@zauthx402/sdk 0.1.5 → 0.1.7

package/dist/middleware/index.d.mts

@@ -1,2 +1,2 @@
-export { d as ZauthMiddlewareOptions, b as createZauthMiddleware, z as zauthProvider } from '../index-CzB2rK59.mjs';
+export { d as ZauthMiddlewareOptions, b as createZauthMiddleware, z as zauthProvider } from '../index-C2FGNEe1.mjs';
 import 'express';

package/dist/middleware/index.d.ts

@@ -1,2 +1,2 @@
-export { d as ZauthMiddlewareOptions, b as createZauthMiddleware, z as zauthProvider } from '../index-CzB2rK59.js';
+export { d as ZauthMiddlewareOptions, b as createZauthMiddleware, z as zauthProvider } from '../index-C2FGNEe1.js';
 import 'express';

package/dist/middleware/index.js

@@ -60,9 +60,9 @@ var require_constants = __commonJS({
   }
 });
 
-// ../../node_modules/node-gyp-build/node-gyp-build.js
+// node_modules/node-gyp-build/node-gyp-build.js
 var require_node_gyp_build = __commonJS({
-  "../../node_modules/node-gyp-build/node-gyp-build.js"(exports$1, module) {
+  "node_modules/node-gyp-build/node-gyp-build.js"(exports$1, module) {
     var fs = __require("fs");
     var path = __require("path");
     var os = __require("os");
@@ -229,9 +229,9 @@ var require_node_gyp_build = __commonJS({
   }
 });
 
-// ../../node_modules/node-gyp-build/index.js
+// node_modules/node-gyp-build/index.js
 var require_node_gyp_build2 = __commonJS({
-  "../../node_modules/node-gyp-build/index.js"(exports$1, module) {
+  "node_modules/node-gyp-build/index.js"(exports$1, module) {
     var runtimeRequire = typeof __webpack_require__ === "function" ? __non_webpack_require__ : __require;
     if (typeof runtimeRequire.addon === "function") {
       module.exports = runtimeRequire.addon.bind(runtimeRequire);
@@ -241,9 +241,9 @@ var require_node_gyp_build2 = __commonJS({
   }
 });
 
-// ../../node_modules/bufferutil/fallback.js
+// node_modules/bufferutil/fallback.js
 var require_fallback = __commonJS({
-  "../../node_modules/bufferutil/fallback.js"(exports$1, module) {
+  "node_modules/bufferutil/fallback.js"(exports$1, module) {
     var mask = (source, mask2, output, offset, length) => {
       for (var i = 0; i < length; i++) {
         output[offset + i] = source[i] ^ mask2[i & 3];
@@ -259,9 +259,9 @@ var require_fallback = __commonJS({
   }
 });
 
-// ../../node_modules/bufferutil/index.js
+// node_modules/bufferutil/index.js
 var require_bufferutil = __commonJS({
-  "../../node_modules/bufferutil/index.js"(exports$1, module) {
+  "node_modules/bufferutil/index.js"(exports$1, module) {
     try {
       module.exports = require_node_gyp_build2()(__dirname);
     } catch (e) {
@@ -775,9 +775,9 @@ var require_permessage_deflate = __commonJS({
   }
 });
 
-// ../../node_modules/utf-8-validate/fallback.js
+// node_modules/utf-8-validate/fallback.js
 var require_fallback2 = __commonJS({
-  "../../node_modules/utf-8-validate/fallback.js"(exports$1, module) {
+  "node_modules/utf-8-validate/fallback.js"(exports$1, module) {
     function isValidUTF8(buf) {
       const len = buf.length;
       let i = 0;
@@ -811,9 +811,9 @@ var require_fallback2 = __commonJS({
   }
 });
 
-// ../../node_modules/utf-8-validate/index.js
+// node_modules/utf-8-validate/index.js
 var require_utf_8_validate = __commonJS({
-  "../../node_modules/utf-8-validate/index.js"(exports$1, module) {
+  "node_modules/utf-8-validate/index.js"(exports$1, module) {
     try {
       module.exports = require_node_gyp_build2()(__dirname);
     } catch (e) {
@@ -3933,6 +3933,7 @@ var DEFAULT_CONFIG = {
   refund: {
     enabled: false,
     privateKey: process.env.ZAUTH_REFUND_PRIVATE_KEY,
+    solanaPrivateKey: process.env.ZAUTH_SOLANA_PRIVATE_KEY,
     network: "base",
     triggers: {
       serverError: true,
@@ -3963,6 +3964,7 @@ function resolveConfig(config) {
     enabled: config.refund?.enabled ?? DEFAULT_CONFIG.refund.enabled,
     signer: config.refund?.signer,
     privateKey: config.refund?.privateKey ?? DEFAULT_CONFIG.refund.privateKey,
+    solanaPrivateKey: config.refund?.solanaPrivateKey ?? DEFAULT_CONFIG.refund.solanaPrivateKey,
     network: config.refund?.network ?? DEFAULT_CONFIG.refund.network,
     triggers: {
       ...DEFAULT_CONFIG.refund.triggers,
@@ -4535,17 +4537,68 @@ function decodePaymentHeader(paymentHeader) {
       decoded = paymentHeader;
     }
     const parsed = JSON.parse(decoded);
-    const payer = parsed.payload?.authorization?.from || // x402 V2
+    let payer = parsed.payload?.authorization?.from || // x402 V2 EVM
     parsed.payer || parsed.from || parsed.payload?.from || parsed.x?.signature?.address || null;
+    if (!payer && parsed.payload?.transaction) {
+      payer = extractSolanaFeePayer(parsed.payload.transaction);
+    }
     const amount = parsed.payload?.authorization?.value || // x402 V2
     parsed.amount || parsed.payload?.amount || null;
-    const network = parsed.payload?.authorization?.network || // x402 V2
+    let network = parsed.payload?.authorization?.network || // x402 V2 EVM
     parsed.network || parsed.payload?.network || null;
+    if (!network && parsed.payload?.transaction && payer) {
+      network = "solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp";
+    }
     return { payer, amount, network };
   } catch {
     return null;
   }
 }
+function extractSolanaFeePayer(base64Transaction) {
+  try {
+    const txBytes = typeof Buffer !== "undefined" ? Buffer.from(base64Transaction, "base64") : Uint8Array.from(atob(base64Transaction), (c) => c.charCodeAt(0));
+    let offset = 0;
+    const numSignatures = txBytes[offset];
+    offset += 1;
+    offset += numSignatures * 64;
+    const firstByte = txBytes[offset];
+    if ((firstByte & 128) !== 0) {
+      offset += 1;
+    }
+    offset += 3;
+    const numAccounts = txBytes[offset];
+    offset += 1;
+    if (numAccounts > 0 && offset + 32 <= txBytes.length) {
+      const feePayerBytes = txBytes.slice(offset, offset + 32);
+      return base58Encode(feePayerBytes);
+    }
+    return null;
+  } catch {
+    return null;
+  }
+}
+function base58Encode(bytes) {
+  const ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
+  const BASE = 58;
+  let num = BigInt(0);
+  for (const byte of bytes) {
+    num = num * BigInt(256) + BigInt(byte);
+  }
+  let result = "";
+  while (num > 0) {
+    const remainder = Number(num % BigInt(BASE));
+    num = num / BigInt(BASE);
+    result = ALPHABET[remainder] + result;
+  }
+  for (const byte of bytes) {
+    if (byte === 0) {
+      result = "1" + result;
+    } else {
+      break;
+    }
+  }
+  return result || "1";
+}
 
 // src/validator.ts
 function validateResponse(body, statusCode, config) {
@@ -4695,6 +4748,8 @@ var RefundExecutor = class {
   // YYYY-MM-DD
   lastCapResetMonth = (/* @__PURE__ */ new Date()).toISOString().slice(0, 7);
   // YYYY-MM
+  // Track processed refundIds to prevent double execution within same session
+  processedRefundIds = /* @__PURE__ */ new Set();
   constructor(client, config, debug = false) {
     this.client = client;
     this.config = config;
@@ -4787,6 +4842,11 @@ var RefundExecutor = class {
         case "rejection_ack":
           this.log("Refund rejection acknowledged", { refundId: msg.refundId });
           break;
+        case "executing_ack":
+          if (this.debug) {
+            this.log("Refund executing acknowledged", { refundId: msg.refundId, status: msg.status });
+          }
+          break;
         case "pong":
           break;
         default:
@@ -4801,6 +4861,10 @@ var RefundExecutor = class {
    */
   async processSingleRefund(refund) {
     try {
+      if (this.processedRefundIds.has(refund.id)) {
+        this.log("Refund already processed in this session", { refundId: refund.id });
+        return;
+      }
       const endpointConfig = this.getEndpointConfig(refund.url);
       if (endpointConfig?.enabled === false) {
         this.log("Refunds disabled for endpoint", { url: refund.url });
@@ -4859,8 +4923,13 @@ var RefundExecutor = class {
           return;
         }
       }
+      this.sendMessage({
+        type: "refund_executing",
+        refundId: refund.id
+      });
       const result = await this.executeRefundTx(refund);
       if (result.success) {
+        this.processedRefundIds.add(refund.id);
         this.sendMessage({
           type: "refund_confirmed",
           refundId: refund.id,
@@ -5059,14 +5128,98 @@ var RefundExecutor = class {
     }
   }
   /**
-   * Execute Solana refund
+   * Execute Solana refund using @solana/kit v2 libraries
    */
-  async executeSolanaRefund(_refund, _amountRaw) {
-    return {
-      success: false,
-      error: "Solana refunds not yet implemented",
-      retryable: false
-    };
+  async executeSolanaRefund(refund, amountRaw) {
+    try {
+      const solanaPrivateKey = this.config.solanaPrivateKey;
+      if (!solanaPrivateKey) {
+        return {
+          success: false,
+          error: "No Solana private key configured (set ZAUTH_SOLANA_PRIVATE_KEY)",
+          retryable: false
+        };
+      }
+      const { createKeyPairSignerFromPrivateKeyBytes } = await import('@solana/signers');
+      const {
+        createSolanaRpc,
+        address,
+        pipe,
+        createTransactionMessage,
+        setTransactionMessageFeePayer,
+        setTransactionMessageLifetimeUsingBlockhash,
+        appendTransactionMessageInstructions,
+        signTransactionMessageWithSigners,
+        getBase64EncodedWireTransaction
+      } = await import('@solana/kit');
+      const {
+        findAssociatedTokenPda,
+        getTransferInstruction,
+        TOKEN_PROGRAM_ADDRESS
+      } = await import('@solana-program/token');
+      const bs58 = await import('bs58');
+      const USDC_MINT = address("EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v");
+      const rpcUrl = process.env.SOLANA_RPC_URL || "https://api.mainnet-beta.solana.com";
+      const rpc = createSolanaRpc(rpcUrl);
+      let signer;
+      try {
+        const secretKey = bs58.default.decode(solanaPrivateKey);
+        const privateKeyBytes = secretKey.slice(0, 32);
+        signer = await createKeyPairSignerFromPrivateKeyBytes(privateKeyBytes);
+      } catch {
+        return {
+          success: false,
+          error: "Invalid Solana private key format (expected base58)",
+          retryable: false
+        };
+      }
+      const recipientAddress = address(refund.recipientAddress);
+      const [senderAta] = await findAssociatedTokenPda({
+        mint: USDC_MINT,
+        owner: signer.address,
+        tokenProgram: TOKEN_PROGRAM_ADDRESS
+      });
+      const [recipientAta] = await findAssociatedTokenPda({
+        mint: USDC_MINT,
+        owner: recipientAddress,
+        tokenProgram: TOKEN_PROGRAM_ADDRESS
+      });
+      const transferIx = getTransferInstruction({
+        source: senderAta,
+        destination: recipientAta,
+        authority: signer,
+        amount: BigInt(amountRaw)
+      });
+      const { value: latestBlockhash } = await rpc.getLatestBlockhash().send();
+      const tx = pipe(
+        createTransactionMessage({ version: 0 }),
+        (tx2) => setTransactionMessageFeePayer(signer.address, tx2),
+        (tx2) => setTransactionMessageLifetimeUsingBlockhash(latestBlockhash, tx2),
+        (tx2) => appendTransactionMessageInstructions([transferIx], tx2)
+      );
+      const signedTx = await signTransactionMessageWithSigners(tx);
+      const base64Tx = getBase64EncodedWireTransaction(signedTx);
+      const txSignature = await rpc.sendTransaction(base64Tx, { encoding: "base64" }).send();
+      this.log("Solana refund sent", {
+        txHash: txSignature,
+        to: refund.recipientAddress,
+        amount: amountRaw
+      });
+      return {
+        success: true,
+        txHash: txSignature,
+        amountRaw,
+        gasCostCents: 0
+        // Solana fees are negligible
+      };
+    } catch (error) {
+      this.log("Solana refund failed", { error: error.message });
+      return {
+        success: false,
+        error: error.message,
+        retryable: true
+      };
+    }
   }
   /**
    * Get endpoint-specific config by matching URL patterns
@@ -5106,6 +5259,25 @@ function createZauthMiddleware(options) {
     if (config.debug) {
       console.log("[zauthSDK] Refund executor started");
     }
+    client.updateRefundConfig({
+      enabled: true,
+      maxRefundUsdCents: Math.round((config.refund.maxRefundUsd || 1) * 100),
+      dailyCapCents: config.refund.dailyCapUsd ? Math.round(config.refund.dailyCapUsd * 100) : void 0,
+      monthlyCapCents: config.refund.monthlyCapUsd ? Math.round(config.refund.monthlyCapUsd * 100) : void 0,
+      triggers: {
+        serverError: config.refund.triggers?.serverError ?? true,
+        timeout: config.refund.triggers?.timeout ?? true,
+        emptyResponse: config.refund.triggers?.emptyResponse ?? true,
+        schemaValidation: config.refund.triggers?.schemaValidation ?? false,
+        minMeaningfulness: config.refund.triggers?.minMeaningfulness ?? 0.3
+      }
+    }).then((result) => {
+      if (config.debug) {
+        console.log("[zauthSDK] Refund config registered with server", { success: result.success });
+      }
+    }).catch((err) => {
+      console.error("[zauthSDK] Failed to register refund config:", err.message);
+    });
   }
   function shouldMonitorRoute(req) {
     if (options.shouldMonitor) {