npm - bsv-x402 - Versions diffs - 0.1.1 → 0.2.0 - Mend

bsv-x402 0.1.1 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.cjs CHANGED Viewed

@@ -20,37 +20,751 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 // src/index.ts
 var index_exports = {};
 __export(index_exports, {
+  BFG_DAILY_CEILING_SATOSHIS: () => BFG_DAILY_CEILING_SATOSHIS,
+  BFG_PER_TX_CEILING_SATOSHIS: () => BFG_PER_TX_CEILING_SATOSHIS,
+  LocalStorageAdapter: () => LocalStorageAdapter,
+  RateLimiter: () => RateLimiter,
+  TIER_PRESETS: () => TIER_PRESETS,
+  WalletTwoFactorProvider: () => WalletTwoFactorProvider,
+  createX402Fetch: () => createX402Fetch,
   parseChallenge: () => parseChallenge,
+  resolveSitePolicy: () => resolveSitePolicy,
+  resolveSpendLimits: () => resolveSpendLimits,
   x402Fetch: () => x402Fetch
 });
 module.exports = __toCommonJS(index_exports);
 // src/challenge.ts
 function parseChallenge(header) {
-  return JSON.parse(header);
+  let parsed;
+  try {
+    parsed = JSON.parse(header);
+  } catch {
+    throw new Error("X402-Challenge: invalid JSON");
+  }
+  if (typeof parsed !== "object" || parsed === null) {
+    throw new Error("X402-Challenge: expected object");
+  }
+  const obj = parsed;
+  if (typeof obj.nonce !== "string" || obj.nonce.length === 0) {
+    throw new Error("X402-Challenge: missing or invalid nonce");
+  }
+  if (typeof obj.payee !== "string" || obj.payee.length === 0) {
+    throw new Error("X402-Challenge: missing or invalid payee");
+  }
+  if (typeof obj.network !== "string" || obj.network.length === 0) {
+    throw new Error("X402-Challenge: missing or invalid network");
+  }
+  if (typeof obj.amount !== "number" || !Number.isFinite(obj.amount) || !Number.isInteger(obj.amount) || obj.amount <= 0) {
+    throw new Error("X402-Challenge: amount must be a positive integer");
+  }
+  return {
+    nonce: obj.nonce,
+    payee: obj.payee,
+    amount: obj.amount,
+    network: obj.network
+  };
+}
+// src/limits.ts
+var BFG_DAILY_CEILING_SATOSHIS = 1e10;
+var BFG_PER_TX_CEILING_SATOSHIS = 1e9;
+var WINDOW_MS = {
+  minute: 6e4,
+  hour: 36e5,
+  day: 864e5,
+  week: 6048e5
+};
+function windowToMs(window2) {
+  return WINDOW_MS[window2];
+}
+function makeLimits(windows, perTxMaxSatoshis, opts = {}) {
+  return {
+    windows,
+    perTxMaxSatoshis,
+    yellowLightThreshold: 0.8,
+    requirePerSitePrompt: false,
+    sitePolicies: {},
+    require2fa: {
+      onCircuitBreakerReset: true,
+      onTierChange: true,
+      onHighValueTx: false,
+      highValueThreshold: 0,
+      onNewSiteApproval: false
+    },
+    ...opts
+  };
 }
+var TOO_YOUNG_TO_DIE = {
+  interactive: makeLimits(
+    [{ window: "day", maxSatoshis: 1e8, maxTransactions: Infinity }],
+    1e8
+  ),
+  programmatic: makeLimits(
+    [{ window: "day", maxSatoshis: 1e8, maxTransactions: Infinity }],
+    1e6
+  )
+};
+var HEY_NOT_TOO_ROUGH = {
+  interactive: makeLimits(
+    [
+      { window: "day", maxSatoshis: 1e8, maxTransactions: 100 },
+      { window: "week", maxSatoshis: 5e8, maxTransactions: 500 }
+    ],
+    1e7,
+    {
+      requirePerSitePrompt: true,
+      require2fa: {
+        onCircuitBreakerReset: true,
+        onTierChange: true,
+        onHighValueTx: true,
+        highValueThreshold: 5e7,
+        onNewSiteApproval: true
+      }
+    }
+  ),
+  programmatic: makeLimits(
+    [
+      { window: "day", maxSatoshis: 1e8, maxTransactions: 1e4 },
+      { window: "week", maxSatoshis: 5e8, maxTransactions: 5e4 }
+    ],
+    1e5,
+    {
+      requirePerSitePrompt: true,
+      require2fa: {
+        onCircuitBreakerReset: true,
+        onTierChange: true,
+        onHighValueTx: true,
+        highValueThreshold: 5e7,
+        onNewSiteApproval: true
+      }
+    }
+  )
+};
+var HURT_ME_PLENTY = {
+  interactive: makeLimits(
+    [
+      { window: "minute", maxSatoshis: 5e6, maxTransactions: 10 },
+      { window: "hour", maxSatoshis: 5e7, maxTransactions: 60 },
+      { window: "day", maxSatoshis: 2e8, maxTransactions: 200 },
+      { window: "week", maxSatoshis: 1e9, maxTransactions: 1e3 }
+    ],
+    2e7,
+    {
+      requirePerSitePrompt: true,
+      require2fa: {
+        onCircuitBreakerReset: true,
+        onTierChange: true,
+        onHighValueTx: true,
+        highValueThreshold: 1e8,
+        onNewSiteApproval: true
+      }
+    }
+  ),
+  programmatic: makeLimits(
+    [
+      { window: "minute", maxSatoshis: 5e6, maxTransactions: 1e3 },
+      { window: "hour", maxSatoshis: 5e7, maxTransactions: 6e3 },
+      { window: "day", maxSatoshis: 2e8, maxTransactions: 2e4 },
+      { window: "week", maxSatoshis: 1e9, maxTransactions: 1e5 }
+    ],
+    2e5,
+    {
+      requirePerSitePrompt: true,
+      require2fa: {
+        onCircuitBreakerReset: true,
+        onTierChange: true,
+        onHighValueTx: true,
+        highValueThreshold: 1e8,
+        onNewSiteApproval: true
+      }
+    }
+  )
+};
+var ULTRA_VIOLENCE = {
+  interactive: makeLimits(
+    [...HURT_ME_PLENTY.interactive.windows],
+    HURT_ME_PLENTY.interactive.perTxMaxSatoshis,
+    {
+      requirePerSitePrompt: true,
+      require2fa: {
+        onCircuitBreakerReset: true,
+        onTierChange: true,
+        onHighValueTx: false,
+        highValueThreshold: 0,
+        onNewSiteApproval: true
+      }
+    }
+  ),
+  programmatic: makeLimits(
+    [...HURT_ME_PLENTY.programmatic.windows],
+    HURT_ME_PLENTY.programmatic.perTxMaxSatoshis,
+    {
+      requirePerSitePrompt: true,
+      require2fa: {
+        onCircuitBreakerReset: true,
+        onTierChange: true,
+        onHighValueTx: false,
+        highValueThreshold: 0,
+        onNewSiteApproval: true
+      }
+    }
+  )
+};
+var NIGHTMARE = {
+  interactive: makeLimits([], BFG_PER_TX_CEILING_SATOSHIS),
+  programmatic: makeLimits([], BFG_PER_TX_CEILING_SATOSHIS)
+};
+var TIER_PRESETS = {
+  "I'm Too Young to Die": TOO_YOUNG_TO_DIE,
+  "Hey, Not Too Rough": HEY_NOT_TOO_ROUGH,
+  "Hurt Me Plenty": HURT_ME_PLENTY,
+  "Ultra-Violence": ULTRA_VIOLENCE,
+  "Nightmare!": NIGHTMARE
+};
+function cloneSpendLimits(preset) {
+  return {
+    ...preset,
+    windows: preset.windows.map((w) => ({ ...w })),
+    require2fa: { ...preset.require2fa },
+    sitePolicies: { ...preset.sitePolicies }
+  };
+}
+function resolveSpendLimits(tier = "Hey, Not Too Rough", mode = "interactive", overrides) {
+  const preset = TIER_PRESETS[tier][mode];
+  const base = cloneSpendLimits(preset);
+  if (!overrides) return base;
+  return {
+    ...base,
+    ...overrides,
+    // Deep-merge require2fa if provided
+    require2fa: overrides.require2fa ? { ...base.require2fa, ...overrides.require2fa } : base.require2fa,
+    // Deep-merge sitePolicies if provided
+    sitePolicies: overrides.sitePolicies ? { ...base.sitePolicies, ...overrides.sitePolicies } : base.sitePolicies
+  };
+}
+var RateLimiter = class {
+  constructor(limits, state, now) {
+    this.limits = limits;
+    this.entries = state?.entries ?? [];
+    this.broken = state?.circuitBroken ?? false;
+    this.now = now ?? Date.now;
+  }
+  check(challenge, origin) {
+    if (this.broken) {
+      return { action: "block", reason: "Circuit breaker tripped \u2014 call resetLimits() to clear", severity: "trip" };
+    }
+    if (!Number.isFinite(challenge.amount) || !Number.isInteger(challenge.amount) || challenge.amount <= 0) {
+      return { action: "block", reason: "Invalid transaction amount rejected", severity: "reject" };
+    }
+    if (challenge.amount > BFG_PER_TX_CEILING_SATOSHIS) {
+      return { action: "block", reason: `Exceeds BFG per-tx ceiling (${BFG_PER_TX_CEILING_SATOSHIS} sats)`, severity: "reject" };
+    }
+    const dayAgo = this.now() - WINDOW_MS.day;
+    const dailyTotal = this.sumSatoshis(dayAgo);
+    if (dailyTotal + challenge.amount > BFG_DAILY_CEILING_SATOSHIS) {
+      return { action: "block", reason: `Exceeds BFG daily ceiling (${BFG_DAILY_CEILING_SATOSHIS} sats)`, severity: "trip" };
+    }
+    if (challenge.amount > this.limits.perTxMaxSatoshis) {
+      return { action: "block", reason: `Exceeds per-tx limit (${this.limits.perTxMaxSatoshis} sats)`, severity: "reject" };
+    }
+    const isCustomSite = this.hasCustomPolicy(origin);
+    const effectiveLimits = this.effectiveWindows(origin);
+    const effectivePerTx = this.effectivePerTxMax(origin);
+    if (effectivePerTx !== void 0 && challenge.amount > effectivePerTx) {
+      return { action: "block", reason: `Exceeds per-tx limit for ${origin} (${effectivePerTx} sats)`, severity: "reject" };
+    }
+    let yellowLight;
+    for (const wl of effectiveLimits) {
+      const cutoff = this.now() - windowToMs(wl.window);
+      const windowEntries = this.entriesInWindow(cutoff, isCustomSite ? origin : void 0);
+      const totalSats = windowEntries.reduce((sum, e) => sum + e.satoshis, 0);
+      const totalTx = windowEntries.length;
+      if (totalSats + challenge.amount > wl.maxSatoshis) {
+        return { action: "block", reason: `Exceeds ${wl.window} sats limit (${wl.maxSatoshis})`, severity: "window" };
+      }
+      if (totalTx + 1 > wl.maxTransactions) {
+        return { action: "block", reason: `Exceeds ${wl.window} tx count limit (${wl.maxTransactions})`, severity: "window" };
+      }
+      if (this.limits.yellowLightThreshold < 1 && !yellowLight && totalSats + challenge.amount > wl.maxSatoshis * this.limits.yellowLightThreshold) {
+        yellowLight = {
+          origin,
+          currentSpend: totalSats,
+          limit: wl.maxSatoshis,
+          window: wl.window,
+          challenge
+        };
+      }
+    }
+    if (yellowLight) {
+      return { action: "yellow-light", detail: yellowLight };
+    }
+    return { action: "allow" };
+  }
+  record(entry) {
+    this.entries.push(entry);
+    this.prune();
+  }
+  trip() {
+    this.broken = true;
+  }
+  reset() {
+    this.broken = false;
+  }
+  isBroken() {
+    return this.broken;
+  }
+  getState() {
+    return {
+      entries: [...this.entries],
+      circuitBroken: this.broken,
+      hmac: ""
+    };
+  }
+  hasCustomPolicy(origin) {
+    const policy = this.limits.sitePolicies[origin];
+    return policy?.action === "custom" && !!policy.limits;
+  }
+  effectiveWindows(origin) {
+    const policy = this.limits.sitePolicies[origin];
+    if (policy?.action === "custom" && policy.limits) {
+      return policy.limits;
+    }
+    return this.limits.windows;
+  }
+  effectivePerTxMax(origin) {
+    const policy = this.limits.sitePolicies[origin];
+    if (policy?.action === "custom" && policy.perTxMaxSatoshis !== void 0) {
+      return policy.perTxMaxSatoshis;
+    }
+    return void 0;
+  }
+  entriesInWindow(cutoff, filterOrigin) {
+    return this.entries.filter(
+      (e) => e.timestamp >= cutoff && (filterOrigin === void 0 || e.origin === filterOrigin)
+    );
+  }
+  sumSatoshis(cutoff) {
+    return this.entries.filter((e) => e.timestamp >= cutoff).reduce((sum, e) => sum + e.satoshis, 0);
+  }
+  prune() {
+    let longestWindow = WINDOW_MS.day;
+    for (const wl of this.limits.windows) {
+      longestWindow = Math.max(longestWindow, windowToMs(wl.window));
+    }
+    if (this.limits.sitePolicies) {
+      for (const policy of Object.values(this.limits.sitePolicies)) {
+        if (policy?.action === "custom" && Array.isArray(policy.limits)) {
+          for (const wl of policy.limits) {
+            longestWindow = Math.max(longestWindow, windowToMs(wl.window));
+          }
+        }
+      }
+    }
+    const cutoff = this.now() - longestWindow;
+    this.entries = this.entries.filter((e) => e.timestamp >= cutoff);
+  }
+};
+// src/site-policy.ts
+var defaultSitePrompt = async (origin) => {
+  if (typeof globalThis.confirm !== "function") return "global";
+  const allow = globalThis.confirm(
+    `First payment to ${origin}.
+Use your global spending limits for this site?
+OK = Use global limits
+Cancel = Block this site`
+  );
+  return allow ? "global" : "block";
+};
+async function resolveSitePolicy(origin, limits, twoFactorProvider, promptFn = defaultSitePrompt) {
+  const existing = limits.sitePolicies[origin];
+  if (existing) return existing;
+  if (!limits.requirePerSitePrompt) {
+    return { origin, action: "global" };
+  }
+  if (limits.require2fa.onNewSiteApproval) {
+    if (!twoFactorProvider) {
+      return { origin, action: "block" };
+    }
+    const verified = await twoFactorProvider.verify({
+      type: "new-site-approval",
+      origin
+    });
+    if (!verified) {
+      return { origin, action: "block" };
+    }
+  }
+  const action = await promptFn(origin);
+  return { origin, action };
+}
+// src/storage.ts
+var STATE_KEY = "x402:limit-state";
+var POLICIES_KEY = "x402:site-policies";
+async function computeHmac(data, key) {
+  const cryptoKey = await crypto.subtle.importKey(
+    "raw",
+    key,
+    { name: "HMAC", hash: "SHA-256" },
+    false,
+    ["sign"]
+  );
+  const encoded = new TextEncoder().encode(data);
+  const sig = await crypto.subtle.sign("HMAC", cryptoKey, encoded);
+  return Array.from(new Uint8Array(sig)).map((b) => b.toString(16).padStart(2, "0")).join("");
+}
+function serializeForHmac(state) {
+  return JSON.stringify({
+    entries: state.entries,
+    circuitBroken: state.circuitBroken
+  });
+}
+var LocalStorageAdapter = class {
+  constructor(keyDeriver, storage) {
+    this.keyDeriver = keyDeriver;
+    this.storage = storage ?? globalThis.localStorage;
+  }
+  async load() {
+    const raw = this.storage.getItem(STATE_KEY);
+    if (!raw) return null;
+    let state;
+    try {
+      state = JSON.parse(raw);
+    } catch {
+      console.warn("x402: limit state JSON parse failed \u2014 treating as tampered");
+      return { entries: [], circuitBroken: true, hmac: "" };
+    }
+    if (this.keyDeriver) {
+      if (!state.hmac) {
+        console.warn("x402: limit state missing HMAC \u2014 treating as tampered");
+        return { entries: [], circuitBroken: true, hmac: "" };
+      }
+      const key = await this.keyDeriver();
+      const expected = await computeHmac(serializeForHmac(state), key);
+      if (expected !== state.hmac) {
+        console.warn("x402: limit state HMAC mismatch \u2014 state may have been tampered with");
+        return { entries: [], circuitBroken: true, hmac: "" };
+      }
+    }
+    state.entries = (Array.isArray(state.entries) ? state.entries : []).filter(
+      (e) => e != null && typeof e.origin === "string" && typeof e.txid === "string" && typeof e.satoshis === "number" && Number.isFinite(e.satoshis) && e.satoshis >= 0 && typeof e.timestamp === "number" && Number.isFinite(e.timestamp) && e.timestamp > 0
+    );
+    return state;
+  }
+  async save(state) {
+    if (this.keyDeriver) {
+      const key = await this.keyDeriver();
+      state.hmac = await computeHmac(serializeForHmac(state), key);
+    }
+    this.storage.setItem(STATE_KEY, JSON.stringify(state));
+  }
+  async loadSitePolicies() {
+    const raw = this.storage.getItem(POLICIES_KEY);
+    if (!raw) return {};
+    try {
+      return JSON.parse(raw);
+    } catch {
+      return {};
+    }
+  }
+  async saveSitePolicies(policies) {
+    this.storage.setItem(POLICIES_KEY, JSON.stringify(policies));
+  }
+};
 // src/x402-fetch.ts
+var BASE58_ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
+function base58DecodeCheck(address) {
+  let leadingZeros = 0;
+  for (const c of address) {
+    if (c === "1") leadingZeros++;
+    else break;
+  }
+  let n = BigInt(0);
+  for (const c of address) {
+    const i = BASE58_ALPHABET.indexOf(c);
+    if (i < 0) throw new Error(`Invalid Base58 character: ${c}`);
+    n = n * 58n + BigInt(i);
+  }
+  const hexFromBigint = n === 0n ? "" : n.toString(16);
+  const paddedHex = hexFromBigint.length % 2 ? "0" + hexFromBigint : hexFromBigint;
+  const bigintBytes = [];
+  for (let i = 0; i < paddedHex.length; i += 2) {
+    bigintBytes.push(parseInt(paddedHex.slice(i, i + 2), 16));
+  }
+  const allBytes = new Uint8Array(leadingZeros + bigintBytes.length);
+  allBytes.set(bigintBytes, leadingZeros);
+  if (allBytes.length !== 25) {
+    throw new Error(`Invalid address length: expected 25 bytes, got ${allBytes.length}`);
+  }
+  const body = allBytes.slice(0, 21);
+  const checksum = allBytes.slice(21);
+  const version = allBytes[0];
+  if (version !== 0 && version !== 111) {
+    throw new Error(`Unsupported address version: 0x${version.toString(16).padStart(2, "0")}`);
+  }
+  return { version, payload: body.slice(1) };
+}
+function payeeAddressToLockingScript(address) {
+  const { payload } = base58DecodeCheck(address);
+  if (payload.length !== 20) {
+    throw new Error(`Invalid pubkey hash length: expected 20 bytes, got ${payload.length}`);
+  }
+  const pubkeyHash = Array.from(payload).map((b) => b.toString(16).padStart(2, "0")).join("");
+  return `76a914${pubkeyHash}88ac`;
+}
+async function defaultConstructProof(challenge) {
+  const cwi = globalThis.CWI;
+  if (!cwi || typeof cwi.createAction !== "function") {
+    throw new Error(
+      "No BRC-100 wallet detected. Install a CWI-compliant browser extension or provide a custom proofConstructor in X402Config."
+    );
+  }
+  const result = await cwi.createAction({
+    description: `x402 payment: ${challenge.amount} sats to ${challenge.payee}`,
+    outputs: [{
+      satoshis: challenge.amount,
+      lockingScript: payeeAddressToLockingScript(challenge.payee),
+      description: `Payment to ${challenge.payee}`
+    }],
+    labels: ["x402-payment"],
+    options: {
+      returnTXIDOnly: false,
+      noSend: false
+    }
+  });
+  if (!result || !result.txid) {
+    throw new Error("Wallet declined payment or returned invalid result");
+  }
+  if (!result.rawTx || typeof result.rawTx !== "string" || result.rawTx.length === 0) {
+    throw new Error("Wallet did not return raw transaction");
+  }
+  return {
+    txid: result.txid,
+    rawTx: result.rawTx
+  };
+}
+function createMutex() {
+  let chain = Promise.resolve();
+  return (fn) => {
+    const result = chain.then(fn, fn);
+    chain = result.then(() => {
+    }, () => {
+    });
+    return result;
+  };
+}
+function createX402Fetch(config = {}) {
+  const tier = config.tier ?? "Hey, Not Too Rough";
+  const mode = config.mode ?? "interactive";
+  if (tier === "Nightmare!" && config.nightmareConfirmation !== "NIGHTMARE") {
+    throw new Error('Nightmare! tier requires nightmareConfirmation: "NIGHTMARE"');
+  }
+  const limits = resolveSpendLimits(tier, mode, config.limits);
+  const storage = config.storage ?? new LocalStorageAdapter();
+  const twoFactor = config.twoFactorProvider;
+  const constructProof = config.proofConstructor ?? defaultConstructProof;
+  const nowFn = config.now ?? Date.now;
+  const mutex = createMutex();
+  const needs2fa = limits.require2fa;
+  if (!twoFactor && (needs2fa.onCircuitBreakerReset || needs2fa.onHighValueTx || needs2fa.onNewSiteApproval || needs2fa.onTierChange)) {
+    console.warn("x402: tier requires 2FA but no twoFactorProvider configured \u2014 2FA-gated actions will be blocked");
+  }
+  let limiter;
+  let initialised = false;
+  async function ensureInitialised() {
+    if (limiter && initialised) return limiter;
+    const state = await storage.load();
+    limiter = new RateLimiter(limits, state ?? void 0, nowFn);
+    const policies = await storage.loadSitePolicies();
+    Object.assign(limits.sitePolicies, policies);
+    initialised = true;
+    return limiter;
+  }
+  async function persist(rl) {
+    await storage.save(rl.getState());
+    await storage.saveSitePolicies(limits.sitePolicies);
+  }
+  const fetchFn = async function x402Fetch2(input, init) {
+    const response = await fetch(input, init);
+    if (response.status !== 402) return response;
+    const challengeHeader = response.headers.get("X402-Challenge");
+    if (!challengeHeader) return response;
+    let challenge;
+    try {
+      challenge = parseChallenge(challengeHeader);
+    } catch {
+      return response;
+    }
+    const origin = extractOrigin(input);
+    return mutex(async () => {
+      const rl = await ensureInitialised();
+      const sitePolicy = await resolveSitePolicy(origin, limits, twoFactor);
+      if (sitePolicy.action === "block") return response;
+      if (!limits.sitePolicies[origin]) {
+        limits.sitePolicies[origin] = sitePolicy;
+        await storage.saveSitePolicies(limits.sitePolicies);
+      }
+      const result = rl.check(challenge, origin);
+      if (result.action === "block") {
+        if (result.severity === "trip") {
+          rl.trip();
+          await persist(rl);
+          config.onLimitReached?.(result.reason);
+          return response;
+        }
+        if (result.severity === "window" && twoFactor) {
+          config.onLimitReached?.(result.reason);
+          const override = await twoFactor.verify({
+            type: "limit-override",
+            amount: challenge.amount,
+            origin,
+            reason: result.reason
+          });
+          if (override) {
+          } else {
+            return response;
+          }
+        } else {
+          config.onLimitReached?.(result.reason);
+          return response;
+        }
+      }
+      if (result.action === "yellow-light") {
+        const proceed = config.onYellowLight ? await config.onYellowLight(result.detail) : false;
+        if (!proceed) return response;
+      }
+      if (limits.require2fa.onHighValueTx && challenge.amount > limits.require2fa.highValueThreshold) {
+        if (!twoFactor) return response;
+        const verified = await twoFactor.verify({
+          type: "high-value-tx",
+          amount: challenge.amount,
+          origin
+        });
+        if (!verified) return response;
+      }
+      const proof = await constructProof(challenge);
+      rl.record({
+        timestamp: nowFn(),
+        origin,
+        satoshis: challenge.amount,
+        txid: proof.txid
+      });
+      await persist(rl);
+      const headers = new Headers(init?.headers);
+      headers.set("X402-Proof", JSON.stringify(proof));
+      return fetch(input, { ...init, headers });
+    });
+  };
+  fetchFn.resetLimits = async () => {
+    const rl = await ensureInitialised();
+    if (limits.require2fa.onCircuitBreakerReset) {
+      if (!twoFactor) throw new Error("2FA required for circuit breaker reset but no twoFactorProvider configured");
+      const verified = await twoFactor.verify({ type: "circuit-breaker-reset" });
+      if (!verified) throw new Error("2FA verification failed for circuit breaker reset");
+    }
+    rl.reset();
+    await persist(rl);
+  };
+  fetchFn.getState = () => {
+    if (!limiter) return { entries: [], circuitBroken: false };
+    const state = limiter.getState();
+    return { entries: state.entries, circuitBroken: state.circuitBroken };
+  };
+  return fetchFn;
+}
+var singleton;
 async function x402Fetch(input, init) {
-  const response = await fetch(input, init);
-  if (response.status !== 402) {
-    return response;
+  if (!singleton) singleton = createX402Fetch();
+  return singleton(input, init);
+}
+function resolveRelativeUrl(url) {
+  const loc = globalThis.location;
+  if (loc?.href) {
+    return new URL(url, loc.href).origin;
+  }
+  return "unknown";
+}
+function extractOrigin(input) {
+  if (input instanceof URL) return input.origin;
+  if (typeof input === "string") {
+    try {
+      return new URL(input).origin;
+    } catch {
+      try {
+        return resolveRelativeUrl(input);
+      } catch {
+        return "unknown";
+      }
+    }
   }
-  const challengeHeader = response.headers.get("X402-Challenge");
-  if (!challengeHeader) {
-    return response;
+  try {
+    return new URL(input.url).origin;
+  } catch {
+    try {
+      return resolveRelativeUrl(input.url);
+    } catch {
+      return "unknown";
+    }
   }
-  const challenge = parseChallenge(challengeHeader);
-  const proof = await constructProof(challenge);
-  const headers = new Headers(init?.headers);
-  headers.set("X402-Proof", JSON.stringify(proof));
-  return fetch(input, { ...init, headers });
 }
-async function constructProof(challenge) {
-  throw new Error("Not implemented \u2014 requires BRC-100 wallet (window.CWI)");
+// src/two-factor.ts
+var WalletTwoFactorProvider = class {
+  async verify(action) {
+    if (typeof window === "undefined" || !window.CWI) {
+      return this.promptFallback(action);
+    }
+    const challengeData = `x402-2fa:${JSON.stringify(action)}:${Date.now()}`;
+    try {
+      const sig = await window.CWI.createSignature({
+        data: new TextEncoder().encode(challengeData),
+        protocolID: [1, "x402-2fa"],
+        keyID: "spending-limits"
+      });
+      return sig !== null;
+    } catch {
+      return false;
+    }
+  }
+  promptFallback(action) {
+    if (typeof window === "undefined" || !window.prompt) return false;
+    const message = describeAction(action);
+    const result = window.prompt(`${message}
+Type CONFIRM to proceed:`);
+    return result === "CONFIRM";
+  }
+};
+function describeAction(action) {
+  switch (action.type) {
+    case "circuit-breaker-reset":
+      return "Reset spending circuit breaker? This re-enables automated payments.";
+    case "tier-change":
+      return `Change spending tier from "${action.from}" to "${action.to}"?`;
+    case "high-value-tx":
+      return `Approve high-value payment of ${action.amount} sats to ${action.origin}?`;
+    case "new-site-approval":
+      return `Allow automated payments to ${action.origin}?`;
+    case "limit-override":
+      return `Spending limit reached: ${action.reason}
+Allow this payment of ${action.amount} sats to ${action.origin}?`;
+  }
 }
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
+  BFG_DAILY_CEILING_SATOSHIS,
+  BFG_PER_TX_CEILING_SATOSHIS,
+  LocalStorageAdapter,
+  RateLimiter,
+  TIER_PRESETS,
+  WalletTwoFactorProvider,
+  createX402Fetch,
   parseChallenge,
+  resolveSitePolicy,
+  resolveSpendLimits,
   x402Fetch
 });