npm - @zauthx402/sdk - Versions diffs - 0.1.5 → 0.1.7 - Mend

@zauthx402/sdk 0.1.5 → 0.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/dist/{index-CzB2rK59.d.mts → index-C2FGNEe1.d.mts} +8 -2
package/dist/{index-CzB2rK59.d.ts → index-C2FGNEe1.d.ts} +8 -2
package/dist/index.d.mts +2 -2
package/dist/index.d.ts +2 -2
package/dist/index.js +193 -21
package/dist/index.js.map +1 -1
package/dist/index.mjs +193 -21
package/dist/index.mjs.map +1 -1
package/dist/middleware/index.d.mts +1 -1
package/dist/middleware/index.d.ts +1 -1
package/dist/middleware/index.js +193 -21
package/dist/middleware/index.js.map +1 -1
package/dist/middleware/index.mjs +193 -21
package/dist/middleware/index.mjs.map +1 -1
package/package.json +7 -2

package/dist/index.mjs CHANGED Viewed

@@ -58,9 +58,9 @@ var require_constants = __commonJS({
   }
 });
-// ../../node_modules/node-gyp-build/node-gyp-build.js
+// node_modules/node-gyp-build/node-gyp-build.js
 var require_node_gyp_build = __commonJS({
-  "../../node_modules/node-gyp-build/node-gyp-build.js"(exports$1, module) {
+  "node_modules/node-gyp-build/node-gyp-build.js"(exports$1, module) {
     var fs = __require("fs");
     var path = __require("path");
     var os = __require("os");
@@ -227,9 +227,9 @@ var require_node_gyp_build = __commonJS({
   }
 });
-// ../../node_modules/node-gyp-build/index.js
+// node_modules/node-gyp-build/index.js
 var require_node_gyp_build2 = __commonJS({
-  "../../node_modules/node-gyp-build/index.js"(exports$1, module) {
+  "node_modules/node-gyp-build/index.js"(exports$1, module) {
     var runtimeRequire = typeof __webpack_require__ === "function" ? __non_webpack_require__ : __require;
     if (typeof runtimeRequire.addon === "function") {
       module.exports = runtimeRequire.addon.bind(runtimeRequire);
@@ -239,9 +239,9 @@ var require_node_gyp_build2 = __commonJS({
   }
 });
-// ../../node_modules/bufferutil/fallback.js
+// node_modules/bufferutil/fallback.js
 var require_fallback = __commonJS({
-  "../../node_modules/bufferutil/fallback.js"(exports$1, module) {
+  "node_modules/bufferutil/fallback.js"(exports$1, module) {
     var mask = (source, mask2, output, offset, length) => {
       for (var i = 0; i < length; i++) {
         output[offset + i] = source[i] ^ mask2[i & 3];
@@ -257,9 +257,9 @@ var require_fallback = __commonJS({
   }
 });
-// ../../node_modules/bufferutil/index.js
+// node_modules/bufferutil/index.js
 var require_bufferutil = __commonJS({
-  "../../node_modules/bufferutil/index.js"(exports$1, module) {
+  "node_modules/bufferutil/index.js"(exports$1, module) {
     try {
       module.exports = require_node_gyp_build2()(__dirname);
     } catch (e) {
@@ -773,9 +773,9 @@ var require_permessage_deflate = __commonJS({
   }
 });
-// ../../node_modules/utf-8-validate/fallback.js
+// node_modules/utf-8-validate/fallback.js
 var require_fallback2 = __commonJS({
-  "../../node_modules/utf-8-validate/fallback.js"(exports$1, module) {
+  "node_modules/utf-8-validate/fallback.js"(exports$1, module) {
     function isValidUTF8(buf) {
       const len = buf.length;
       let i = 0;
@@ -809,9 +809,9 @@ var require_fallback2 = __commonJS({
   }
 });
-// ../../node_modules/utf-8-validate/index.js
+// node_modules/utf-8-validate/index.js
 var require_utf_8_validate = __commonJS({
-  "../../node_modules/utf-8-validate/index.js"(exports$1, module) {
+  "node_modules/utf-8-validate/index.js"(exports$1, module) {
     try {
       module.exports = require_node_gyp_build2()(__dirname);
     } catch (e) {
@@ -3931,6 +3931,7 @@ var DEFAULT_CONFIG = {
   refund: {
     enabled: false,
     privateKey: process.env.ZAUTH_REFUND_PRIVATE_KEY,
+    solanaPrivateKey: process.env.ZAUTH_SOLANA_PRIVATE_KEY,
     network: "base",
     triggers: {
       serverError: true,
@@ -3961,6 +3962,7 @@ function resolveConfig(config) {
     enabled: config.refund?.enabled ?? DEFAULT_CONFIG.refund.enabled,
     signer: config.refund?.signer,
     privateKey: config.refund?.privateKey ?? DEFAULT_CONFIG.refund.privateKey,
+    solanaPrivateKey: config.refund?.solanaPrivateKey ?? DEFAULT_CONFIG.refund.solanaPrivateKey,
     network: config.refund?.network ?? DEFAULT_CONFIG.refund.network,
     triggers: {
       ...DEFAULT_CONFIG.refund.triggers,
@@ -4591,17 +4593,68 @@ function decodePaymentHeader(paymentHeader) {
       decoded = paymentHeader;
     }
     const parsed = JSON.parse(decoded);
-    const payer = parsed.payload?.authorization?.from || // x402 V2
+    let payer = parsed.payload?.authorization?.from || // x402 V2 EVM
     parsed.payer || parsed.from || parsed.payload?.from || parsed.x?.signature?.address || null;
+    if (!payer && parsed.payload?.transaction) {
+      payer = extractSolanaFeePayer(parsed.payload.transaction);
+    }
     const amount = parsed.payload?.authorization?.value || // x402 V2
     parsed.amount || parsed.payload?.amount || null;
-    const network = parsed.payload?.authorization?.network || // x402 V2
+    let network = parsed.payload?.authorization?.network || // x402 V2 EVM
     parsed.network || parsed.payload?.network || null;
+    if (!network && parsed.payload?.transaction && payer) {
+      network = "solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp";
+    }
     return { payer, amount, network };
   } catch {
     return null;
   }
 }
+function extractSolanaFeePayer(base64Transaction) {
+  try {
+    const txBytes = typeof Buffer !== "undefined" ? Buffer.from(base64Transaction, "base64") : Uint8Array.from(atob(base64Transaction), (c) => c.charCodeAt(0));
+    let offset = 0;
+    const numSignatures = txBytes[offset];
+    offset += 1;
+    offset += numSignatures * 64;
+    const firstByte = txBytes[offset];
+    if ((firstByte & 128) !== 0) {
+      offset += 1;
+    }
+    offset += 3;
+    const numAccounts = txBytes[offset];
+    offset += 1;
+    if (numAccounts > 0 && offset + 32 <= txBytes.length) {
+      const feePayerBytes = txBytes.slice(offset, offset + 32);
+      return base58Encode(feePayerBytes);
+    }
+    return null;
+  } catch {
+    return null;
+  }
+}
+function base58Encode(bytes) {
+  const ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
+  const BASE = 58;
+  let num = BigInt(0);
+  for (const byte of bytes) {
+    num = num * BigInt(256) + BigInt(byte);
+  }
+  let result = "";
+  while (num > 0) {
+    const remainder = Number(num % BigInt(BASE));
+    num = num / BigInt(BASE);
+    result = ALPHABET[remainder] + result;
+  }
+  for (const byte of bytes) {
+    if (byte === 0) {
+      result = "1" + result;
+    } else {
+      break;
+    }
+  }
+  return result || "1";
+}
 function detectX402Version(body) {
   if (!body || typeof body !== "object") {
     return null;
@@ -4963,6 +5016,8 @@ var RefundExecutor = class {
   // YYYY-MM-DD
   lastCapResetMonth = (/* @__PURE__ */ new Date()).toISOString().slice(0, 7);
   // YYYY-MM
+  // Track processed refundIds to prevent double execution within same session
+  processedRefundIds = /* @__PURE__ */ new Set();
   constructor(client, config, debug = false) {
     this.client = client;
     this.config = config;
@@ -5055,6 +5110,11 @@ var RefundExecutor = class {
         case "rejection_ack":
           this.log("Refund rejection acknowledged", { refundId: msg.refundId });
           break;
+        case "executing_ack":
+          if (this.debug) {
+            this.log("Refund executing acknowledged", { refundId: msg.refundId, status: msg.status });
+          }
+          break;
         case "pong":
           break;
         default:
@@ -5069,6 +5129,10 @@ var RefundExecutor = class {
    */
   async processSingleRefund(refund) {
     try {
+      if (this.processedRefundIds.has(refund.id)) {
+        this.log("Refund already processed in this session", { refundId: refund.id });
+        return;
+      }
       const endpointConfig = this.getEndpointConfig(refund.url);
       if (endpointConfig?.enabled === false) {
         this.log("Refunds disabled for endpoint", { url: refund.url });
@@ -5127,8 +5191,13 @@ var RefundExecutor = class {
           return;
         }
       }
+      this.sendMessage({
+        type: "refund_executing",
+        refundId: refund.id
+      });
       const result = await this.executeRefundTx(refund);
       if (result.success) {
+        this.processedRefundIds.add(refund.id);
         this.sendMessage({
           type: "refund_confirmed",
           refundId: refund.id,
@@ -5327,14 +5396,98 @@ var RefundExecutor = class {
     }
   }
   /**
-   * Execute Solana refund
+   * Execute Solana refund using @solana/kit v2 libraries
    */
-  async executeSolanaRefund(_refund, _amountRaw) {
-    return {
-      success: false,
-      error: "Solana refunds not yet implemented",
-      retryable: false
-    };
+  async executeSolanaRefund(refund, amountRaw) {
+    try {
+      const solanaPrivateKey = this.config.solanaPrivateKey;
+      if (!solanaPrivateKey) {
+        return {
+          success: false,
+          error: "No Solana private key configured (set ZAUTH_SOLANA_PRIVATE_KEY)",
+          retryable: false
+        };
+      }
+      const { createKeyPairSignerFromPrivateKeyBytes } = await import('@solana/signers');
+      const {
+        createSolanaRpc,
+        address,
+        pipe,
+        createTransactionMessage,
+        setTransactionMessageFeePayer,
+        setTransactionMessageLifetimeUsingBlockhash,
+        appendTransactionMessageInstructions,
+        signTransactionMessageWithSigners,
+        getBase64EncodedWireTransaction
+      } = await import('@solana/kit');
+      const {
+        findAssociatedTokenPda,
+        getTransferInstruction,
+        TOKEN_PROGRAM_ADDRESS
+      } = await import('@solana-program/token');
+      const bs58 = await import('bs58');
+      const USDC_MINT = address("EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v");
+      const rpcUrl = process.env.SOLANA_RPC_URL || "https://api.mainnet-beta.solana.com";
+      const rpc = createSolanaRpc(rpcUrl);
+      let signer;
+      try {
+        const secretKey = bs58.default.decode(solanaPrivateKey);
+        const privateKeyBytes = secretKey.slice(0, 32);
+        signer = await createKeyPairSignerFromPrivateKeyBytes(privateKeyBytes);
+      } catch {
+        return {
+          success: false,
+          error: "Invalid Solana private key format (expected base58)",
+          retryable: false
+        };
+      }
+      const recipientAddress = address(refund.recipientAddress);
+      const [senderAta] = await findAssociatedTokenPda({
+        mint: USDC_MINT,
+        owner: signer.address,
+        tokenProgram: TOKEN_PROGRAM_ADDRESS
+      });
+      const [recipientAta] = await findAssociatedTokenPda({
+        mint: USDC_MINT,
+        owner: recipientAddress,
+        tokenProgram: TOKEN_PROGRAM_ADDRESS
+      });
+      const transferIx = getTransferInstruction({
+        source: senderAta,
+        destination: recipientAta,
+        authority: signer,
+        amount: BigInt(amountRaw)
+      });
+      const { value: latestBlockhash } = await rpc.getLatestBlockhash().send();
+      const tx = pipe(
+        createTransactionMessage({ version: 0 }),
+        (tx2) => setTransactionMessageFeePayer(signer.address, tx2),
+        (tx2) => setTransactionMessageLifetimeUsingBlockhash(latestBlockhash, tx2),
+        (tx2) => appendTransactionMessageInstructions([transferIx], tx2)
+      );
+      const signedTx = await signTransactionMessageWithSigners(tx);
+      const base64Tx = getBase64EncodedWireTransaction(signedTx);
+      const txSignature = await rpc.sendTransaction(base64Tx, { encoding: "base64" }).send();
+      this.log("Solana refund sent", {
+        txHash: txSignature,
+        to: refund.recipientAddress,
+        amount: amountRaw
+      });
+      return {
+        success: true,
+        txHash: txSignature,
+        amountRaw,
+        gasCostCents: 0
+        // Solana fees are negligible
+      };
+    } catch (error) {
+      this.log("Solana refund failed", { error: error.message });
+      return {
+        success: false,
+        error: error.message,
+        retryable: true
+      };
+    }
   }
   /**
    * Get endpoint-specific config by matching URL patterns
@@ -5374,6 +5527,25 @@ function createZauthMiddleware(options) {
     if (config.debug) {
       console.log("[zauthSDK] Refund executor started");
     }
+    client.updateRefundConfig({
+      enabled: true,
+      maxRefundUsdCents: Math.round((config.refund.maxRefundUsd || 1) * 100),
+      dailyCapCents: config.refund.dailyCapUsd ? Math.round(config.refund.dailyCapUsd * 100) : void 0,
+      monthlyCapCents: config.refund.monthlyCapUsd ? Math.round(config.refund.monthlyCapUsd * 100) : void 0,
+      triggers: {
+        serverError: config.refund.triggers?.serverError ?? true,
+        timeout: config.refund.triggers?.timeout ?? true,
+        emptyResponse: config.refund.triggers?.emptyResponse ?? true,
+        schemaValidation: config.refund.triggers?.schemaValidation ?? false,
+        minMeaningfulness: config.refund.triggers?.minMeaningfulness ?? 0.3
+      }
+    }).then((result) => {
+      if (config.debug) {
+        console.log("[zauthSDK] Refund config registered with server", { success: result.success });
+      }
+    }).catch((err) => {
+      console.error("[zauthSDK] Failed to register refund config:", err.message);
+    });
   }
   function shouldMonitorRoute(req) {
     if (options.shouldMonitor) {