}
+
+export interface ChargeStatus {
+  chargeId: string;
+  status: string;
+  address: string | null;
+  chain: string | null;
+  token: string | null;
+  amountUsdCents: number;
+  creditedAt: string | null;
+}
+
+export interface ChainInfo {
+  id: string;
+  token: string;
+  chain: string;
+  decimals: number;
+  displayName: string;
+  contractAddress: string | null;
+  confirmations: number;
+}
 
 /**
- * Lightweight BTCPay Server Greenfield API client.
- *
- * Uses plain fetch — zero vendor dependencies.
- * Auth header format: "token <apiKey>" (NOT "Bearer").
+ * Client for the shared crypto key server.
+ * Products use this instead of running local watchers + holding xpubs.
  */
-export class BTCPayClient {
-  constructor(private readonly config: CryptoBillingConfig) {}
+export class CryptoServiceClient {
+  constructor(private readonly config: CryptoServiceConfig) {}
 
   private headers(): Record<string, string> {
-    return {
-      "Content-Type": "application/json",
-      Authorization: `token ${this.config.apiKey}`,
-    };
+    const h: Record<string, string> = { "Content-Type": "application/json" };
+    if (this.config.serviceKey) h.Authorization = `Bearer ${this.config.serviceKey}`;
+    if (this.config.tenantId) h["X-Tenant-Id"] = this.config.tenantId;
+    return h;
   }
 
-  /**
-   * Create an invoice on the BTCPay store.
-   *
-   * Returns the invoice ID and checkout link (URL to redirect the user).
-   */
-  async createInvoice(opts: {
-    amountUsd: number;
-    orderId: string;
-    buyerEmail?: string;
-    redirectURL?: string;
-  }): Promise<{ id: string; checkoutLink: string }> {
-    const url = `${this.config.baseUrl}/api/v1/stores/${this.config.storeId}/invoices`;
-    const body = {
-      amount: String(opts.amountUsd),
-      currency: "USD",
-      metadata: {
-        orderId: opts.orderId,
-        buyerEmail: opts.buyerEmail,
-      },
-      checkout: {
-        speedPolicy: "MediumSpeed",
-        expirationMinutes: 30,
-        ...(opts.redirectURL ? { redirectURL: opts.redirectURL } : {}),
-      },
-    };
-
-    const res = await fetch(url, {
+  /** Derive the next unused address for a chain. */
+  async deriveAddress(chain: string): Promise<DeriveAddressResult> {
+    const res = await fetch(`${this.config.baseUrl}/address`, {
       method: "POST",
       headers: this.headers(),
-      body: JSON.stringify(body),
+      body: JSON.stringify({ chain }),
     });
-
     if (!res.ok) {
       const text = await res.text().catch(() => "");
-      throw new Error(`BTCPay createInvoice failed (${res.status}): ${text}`);
+      throw new Error(`CryptoService deriveAddress failed (${res.status}): ${text}`);
     }
+    return (await res.json()) as DeriveAddressResult;
+  }
 
-    const data = (await res.json()) as { id: string; checkoutLink: string };
-    return { id: data.id, checkoutLink: data.checkoutLink };
+  /** Create a payment charge — derives address, sets expiry, starts watching. */
+  async createCharge(opts: {
+    chain: string;
+    amountUsd: number;
+    callbackUrl?: string;
+    metadata?: Record<string, unknown>;
+  }): Promise<CreateChargeResult> {
+    const res = await fetch(`${this.config.baseUrl}/charges`, {
+      method: "POST",
+      headers: this.headers(),
+      body: JSON.stringify(opts),
+    });
+    if (!res.ok) {
+      const text = await res.text().catch(() => "");
+      throw new Error(`CryptoService createCharge failed (${res.status}): ${text}`);
+    }
+    return (await res.json()) as CreateChargeResult;
   }
 
-  /** Get invoice status by ID. */
-  async getInvoice(invoiceId: string): Promise<{ id: string; status: string; amount: string; currency: string }> {
-    const url = `${this.config.baseUrl}/api/v1/stores/${this.config.storeId}/invoices/${invoiceId}`;
-    const res = await fetch(url, { headers: this.headers() });
+  /** Check charge status. */
+  async getCharge(chargeId: string): Promise<ChargeStatus> {
+    const res = await fetch(`${this.config.baseUrl}/charges/${encodeURIComponent(chargeId)}`, {
+      headers: this.headers(),
+    });
+    if (!res.ok) {
+      const text = await res.text().catch(() => "");
+      throw new Error(`CryptoService getCharge failed (${res.status}): ${text}`);
+    }
+    return (await res.json()) as ChargeStatus;
+  }
 
+  /** List all enabled payment methods (for checkout UI). */
+  async listChains(): Promise<ChainInfo[]> {
+    const res = await fetch(`${this.config.baseUrl}/chains`, {
+      headers: this.headers(),
+    });
     if (!res.ok) {
       const text = await res.text().catch(() => "");
-      throw new Error(`BTCPay getInvoice failed (${res.status}): ${text}`);
+      throw new Error(`CryptoService listChains failed (${res.status}): ${text}`);
     }
+    return (await res.json()) as ChainInfo[];
+  }
+}
 
-    return (await res.json()) as { id: string; status: string; amount: string; currency: string };
+/**
+ * Load crypto service config from environment.
+ * Returns null if CRYPTO_SERVICE_URL is not set.
+ *
+ * Also supports legacy BTCPay env vars for backwards compat during migration.
+ */
+export function loadCryptoConfig(): CryptoServiceConfig | null {
+  const baseUrl = process.env.CRYPTO_SERVICE_URL;
+  if (baseUrl) {
+    return {
+      baseUrl,
+      serviceKey: process.env.CRYPTO_SERVICE_KEY,
+      tenantId: process.env.TENANT_ID,
+    };
   }
+  return null;
 }
 
+// Legacy type alias for backwards compat
+export type CryptoConfig = CryptoServiceConfig;
+
 /**
- * Load BTCPay config from environment variables.
- * Returns null if any required var is missing.
+ * @deprecated Use CryptoServiceClient instead. BTCPay is replaced by the crypto key server.
+ * Kept for backwards compat — products still import BTCPayClient during migration.
  */
-export function loadCryptoConfig(): CryptoBillingConfig | null {
-  const apiKey = process.env.BTCPAY_API_KEY;
-  const baseUrl = process.env.BTCPAY_BASE_URL;
-  const storeId = process.env.BTCPAY_STORE_ID;
-  if (!apiKey || !baseUrl || !storeId) return null;
-  return { apiKey, baseUrl, storeId };
+export class BTCPayClient {
+  constructor(_config: { apiKey: string; baseUrl: string; storeId: string }) {}
+
+  async createInvoice(_opts: {
+    amountUsd: number;
+    orderId: string;
+    buyerEmail?: string;
+    redirectURL?: string;
+  }): Promise<{ id: string; checkoutLink: string }> {
+    throw new Error("BTCPayClient is deprecated — migrate to CryptoServiceClient");
+  }
+
+  async getInvoice(_invoiceId: string): Promise<{ id: string; status: string; amount: string; currency: string }> {
+    throw new Error("BTCPayClient is deprecated — migrate to CryptoServiceClient");
+  }
 }

package/src/billing/crypto/index.ts

@@ -2,11 +2,20 @@ export * from "./btc/index.js";
 export type { CryptoChargeRecord, CryptoDepositChargeInput, ICryptoChargeRepository } from "./charge-store.js";
 export { CryptoChargeRepository, DrizzleCryptoChargeRepository } from "./charge-store.js";
 export { createCryptoCheckout, MIN_PAYMENT_USD } from "./checkout.js";
-export type { CryptoConfig } from "./client.js";
-export { BTCPayClient, loadCryptoConfig } from "./client.js";
+export type {
+  ChainInfo,
+  ChargeStatus,
+  CreateChargeResult,
+  CryptoConfig,
+  CryptoServiceConfig,
+  DeriveAddressResult,
+} from "./client.js";
+export { BTCPayClient, CryptoServiceClient, loadCryptoConfig } from "./client.js";
 export type { IWatcherCursorStore } from "./cursor-store.js";
 export { DrizzleWatcherCursorStore } from "./cursor-store.js";
 export * from "./evm/index.js";
+export type { KeyServerDeps } from "./key-server.js";
+export { createKeyServerApp } from "./key-server.js";
 export * from "./oracle/index.js";
 export type { IPaymentMethodStore, PaymentMethodRecord } from "./payment-method-store.js";
 export { DrizzlePaymentMethodStore } from "./payment-method-store.js";

package/src/billing/crypto/key-server-entry.ts

@@ -0,0 +1,52 @@
+/**
+ * Standalone entry point for the crypto key server.
+ *
+ * Deploys on the chain server (pay.wopr.bot:3100).
+ * Boots: postgres → migrations → key server routes → watchers → serve.
+ *
+ * Usage: node dist/billing/crypto/key-server-entry.js
+ */
+/* biome-ignore-all lint/suspicious/noConsole: standalone entry point */
+import { serve } from "@hono/node-server";
+import { drizzle } from "drizzle-orm/node-postgres";
+import { migrate } from "drizzle-orm/node-postgres/migrator";
+import pg from "pg";
+import * as schema from "../../db/schema/index.js";
+import { DrizzleCryptoChargeRepository } from "./charge-store.js";
+import { createKeyServerApp } from "./key-server.js";
+import { DrizzlePaymentMethodStore } from "./payment-method-store.js";
+
+const PORT = Number(process.env.PORT ?? "3100");
+const DATABASE_URL = process.env.DATABASE_URL;
+const SERVICE_KEY = process.env.SERVICE_KEY;
+const ADMIN_TOKEN = process.env.ADMIN_TOKEN;
+
+if (!DATABASE_URL) {
+  console.error("DATABASE_URL is required");
+  process.exit(1);
+}
+
+async function main(): Promise<void> {
+  const pool = new pg.Pool({ connectionString: DATABASE_URL });
+
+  // Run migrations FIRST, before creating schema-typed db
+  console.log("[crypto-key-server] Running migrations...");
+  await migrate(drizzle(pool), { migrationsFolder: "./drizzle/migrations" });
+
+  // Now create the schema-typed db (columns guaranteed to exist)
+  console.log("[crypto-key-server] Connecting...");
+  const db = drizzle(pool, { schema }) as unknown as import("../../db/index.js").DrizzleDb;
+
+  const chargeStore = new DrizzleCryptoChargeRepository(db);
+  const methodStore = new DrizzlePaymentMethodStore(db);
+
+  const app = createKeyServerApp({ db, chargeStore, methodStore, serviceKey: SERVICE_KEY, adminToken: ADMIN_TOKEN });
+
+  console.log(`[crypto-key-server] Listening on :${PORT}`);
+  serve({ fetch: app.fetch, port: PORT });
+}
+
+main().catch((err) => {
+  console.error("[crypto-key-server] Fatal:", err);
+  process.exit(1);
+});