create-mantle-facilitator 0.3.4 → 0.4.0

package/README.md

@@ -0,0 +1,402 @@
+# create-mantle-facilitator
+
+[![npm version](https://img.shields.io/npm/v/create-mantle-facilitator.svg)](https://www.npmjs.com/package/create-mantle-facilitator)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+
+CLI tool to scaffold a self-hosted x402 payment facilitator for Mantle blockchain.
+
+## Quick Start
+
+```bash
+npx create-mantle-facilitator my-facilitator
+cd my-facilitator
+npm install
+npm run dev
+```
+
+The CLI will guide you through the setup:
+
+```
+Welcome to Mantle Facilitator Setup!
+
+? Where should we create the facilitator? my-facilitator
+? RPC URL for Mantle network: https://rpc.mantle.xyz
+? Facilitator wallet private key: (optional, set later)
+? USDC contract address: 0x09Bc4E0D864854c6aFB6eB9A9cdF58aC190D0dF9
+? Enable telemetry? Yes
+? Enter PROJECT_KEY from dashboard: (optional)
+
+✓ Done! Your facilitator is ready.
+```
+
+## Configuration
+
+After creation, edit the `.env` file:
+
+```env
+# Required
+FACILITATOR_PRIVATE_KEY=0x...   # Wallet that pays gas fees
+RPC_URL=https://rpc.mantle.xyz  # Mantle RPC endpoint
+FACILITATOR_SECRET=fac_xxx...   # Auto-generated security secret
+
+# Optional
+USDC_ADDRESS=0x09Bc4E0D864854c6aFB6eB9A9cdF58aC190D0dF9
+PORT=8080
+NETWORK_ID=mantle-mainnet
+CHAIN_ID=5000
+
+# Telemetry (optional)
+TELEMETRY_PROJECT_KEY=pk_xxx    # Get from dashboard
+```
+
+### Important Notes
+
+- **FACILITATOR_PRIVATE_KEY**: This wallet will pay gas fees for all settlements. Make sure it has MNT for gas.
+- **FACILITATOR_SECRET**: Auto-generated during setup. **Copy this to your backend's environment variables** to enable secure authentication.
+- **Security**: Never commit `.env` to version control. The generated `.gitignore` already excludes it.
+
+### Connecting to Your Backend
+
+Add `FACILITATOR_SECRET` to your backend and configure the SDK:
+
+```typescript
+import { mantlePaywall } from '@puga-labs/x402-mantle-sdk/server/express';
+
+const pay = mantlePaywall({
+  priceUsd: 0.01,
+  payTo: '0xYourWallet',
+  facilitatorUrl: 'https://your-facilitator.com',
+  facilitatorSecret: process.env.FACILITATOR_SECRET, // Same secret as in facilitator
+  projectKey: process.env.PROJECT_KEY, // Optional: from dashboard for analytics
+});
+```
+
+**Note:** The `facilitatorUrl` is automatically passed to clients via 402 responses, so frontend code doesn't need to configure it.
+
+## Running Locally
+
+```bash
+# Development mode (hot reload)
+npm run dev
+
+# Build for production
+npm run build
+
+# Run production build
+npm start
+```
+
+Facilitator runs on `http://localhost:8080` by default.
+
+---
+
+## Deployment
+
+### Railway (Recommended)
+
+```bash
+# Install Railway CLI
+npm install -g @railway/cli
+
+# Login and deploy
+railway login
+railway init
+railway up
+```
+
+Then add environment variables in Railway dashboard.
+
+### Render
+
+1. Push your facilitator to GitHub
+2. Create new Web Service in Render
+3. Connect your repository
+4. Set build command: `npm install && npm run build`
+5. Set start command: `npm start`
+6. Add environment variables
+
+### Fly.io
+
+```bash
+# Install Fly CLI and login
+flyctl auth login
+
+# Launch (creates fly.toml)
+flyctl launch
+
+# Set secrets
+flyctl secrets set FACILITATOR_PRIVATE_KEY=0x...
+flyctl secrets set RPC_URL=https://rpc.mantle.xyz
+flyctl secrets set USDC_ADDRESS=0x09Bc4E0D864854c6aFB6eB9A9cdF58aC190D0dF9
+
+# Deploy
+flyctl deploy
+```
+
+### Docker
+
+```dockerfile
+FROM node:20-alpine
+WORKDIR /app
+COPY package*.json ./
+RUN npm install
+COPY . .
+RUN npm run build
+EXPOSE 8080
+CMD ["npm", "start"]
+```
+
+```bash
+docker build -t my-facilitator .
+docker run -p 8080:8080 --env-file .env my-facilitator
+```
+
+### VPS (DigitalOcean, Hetzner, etc.)
+
+```bash
+# On your server
+git clone <your-repo>
+cd my-facilitator
+npm install
+npm run build
+
+# Install PM2 for process management
+npm install -g pm2
+
+# Start with PM2
+pm2 start dist/index.js --name facilitator
+
+# Save process list and setup startup script
+pm2 save
+pm2 startup
+```
+
+Optional: Add Nginx reverse proxy for HTTPS.
+
+---
+
+## API Endpoints
+
+### GET /health
+
+Returns facilitator status and wallet info.
+
+```bash
+curl http://localhost:8080/health
+```
+
+```json
+{
+  "status": "ok",
+  "network": "mantle-mainnet",
+  "chainId": 5000,
+  "facilitatorAddress": "0x...",
+  "blockNumber": 12345678,
+  "mntBalance": "1.5"
+}
+```
+
+### GET /supported
+
+Returns supported networks and assets.
+
+```bash
+curl http://localhost:8080/supported
+```
+
+```json
+{
+  "x402Version": 1,
+  "schemes": ["exact"],
+  "networks": ["mantle-mainnet"],
+  "assets": {
+    "mantle-mainnet": [{
+      "address": "0x09Bc4E0D864854c6aFB6eB9A9cdF58aC190D0dF9",
+      "symbol": "USDC",
+      "decimals": 6
+    }]
+  }
+}
+```
+
+### POST /verify
+
+Verifies a payment header without executing.
+
+```bash
+curl -X POST http://localhost:8080/verify \
+  -H "Content-Type: application/json" \
+  -d '{
+    "x402Version": 1,
+    "paymentHeader": "base64...",
+    "paymentRequirements": {...}
+  }'
+```
+
+```json
+{
+  "isValid": true
+}
+```
+
+### POST /settle
+
+Executes the USDC transfer on-chain. Requires a valid `settleToken` for authentication.
+
+```bash
+curl -X POST http://localhost:8080/settle \
+  -H "Content-Type: application/json" \
+  -d '{
+    "x402Version": 1,
+    "paymentHeader": "base64...",
+    "paymentRequirements": {...},
+    "settleToken": "base64..."
+  }'
+```
+
+```json
+{
+  "success": true,
+  "txHash": "0x..."
+}
+```
+
+**Note:** The `settleToken` is automatically generated by the SDK when `facilitatorSecret` is configured, and passed through the client to authenticate with your facilitator.
+
+---
+
+## How It Works
+
+```
+┌─────────────────────────────────────────────────────────────────┐
+│                     Settlement Flow                             │
+├─────────────────────────────────────────────────────────────────┤
+│                                                                 │
+│  1. Client signs EIP-712 authorization (gasless for user)       │
+│                           │                                     │
+│                           ▼                                     │
+│  2. Client sends to facilitator POST /settle                    │
+│                           │                                     │
+│                           ▼                                     │
+│  3. Facilitator verifies signature                              │
+│                           │                                     │
+│                           ▼                                     │
+│  4. Facilitator calls USDC.transferWithAuthorization()          │
+│     - Pays gas in MNT                                           │
+│     - USDC transfers from user → merchant                       │
+│                           │                                     │
+│                           ▼                                     │
+│  5. Returns txHash to client                                    │
+│                                                                 │
+└─────────────────────────────────────────────────────────────────┘
+```
+
+The facilitator uses EIP-3009 `transferWithAuthorization` which allows:
+- **Gasless for users**: Users only sign, never pay gas
+- **Atomic transfers**: Signature + transfer in one transaction
+- **Replay protection**: Nonces prevent double-spending
+
+---
+
+## Telemetry
+
+When `TELEMETRY_PROJECT_KEY` is set, the facilitator sends anonymous analytics:
+
+**What is sent:**
+- Payment metadata (buyer address, amount, asset, network)
+- Transaction hash
+- Timestamp
+- Facilitator address
+
+**What is NOT sent:**
+- Private keys
+- Personal information
+- Request/response payloads
+
+Get your project key from [Dashboard](https://x402mantlesdk.xyz/dashboard).
+
+Telemetry errors never affect payment processing — if analytics backend is down, payments continue normally.
+
+---
+
+## Security Considerations
+
+1. **Facilitator Secret (REQUIRED)**
+   - `FACILITATOR_SECRET` prevents unauthorized usage of your facilitator
+   - Without it, anyone could use your facilitator URL to settle their payments and drain your gas wallet
+   - The secret creates a secure token flow: Backend → Client → Facilitator
+   - Always set `facilitatorSecret` in your backend SDK configuration
+
+2. **Private Key Security**
+   - Never commit `.env` to git
+   - Use secret management in production (Railway secrets, Fly secrets, etc.)
+   - Consider using hardware wallets for high-value facilitators
+
+3. **Gas Management**
+   - Monitor MNT balance regularly
+   - Set up alerts for low balance
+   - Facilitator needs ~0.001 MNT per settlement
+
+4. **Network Security**
+   - Use HTTPS in production
+   - Consider rate limiting
+   - Monitor for unusual patterns
+
+---
+
+## Monitoring
+
+Check facilitator health:
+
+```bash
+# Check if running
+curl http://your-facilitator.com/health
+
+# Check wallet balance
+curl http://your-facilitator.com/health | jq '.mntBalance'
+```
+
+Set up monitoring alerts for:
+- Health endpoint availability
+- Low MNT balance (< 0.1 MNT)
+- High error rates
+
+---
+
+## Troubleshooting
+
+### "Missing env var: FACILITATOR_PRIVATE_KEY"
+
+Set the private key in `.env`:
+```env
+FACILITATOR_PRIVATE_KEY=0x...
+```
+
+### "Insufficient funds for gas"
+
+The facilitator wallet needs MNT for gas fees. Send some MNT to the facilitator address shown in `/health`.
+
+### "Invalid signature"
+
+- Check that the client is signing for the correct network (Mantle mainnet, chainId 5000)
+- Verify USDC address matches: `0x09Bc4E0D864854c6aFB6eB9A9cdF58aC190D0dF9`
+
+### Port already in use
+
+Change the port in `.env`:
+```env
+PORT=8081
+```
+
+---
+
+## Links
+
+- [SDK Documentation](../x402-mantle-sdk)
+- [Full Documentation](https://x402mantlesdk.xyz/docs)
+- [Dashboard](https://x402mantlesdk.xyz/dashboard)
+- [GitHub](https://github.com/puga-labs/x402-mantle-sdk)
+
+## License
+
+MIT

package/dist/index.mjs

@@ -3,9 +3,13 @@
 // src/index.ts
 import path from "path";
 import fs from "fs";
+import crypto from "crypto";
 import { fileURLToPath } from "url";
 import fse from "fs-extra";
 import prompts from "prompts";
+function generateFacilitatorSecret() {
+  return "fac_" + crypto.randomBytes(32).toString("hex");
+}
 function getAsciiArt() {
   const asciiArtPath = path.join(
     path.dirname(fileURLToPath(import.meta.url)),
@@ -94,6 +98,7 @@ async function promptSetup() {
   });
 }
 function generateEnvFile(answers) {
+  const facilitatorSecret = generateFacilitatorSecret();
   const env = [
     `# Server Configuration`,
     `PORT=8080`,
@@ -110,6 +115,10 @@ function generateEnvFile(answers) {
     `# Facilitator Wallet (keeps private key safe)`,
     answers.privateKey ? `FACILITATOR_PRIVATE_KEY=${answers.privateKey}` : `# FACILITATOR_PRIVATE_KEY=0xYOUR_PRIVATE_KEY_HERE`,
     ``,
+    `# Security: Shared secret between your backend and this facilitator`,
+    `# IMPORTANT: Copy this value to your backend's facilitatorSecret config`,
+    `FACILITATOR_SECRET=${facilitatorSecret}`,
+    ``,
     `# Logging`,
     `LOG_LEVEL=info`,
     ``
@@ -167,6 +176,7 @@ Creating facilitator in ${targetDir}...`);
   if (!answers.privateKey) {
     reminders.push("IMPORTANT: Set FACILITATOR_PRIVATE_KEY in .env before starting");
   }
+  reminders.push("IMPORTANT: Copy FACILITATOR_SECRET from .env to your backend configuration");
   if (answers.enableTelemetry && !answers.telemetryKey) {
     reminders.push("Telemetry enabled: Get PROJECT_KEY from https://x402mantlesdk.xyz/dashboard");
   }
@@ -210,6 +220,7 @@ async function createProjectNonInteractive(projectName) {
   await fse.writeFile(path.join(targetDir, ".env"), envContent);
   console.log("\n\u2713 Done!\n");
   console.log("IMPORTANT: Edit .env file and set FACILITATOR_PRIVATE_KEY");
+  console.log("IMPORTANT: Copy FACILITATOR_SECRET from .env to your backend configuration");
   console.log(`Then run: cd ${projectName} && npm install && npm run dev`);
 }
 async function main() {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-mantle-facilitator",
-  "version": "0.3.4",
+  "version": "0.4.0",
   "private": false,
   "type": "module",
   "bin": {

package/template/README.md

@@ -1,53 +1,127 @@
-# Mantle x402 Facilitator (Self-hosted Template)
+# Mantle x402 Facilitator
 
-A minimal, self-hosted x402 facilitator for **Mantle mainnet** using **USDC (EIP-3009)**.
+A self-hosted x402 payment facilitator for **Mantle mainnet** using **USDC (EIP-3009)**.
 
 This facilitator:
-- verifies x402 payment headers
-- settles payments on-chain via `transferWithAuthorization`
-- pays gas from the facilitator wallet
+- Verifies x402 payment headers
+- Settles payments on-chain via `transferWithAuthorization`
+- Pays gas from the facilitator wallet
+
+## Quick Start
+
+```bash
+npm install
+npm run dev
+```
+
+Facilitator runs on `http://localhost:8080`.
+
+## Configuration
+
+Edit `.env` file:
+
+```env
+# Required
+FACILITATOR_PRIVATE_KEY=0x...   # Wallet that pays gas
+RPC_URL=https://rpc.mantle.xyz
+FACILITATOR_SECRET=fac_xxx...   # Auto-generated, share with your backend
+
+# Optional
+PORT=8080
+USDC_ADDRESS=0x09Bc4E0D864854c6aFB6eB9A9cdF58aC190D0dF9
+
+# Telemetry (optional)
+TELEMETRY_PROJECT_KEY=pk_xxx    # Get from https://x402mantlesdk.xyz/dashboard
+```
+
+**Important:**
+- The facilitator wallet needs MNT for gas fees. Check balance at `/health`.
+- Copy `FACILITATOR_SECRET` to your backend's environment variables.
+
+## Security
+
+The `FACILITATOR_SECRET` protects your facilitator from unauthorized usage:
+
+1. Your backend generates a `settleToken` using this secret when returning 402 responses
+2. The client passes this token to your facilitator's `/settle` endpoint
+3. The facilitator verifies the token matches before executing the transaction
+
+This prevents third parties from using your facilitator to settle their payments and drain your gas wallet.
+
+**Backend configuration:**
+
+```typescript
+import { mantlePaywall } from '@puga-labs/x402-mantle-sdk/server/express';
+
+const pay = mantlePaywall({
+  priceUsd: 0.01,
+  payTo: '0xYourWallet',
+  facilitatorUrl: 'https://your-facilitator.com',
+  facilitatorSecret: process.env.FACILITATOR_SECRET, // Same as in facilitator .env
+  projectKey: process.env.PROJECT_KEY, // Optional: for analytics
+});
+```
+
+**Note:** The `facilitatorUrl` is automatically passed to clients via 402 responses.
 
 ## Endpoints
 
-- `GET /health`
-- `GET /supported`
-- `POST /verify`
-- `POST /settle`
+| Endpoint | Method | Description |
+|----------|--------|-------------|
+| `/health` | GET | Facilitator status and wallet balance |
+| `/supported` | GET | Supported networks and assets |
+| `/verify` | POST | Verify payment header |
+| `/settle` | POST | Execute USDC transfer on-chain |
 
-## Quickstart
+## Scripts
 
-This template is generated by `create-mantle-facilitator`. The CLI automatically creates a `.env` file with all configuration.
+```bash
+npm run dev    # Development with hot reload
+npm run build  # Build for production
+npm start      # Run production build
+```
+
+## Deployment
 
-If you need to modify configuration:
-1. Edit `.env` file
-2. Set `FACILITATOR_PRIVATE_KEY` if not already set
-3. Adjust `RPC_URL` if using a custom RPC endpoint
+### Railway
 
 ```bash
-npm install
-npm start
+railway login
+railway init
+railway up
+```
+
+Add environment variables in Railway dashboard.
+
+### Docker
+
+```bash
+docker build -t facilitator .
+docker run -p 8080:8080 --env-file .env facilitator
+```
+
+### PM2 (VPS)
+
+```bash
+npm run build
+pm2 start dist/index.js --name facilitator
 ```
 
-## Optional: Analytics & Telemetry
+## Telemetry
 
-To enable opt-in telemetry for payment tracking and analytics:
+When `TELEMETRY_PROJECT_KEY` is set:
+- Settlement events are sent to analytics
+- Track payments in [Dashboard](https://x402mantlesdk.xyz/dashboard)
+- No sensitive data is transmitted
 
-1. Get your project key from https://nosubs.ai/dashboard (or your analytics platform)
-2. Add to `.env`:
-   ```bash
-   TELEMETRY_PROJECT_KEY=proj_abc123xyz
-   ```
+**What is sent:** buyer address, amount, asset, txHash, timestamp
 
-**Note:** Telemetry is sent automatically to the official analytics backend. If you don't want to send telemetry, simply don't set `TELEMETRY_PROJECT_KEY`.
+**What is NOT sent:** private keys, personal info, request payloads
 
-**What data is sent:**
-- Payment metadata (buyer address, amount, asset, network)
-- Transaction hash (after settlement)
-- Timestamp
+Telemetry errors never break payment processing.
 
-**What is NOT sent:**
-- Private keys
-- User personal information
-- Request/response payloads from your protected endpoints
+## Links
 
-Telemetry errors never break payment processing - if the analytics backend is down, payments continue to work normally.
+- [SDK Documentation](https://www.npmjs.com/package/@puga-labs/x402-mantle-sdk)
+- [Full Documentation](https://x402mantlesdk.xyz/docs)
+- [Dashboard](https://x402mantlesdk.xyz/dashboard)

package/template/src/config.ts

@@ -20,6 +20,9 @@ export const CONFIG = {
 
   facilitatorPrivateKey: required("FACILITATOR_PRIVATE_KEY"),
 
+  // Secret for settle token verification (required for security)
+  facilitatorSecret: required("FACILITATOR_SECRET"),
+
   logLevel: process.env.LOG_LEVEL ?? "info",
 
   // Telemetry config (opt-in via projectKey)

package/template/src/routes/settle.ts

@@ -4,6 +4,7 @@ import { ethers } from "ethers";
 import { decodePaymentHeader, verifyPayment, type PaymentRequirements } from "../x402";
 import { getFacilitatorSigner, getUsdcContract } from "../blockchain";
 import { CONFIG } from "../config";
+import { verifySettleToken } from "../security";
 
 function signatureToVRS(signature: string) {
   const sig = ethers.Signature.from(signature);
@@ -15,10 +16,11 @@ export async function settleRoute(req: Request, res: Response) {
   const raw = req.body ?? {};
 
   try {
-    const { x402Version, paymentHeader, paymentRequirements } = raw as {
+    const { x402Version, paymentHeader, paymentRequirements, settleToken } = raw as {
       x402Version?: number;
       paymentHeader?: string;
       paymentRequirements?: PaymentRequirements;
+      settleToken?: string;
     };
     const projectKey = req.header("X-Project-Key"); // Optional: for hosted facilitator billing
 
@@ -47,6 +49,18 @@ export async function settleRoute(req: Request, res: Response) {
       return;
     }
 
+    // Verify settle token (required for self-hosted facilitator security)
+    const tokenVerification = verifySettleToken(settleToken, paymentRequirements, CONFIG.facilitatorSecret);
+    if (!tokenVerification.valid) {
+      res.status(401).json({
+        success: false,
+        error: tokenVerification.error || "Invalid settle token",
+        txHash: null,
+        networkId: paymentRequirements.network,
+      });
+      return;
+    }
+
     const headerObj = decodePaymentHeader(paymentHeader);
     const verify = verifyPayment(headerObj, paymentRequirements);
 

package/template/src/security.ts

@@ -0,0 +1,126 @@
+// src/security.ts
+import crypto from "crypto";
+
+export interface PaymentRequirementsForToken {
+  payTo: string;
+  maxAmountRequired: string;
+  asset: string;
+  network: string;
+}
+
+interface SettleTokenPayload {
+  payTo: string;
+  amount: string;
+  asset: string;
+  network: string;
+  timestamp: number;
+  expires: number;
+}
+
+interface DecodedSettleToken {
+  payload: SettleTokenPayload;
+  signature: string;
+}
+
+/**
+ * Creates a settle token that authorizes a specific payment.
+ * The token is signed with HMAC-SHA256 and includes expiration.
+ *
+ * @param paymentRequirements - The payment requirements to authorize
+ * @param secret - The FACILITATOR_SECRET
+ * @param expiresInSeconds - Token validity period (default: 600 seconds = 10 minutes)
+ * @returns Base64-encoded settle token
+ */
+export function createSettleToken(
+  paymentRequirements: PaymentRequirementsForToken,
+  secret: string,
+  expiresInSeconds: number = 600
+): string {
+  const timestamp = Math.floor(Date.now() / 1000);
+
+  const payload: SettleTokenPayload = {
+    payTo: paymentRequirements.payTo.toLowerCase(),
+    amount: paymentRequirements.maxAmountRequired,
+    asset: paymentRequirements.asset.toLowerCase(),
+    network: paymentRequirements.network,
+    timestamp,
+    expires: timestamp + expiresInSeconds,
+  };
+
+  const data = JSON.stringify(payload);
+  const signature = crypto.createHmac("sha256", secret).update(data).digest("hex");
+
+  return Buffer.from(JSON.stringify({ payload, signature })).toString("base64");
+}
+
+/**
+ * Verifies a settle token against payment requirements.
+ * Checks signature, expiration, and that the token matches the requirements.
+ *
+ * @param token - Base64-encoded settle token
+ * @param paymentRequirements - The payment requirements to verify against
+ * @param secret - The FACILITATOR_SECRET
+ * @returns true if token is valid, false otherwise
+ */
+export function verifySettleToken(
+  token: string | undefined,
+  paymentRequirements: PaymentRequirementsForToken,
+  secret: string
+): { valid: boolean; error?: string } {
+  if (!token) {
+    return { valid: false, error: "Missing settle token" };
+  }
+
+  try {
+    const decoded: DecodedSettleToken = JSON.parse(
+      Buffer.from(token, "base64").toString("utf-8")
+    );
+    const { payload, signature } = decoded;
+
+    // Check expiration
+    const now = Math.floor(Date.now() / 1000);
+    if (payload.expires < now) {
+      return { valid: false, error: "Settle token expired" };
+    }
+
+    // Check that token matches payment requirements (case-insensitive for addresses)
+    if (payload.payTo.toLowerCase() !== paymentRequirements.payTo.toLowerCase()) {
+      return { valid: false, error: "PayTo address mismatch" };
+    }
+
+    if (payload.amount !== paymentRequirements.maxAmountRequired) {
+      return { valid: false, error: "Amount mismatch" };
+    }
+
+    if (payload.asset.toLowerCase() !== paymentRequirements.asset.toLowerCase()) {
+      return { valid: false, error: "Asset mismatch" };
+    }
+
+    if (payload.network !== paymentRequirements.network) {
+      return { valid: false, error: "Network mismatch" };
+    }
+
+    // Verify signature
+    const data = JSON.stringify(payload);
+    const expectedSignature = crypto
+      .createHmac("sha256", secret)
+      .update(data)
+      .digest("hex");
+
+    if (signature !== expectedSignature) {
+      return { valid: false, error: "Invalid signature" };
+    }
+
+    return { valid: true };
+  } catch (err) {
+    return { valid: false, error: "Invalid token format" };
+  }
+}
+
+/**
+ * Generates a random secret for FACILITATOR_SECRET.
+ * Format: fac_<64 hex characters>
+ */
+export function generateFacilitatorSecret(): string {
+  return "fac_" + crypto.randomBytes(32).toString("hex");
+}