@zeroxyz/cli 0.0.42 → 0.0.43

package/dist/index.js

@@ -7,7 +7,7 @@ import { join as join11 } from "path";
 // package.json
 var package_default = {
   name: "@zeroxyz/cli",
-  version: "0.0.42",
+  version: "0.0.43",
   type: "module",
   bin: {
     zero: "dist/index.js",
@@ -587,12 +587,11 @@ var ApiService = class _ApiService {
   // Mints a one-time onramp URL for the caller's wallet. Two paths, picked by
   // which identity is available:
   //   • BYO key present (this.account) → /v1/wallet/fund-url, proving ownership
-  //     with an EIP-191 signature. Honors the `provider` choice.
+  //     with an EIP-191 signature.
   //   • No key but a session (managed/runner) → /v1/users/me/fund-url, which
-  //     resolves the user's managed wallet server-side from the Bearer. Coinbase
-  //     only (the managed onramp doesn't take a provider), so `provider` is
-  //     ignored on this path.
-  // Returns null on any failure so callers can fall back to manual transfer.
+  //     resolves the user's managed wallet server-side from the Bearer.
+  // Both honor the `provider` choice. Returns null on any failure so callers
+  // can fall back to manual transfer.
   getFundingUrl = async (amount, provider = "coinbase") => {
     try {
       if (this.account) {
@@ -607,10 +606,12 @@ var ApiService = class _ApiService {
         return z.object({ url: z.string() }).parse(json).url;
       }
       if (this.credentials.kind === "session") {
-        const params = new URLSearchParams();
+        const params = new URLSearchParams({ provider });
         if (amount) params.set("amount", amount);
-        const qs = params.toString() ? `?${params.toString()}` : "";
-        const json = await this.request("GET", `/v1/users/me/fund-url${qs}`);
+        const json = await this.request(
+          "GET",
+          `/v1/users/me/fund-url?${params.toString()}`
+        );
         return z.object({ url: z.string(), walletAddress: z.string() }).parse(json).url;
       }
       return null;
@@ -983,6 +984,61 @@ import {
   http
 } from "viem";
 import { base, baseSepolia, tempo as viemTempoChain } from "viem/chains";
+
+// src/services/x402-challenge.ts
+import { encodePaymentRequiredHeader } from "@x402/core/http";
+var looksLikeX402Body = (body) => {
+  if (!body || typeof body !== "object") return false;
+  const b = body;
+  return typeof b.x402Version === "number" && Array.isArray(b.accepts) && b.accepts.length > 0;
+};
+var isV1ShapedAccept = (accept) => {
+  if (!accept || typeof accept !== "object") return false;
+  const a = accept;
+  const network = typeof a.network === "string" ? a.network : "";
+  const bareNetwork = network !== "" && !network.includes(":");
+  const v1AmountField = a.maxAmountRequired != null && a.amount == null;
+  return bareNetwork || v1AmountField;
+};
+var coerceX402BodyVersion = (challenge) => {
+  const accepts = Array.isArray(challenge.accepts) ? challenge.accepts : [];
+  return { ...challenge, x402Version: accepts.some(isV1ShapedAccept) ? 1 : 2 };
+};
+var withSynthesizedX402Header = (baseFetch) => async (input, init) => {
+  const response = await baseFetch(input, init);
+  if (response.status !== 402) return response;
+  if (response.headers.get("payment-required") ?? response.headers.get("x-payment-required")) {
+    return response;
+  }
+  const text = await response.clone().text();
+  let parsed;
+  try {
+    parsed = JSON.parse(text);
+  } catch {
+    return response;
+  }
+  if (!looksLikeX402Body(parsed) || parsed.x402Version === 1) {
+    return response;
+  }
+  const challenge = coerceX402BodyVersion(parsed);
+  const headers = new Headers(response.headers);
+  headers.set(
+    "PAYMENT-REQUIRED",
+    // Validated as an x402 body above; encoder wants the concrete type.
+    encodePaymentRequiredHeader(
+      challenge
+    )
+  );
+  headers.delete("content-length");
+  headers.delete("content-encoding");
+  return new Response(text, {
+    status: response.status,
+    statusText: response.statusText,
+    headers
+  });
+};
+
+// src/services/payment-service.ts
 var SessionCloseFailedError = class extends Error {
   session;
   response;
@@ -1226,7 +1282,10 @@ var PaymentService = class {
     const httpClient = new x402HTTPClient(client).onPaymentRequired(
       createSIWxClientHook(this.account)
     );
-    const wrappedFetch = wrapFetchWithPayment(fetch, httpClient);
+    const wrappedFetch = wrapFetchWithPayment(
+      withSynthesizedX402Header(fetch),
+      httpClient
+    );
     const response = await wrappedFetch(url, {
       method: request.method,
       headers: request.headers,
@@ -1790,11 +1849,6 @@ var resolveRequestBody = (rawData, readStdin2) => {
   }
   return body;
 };
-var looksLikeX402V1Body = (body) => {
-  if (!body || typeof body !== "object") return false;
-  const b = body;
-  return b.x402Version === 1 && Array.isArray(b.accepts) && b.accepts.length > 0;
-};
 var detectPaymentRequirement = async (response) => {
   if (response.status !== 402) return null;
   const x402Header = response.headers.get("payment-required") ?? response.headers.get("x-payment-required");
@@ -1816,7 +1870,7 @@ var detectPaymentRequirement = async (response) => {
     const text = await response.clone().text();
     if (text) {
       const parsed = JSON.parse(text);
-      if (looksLikeX402V1Body(parsed)) {
+      if (looksLikeX402Body(parsed)) {
         return { protocol: "x402", raw: parsed };
       }
     }

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@zeroxyz/cli",
-	"version": "0.0.42",
+	"version": "0.0.43",
 	"type": "module",
 	"bin": {
 		"zero": "dist/index.js",