@wopr-network/platform-core 1.42.3 → 1.44.0

package/dist/billing/crypto/checkout.test.js

@@ -1,71 +0,0 @@
-import { afterAll, beforeAll, beforeEach, describe, expect, it, vi } from "vitest";
-import { beginTestTransaction, createTestDb, endTestTransaction, rollbackTestTransaction } from "../../test/db.js";
-import { CryptoChargeRepository } from "./charge-store.js";
-import { createCryptoCheckout, MIN_PAYMENT_USD } from "./checkout.js";
-function createMockClient(overrides = {}) {
-    return {
-        createInvoice: overrides.createInvoice ??
-            vi.fn().mockResolvedValue({
-                id: "inv-mock-001",
-                checkoutLink: "https://btcpay.example.com/i/inv-mock-001",
-            }),
-    };
-}
-describe("createCryptoCheckout", () => {
-    let pool;
-    let db;
-    let chargeStore;
-    let client;
-    beforeAll(async () => {
-        ({ db, pool } = await createTestDb());
-        await beginTestTransaction(pool);
-    });
-    afterAll(async () => {
-        await endTestTransaction(pool);
-        await pool.close();
-    });
-    beforeEach(async () => {
-        await rollbackTestTransaction(pool);
-        chargeStore = new CryptoChargeRepository(db);
-        client = createMockClient();
-    });
-    it("rejects amounts below $10 minimum", async () => {
-        await expect(createCryptoCheckout(client, chargeStore, { tenant: "t-1", amountUsd: 5 })).rejects.toThrow(`Minimum payment amount is $${MIN_PAYMENT_USD}`);
-    });
-    it("rejects amounts of exactly $0", async () => {
-        await expect(createCryptoCheckout(client, chargeStore, { tenant: "t-1", amountUsd: 0 })).rejects.toThrow();
-    });
-    it("calls client.createInvoice with correct params", async () => {
-        const createInvoice = vi.fn().mockResolvedValue({
-            id: "inv-abc",
-            checkoutLink: "https://btcpay.example.com/i/inv-abc",
-        });
-        const mockClient = createMockClient({ createInvoice });
-        await createCryptoCheckout(mockClient, chargeStore, { tenant: "t-test", amountUsd: 25 });
-        expect(createInvoice).toHaveBeenCalledOnce();
-        const args = createInvoice.mock.calls[0][0];
-        expect(args.amountUsd).toBe(25);
-        expect(args.buyerEmail).toContain("t-test@");
-    });
-    it("stores the charge with correct amountUsdCents (converts from USD)", async () => {
-        const createInvoice = vi.fn().mockResolvedValue({
-            id: "inv-store-test",
-            checkoutLink: "https://btcpay.example.com/i/inv-store-test",
-        });
-        const mockClient = createMockClient({ createInvoice });
-        await createCryptoCheckout(mockClient, chargeStore, { tenant: "t-2", amountUsd: 25 });
-        const charge = await chargeStore.getByReferenceId("inv-store-test");
-        expect(charge).not.toBeNull();
-        expect(charge?.tenantId).toBe("t-2");
-        expect(charge?.amountUsdCents).toBe(2500); // $25.00 = 2500 cents
-        expect(charge?.status).toBe("New");
-    });
-    it("returns referenceId and url", async () => {
-        const result = await createCryptoCheckout(client, chargeStore, { tenant: "t-3", amountUsd: 10 });
-        expect(result.referenceId).toBe("inv-mock-001");
-        expect(result.url).toBe("https://btcpay.example.com/i/inv-mock-001");
-    });
-    it("accepts exactly $10 (minimum boundary)", async () => {
-        await expect(createCryptoCheckout(client, chargeStore, { tenant: "t-4", amountUsd: 10 })).resolves.not.toBeNull();
-    });
-});

package/dist/billing/crypto/webhook.d.ts

@@ -1,34 +0,0 @@
-import type { ILedger } from "../../credits/ledger.js";
-import type { IWebhookSeenRepository } from "../webhook-seen-repository.js";
-import type { ICryptoChargeRepository } from "./charge-store.js";
-import type { CryptoWebhookPayload, CryptoWebhookResult } from "./types.js";
-export interface CryptoWebhookDeps {
-    chargeStore: ICryptoChargeRepository;
-    creditLedger: ILedger;
-    replayGuard: IWebhookSeenRepository;
-    /** Called after credits are purchased — consumer can reactivate suspended resources. Returns reactivated resource IDs. */
-    onCreditsPurchased?: (tenantId: string, ledger: ILedger) => Promise<string[]>;
-}
-/**
- * Verify BTCPay webhook signature (HMAC-SHA256).
- *
- * BTCPay sends the signature in the BTCPAY-SIG header as "sha256=<hex>".
- */
-export declare function verifyCryptoWebhookSignature(rawBody: Buffer | string, sigHeader: string | undefined, secret: string): boolean;
-/**
- * Process a BTCPay Server webhook event.
- *
- * Only credits the ledger on InvoiceSettled status.
- * Uses the BTCPay invoice ID mapped to the stored charge record
- * for tenant resolution and idempotency.
- *
- * Idempotency strategy (matches Stripe webhook pattern):
- *   Primary: `creditLedger.hasReferenceId("crypto:<invoiceId>")` — atomic,
- *   checked inside the ledger's serialized transaction.
- *   Secondary: `chargeStore.markCredited()` — advisory flag for queries.
- *
- * CRITICAL: The charge store holds amountUsdCents (USD cents, integer).
- * Credit.fromCents() converts cents → nanodollars for the ledger.
- * Never pass raw cents to the ledger — always go through Credit.fromCents().
- */
-export declare function handleCryptoWebhook(deps: CryptoWebhookDeps, payload: CryptoWebhookPayload): Promise<CryptoWebhookResult>;

package/dist/billing/crypto/webhook.js

@@ -1,107 +0,0 @@
-import crypto from "node:crypto";
-import { Credit } from "../../credits/credit.js";
-import { mapBtcPayEventToStatus } from "./types.js";
-/**
- * Verify BTCPay webhook signature (HMAC-SHA256).
- *
- * BTCPay sends the signature in the BTCPAY-SIG header as "sha256=<hex>".
- */
-export function verifyCryptoWebhookSignature(rawBody, sigHeader, secret) {
-    if (!sigHeader)
-        return false;
-    const expectedSig = `sha256=${crypto.createHmac("sha256", secret).update(rawBody).digest("hex")}`;
-    const expected = Buffer.from(expectedSig, "utf8");
-    const received = Buffer.from(sigHeader, "utf8");
-    if (expected.length !== received.length)
-        return false;
-    return crypto.timingSafeEqual(expected, received);
-}
-/**
- * Process a BTCPay Server webhook event.
- *
- * Only credits the ledger on InvoiceSettled status.
- * Uses the BTCPay invoice ID mapped to the stored charge record
- * for tenant resolution and idempotency.
- *
- * Idempotency strategy (matches Stripe webhook pattern):
- *   Primary: `creditLedger.hasReferenceId("crypto:<invoiceId>")` — atomic,
- *   checked inside the ledger's serialized transaction.
- *   Secondary: `chargeStore.markCredited()` — advisory flag for queries.
- *
- * CRITICAL: The charge store holds amountUsdCents (USD cents, integer).
- * Credit.fromCents() converts cents → nanodollars for the ledger.
- * Never pass raw cents to the ledger — always go through Credit.fromCents().
- */
-export async function handleCryptoWebhook(deps, payload) {
-    const { chargeStore, creditLedger } = deps;
-    // Replay guard FIRST: deduplicate by invoiceId + event type.
-    // Must run before mapBtcPayEventToStatus() — unknown event types throw,
-    // and BTCPay retries webhooks on failure. Without this ordering, an unknown
-    // event type causes an infinite retry loop.
-    const dedupeKey = `${payload.invoiceId}:${payload.type}`;
-    if (await deps.replayGuard.isDuplicate(dedupeKey, "crypto")) {
-        return { handled: true, status: "New", duplicate: true };
-    }
-    // Map BTCPay event type to a CryptoPaymentState (throws on unknown types).
-    const status = mapBtcPayEventToStatus(payload.type);
-    // Look up the charge record to find the tenant.
-    const charge = await chargeStore.getByReferenceId(payload.invoiceId);
-    if (!charge) {
-        return { handled: false, status };
-    }
-    // Update charge status regardless of event type.
-    await chargeStore.updateStatus(payload.invoiceId, status);
-    let result;
-    if (payload.type === "InvoiceSettled") {
-        // Idempotency: use ledger referenceId check (same pattern as Stripe webhook).
-        // This is atomic — the referenceId is checked inside the ledger's serialized
-        // transaction, eliminating the TOCTOU race of isCredited() + creditLedger().
-        const creditRef = `crypto:${payload.invoiceId}`;
-        if (await creditLedger.hasReferenceId(creditRef)) {
-            result = {
-                handled: true,
-                status,
-                tenant: charge.tenantId,
-                creditedCents: 0,
-            };
-        }
-        else {
-            // Credit the original USD amount requested (not the crypto amount).
-            // For overpayments, we still credit the requested amount.
-            // charge.amountUsdCents is in USD cents (integer).
-            // Credit.fromCents() converts to nanodollars for the ledger.
-            const creditCents = charge.amountUsdCents;
-            await creditLedger.credit(charge.tenantId, Credit.fromCents(creditCents), "purchase", {
-                description: `Crypto credit purchase via BTCPay (invoice: ${payload.invoiceId})`,
-                referenceId: creditRef,
-                fundingSource: "crypto",
-            });
-            // Mark credited (advisory — primary idempotency is the ledger referenceId above).
-            await chargeStore.markCredited(payload.invoiceId);
-            // Reactivate suspended resources after credit purchase.
-            let reactivatedBots;
-            if (deps.onCreditsPurchased) {
-                reactivatedBots = await deps.onCreditsPurchased(charge.tenantId, creditLedger);
-                if (reactivatedBots.length === 0)
-                    reactivatedBots = undefined;
-            }
-            result = {
-                handled: true,
-                status,
-                tenant: charge.tenantId,
-                creditedCents: creditCents,
-                reactivatedBots,
-            };
-        }
-    }
-    else {
-        // New, Processing, Expired, Invalid — just track status.
-        result = {
-            handled: true,
-            status,
-            tenant: charge.tenantId,
-        };
-    }
-    await deps.replayGuard.markSeen(dedupeKey, "crypto");
-    return result;
-}

package/dist/billing/crypto/webhook.test.js

@@ -1,266 +0,0 @@
-import crypto from "node:crypto";
-import { afterAll, beforeAll, beforeEach, describe, expect, it, vi } from "vitest";
-import { DrizzleLedger } from "../../credits/ledger.js";
-import { createTestDb, truncateAllTables } from "../../test/db.js";
-import { DrizzleWebhookSeenRepository } from "../drizzle-webhook-seen-repository.js";
-import { noOpReplayGuard } from "../webhook-seen-repository.js";
-import { CryptoChargeRepository } from "./charge-store.js";
-import { mapBtcPayEventToStatus } from "./types.js";
-import { handleCryptoWebhook, verifyCryptoWebhookSignature } from "./webhook.js";
-function makePayload(overrides = {}) {
-    return {
-        deliveryId: "del-001",
-        webhookId: "whk-001",
-        originalDeliveryId: "del-001",
-        isRedelivery: false,
-        type: "InvoiceSettled",
-        timestamp: Date.now(),
-        storeId: "store-test",
-        invoiceId: "inv-test-001",
-        metadata: { orderId: "order-001" },
-        ...overrides,
-    };
-}
-let pool;
-let db;
-beforeAll(async () => {
-    ({ db, pool } = await createTestDb());
-});
-afterAll(async () => {
-    await pool.close();
-});
-describe("handleCryptoWebhook", () => {
-    let chargeStore;
-    let creditLedger;
-    let deps;
-    beforeEach(async () => {
-        await truncateAllTables(pool);
-        chargeStore = new CryptoChargeRepository(db);
-        creditLedger = new DrizzleLedger(db);
-        await creditLedger.seedSystemAccounts();
-        deps = { chargeStore, creditLedger, replayGuard: noOpReplayGuard };
-        // Create a default test charge
-        await chargeStore.create("inv-test-001", "tenant-a", 2500);
-    });
-    // ---------------------------------------------------------------------------
-    // InvoiceSettled — should credit ledger
-    // ---------------------------------------------------------------------------
-    describe("InvoiceSettled", () => {
-        it("credits the ledger with the requested USD amount", async () => {
-            const result = await handleCryptoWebhook(deps, makePayload({ type: "InvoiceSettled" }));
-            expect(result.handled).toBe(true);
-            expect(result.status).toBe("Settled");
-            expect(result.tenant).toBe("tenant-a");
-            expect(result.creditedCents).toBe(2500);
-            const balance = await creditLedger.balance("tenant-a");
-            expect(balance.toCents()).toBe(2500);
-        });
-        it("uses crypto: prefix on reference ID in credit transaction", async () => {
-            await handleCryptoWebhook(deps, makePayload({ type: "InvoiceSettled" }));
-            const history = await creditLedger.history("tenant-a");
-            expect(history).toHaveLength(1);
-            expect(history[0].referenceId).toBe("crypto:inv-test-001");
-            expect(history[0].entryType).toBe("purchase");
-        });
-        it("records fundingSource as crypto", async () => {
-            await handleCryptoWebhook(deps, makePayload({ type: "InvoiceSettled" }));
-            const history = await creditLedger.history("tenant-a");
-            expect(history[0].metadata?.fundingSource).toBe("crypto");
-        });
-        it("marks the charge as credited after Settled", async () => {
-            await handleCryptoWebhook(deps, makePayload({ type: "InvoiceSettled" }));
-            expect(await chargeStore.isCredited("inv-test-001")).toBe(true);
-        });
-        it("is idempotent — duplicate InvoiceSettled does not double-credit", async () => {
-            await handleCryptoWebhook(deps, makePayload({ type: "InvoiceSettled" }));
-            const result2 = await handleCryptoWebhook(deps, makePayload({ type: "InvoiceSettled" }));
-            expect(result2.handled).toBe(true);
-            expect(result2.creditedCents).toBe(0);
-            const balance = await creditLedger.balance("tenant-a");
-            expect(balance.toCents()).toBe(2500); // Only credited once
-        });
-    });
-    // ---------------------------------------------------------------------------
-    // Statuses that should NOT credit the ledger
-    // ---------------------------------------------------------------------------
-    describe("InvoiceProcessing", () => {
-        it("does NOT credit the ledger", async () => {
-            const result = await handleCryptoWebhook(deps, makePayload({ type: "InvoiceProcessing" }));
-            expect(result.handled).toBe(true);
-            expect(result.tenant).toBe("tenant-a");
-            expect(result.creditedCents).toBeUndefined();
-            expect((await creditLedger.balance("tenant-a")).toCents()).toBe(0);
-        });
-    });
-    describe("InvoiceCreated", () => {
-        it("does NOT credit the ledger", async () => {
-            const result = await handleCryptoWebhook(deps, makePayload({ type: "InvoiceCreated" }));
-            expect(result.handled).toBe(true);
-            expect(result.creditedCents).toBeUndefined();
-            expect((await creditLedger.balance("tenant-a")).toCents()).toBe(0);
-        });
-    });
-    describe("InvoiceExpired", () => {
-        it("does NOT credit the ledger", async () => {
-            const result = await handleCryptoWebhook(deps, makePayload({ type: "InvoiceExpired" }));
-            expect(result.handled).toBe(true);
-            expect(result.creditedCents).toBeUndefined();
-            expect((await creditLedger.balance("tenant-a")).toCents()).toBe(0);
-        });
-    });
-    describe("InvoiceInvalid", () => {
-        it("does NOT credit the ledger", async () => {
-            const result = await handleCryptoWebhook(deps, makePayload({ type: "InvoiceInvalid" }));
-            expect(result.handled).toBe(true);
-            expect(result.creditedCents).toBeUndefined();
-            expect((await creditLedger.balance("tenant-a")).toCents()).toBe(0);
-        });
-    });
-    // ---------------------------------------------------------------------------
-    // Unknown invoice ID
-    // ---------------------------------------------------------------------------
-    describe("unknown invoiceId", () => {
-        it("returns handled:false when charge not found", async () => {
-            const result = await handleCryptoWebhook(deps, makePayload({ invoiceId: "inv-unknown-999" }));
-            expect(result.handled).toBe(false);
-            expect(result.tenant).toBeUndefined();
-        });
-    });
-    // ---------------------------------------------------------------------------
-    // Charge store updates
-    // ---------------------------------------------------------------------------
-    describe("charge store updates", () => {
-        it("updates charge status on every webhook call", async () => {
-            await handleCryptoWebhook(deps, makePayload({ type: "InvoiceProcessing" }));
-            const charge = await chargeStore.getByReferenceId("inv-test-001");
-            expect(charge?.status).toBe("Processing");
-        });
-    });
-    // ---------------------------------------------------------------------------
-    // Multiple tenants
-    // ---------------------------------------------------------------------------
-    describe("different invoices", () => {
-        it("processes multiple invoices independently", async () => {
-            await chargeStore.create("inv-b-001", "tenant-b", 5000);
-            await chargeStore.create("inv-c-001", "tenant-c", 1500);
-            await handleCryptoWebhook(deps, makePayload({ invoiceId: "inv-b-001", type: "InvoiceSettled" }));
-            await handleCryptoWebhook(deps, makePayload({ invoiceId: "inv-c-001", type: "InvoiceSettled" }));
-            expect((await creditLedger.balance("tenant-b")).toCents()).toBe(5000);
-            expect((await creditLedger.balance("tenant-c")).toCents()).toBe(1500);
-        });
-    });
-    // ---------------------------------------------------------------------------
-    // Replay guard
-    // ---------------------------------------------------------------------------
-    describe("replay guard", () => {
-        it("blocks duplicate invoiceId + event type combos", async () => {
-            const replayGuard = new DrizzleWebhookSeenRepository(db);
-            const depsWithGuard = { ...deps, replayGuard };
-            const first = await handleCryptoWebhook(depsWithGuard, makePayload({ type: "InvoiceSettled" }));
-            expect(first.handled).toBe(true);
-            expect(first.creditedCents).toBe(2500);
-            expect(first.duplicate).toBeUndefined();
-            const second = await handleCryptoWebhook(depsWithGuard, makePayload({ type: "InvoiceSettled" }));
-            expect(second.handled).toBe(true);
-            expect(second.duplicate).toBe(true);
-            expect(second.creditedCents).toBeUndefined();
-            expect((await creditLedger.balance("tenant-a")).toCents()).toBe(2500);
-        });
-        it("same invoice with different event type is not blocked", async () => {
-            const replayGuard = new DrizzleWebhookSeenRepository(db);
-            const depsWithGuard = { ...deps, replayGuard };
-            await handleCryptoWebhook(depsWithGuard, makePayload({ type: "InvoiceProcessing" }));
-            const result = await handleCryptoWebhook(depsWithGuard, makePayload({ type: "InvoiceSettled" }));
-            expect(result.duplicate).toBeUndefined();
-            expect(result.creditedCents).toBe(2500);
-        });
-    });
-    // ---------------------------------------------------------------------------
-    // Unknown event type
-    // ---------------------------------------------------------------------------
-    describe("unknown event type", () => {
-        it("throws on unrecognized BTCPay event type", async () => {
-            await expect(handleCryptoWebhook(deps, makePayload({ type: "SomeUnknownEvent" }))).rejects.toThrow("Unknown BTCPay event type: SomeUnknownEvent");
-        });
-    });
-    // ---------------------------------------------------------------------------
-    // Resource reactivation
-    // ---------------------------------------------------------------------------
-    describe("resource reactivation via onCreditsPurchased", () => {
-        it("calls onCreditsPurchased on Settled and includes reactivatedBots", async () => {
-            const mockOnCreditsPurchased = vi.fn().mockResolvedValue(["bot-1", "bot-2"]);
-            const depsWithCallback = {
-                ...deps,
-                onCreditsPurchased: mockOnCreditsPurchased,
-            };
-            const result = await handleCryptoWebhook(depsWithCallback, makePayload({ type: "InvoiceSettled" }));
-            expect(mockOnCreditsPurchased).toHaveBeenCalledWith("tenant-a", creditLedger);
-            expect(result.reactivatedBots).toEqual(["bot-1", "bot-2"]);
-        });
-        it("does not include reactivatedBots when no resources reactivated", async () => {
-            const mockOnCreditsPurchased = vi.fn().mockResolvedValue([]);
-            const depsWithCallback = {
-                ...deps,
-                onCreditsPurchased: mockOnCreditsPurchased,
-            };
-            const result = await handleCryptoWebhook(depsWithCallback, makePayload({ type: "InvoiceSettled" }));
-            expect(result.reactivatedBots).toBeUndefined();
-        });
-    });
-});
-// ---------------------------------------------------------------------------
-// Webhook signature verification
-// ---------------------------------------------------------------------------
-describe("verifyCryptoWebhookSignature", () => {
-    const secret = "test-webhook-secret";
-    const body = '{"type":"InvoiceSettled","invoiceId":"inv-001"}';
-    it("returns true for valid signature", () => {
-        const sig = `sha256=${crypto.createHmac("sha256", secret).update(body).digest("hex")}`;
-        expect(verifyCryptoWebhookSignature(body, sig, secret)).toBe(true);
-    });
-    it("returns false for invalid signature", () => {
-        expect(verifyCryptoWebhookSignature(body, "sha256=badhex", secret)).toBe(false);
-    });
-    it("returns false for wrong secret", () => {
-        const sig = `sha256=${crypto.createHmac("sha256", "wrong-secret").update(body).digest("hex")}`;
-        expect(verifyCryptoWebhookSignature(body, sig, secret)).toBe(false);
-    });
-    it("returns false for tampered body", () => {
-        const sig = `sha256=${crypto.createHmac("sha256", secret).update(body).digest("hex")}`;
-        expect(verifyCryptoWebhookSignature(`${body}tampered`, sig, secret)).toBe(false);
-    });
-});
-// ---------------------------------------------------------------------------
-// Replay guard unit tests
-// ---------------------------------------------------------------------------
-// ---------------------------------------------------------------------------
-// mapBtcPayEventToStatus
-// ---------------------------------------------------------------------------
-describe("mapBtcPayEventToStatus", () => {
-    it("maps known event types to CryptoPaymentState", () => {
-        expect(mapBtcPayEventToStatus("InvoiceCreated")).toBe("New");
-        expect(mapBtcPayEventToStatus("InvoiceReceivedPayment")).toBe("Processing");
-        expect(mapBtcPayEventToStatus("InvoiceProcessing")).toBe("Processing");
-        expect(mapBtcPayEventToStatus("InvoiceSettled")).toBe("Settled");
-        expect(mapBtcPayEventToStatus("InvoicePaymentSettled")).toBe("Settled");
-        expect(mapBtcPayEventToStatus("InvoiceExpired")).toBe("Expired");
-        expect(mapBtcPayEventToStatus("InvoiceInvalid")).toBe("Invalid");
-    });
-    it("throws on unknown event type", () => {
-        expect(() => mapBtcPayEventToStatus("SomethingElse")).toThrow("Unknown BTCPay event type: SomethingElse");
-    });
-});
-describe("DrizzleWebhookSeenRepository (crypto replay guard)", () => {
-    beforeEach(async () => {
-        await truncateAllTables(pool);
-    });
-    it("reports unseen keys as not duplicate", async () => {
-        const guard = new DrizzleWebhookSeenRepository(db);
-        expect(await guard.isDuplicate("inv-001:InvoiceSettled", "crypto")).toBe(false);
-    });
-    it("reports seen keys as duplicate", async () => {
-        const guard = new DrizzleWebhookSeenRepository(db);
-        await guard.markSeen("inv-001:InvoiceSettled", "crypto");
-        expect(await guard.isDuplicate("inv-001:InvoiceSettled", "crypto")).toBe(true);
-    });
-});

package/src/billing/crypto/checkout.test.ts

@@ -1,93 +0,0 @@
-import type { PGlite } from "@electric-sql/pglite";
-import { afterAll, beforeAll, beforeEach, describe, expect, it, vi } from "vitest";
-import type { PlatformDb } from "../../db/index.js";
-import { beginTestTransaction, createTestDb, endTestTransaction, rollbackTestTransaction } from "../../test/db.js";
-import { CryptoChargeRepository } from "./charge-store.js";
-import { createCryptoCheckout, MIN_PAYMENT_USD } from "./checkout.js";
-import type { BTCPayClient } from "./client.js";
-
-function createMockClient(overrides: { createInvoice?: ReturnType<typeof vi.fn> } = {}): BTCPayClient {
-  return {
-    createInvoice:
-      overrides.createInvoice ??
-      vi.fn().mockResolvedValue({
-        id: "inv-mock-001",
-        checkoutLink: "https://btcpay.example.com/i/inv-mock-001",
-      }),
-  } as unknown as BTCPayClient;
-}
-
-describe("createCryptoCheckout", () => {
-  let pool: PGlite;
-  let db: PlatformDb;
-  let chargeStore: CryptoChargeRepository;
-  let client: BTCPayClient;
-
-  beforeAll(async () => {
-    ({ db, pool } = await createTestDb());
-    await beginTestTransaction(pool);
-  });
-
-  afterAll(async () => {
-    await endTestTransaction(pool);
-    await pool.close();
-  });
-
-  beforeEach(async () => {
-    await rollbackTestTransaction(pool);
-    chargeStore = new CryptoChargeRepository(db);
-    client = createMockClient();
-  });
-
-  it("rejects amounts below $10 minimum", async () => {
-    await expect(createCryptoCheckout(client, chargeStore, { tenant: "t-1", amountUsd: 5 })).rejects.toThrow(
-      `Minimum payment amount is $${MIN_PAYMENT_USD}`,
-    );
-  });
-
-  it("rejects amounts of exactly $0", async () => {
-    await expect(createCryptoCheckout(client, chargeStore, { tenant: "t-1", amountUsd: 0 })).rejects.toThrow();
-  });
-
-  it("calls client.createInvoice with correct params", async () => {
-    const createInvoice = vi.fn().mockResolvedValue({
-      id: "inv-abc",
-      checkoutLink: "https://btcpay.example.com/i/inv-abc",
-    });
-    const mockClient = createMockClient({ createInvoice });
-
-    await createCryptoCheckout(mockClient, chargeStore, { tenant: "t-test", amountUsd: 25 });
-
-    expect(createInvoice).toHaveBeenCalledOnce();
-    const args = createInvoice.mock.calls[0][0];
-    expect(args.amountUsd).toBe(25);
-    expect(args.buyerEmail).toContain("t-test@");
-  });
-
-  it("stores the charge with correct amountUsdCents (converts from USD)", async () => {
-    const createInvoice = vi.fn().mockResolvedValue({
-      id: "inv-store-test",
-      checkoutLink: "https://btcpay.example.com/i/inv-store-test",
-    });
-    const mockClient = createMockClient({ createInvoice });
-
-    await createCryptoCheckout(mockClient, chargeStore, { tenant: "t-2", amountUsd: 25 });
-
-    const charge = await chargeStore.getByReferenceId("inv-store-test");
-    expect(charge).not.toBeNull();
-    expect(charge?.tenantId).toBe("t-2");
-    expect(charge?.amountUsdCents).toBe(2500); // $25.00 = 2500 cents
-    expect(charge?.status).toBe("New");
-  });
-
-  it("returns referenceId and url", async () => {
-    const result = await createCryptoCheckout(client, chargeStore, { tenant: "t-3", amountUsd: 10 });
-
-    expect(result.referenceId).toBe("inv-mock-001");
-    expect(result.url).toBe("https://btcpay.example.com/i/inv-mock-001");
-  });
-
-  it("accepts exactly $10 (minimum boundary)", async () => {
-    await expect(createCryptoCheckout(client, chargeStore, { tenant: "t-4", amountUsd: 10 })).resolves.not.toBeNull();
-  });
-});

package/src/billing/crypto/checkout.ts

@@ -1,48 +0,0 @@
-import crypto from "node:crypto";
-import { Credit } from "../../credits/credit.js";
-import type { ICryptoChargeRepository } from "./charge-store.js";
-import type { BTCPayClient } from "./client.js";
-import type { CryptoCheckoutOpts } from "./types.js";
-
-/** Minimum payment amount in USD. */
-export const MIN_PAYMENT_USD = 10;
-
-/**
- * Create a BTCPay invoice and store the charge record.
- *
- * Returns the BTCPay-hosted checkout page URL and invoice ID.
- * The user is redirected to checkoutLink to complete the crypto payment.
- *
- * NOTE: amountUsd is converted to cents (integer) for the charge store.
- * The charge store holds USD cents, NOT nanodollars.
- */
-export async function createCryptoCheckout(
-  client: BTCPayClient,
-  chargeStore: ICryptoChargeRepository,
-  opts: CryptoCheckoutOpts,
-): Promise<{ referenceId: string; url: string }> {
-  if (opts.amountUsd < MIN_PAYMENT_USD) {
-    throw new Error(`Minimum payment amount is $${MIN_PAYMENT_USD}`);
-  }
-
-  const orderId = `crypto:${opts.tenant}:${crypto.randomUUID()}`;
-
-  const invoice = await client.createInvoice({
-    amountUsd: opts.amountUsd,
-    orderId,
-    buyerEmail: `${opts.tenant}@${process.env.PLATFORM_DOMAIN ?? "wopr.bot"}`,
-  });
-
-  // Store the charge record for webhook correlation.
-  // amountUsdCents = USD * 100 (cents, NOT nanodollars).
-  // Credit.fromDollars() handles the float → integer boundary safely via Math.round
-  // on the nanodollar scale, then toCentsRounded() converts back to integer cents.
-  // This avoids direct floating-point multiplication for the cents conversion.
-  const amountUsdCents = Credit.fromDollars(opts.amountUsd).toCentsRounded();
-  await chargeStore.create(invoice.id, opts.tenant, amountUsdCents);
-
-  return {
-    referenceId: invoice.id,
-    url: invoice.checkoutLink,
-  };
-}