@zendfi/sdk 0.7.4 → 0.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/README.md +64 -64
  2. package/dist/express.d.mts +1 -1
  3. package/dist/express.d.ts +1 -1
  4. package/dist/index.d.mts +231 -485
  5. package/dist/index.d.ts +231 -485
  6. package/dist/index.js +1041 -1374
  7. package/dist/index.mjs +1029 -772
  8. package/dist/nextjs.d.mts +1 -1
  9. package/dist/nextjs.d.ts +1 -1
  10. package/dist/{webhook-handler-D5INiR-l.d.mts → webhook-handler-CgaLeGO4.d.mts} +24 -47
  11. package/dist/{webhook-handler-D5INiR-l.d.ts → webhook-handler-CgaLeGO4.d.ts} +24 -47
  12. package/package.json +1 -1
  13. package/dist/chunk-XERHBDUK.mjs +0 -587
  14. package/dist/device-bound-crypto-VX7SFVHT.mjs +0 -13
package/README.md CHANGED
@@ -262,23 +262,28 @@ const agentKey = await zendfi.agent.createKey({
262
262
  rate_limit_per_hour: 100,
263
263
  });
264
264
 
265
- // 2. User approves spending session (one-time)
266
- const session = await zendfi.agent.createSession({
267
- agent_id: 'shopping-assistant-v1',
268
- user_wallet: 'Hx7B...abc',
269
- limits: {
270
- max_per_transaction: 50, // $50 max per payment
271
- max_per_day: 200, // $200 daily cap
272
- },
273
- duration_hours: 24,
265
+ // 2. Create device-bound session key (one-time setup with PIN)
266
+ const sessionKey = await zendfi.sessionKeys.create({
267
+ userWallet: 'Hx7B...abc',
268
+ agentId: 'shopping-assistant-v1',
269
+ agentName: 'Shopping Assistant',
270
+ limitUSDC: 200,
271
+ durationDays: 1,
272
+ pin: '123456',
274
273
  });
275
274
 
276
- // 3. AI agent makes payments autonomously (within limits)
277
- const payment = await zendfi.agent.pay({
278
- session_token: session.session_token,
279
- amount: 25.00,
280
- description: 'Coffee order',
281
- });
275
+ // 3. Unlock for payments (client-side)
276
+ await zendfi.sessionKeys.unlock(sessionKey.sessionKeyId, '123456');
277
+
278
+ // 4. AI agent makes payments autonomously (within limits)
279
+ const payment = await zendfi.sessionKeys.makePayment(
280
+ sessionKey.sessionKeyId,
281
+ {
282
+ recipientWallet: 'merchant-wallet',
283
+ amountUSD: 25.00,
284
+ description: 'Coffee order',
285
+ }
286
+ );
282
287
 
283
288
  // Done! User approved once, AI pays within limits
284
289
  ```
@@ -587,69 +592,64 @@ const status = await zendfi.autonomy.getStatus(walletAddress);
587
592
  await zendfi.autonomy.revoke(delegateId);
588
593
  ```
589
594
 
590
- ### Session Keys (On-Chain Funded Wallets)
595
+ ### Session Keys (Device-Bound Non-Custodial)
591
596
 
592
- Session keys are pre-funded wallets with spending limits that enable AI agents to make autonomous payments. They use Lit Protocol's PKP (Programmable Key Pairs) for secure on-chain identity.
597
+ Session keys are TRUE non-custodial wallets where:
598
+ - **Client generates keypair** (backend NEVER sees private key)
599
+ - **PIN encryption** using Argon2id + AES-256-GCM
600
+ - **Device fingerprint binding** for security
601
+ - **Autonomous payments** within spending limits
593
602
 
594
603
  **The Flow:**
595
- 1. **Create** - Agent requests a session key with spending limit
596
- 2. **Approve** - User signs a one-time approval transaction
597
- 3. **Spend** - Agent makes payments autonomously up to the limit
598
- 4. **Top-up** - Optionally add more funds when needed
604
+ 1. **Create** - Client generates keypair, encrypts with PIN (SDK handles this)
605
+ 2. **Unlock** - Decrypt with PIN once, enable auto-signing
606
+ 3. **Pay** - Make payments instantly without re-entering PIN
599
607
 
600
608
  ```typescript
601
- // Step 1: Create a session key
609
+ // Create a device-bound session key
602
610
  const key = await zendfi.sessionKeys.create({
603
- user_wallet: 'Hx7B...abc',
604
- limit_usdc: 100,
605
- duration_days: 7,
606
- device_fingerprint: await generateFingerprint(),
611
+ userWallet: 'Hx7B...abc',
612
+ agentId: 'shopping-assistant-v1',
613
+ agentName: 'AI Shopping Assistant',
614
+ limitUSDC: 100,
615
+ durationDays: 7,
616
+ pin: '123456', // SDK encrypts keypair with this
617
+ generateRecoveryQR: true,
607
618
  });
608
619
 
609
- // key.session_key_id - Unique identifier
610
- // key.approval_transaction - Transaction for user to sign
611
- // key.session_wallet - The funded wallet address
612
- // key.pkp_public_key - Lit Protocol PKP public key NB: This only exists if mint_pkp is set to true in sessions
613
-
614
- // Step 2: User signs the approval transaction (one-time)
615
- const signedTx = await wallet.signTransaction(key.approval_transaction);
616
- await zendfi.sessionKeys.submitApproval(key.session_key_id, {
617
- signed_transaction: signedTx,
618
- });
620
+ console.log(`Session key: ${key.sessionKeyId}`);
621
+ console.log(`Session wallet: ${key.sessionWallet}`);
622
+ console.log(`Recovery QR: ${key.recoveryQR}`);
623
+
624
+ // Session key is auto-unlocked after create()
625
+ // Make payments without PIN!
626
+ const payment = await zendfi.sessionKeys.makePayment(
627
+ key.sessionKeyId,
628
+ {
629
+ recipientWallet: '8xYZA...',
630
+ amountUSD: 5.0,
631
+ description: 'Coffee purchase',
632
+ }
633
+ );
619
634
 
620
- // Step 3: Check status and make payments
621
- const status = await zendfi.sessionKeys.getStatus(key.session_key_id);
622
- console.log(`Status: ${status.status}`); // "active"
623
- console.log(`Remaining: $${status.remaining_usdc}`);
624
- console.log(`Spent: $${status.used_amount_usdc}`);
625
- console.log(`Transactions: ${status.transaction_count}`);
635
+ // Or unlock an existing session key
636
+ await zendfi.sessionKeys.unlock(key.sessionKeyId, '123456');
626
637
 
627
- // Step 4: Top-up if needed
628
- const topUp = await zendfi.sessionKeys.topUp(key.session_key_id, {
629
- amount: 50, // Add $50 more
630
- });
631
- // User signs the top-up transaction
632
- const signedTopUp = await wallet.signTransaction(topUp.approval_transaction);
633
- await zendfi.sessionKeys.submitTopUp(key.session_key_id, {
634
- signed_transaction: signedTopUp,
635
- });
638
+ // Check status
639
+ const status = await zendfi.sessionKeys.getStatus(key.sessionKeyId);
640
+ console.log(`Active: ${status.isActive}`);
641
+ console.log(`Remaining: $${status.remainingUSDC}`);
642
+ console.log(`Spent: $${status.usedAmountUSDC}`);
636
643
 
637
644
  // Revoke when done
638
- await zendfi.sessionKeys.revoke(key.session_key_id);
639
-
640
- // List all session keys
641
- const keys = await zendfi.sessionKeys.list();
642
- keys.session_keys.forEach(k => {
643
- console.log(`${k.session_key_id}: $${k.remaining_amount} remaining`);
644
- });
645
+ await zendfi.sessionKeys.revoke(key.sessionKeyId);
645
646
  ```
646
647
 
647
- **Session Key Statuses:**
648
- - `pending_approval` - Waiting for user to sign approval
649
- - `active` - Ready for payments
650
- - `exhausted` - Spending limit reached
651
- - `expired` - Past expiry time
652
- - `revoked` - Manually revoked
648
+ **Security Features:**
649
+ - **Backend cannot decrypt** - Keys encrypted client-side
650
+ - **Device fingerprint** - Binds key to specific device
651
+ - **Recovery QR** - Migrate to new device
652
+ - **Auto-signing cache** - Instant payments after unlock
653
653
 
654
654
  ### Smart Payments
655
655
 
package/dist/express.d.mts CHANGED
@@ -1,4 +1,4 @@
1
- import { W as WebhookHandlerConfig, a as WebhookHandlers } from './webhook-handler-D5INiR-l.mjs';
1
+ import { W as WebhookHandlerConfig, a as WebhookHandlers } from './webhook-handler-CgaLeGO4.mjs';
2
2
 
3
3
  /**
4
4
  * Express Webhook Handler
package/dist/express.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { W as WebhookHandlerConfig, a as WebhookHandlers } from './webhook-handler-D5INiR-l.js';
1
+ import { W as WebhookHandlerConfig, a as WebhookHandlers } from './webhook-handler-CgaLeGO4.js';
2
2
 
3
3
  /**
4
4
  * Express Webhook Handler