@x402r/evm 0.0.1

package/dist/shared/nonce.d.ts

@@ -0,0 +1,41 @@
+/**
+ * Nonce computation and ERC-3009 signing utilities
+ * Adapted from @agentokratia/x402-escrow (MIT)
+ */
+import { type WalletClient } from "viem";
+import type { EscrowExtra, EscrowPayload } from "./types.js";
+/**
+ * Compute escrow nonce for ERC-3009 authorization
+ * Must match AuthCaptureEscrow.getHash() with payer=address(0)
+ */
+export declare function computeEscrowNonce(chainId: number, escrowAddress: `0x${string}`, paymentInfo: EscrowPayload["paymentInfo"]): `0x${string}`;
+/**
+ * Sign ERC-3009 ReceiveWithAuthorization
+ * Note: receiveWithAuthorization uses a different primary type than transferWithAuthorization
+ */
+export declare function signERC3009(wallet: WalletClient, authorization: EscrowPayload["authorization"], extra: EscrowExtra, tokenAddress: `0x${string}`): Promise<`0x${string}`>;
+/**
+ * Verify ERC-3009 signature (facilitator-side)
+ * @param signer - The signer with verifyTypedData method
+ * @param authorization - ERC-3009 authorization data
+ * @param signature - The signature to verify
+ * @param extra - Extra configuration including chainId
+ * @param tokenAddress - The token contract address (verifyingContract for EIP-712)
+ */
+export declare function verifyERC3009Signature(signer: {
+    verifyTypedData: (args: {
+        address: `0x${string}`;
+        domain: Record<string, unknown>;
+        types: Record<string, unknown>;
+        primaryType: string;
+        message: Record<string, unknown>;
+        signature: `0x${string}`;
+    }) => Promise<boolean>;
+}, authorization: EscrowPayload["authorization"], signature: `0x${string}`, extra: EscrowExtra & {
+    chainId: number;
+}, tokenAddress: `0x${string}`): Promise<boolean>;
+/**
+ * Generate random salt for paymentInfo
+ */
+export declare function generateSalt(): `0x${string}`;
+//# sourceMappingURL=nonce.d.ts.map

package/dist/shared/nonce.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"nonce.d.ts","sourceRoot":"","sources":["../../src/shared/nonce.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAkC,KAAK,YAAY,EAAE,MAAM,MAAM,CAAC;AAEzE,OAAO,KAAK,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAW7D;;;GAGG;AACH,wBAAgB,kBAAkB,CAChC,OAAO,EAAE,MAAM,EACf,aAAa,EAAE,KAAK,MAAM,EAAE,EAC5B,WAAW,EAAE,aAAa,CAAC,aAAa,CAAC,GACxC,KAAK,MAAM,EAAE,CA+Cf;AAED;;;GAGG;AACH,wBAAsB,WAAW,CAC/B,MAAM,EAAE,YAAY,EACpB,aAAa,EAAE,aAAa,CAAC,eAAe,CAAC,EAC7C,KAAK,EAAE,WAAW,EAClB,YAAY,EAAE,KAAK,MAAM,EAAE,GAC1B,OAAO,CAAC,KAAK,MAAM,EAAE,CAAC,CAsCxB;AAED;;;;;;;GAOG;AACH,wBAAsB,sBAAsB,CAC1C,MAAM,EAAE;IACN,eAAe,EAAE,CAAC,IAAI,EAAE;QACtB,OAAO,EAAE,KAAK,MAAM,EAAE,CAAC;QACvB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAChC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAC/B,WAAW,EAAE,MAAM,CAAC;QACpB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACjC,SAAS,EAAE,KAAK,MAAM,EAAE,CAAC;KAC1B,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;CACxB,EACD,aAAa,EAAE,aAAa,CAAC,eAAe,CAAC,EAC7C,SAAS,EAAE,KAAK,MAAM,EAAE,EACxB,KAAK,EAAE,WAAW,GAAG;IAAE,OAAO,EAAE,MAAM,CAAA;CAAE,EACxC,YAAY,EAAE,KAAK,MAAM,EAAE,GAC1B,OAAO,CAAC,OAAO,CAAC,CA2ClB;AAED;;GAEG;AACH,wBAAgB,YAAY,IAAI,KAAK,MAAM,EAAE,CAM5C"}

package/dist/shared/nonce.js

@@ -0,0 +1,155 @@
+/**
+ * Nonce computation and ERC-3009 signing utilities
+ * Adapted from @agentokratia/x402-escrow (MIT)
+ */
+import { encodeAbiParameters, keccak256 } from "viem";
+import { ZERO_ADDRESS } from "./constants.js";
+/**
+ * PaymentInfo typehash - must match AuthCaptureEscrow.PAYMENT_INFO_TYPEHASH
+ */
+const PAYMENT_INFO_TYPEHASH = keccak256(new TextEncoder().encode("PaymentInfo(address operator,address payer,address receiver,address token,uint120 maxAmount,uint48 preApprovalExpiry,uint48 authorizationExpiry,uint48 refundExpiry,uint16 minFeeBps,uint16 maxFeeBps,address feeReceiver,uint256 salt)"));
+/**
+ * Compute escrow nonce for ERC-3009 authorization
+ * Must match AuthCaptureEscrow.getHash() with payer=address(0)
+ */
+export function computeEscrowNonce(chainId, escrowAddress, paymentInfo) {
+    // Step 1: Encode paymentInfo with payer=0 (payer-agnostic)
+    const paymentInfoEncoded = encodeAbiParameters([
+        { name: "typehash", type: "bytes32" },
+        { name: "operator", type: "address" },
+        { name: "payer", type: "address" },
+        { name: "receiver", type: "address" },
+        { name: "token", type: "address" },
+        { name: "maxAmount", type: "uint120" },
+        { name: "preApprovalExpiry", type: "uint48" },
+        { name: "authorizationExpiry", type: "uint48" },
+        { name: "refundExpiry", type: "uint48" },
+        { name: "minFeeBps", type: "uint16" },
+        { name: "maxFeeBps", type: "uint16" },
+        { name: "feeReceiver", type: "address" },
+        { name: "salt", type: "uint256" },
+    ], [
+        PAYMENT_INFO_TYPEHASH,
+        paymentInfo.operator,
+        ZERO_ADDRESS, // payer-agnostic
+        paymentInfo.receiver,
+        paymentInfo.token,
+        BigInt(paymentInfo.maxAmount),
+        paymentInfo.preApprovalExpiry,
+        paymentInfo.authorizationExpiry,
+        paymentInfo.refundExpiry,
+        paymentInfo.minFeeBps,
+        paymentInfo.maxFeeBps,
+        paymentInfo.feeReceiver,
+        BigInt(paymentInfo.salt),
+    ]);
+    const paymentInfoHash = keccak256(paymentInfoEncoded);
+    // Step 2: Encode (chainId, escrow, paymentInfoHash) and hash
+    const outerEncoded = encodeAbiParameters([
+        { name: "chainId", type: "uint256" },
+        { name: "escrow", type: "address" },
+        { name: "paymentInfoHash", type: "bytes32" },
+    ], [BigInt(chainId), escrowAddress, paymentInfoHash]);
+    return keccak256(outerEncoded);
+}
+/**
+ * Sign ERC-3009 ReceiveWithAuthorization
+ * Note: receiveWithAuthorization uses a different primary type than transferWithAuthorization
+ */
+export async function signERC3009(wallet, authorization, extra, tokenAddress) {
+    // EIP-712 domain - name must match the token's EIP-712 domain
+    // (e.g., "USDC" for Base USDC, not "USD Coin")
+    const domain = {
+        name: extra.name,
+        version: extra.version ?? "2",
+        chainId: await wallet.getChainId(),
+        verifyingContract: tokenAddress,
+    };
+    // ERC-3009 uses ReceiveWithAuthorization for receiveWithAuthorization()
+    const types = {
+        ReceiveWithAuthorization: [
+            { name: "from", type: "address" },
+            { name: "to", type: "address" },
+            { name: "value", type: "uint256" },
+            { name: "validAfter", type: "uint256" },
+            { name: "validBefore", type: "uint256" },
+            { name: "nonce", type: "bytes32" },
+        ],
+    };
+    const message = {
+        from: authorization.from,
+        to: authorization.to,
+        value: BigInt(authorization.value),
+        validAfter: BigInt(authorization.validAfter),
+        validBefore: BigInt(authorization.validBefore),
+        nonce: authorization.nonce,
+    };
+    return wallet.signTypedData({
+        account: wallet.account,
+        domain,
+        types,
+        primaryType: "ReceiveWithAuthorization",
+        message,
+    });
+}
+/**
+ * Verify ERC-3009 signature (facilitator-side)
+ * @param signer - The signer with verifyTypedData method
+ * @param authorization - ERC-3009 authorization data
+ * @param signature - The signature to verify
+ * @param extra - Extra configuration including chainId
+ * @param tokenAddress - The token contract address (verifyingContract for EIP-712)
+ */
+export async function verifyERC3009Signature(signer, authorization, signature, extra, tokenAddress) {
+    // EIP-712 domain - name must match the token's EIP-712 domain
+    // (e.g., "USDC" for Base USDC, not "USD Coin")
+    const domain = {
+        name: extra.name,
+        version: extra.version ?? "2",
+        chainId: extra.chainId,
+        verifyingContract: tokenAddress,
+    };
+    // Must use ReceiveWithAuthorization to match what was signed
+    const types = {
+        ReceiveWithAuthorization: [
+            { name: "from", type: "address" },
+            { name: "to", type: "address" },
+            { name: "value", type: "uint256" },
+            { name: "validAfter", type: "uint256" },
+            { name: "validBefore", type: "uint256" },
+            { name: "nonce", type: "bytes32" },
+        ],
+    };
+    const message = {
+        from: authorization.from,
+        to: authorization.to,
+        value: BigInt(authorization.value),
+        validAfter: BigInt(authorization.validAfter),
+        validBefore: BigInt(authorization.validBefore),
+        nonce: authorization.nonce,
+    };
+    try {
+        return await signer.verifyTypedData({
+            address: authorization.from,
+            domain,
+            types,
+            primaryType: "ReceiveWithAuthorization",
+            message,
+            signature,
+        });
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Generate random salt for paymentInfo
+ */
+export function generateSalt() {
+    const bytes = new Uint8Array(32);
+    crypto.getRandomValues(bytes);
+    return `0x${Array.from(bytes)
+        .map((b) => b.toString(16).padStart(2, "0"))
+        .join("")}`;
+}
+//# sourceMappingURL=nonce.js.map

package/dist/shared/nonce.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"nonce.js","sourceRoot":"","sources":["../../src/shared/nonce.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,mBAAmB,EAAE,SAAS,EAAqB,MAAM,MAAM,CAAC;AACzE,OAAO,EAAE,YAAY,EAA2B,MAAM,gBAAgB,CAAC;AAGvE;;GAEG;AACH,MAAM,qBAAqB,GAAG,SAAS,CACrC,IAAI,WAAW,EAAE,CAAC,MAAM,CACtB,yOAAyO,CAC1O,CACF,CAAC;AAEF;;;GAGG;AACH,MAAM,UAAU,kBAAkB,CAChC,OAAe,EACf,aAA4B,EAC5B,WAAyC;IAEzC,2DAA2D;IAC3D,MAAM,kBAAkB,GAAG,mBAAmB,CAC5C;QACE,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,SAAS,EAAE;QACrC,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,SAAS,EAAE;QACrC,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE;QAClC,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,SAAS,EAAE;QACrC,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE;QAClC,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,SAAS,EAAE;QACtC,EAAE,IAAI,EAAE,mBAAmB,EAAE,IAAI,EAAE,QAAQ,EAAE;QAC7C,EAAE,IAAI,EAAE,qBAAqB,EAAE,IAAI,EAAE,QAAQ,EAAE;QAC/C,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,QAAQ,EAAE;QACxC,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,QAAQ,EAAE;QACrC,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,QAAQ,EAAE;QACrC,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,SAAS,EAAE;QACxC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE;KAClC,EACD;QACE,qBAAqB;QACrB,WAAW,CAAC,QAAQ;QACpB,YAAY,EAAE,iBAAiB;QAC/B,WAAW,CAAC,QAAQ;QACpB,WAAW,CAAC,KAAK;QACjB,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC;QAC7B,WAAW,CAAC,iBAAiB;QAC7B,WAAW,CAAC,mBAAmB;QAC/B,WAAW,CAAC,YAAY;QACxB,WAAW,CAAC,SAAS;QACrB,WAAW,CAAC,SAAS;QACrB,WAAW,CAAC,WAAW;QACvB,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC;KACzB,CACF,CAAC;IACF,MAAM,eAAe,GAAG,SAAS,CAAC,kBAAkB,CAAC,CAAC;IAEtD,6DAA6D;IAC7D,MAAM,YAAY,GAAG,mBAAmB,CACtC;QACE,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE;QACpC,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE;QACnC,EAAE,IAAI,EAAE,iBAAiB,EAAE,IAAI,EAAE,SAAS,EAAE;KAC7C,EACD,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,aAAa,EAAE,eAAe,CAAC,CAClD,CAAC;IAEF,OAAO,SAAS,CAAC,YAAY,CAAC,CAAC;AACjC,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,MAAoB,EACpB,aAA6C,EAC7C,KAAkB,EAClB,YAA2B;IAE3B,8DAA8D;IAC9D,+CAA+C;IAC/C,MAAM,MAAM,GAAG;QACb,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,OAAO,EAAE,KAAK,CAAC,OAAO,IAAI,GAAG;QAC7B,OAAO,EAAE,MAAM,MAAM,CAAC,UAAU,EAAE;QAClC,iBAAiB,EAAE,YAAY;KAChC,CAAC;IAEF,wEAAwE;IACxE,MAAM,KAAK,GAAG;QACZ,wBAAwB,EAAE;YACxB,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE;YACjC,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE;YAC/B,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE;YAClC,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,SAAS,EAAE;YACvC,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,SAAS,EAAE;YACxC,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE;SACnC;KACF,CAAC;IAEF,MAAM,OAAO,GAAG;QACd,IAAI,EAAE,aAAa,CAAC,IAAI;QACxB,EAAE,EAAE,aAAa,CAAC,EAAE;QACpB,KAAK,EAAE,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC;QAClC,UAAU,EAAE,MAAM,CAAC,aAAa,CAAC,UAAU,CAAC;QAC5C,WAAW,EAAE,MAAM,CAAC,aAAa,CAAC,WAAW,CAAC;QAC9C,KAAK,EAAE,aAAa,CAAC,KAAK;KAC3B,CAAC;IAEF,OAAO,MAAM,CAAC,aAAa,CAAC;QAC1B,OAAO,EAAE,MAAM,CAAC,OAAQ;QACxB,MAAM;QACN,KAAK;QACL,WAAW,EAAE,0BAA0B;QACvC,OAAO;KACR,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,MASC,EACD,aAA6C,EAC7C,SAAwB,EACxB,KAAwC,EACxC,YAA2B;IAE3B,8DAA8D;IAC9D,+CAA+C;IAC/C,MAAM,MAAM,GAAG;QACb,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,OAAO,EAAE,KAAK,CAAC,OAAO,IAAI,GAAG;QAC7B,OAAO,EAAE,KAAK,CAAC,OAAO;QACtB,iBAAiB,EAAE,YAAY;KAChC,CAAC;IAEF,6DAA6D;IAC7D,MAAM,KAAK,GAAG;QACZ,wBAAwB,EAAE;YACxB,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE;YACjC,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE;YAC/B,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE;YAClC,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,SAAS,EAAE;YACvC,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,SAAS,EAAE;YACxC,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE;SACnC;KACF,CAAC;IAEF,MAAM,OAAO,GAAG;QACd,IAAI,EAAE,aAAa,CAAC,IAAI;QACxB,EAAE,EAAE,aAAa,CAAC,EAAE;QACpB,KAAK,EAAE,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC;QAClC,UAAU,EAAE,MAAM,CAAC,aAAa,CAAC,UAAU,CAAC;QAC5C,WAAW,EAAE,MAAM,CAAC,aAAa,CAAC,WAAW,CAAC;QAC9C,KAAK,EAAE,aAAa,CAAC,KAAK;KAC3B,CAAC;IAEF,IAAI,CAAC;QACH,OAAO,MAAM,MAAM,CAAC,eAAe,CAAC;YAClC,OAAO,EAAE,aAAa,CAAC,IAAI;YAC3B,MAAM;YACN,KAAK;YACL,WAAW,EAAE,0BAA0B;YACvC,OAAO;YACP,SAAS;SACV,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY;IAC1B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACjC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IAC9B,OAAO,KAAK,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;SAC1B,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SAC3C,IAAI,CAAC,EAAE,CAAC,EAAmB,CAAC;AACjC,CAAC"}

package/dist/shared/types.d.ts

@@ -0,0 +1,41 @@
+export interface EscrowExtra {
+    escrowAddress: `0x${string}`;
+    operatorAddress: `0x${string}`;
+    tokenCollector: `0x${string}`;
+    authorizeAddress?: `0x${string}`;
+    minDeposit?: string;
+    maxDeposit?: string;
+    preApprovalExpirySeconds?: number;
+    authorizationExpirySeconds?: number;
+    refundExpirySeconds?: number;
+    minFeeBps?: number;
+    maxFeeBps?: number;
+    feeReceiver?: `0x${string}`;
+    name: string;
+    version?: string;
+}
+export interface EscrowPayload {
+    authorization: {
+        from: `0x${string}`;
+        to: `0x${string}`;
+        value: string;
+        validAfter: string;
+        validBefore: string;
+        nonce: `0x${string}`;
+    };
+    signature: `0x${string}`;
+    paymentInfo: {
+        operator: `0x${string}`;
+        receiver: `0x${string}`;
+        token: `0x${string}`;
+        maxAmount: string;
+        preApprovalExpiry: number;
+        authorizationExpiry: number;
+        refundExpiry: number;
+        minFeeBps: number;
+        maxFeeBps: number;
+        feeReceiver: `0x${string}`;
+        salt: `0x${string}`;
+    };
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/shared/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/shared/types.ts"],"names":[],"mappings":"AACA,MAAM,WAAW,WAAW;IAC1B,aAAa,EAAE,KAAK,MAAM,EAAE,CAAC;IAC7B,eAAe,EAAE,KAAK,MAAM,EAAE,CAAC;IAC/B,cAAc,EAAE,KAAK,MAAM,EAAE,CAAC;IAC9B,gBAAgB,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;IACjC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,wBAAwB,CAAC,EAAE,MAAM,CAAC;IAClC,0BAA0B,CAAC,EAAE,MAAM,CAAC;IACpC,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAGD,MAAM,WAAW,aAAa;IAC5B,aAAa,EAAE;QACb,IAAI,EAAE,KAAK,MAAM,EAAE,CAAC;QACpB,EAAE,EAAE,KAAK,MAAM,EAAE,CAAC;QAClB,KAAK,EAAE,MAAM,CAAC;QACd,UAAU,EAAE,MAAM,CAAC;QACnB,WAAW,EAAE,MAAM,CAAC;QACpB,KAAK,EAAE,KAAK,MAAM,EAAE,CAAC;KACtB,CAAC;IACF,SAAS,EAAE,KAAK,MAAM,EAAE,CAAC;IACzB,WAAW,EAAE;QACX,QAAQ,EAAE,KAAK,MAAM,EAAE,CAAC;QACxB,QAAQ,EAAE,KAAK,MAAM,EAAE,CAAC;QACxB,KAAK,EAAE,KAAK,MAAM,EAAE,CAAC;QACrB,SAAS,EAAE,MAAM,CAAC;QAClB,iBAAiB,EAAE,MAAM,CAAC;QAC1B,mBAAmB,EAAE,MAAM,CAAC;QAC5B,YAAY,EAAE,MAAM,CAAC;QACrB,SAAS,EAAE,MAAM,CAAC;QAClB,SAAS,EAAE,MAAM,CAAC;QAClB,WAAW,EAAE,KAAK,MAAM,EAAE,CAAC;QAC3B,IAAI,EAAE,KAAK,MAAM,EAAE,CAAC;KACrB,CAAC;CACH"}

package/dist/shared/types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=types.js.map

package/dist/shared/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/shared/types.ts"],"names":[],"mappings":""}

package/package.json

@@ -0,0 +1,58 @@
+{
+  "name": "@x402r/evm",
+  "version": "0.0.1",
+  "type": "module",
+  "description": "Escrow payment scheme for x402 using Base Commerce Payments",
+  "license": "MIT",
+  "author": "x402r",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/BackTrackCo/x402r-scheme.git",
+    "directory": "packages/evm"
+  },
+  "exports": {
+    "./escrow/client": {
+      "types": "./dist/escrow/client/index.d.ts",
+      "import": "./dist/escrow/client/index.js"
+    },
+    "./escrow/server": {
+      "types": "./dist/escrow/server/index.d.ts",
+      "import": "./dist/escrow/server/index.js"
+    },
+    "./escrow/facilitator": {
+      "types": "./dist/escrow/facilitator/index.d.ts",
+      "import": "./dist/escrow/facilitator/index.js"
+    },
+    "./escrow/types": {
+      "types": "./dist/shared/types.d.ts",
+      "import": "./dist/shared/types.js"
+    }
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "files": [
+    "dist",
+    "src",
+    "README.md"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "clean": "rm -rf dist",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "typecheck": "tsc --noEmit",
+    "lint": "eslint src --ext .ts",
+    "format": "prettier --write \"src/**/*.ts\""
+  },
+  "peerDependencies": {
+    "@x402/core": "^2.0.0",
+    "@x402/evm": "^2.0.0",
+    "viem": "^2.0.0"
+  },
+  "devDependencies": {
+    "@types/node": "^22.0.0",
+    "typescript": "^5.7.0",
+    "vitest": "^4.0.18"
+  }
+}

package/src/escrow/client/index.ts

@@ -0,0 +1,88 @@
+/**
+ * Escrow Scheme - Client
+ * Creates payment payloads for escrow payments
+ */
+
+import type { WalletClient } from "viem";
+import {
+  computeEscrowNonce,
+  signERC3009,
+  generateSalt,
+} from "../../shared/nonce.js";
+import { MAX_UINT48 } from "../../shared/constants.js";
+import type { EscrowExtra, EscrowPayload } from "../../shared/types.js";
+
+export interface PaymentRequirements {
+  scheme: string;
+  network: string;
+  amount: string;
+  asset: `0x${string}`;
+  payTo: `0x${string}`;
+  extra: EscrowExtra;
+}
+
+/**
+ * Create an escrow payment payload from payment requirements
+ */
+export async function createPaymentPayload(
+  requirements: PaymentRequirements,
+  wallet: WalletClient,
+): Promise<EscrowPayload> {
+  const {
+    escrowAddress,
+    operatorAddress,
+    tokenCollector,
+    minFeeBps = 0,
+    maxFeeBps = 0,
+    feeReceiver,
+    preApprovalExpirySeconds,
+    refundExpirySeconds,
+    authorizationExpirySeconds,
+  } = requirements.extra;
+
+  const chainId = await wallet.getChainId();
+  const maxAmount = requirements.amount;
+
+  const paymentInfo = {
+    operator: operatorAddress,
+    receiver: requirements.payTo,
+    token: requirements.asset,
+    maxAmount,
+    preApprovalExpiry: preApprovalExpirySeconds ?? MAX_UINT48,
+    authorizationExpiry: authorizationExpirySeconds ?? MAX_UINT48,
+    refundExpiry: refundExpirySeconds ?? MAX_UINT48,
+    minFeeBps,
+    maxFeeBps,
+    feeReceiver: feeReceiver ?? operatorAddress,
+    salt: generateSalt(),
+  };
+
+  const nonce = computeEscrowNonce(chainId, escrowAddress, paymentInfo);
+
+  // ERC-3009 authorization - validBefore MUST match what contract passes to receiveWithAuthorization
+  // The contract uses paymentInfo.preApprovalExpiry as validBefore
+  const authorization = {
+    from: wallet.account!.address,
+    to: tokenCollector,
+    value: maxAmount,
+    validAfter: "0",
+    validBefore: String(paymentInfo.preApprovalExpiry),
+    nonce,
+  };
+
+  const signature = await signERC3009(
+    wallet,
+    authorization,
+    requirements.extra,
+    requirements.asset,
+  );
+
+  return { authorization, signature, paymentInfo };
+}
+
+export const EscrowScheme = {
+  scheme: "escrow" as const,
+  createPaymentPayload,
+};
+
+export type { EscrowExtra, EscrowPayload } from "../../shared/types.js";

package/src/escrow/facilitator/index.ts

@@ -0,0 +1,204 @@
+/**
+ * Escrow Scheme - Facilitator
+ * Handles verification and settlement of escrow payments.
+ *
+ * Implements x402's SchemeNetworkFacilitator interface so the escrow scheme
+ * is a drop-in for the x402 facilitator, just like ExactEvmScheme.
+ */
+
+import type {
+  Network,
+  PaymentPayload,
+  PaymentRequirements,
+  SchemeNetworkFacilitator,
+  SettleResponse,
+  VerifyResponse,
+} from "@x402/core/types";
+import type { FacilitatorEvmSigner } from "@x402/evm";
+import { x402Facilitator } from "@x402/core/facilitator";
+import { OPERATOR_ABI } from "../../shared/constants.js";
+import { verifyERC3009Signature } from "../../shared/nonce.js";
+import type { EscrowExtra, EscrowPayload } from "../../shared/types.js";
+
+/**
+ * Parse chainId from CAIP-2 network identifier
+ * @param network - CAIP-2 network identifier (e.g., 'eip155:84532')
+ * @returns The chain ID as a number
+ */
+function parseChainId(network: string): number {
+  const parts = network.split(":");
+  if (parts.length !== 2 || parts[0] !== "eip155") {
+    throw new Error(
+      `Invalid network format: ${network}. Expected 'eip155:<chainId>'`,
+    );
+  }
+  const chainId = parseInt(parts[1], 10);
+  if (isNaN(chainId)) {
+    throw new Error(`Invalid chainId in network: ${network}`);
+  }
+  return chainId;
+}
+
+/**
+ * Escrow Facilitator Scheme - implements x402's SchemeNetworkFacilitator
+ *
+ * The facilitator is operator-agnostic: it does not store operator/escrow/tokenCollector
+ * config. Those values are set by the merchant via `refundable()` and arrive in
+ * `requirements.extra` at verify/settle time.
+ */
+export class EscrowFacilitatorScheme implements SchemeNetworkFacilitator {
+  readonly scheme = "escrow";
+  readonly caipFamily = "eip155:*";
+
+  constructor(private signer: FacilitatorEvmSigner) {}
+
+  getSigners(_network: string): string[] {
+    return [...this.signer.getAddresses()];
+  }
+
+  getExtra(_network: string): Record<string, unknown> {
+    return { name: "USDC", version: "2" };
+  }
+
+  async verify(
+    payload: PaymentPayload,
+    requirements: PaymentRequirements,
+  ): Promise<VerifyResponse> {
+    const escrowPayload = payload.payload as unknown as EscrowPayload;
+    const extra = requirements.extra as unknown as EscrowExtra;
+    const chainId = parseChainId(requirements.network);
+
+    // Verify ERC-3009 signature
+    const isValidSignature = await verifyERC3009Signature(
+      this.signer,
+      escrowPayload.authorization,
+      escrowPayload.signature,
+      { ...extra, chainId },
+      requirements.asset as `0x${string}`,
+    );
+
+    if (!isValidSignature) {
+      return { isValid: false, invalidReason: "Invalid ERC-3009 signature" };
+    }
+
+    // Verify amount meets requirements
+    if (
+      BigInt(escrowPayload.authorization.value) <
+      BigInt(requirements.amount)
+    ) {
+      return { isValid: false, invalidReason: "Insufficient payment amount" };
+    }
+
+    // Verify token matches
+    if (
+      escrowPayload.paymentInfo.token.toLowerCase() !==
+      requirements.asset.toLowerCase()
+    ) {
+      return { isValid: false, invalidReason: "Token mismatch" };
+    }
+
+    // Verify receiver matches
+    if (
+      escrowPayload.paymentInfo.receiver.toLowerCase() !==
+      requirements.payTo.toLowerCase()
+    ) {
+      return { isValid: false, invalidReason: "Receiver mismatch" };
+    }
+
+    return {
+      isValid: true,
+      payer: escrowPayload.authorization.from,
+    };
+  }
+
+  async settle(
+    payload: PaymentPayload,
+    requirements: PaymentRequirements,
+  ): Promise<SettleResponse> {
+    const escrowPayload = payload.payload as unknown as EscrowPayload;
+    const extra = requirements.extra as unknown as EscrowExtra;
+    const { authorizeAddress, operatorAddress, tokenCollector } = extra;
+
+    const paymentInfo = {
+      operator: escrowPayload.paymentInfo.operator,
+      payer: escrowPayload.authorization.from,
+      receiver: escrowPayload.paymentInfo.receiver,
+      token: escrowPayload.paymentInfo.token,
+      maxAmount: BigInt(escrowPayload.paymentInfo.maxAmount),
+      preApprovalExpiry: escrowPayload.paymentInfo.preApprovalExpiry,
+      authorizationExpiry: escrowPayload.paymentInfo.authorizationExpiry,
+      refundExpiry: escrowPayload.paymentInfo.refundExpiry,
+      minFeeBps: escrowPayload.paymentInfo.minFeeBps,
+      maxFeeBps: escrowPayload.paymentInfo.maxFeeBps,
+      feeReceiver: escrowPayload.paymentInfo.feeReceiver,
+      salt: BigInt(escrowPayload.paymentInfo.salt),
+    };
+
+    // Pass raw signature - ERC3009PaymentCollector expects raw bytes, not ABI-encoded
+    const collectorData = escrowPayload.signature;
+
+    const target = authorizeAddress ?? operatorAddress;
+
+    try {
+      const txHash = await this.signer.writeContract({
+        address: target,
+        abi: OPERATOR_ABI,
+        functionName: "authorize",
+        args: [
+          paymentInfo,
+          BigInt(escrowPayload.authorization.value),
+          tokenCollector,
+          collectorData,
+        ],
+      });
+
+      return {
+        success: true,
+        transaction: txHash,
+        network: requirements.network,
+        payer: escrowPayload.authorization.from,
+      };
+    } catch (error) {
+      return {
+        success: false,
+        errorReason:
+          error instanceof Error ? error.message : "Settlement failed",
+        transaction: "",
+        network: requirements.network,
+        payer: escrowPayload.authorization.from,
+      };
+    }
+  }
+}
+
+/**
+ * Register escrow scheme with x402Facilitator
+ *
+ * The facilitator is operator-agnostic — it supports any operator. Operator,
+ * escrow, and tokenCollector addresses are provided per-request by the merchant
+ * via `refundable()` and arrive in `requirements.extra`.
+ *
+ * @example
+ * ```typescript
+ * const facilitator = new x402Facilitator();
+ * registerEscrowScheme(facilitator, {
+ *   signer: evmSigner,
+ *   networks: "eip155:84532",
+ * });
+ * ```
+ */
+export function registerEscrowScheme(
+  facilitator: x402Facilitator,
+  config: {
+    signer: FacilitatorEvmSigner;
+    networks: Network | Network[];
+  },
+): x402Facilitator {
+  facilitator.register(
+    config.networks,
+    new EscrowFacilitatorScheme(config.signer),
+  );
+  return facilitator;
+}
+
+export type { EscrowExtra, EscrowPayload } from "../../shared/types.js";