crossmint-wallets-mcp 0.1.0

package/dist/core/pay-x402-endpoint.js

@@ -0,0 +1,189 @@
+import { getConfig, getWalletsClient } from "./client.js";
+import { getExplorerLink } from "./create-wallet.js";
+// ---------------------------------------------------------------------------
+// Chain / network mapping
+// ---------------------------------------------------------------------------
+// Maps x402 network identifiers (CAIP-2 or v1 shorthand) to the chain name
+// that the Crossmint SDK's wallet uses. Only Solana mainnet is wired up in
+// v0.1; EVM support is a stretch goal for later phases.
+function resolveChain(network) {
+    const lower = network.toLowerCase();
+    if (lower === "solana" || lower.startsWith("solana:"))
+        return "solana";
+    if (lower === "base" || lower === "eip155:8453")
+        return "base";
+    if (lower === "base-sepolia" || lower === "eip155:84532")
+        return "base-sepolia";
+    return null;
+}
+// Map an asset identifier (mint address or symbol) to the Crossmint SDK's
+// send() token argument. The SDK accepts either a mint address or a symbol
+// like "usdc"; symbols are safer because the SDK resolves the network-
+// correct mint internally.
+function resolveTokenSymbol(asset) {
+    const USDC_MAINNET_MINT = "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v";
+    if (asset === USDC_MAINNET_MINT)
+        return "usdc";
+    if (asset.toLowerCase() === "usdc")
+        return "usdc";
+    // Fall back to passing the mint/address through as-is
+    return asset;
+}
+// ---------------------------------------------------------------------------
+// Amount conversion
+// ---------------------------------------------------------------------------
+// Atomic units → decimal string for a given number of decimals. The Crossmint
+// SDK's send() method expects the amount in decimal units (e.g. "0.01" for
+// 1¢ of USDC), not atomic units.
+function atomicToDecimal(atomic, decimals) {
+    const n = BigInt(atomic);
+    const base = BigInt(10) ** BigInt(decimals);
+    const whole = n / base;
+    const frac = n % base;
+    if (frac === 0n)
+        return whole.toString();
+    const fracStr = frac.toString().padStart(decimals, "0").replace(/0+$/, "");
+    return `${whole}.${fracStr}`;
+}
+// ---------------------------------------------------------------------------
+// Main entry point
+// ---------------------------------------------------------------------------
+/**
+ * Pay an x402-protected HTTP endpoint using a Crossmint smart wallet.
+ *
+ * Flow:
+ *   1. Fetch `url` with the caller's original headers/body
+ *   2. If the server responds 200, return directly — nothing to pay
+ *   3. If the server responds 402, parse the PaymentRequired body and pick
+ *      the first PaymentRequirements entry on a supported chain (Solana
+ *      mainnet in v0.1)
+ *   4. Load the payer wallet via `wallets.getWallet(payerAddress, ...)`,
+ *      passing the server recovery signer through the args so the
+ *      returned Wallet has its `#recovery` field populated. Without this,
+ *      the SDK's useSigner path crashes because `isRecoverySigner` tries
+ *      to call `.startsWith` on an undefined secret (chunk-XNZLCUTY:395).
+ *      The WalletArgsFor TypeScript type doesn't declare a `recovery`
+ *      field, but the runtime `createWalletInstance` reads it when
+ *      present, so we pass it via an explicit cast.
+ *   5. Call `wallet.send(payTo, tokenSymbol, decimalAmount)` — Crossmint
+ *      handles the CPI inner instruction wrapping, signing via the server
+ *      recovery signer, fee payment, and confirmation internally
+ *   6. Build the X-PAYMENT header as base64(JSON(PaymentPayload)) with the
+ *      resulting transaction signature in the payload
+ *   7. Retry the original request with the X-PAYMENT header appended
+ *   8. Return the response body plus the on-chain tx signature
+ */
+export async function payX402Endpoint(opts) {
+    const { url, payerAddress, chain, headers = {}, method = "GET", jsonBody, maxUsdcAtomic, } = opts;
+    // -----------------------------------------------------------------------
+    // Step 1: initial request — expect 402
+    // -----------------------------------------------------------------------
+    const initialResponse = await fetchWith(url, method, headers, jsonBody);
+    if (initialResponse.status !== 402) {
+        if (initialResponse.status >= 200 && initialResponse.status < 300) {
+            return {
+                url,
+                transactionSignature: "",
+                responseStatus: initialResponse.status,
+                responseBody: await safeJson(initialResponse),
+                explorerLink: "",
+            };
+        }
+        throw new Error(`Expected 200 or 402 on initial request, got ${initialResponse.status}`);
+    }
+    // -----------------------------------------------------------------------
+    // Step 2: parse the PaymentRequired body
+    // -----------------------------------------------------------------------
+    const paymentRequired = (await initialResponse.json());
+    if (!paymentRequired.accepts?.length) {
+        throw new Error("402 response has no accepts[] entries");
+    }
+    // Pick the first requirement whose network we support
+    const requirement = paymentRequired.accepts.find((r) => resolveChain(r.network) !== null);
+    if (!requirement) {
+        const offered = paymentRequired.accepts.map((r) => r.network).join(", ");
+        throw new Error(`No supported payment network in 402 response. Offered: [${offered}]. ` +
+            `Supported: solana (mainnet).`);
+    }
+    const resolvedChain = resolveChain(requirement.network);
+    if (resolvedChain !== chain) {
+        throw new Error(`402 requires payment on ${resolvedChain} but caller chain is ${chain}`);
+    }
+    // Enforce max payment guardrail
+    const amountAtomic = BigInt(requirement.amount);
+    if (maxUsdcAtomic != null && amountAtomic > maxUsdcAtomic) {
+        throw new Error(`402 requires ${amountAtomic} atomic units but maxUsdcAtomic=${maxUsdcAtomic}`);
+    }
+    // -----------------------------------------------------------------------
+    // Step 3: pay via wallet.send()
+    // -----------------------------------------------------------------------
+    // getWallet(locator, args) loads an existing wallet by address. The
+    // WalletArgsFor type omits `recovery`, but the runtime
+    // `createWalletInstance` reads it if present — we use that so the
+    // returned Wallet has its recovery field populated with the secret,
+    // enabling the auto-assembled signer path to succeed without a separate
+    // useSigner call.
+    const { recoverySecret } = getConfig();
+    const wallets = getWalletsClient();
+    const wallet = await wallets.getWallet(payerAddress, {
+        chain,
+        recovery: { type: "server", secret: recoverySecret },
+    });
+    const tokenSymbol = resolveTokenSymbol(requirement.asset);
+    const decimals = typeof requirement.extra?.decimals === "number"
+        ? requirement.extra.decimals
+        : 6; // USDC default
+    const decimalAmount = atomicToDecimal(requirement.amount, decimals);
+    console.error(`[payX402Endpoint] paying ${decimalAmount} ${tokenSymbol} to ${requirement.payTo} on ${chain}...`);
+    const txResult = await wallet.send(requirement.payTo, tokenSymbol, decimalAmount);
+    console.error(`[payX402Endpoint] tx confirmed: ${txResult.hash}`);
+    // -----------------------------------------------------------------------
+    // Step 4: build X-PAYMENT header + retry
+    // -----------------------------------------------------------------------
+    const paymentPayload = {
+        x402Version: paymentRequired.x402Version,
+        accepted: requirement,
+        payload: {
+            transactionSignature: txResult.hash,
+            // Also include under "signature" for compatibility with facilitators
+            // that use that field name
+            signature: txResult.hash,
+        },
+    };
+    const paymentHeader = Buffer.from(JSON.stringify(paymentPayload)).toString("base64");
+    const paidResponse = await fetchWith(url, method, { ...headers, "X-PAYMENT": paymentHeader }, jsonBody);
+    if (paidResponse.status < 200 || paidResponse.status >= 300) {
+        const body = await safeJson(paidResponse);
+        throw new Error(`Paid but endpoint returned ${paidResponse.status}: ${JSON.stringify(body)}`);
+    }
+    return {
+        url,
+        transactionSignature: txResult.hash,
+        responseStatus: paidResponse.status,
+        responseBody: await safeJson(paidResponse),
+        explorerLink: txResult.explorerLink || getExplorerLink(txResult.hash, chain),
+    };
+}
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+async function fetchWith(url, method, headers, jsonBody) {
+    const init = { method, headers: { ...headers } };
+    if (jsonBody !== undefined && method !== "GET" && method !== "HEAD") {
+        init.body = JSON.stringify(jsonBody);
+        init.headers["Content-Type"] = "application/json";
+    }
+    return fetch(url, init);
+}
+async function safeJson(res) {
+    const text = await res.text();
+    if (!text)
+        return null;
+    try {
+        return JSON.parse(text);
+    }
+    catch {
+        return text;
+    }
+}
+//# sourceMappingURL=pay-x402-endpoint.js.map

package/dist/core/pay-x402-endpoint.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pay-x402-endpoint.js","sourceRoot":"","sources":["../../src/core/pay-x402-endpoint.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAE1D,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAwBrD,8EAA8E;AAC9E,0BAA0B;AAC1B,8EAA8E;AAE9E,2EAA2E;AAC3E,2EAA2E;AAC3E,wDAAwD;AACxD,SAAS,YAAY,CAAC,OAAe;IACnC,MAAM,KAAK,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IACpC,IAAI,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,QAAQ,CAAC;IACvE,IAAI,KAAK,KAAK,MAAM,IAAI,KAAK,KAAK,aAAa;QAAE,OAAO,MAAM,CAAC;IAC/D,IAAI,KAAK,KAAK,cAAc,IAAI,KAAK,KAAK,cAAc;QAAE,OAAO,cAAc,CAAC;IAChF,OAAO,IAAI,CAAC;AACd,CAAC;AAED,0EAA0E;AAC1E,2EAA2E;AAC3E,uEAAuE;AACvE,2BAA2B;AAC3B,SAAS,kBAAkB,CAAC,KAAa;IACvC,MAAM,iBAAiB,GAAG,8CAA8C,CAAC;IACzE,IAAI,KAAK,KAAK,iBAAiB;QAAE,OAAO,MAAM,CAAC;IAC/C,IAAI,KAAK,CAAC,WAAW,EAAE,KAAK,MAAM;QAAE,OAAO,MAAM,CAAC;IAClD,sDAAsD;IACtD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,8EAA8E;AAC9E,oBAAoB;AACpB,8EAA8E;AAE9E,8EAA8E;AAC9E,2EAA2E;AAC3E,iCAAiC;AACjC,SAAS,eAAe,CAAC,MAAc,EAAE,QAAgB;IACvD,MAAM,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;IACzB,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC;IAC5C,MAAM,KAAK,GAAG,CAAC,GAAG,IAAI,CAAC;IACvB,MAAM,IAAI,GAAG,CAAC,GAAG,IAAI,CAAC;IACtB,IAAI,IAAI,KAAK,EAAE;QAAE,OAAO,KAAK,CAAC,QAAQ,EAAE,CAAC;IACzC,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAC3E,OAAO,GAAG,KAAK,IAAI,OAAO,EAAE,CAAC;AAC/B,CAAC;AAED,8EAA8E;AAC9E,mBAAmB;AACnB,8EAA8E;AAE9E;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,IAQrC;IACC,MAAM,EACJ,GAAG,EACH,YAAY,EACZ,KAAK,EACL,OAAO,GAAG,EAAE,EACZ,MAAM,GAAG,KAAK,EACd,QAAQ,EACR,aAAa,GACd,GAAG,IAAI,CAAC;IAET,0EAA0E;IAC1E,uCAAuC;IACvC,0EAA0E;IAC1E,MAAM,eAAe,GAAG,MAAM,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;IACxE,IAAI,eAAe,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;QACnC,IAAI,eAAe,CAAC,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;YAClE,OAAO;gBACL,GAAG;gBACH,oBAAoB,EAAE,EAAE;gBACxB,cAAc,EAAE,eAAe,CAAC,MAAM;gBACtC,YAAY,EAAE,MAAM,QAAQ,CAAC,eAAe,CAAC;gBAC7C,YAAY,EAAE,EAAE;aACjB,CAAC;QACJ,CAAC;QACD,MAAM,IAAI,KAAK,CACb,+CAA+C,eAAe,CAAC,MAAM,EAAE,CACxE,CAAC;IACJ,CAAC;IAED,0EAA0E;IAC1E,yCAAyC;IACzC,0EAA0E;IAC1E,MAAM,eAAe,GAAG,CAAC,MAAM,eAAe,CAAC,IAAI,EAAE,CAAoB,CAAC;IAC1E,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,CAAC;QACrC,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3D,CAAC;IAED,sDAAsD;IACtD,MAAM,WAAW,GAAG,eAAe,CAAC,OAAO,CAAC,IAAI,CAC9C,CAAC,CAAC,EAAE,EAAE,CAAC,YAAY,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,IAAI,CACxC,CAAC;IACF,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,OAAO,GAAG,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzE,MAAM,IAAI,KAAK,CACb,2DAA2D,OAAO,KAAK;YACrE,8BAA8B,CACjC,CAAC;IACJ,CAAC;IAED,MAAM,aAAa,GAAG,YAAY,CAAC,WAAW,CAAC,OAAO,CAAE,CAAC;IACzD,IAAI,aAAa,KAAK,KAAK,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CACb,2BAA2B,aAAa,wBAAwB,KAAK,EAAE,CACxE,CAAC;IACJ,CAAC;IAED,gCAAgC;IAChC,MAAM,YAAY,GAAG,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IAChD,IAAI,aAAa,IAAI,IAAI,IAAI,YAAY,GAAG,aAAa,EAAE,CAAC;QAC1D,MAAM,IAAI,KAAK,CACb,gBAAgB,YAAY,mCAAmC,aAAa,EAAE,CAC/E,CAAC;IACJ,CAAC;IAED,0EAA0E;IAC1E,gCAAgC;IAChC,0EAA0E;IAC1E,oEAAoE;IACpE,uDAAuD;IACvD,kEAAkE;IAClE,oEAAoE;IACpE,wEAAwE;IACxE,kBAAkB;IAClB,MAAM,EAAE,cAAc,EAAE,GAAG,SAAS,EAAE,CAAC;IACvC,MAAM,OAAO,GAAG,gBAAgB,EAAE,CAAC;IACnC,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,SAAS,CAAC,YAAY,EAAE;QACnD,KAAK;QACL,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,cAAc,EAAE;KACQ,CAAC,CAAC;IAEhE,MAAM,WAAW,GAAG,kBAAkB,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;IAC1D,MAAM,QAAQ,GACZ,OAAO,WAAW,CAAC,KAAK,EAAE,QAAQ,KAAK,QAAQ;QAC7C,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,QAAQ;QAC5B,CAAC,CAAC,CAAC,CAAC,CAAC,eAAe;IACxB,MAAM,aAAa,GAAG,eAAe,CAAC,WAAW,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAEpE,OAAO,CAAC,KAAK,CACX,4BAA4B,aAAa,IAAI,WAAW,OAAO,WAAW,CAAC,KAAK,OAAO,KAAK,KAAK,CAClG,CAAC;IACF,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,IAAI,CAChC,WAAW,CAAC,KAAK,EACjB,WAAW,EACX,aAAa,CACd,CAAC;IACF,OAAO,CAAC,KAAK,CAAC,mCAAmC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;IAElE,0EAA0E;IAC1E,yCAAyC;IACzC,0EAA0E;IAC1E,MAAM,cAAc,GAAG;QACrB,WAAW,EAAE,eAAe,CAAC,WAAW;QACxC,QAAQ,EAAE,WAAW;QACrB,OAAO,EAAE;YACP,oBAAoB,EAAE,QAAQ,CAAC,IAAI;YACnC,qEAAqE;YACrE,2BAA2B;YAC3B,SAAS,EAAE,QAAQ,CAAC,IAAI;SACzB;KACF,CAAC;IACF,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC,CAAC,QAAQ,CACxE,QAAQ,CACT,CAAC;IAEF,MAAM,YAAY,GAAG,MAAM,SAAS,CAClC,GAAG,EACH,MAAM,EACN,EAAE,GAAG,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,EAC1C,QAAQ,CACT,CAAC;IACF,IAAI,YAAY,CAAC,MAAM,GAAG,GAAG,IAAI,YAAY,CAAC,MAAM,IAAI,GAAG,EAAE,CAAC;QAC5D,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,YAAY,CAAC,CAAC;QAC1C,MAAM,IAAI,KAAK,CACb,8BAA8B,YAAY,CAAC,MAAM,KAAK,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAC7E,CAAC;IACJ,CAAC;IAED,OAAO;QACL,GAAG;QACH,oBAAoB,EAAE,QAAQ,CAAC,IAAI;QACnC,cAAc,EAAE,YAAY,CAAC,MAAM;QACnC,YAAY,EAAE,MAAM,QAAQ,CAAC,YAAY,CAAC;QAC1C,YAAY,EAAE,QAAQ,CAAC,YAAY,IAAI,eAAe,CAAC,QAAQ,CAAC,IAAI,EAAE,KAAK,CAAC;KAC7E,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E,KAAK,UAAU,SAAS,CACtB,GAAW,EACX,MAAc,EACd,OAA+B,EAC/B,QAAiB;IAEjB,MAAM,IAAI,GAAgB,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,GAAG,OAAO,EAAE,EAAE,CAAC;IAC9D,IAAI,QAAQ,KAAK,SAAS,IAAI,MAAM,KAAK,KAAK,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACpE,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACpC,IAAI,CAAC,OAAkC,CAAC,cAAc,CAAC,GAAG,kBAAkB,CAAC;IAChF,CAAC;IACD,OAAO,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,KAAK,UAAU,QAAQ,CAAC,GAAa;IACnC,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;IAC9B,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IACvB,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}

package/dist/core/transfer-token.d.ts

@@ -0,0 +1,20 @@
+import type { Chain, TransferResult } from "./types.js";
+/**
+ * Transfer a token from a Crossmint smart wallet to any recipient address
+ * or user locator. This is the general-purpose sibling of payX402Endpoint:
+ * same `wallet.send()` primitive underneath, same getWallet + recovery-cast
+ * pattern to work around the SDK 1.0.7 useSigner crash, but with no 402
+ * protocol handling — just the raw transfer.
+ *
+ * `token` accepts either a token symbol the SDK recognizes (e.g. "usdc",
+ * "sol", "eth") or a raw mint/contract address. `amount` is a decimal
+ * string in human units (e.g. "0.01" for 0.01 USDC), not atomic units.
+ */
+export declare function transferToken(opts: {
+    payerAddress: string;
+    chain: Chain;
+    to: string;
+    token: string;
+    amount: string;
+}): Promise<TransferResult>;
+//# sourceMappingURL=transfer-token.d.ts.map

package/dist/core/transfer-token.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"transfer-token.d.ts","sourceRoot":"","sources":["../../src/core/transfer-token.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,KAAK,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAGxD;;;;;;;;;;GAUG;AACH,wBAAsB,aAAa,CAAC,IAAI,EAAE;IACxC,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,KAAK,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;CAChB,GAAG,OAAO,CAAC,cAAc,CAAC,CAqB1B"}

package/dist/core/transfer-token.js

@@ -0,0 +1,33 @@
+import { getConfig, getWalletsClient } from "./client.js";
+import { getExplorerLink } from "./create-wallet.js";
+/**
+ * Transfer a token from a Crossmint smart wallet to any recipient address
+ * or user locator. This is the general-purpose sibling of payX402Endpoint:
+ * same `wallet.send()` primitive underneath, same getWallet + recovery-cast
+ * pattern to work around the SDK 1.0.7 useSigner crash, but with no 402
+ * protocol handling — just the raw transfer.
+ *
+ * `token` accepts either a token symbol the SDK recognizes (e.g. "usdc",
+ * "sol", "eth") or a raw mint/contract address. `amount` is a decimal
+ * string in human units (e.g. "0.01" for 0.01 USDC), not atomic units.
+ */
+export async function transferToken(opts) {
+    const { payerAddress, chain, to, token, amount } = opts;
+    const { recoverySecret } = getConfig();
+    const wallets = getWalletsClient();
+    const wallet = await wallets.getWallet(payerAddress, {
+        chain,
+        recovery: { type: "server", secret: recoverySecret },
+    });
+    const tx = await wallet.send(to, token, amount);
+    return {
+        chain,
+        from: payerAddress,
+        to,
+        token,
+        amount,
+        transactionSignature: tx.hash,
+        explorerLink: tx.explorerLink || getExplorerLink(tx.hash, chain),
+    };
+}
+//# sourceMappingURL=transfer-token.js.map

package/dist/core/transfer-token.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"transfer-token.js","sourceRoot":"","sources":["../../src/core/transfer-token.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAE1D,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAErD;;;;;;;;;;GAUG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,IAMnC;IACC,MAAM,EAAE,YAAY,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IAExD,MAAM,EAAE,cAAc,EAAE,GAAG,SAAS,EAAE,CAAC;IACvC,MAAM,OAAO,GAAG,gBAAgB,EAAE,CAAC;IACnC,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,SAAS,CAAC,YAAY,EAAE;QACnD,KAAK;QACL,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,cAAc,EAAE;KACQ,CAAC,CAAC;IAEhE,MAAM,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;IAEhD,OAAO;QACL,KAAK;QACL,IAAI,EAAE,YAAY;QAClB,EAAE;QACF,KAAK;QACL,MAAM;QACN,oBAAoB,EAAE,EAAE,CAAC,IAAI;QAC7B,YAAY,EAAE,EAAE,CAAC,YAAY,IAAI,eAAe,CAAC,EAAE,CAAC,IAAI,EAAE,KAAK,CAAC;KACjE,CAAC;AACJ,CAAC"}

package/dist/core/types.d.ts

@@ -0,0 +1,46 @@
+/**
+ * Shared types for the core layer. Kept deliberately narrow so the MCP tool
+ * schemas (src/mcp/tools.ts) can mirror them without drift.
+ */
+/**
+ * Chain literals we expose on the MCP surface. These must be a subset of
+ * `@crossmint/wallets-sdk`'s `Chain` type. Note that the SDK does NOT expose
+ * a `"solana-devnet"` literal — Solana testnet/devnet is selected by the
+ * Crossmint API key environment (staging key → devnet, production key →
+ * mainnet), not by a separate chain name. EVM chains DO have explicit
+ * testnet literals (e.g. "base-sepolia").
+ */
+export type Chain = "solana" | "base" | "base-sepolia";
+export interface CreateWalletResult {
+    owner: string | null;
+    chain: Chain;
+    address: string;
+    explorerLink: string;
+}
+export interface TokenBalance {
+    symbol: string;
+    amount: string;
+    decimals: number;
+}
+export interface BalanceResult {
+    address: string;
+    chain: Chain;
+    balances: TokenBalance[];
+}
+export interface TransferResult {
+    chain: Chain;
+    from: string;
+    to: string;
+    token: string;
+    amount: string;
+    transactionSignature: string;
+    explorerLink: string;
+}
+export interface PayX402Result {
+    url: string;
+    transactionSignature: string;
+    responseStatus: number;
+    responseBody: unknown;
+    explorerLink: string;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/core/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/core/types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH;;;;;;;GAOG;AACH,MAAM,MAAM,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,cAAc,CAAC;AAEvD,MAAM,WAAW,kBAAkB;IACjC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,KAAK,EAAE,KAAK,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,KAAK,CAAC;IACb,QAAQ,EAAE,YAAY,EAAE,CAAC;CAC1B;AAED,MAAM,WAAW,cAAc;IAC7B,KAAK,EAAE,KAAK,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,oBAAoB,EAAE,MAAM,CAAC;IAC7B,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,aAAa;IAC5B,GAAG,EAAE,MAAM,CAAC;IACZ,oBAAoB,EAAE,MAAM,CAAC;IAC7B,cAAc,EAAE,MAAM,CAAC;IACvB,YAAY,EAAE,OAAO,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;CACtB"}

package/dist/core/types.js

@@ -0,0 +1,6 @@
+/**
+ * Shared types for the core layer. Kept deliberately narrow so the MCP tool
+ * schemas (src/mcp/tools.ts) can mirror them without drift.
+ */
+export {};
+//# sourceMappingURL=types.js.map

package/dist/core/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/core/types.ts"],"names":[],"mappings":"AAAA;;;GAGG"}

package/dist/index.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Library entry point. Re-exports the core primitives so consumers can import
+ * from `crossmint-wallets-mcp` directly without reaching into `src/core/`.
+ *
+ * The MCP server entry point lives at `src/mcp/server.ts` (see the `bin`
+ * field in package.json).
+ */
+export { createWallet, getExplorerLink } from "./core/create-wallet.js";
+export { getBalance } from "./core/get-balance.js";
+export { transferToken } from "./core/transfer-token.js";
+export { payX402Endpoint } from "./core/pay-x402-endpoint.js";
+export { getConfig, getWalletsClient, resetConfigCache } from "./core/client.js";
+export type { Chain, CreateWalletResult, BalanceResult, TokenBalance, TransferResult, PayX402Result, } from "./core/types.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AACxE,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC9D,OAAO,EAAE,SAAS,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACjF,YAAY,EACV,KAAK,EACL,kBAAkB,EAClB,aAAa,EACb,YAAY,EACZ,cAAc,EACd,aAAa,GACd,MAAM,iBAAiB,CAAC"}

package/dist/index.js

@@ -0,0 +1,13 @@
+/**
+ * Library entry point. Re-exports the core primitives so consumers can import
+ * from `crossmint-wallets-mcp` directly without reaching into `src/core/`.
+ *
+ * The MCP server entry point lives at `src/mcp/server.ts` (see the `bin`
+ * field in package.json).
+ */
+export { createWallet, getExplorerLink } from "./core/create-wallet.js";
+export { getBalance } from "./core/get-balance.js";
+export { transferToken } from "./core/transfer-token.js";
+export { payX402Endpoint } from "./core/pay-x402-endpoint.js";
+export { getConfig, getWalletsClient, resetConfigCache } from "./core/client.js";
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AACxE,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC9D,OAAO,EAAE,SAAS,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC"}

package/dist/mcp/errors.d.ts

@@ -0,0 +1,23 @@
+/**
+ * Standardized error shapes for MCP tool responses.
+ *
+ * The MCP protocol represents tool failures via `isError: true` plus a
+ * human-readable `content` block. We wrap errors in a consistent shape so
+ * that clients can display them uniformly and so that smoke tests can match
+ * on `error_code` without parsing free-form strings.
+ */
+export type CrossmintMcpErrorCode = "CONFIG_MISSING" | "WALLET_NOT_FOUND" | "INSUFFICIENT_BALANCE" | "X402_CHALLENGE_FAILED" | "X402_PAYMENT_REJECTED" | "SDK_ERROR" | "NETWORK_ERROR" | "VALIDATION_ERROR" | "UNKNOWN";
+export interface CrossmintMcpErrorPayload {
+    error_code: CrossmintMcpErrorCode;
+    message: string;
+    hint?: string;
+}
+export declare function toolErrorResponse(code: CrossmintMcpErrorCode, message: string, hint?: string): {
+    isError: true;
+    content: Array<{
+        type: "text";
+        text: string;
+    }>;
+};
+export declare function classifyError(err: unknown): CrossmintMcpErrorCode;
+//# sourceMappingURL=errors.d.ts.map

package/dist/mcp/errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../src/mcp/errors.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,MAAM,MAAM,qBAAqB,GAC7B,gBAAgB,GAChB,kBAAkB,GAClB,sBAAsB,GACtB,uBAAuB,GACvB,uBAAuB,GACvB,WAAW,GACX,eAAe,GACf,kBAAkB,GAClB,SAAS,CAAC;AAEd,MAAM,WAAW,wBAAwB;IACvC,UAAU,EAAE,qBAAqB,CAAC;IAClC,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,wBAAgB,iBAAiB,CAC/B,IAAI,EAAE,qBAAqB,EAC3B,OAAO,EAAE,MAAM,EACf,IAAI,CAAC,EAAE,MAAM,GACZ;IACD,OAAO,EAAE,IAAI,CAAC;IACd,OAAO,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CAChD,CAOA;AAED,wBAAgB,aAAa,CAAC,GAAG,EAAE,OAAO,GAAG,qBAAqB,CAWjE"}

package/dist/mcp/errors.js

@@ -0,0 +1,34 @@
+/**
+ * Standardized error shapes for MCP tool responses.
+ *
+ * The MCP protocol represents tool failures via `isError: true` plus a
+ * human-readable `content` block. We wrap errors in a consistent shape so
+ * that clients can display them uniformly and so that smoke tests can match
+ * on `error_code` without parsing free-form strings.
+ */
+export function toolErrorResponse(code, message, hint) {
+    const payload = { error_code: code, message };
+    if (hint)
+        payload.hint = hint;
+    return {
+        isError: true,
+        content: [{ type: "text", text: JSON.stringify(payload, null, 2) }],
+    };
+}
+export function classifyError(err) {
+    if (!(err instanceof Error))
+        return "UNKNOWN";
+    const msg = err.message.toLowerCase();
+    if (msg.includes("env var") || msg.includes("required"))
+        return "CONFIG_MISSING";
+    if (msg.includes("not found") || msg.includes("does not exist"))
+        return "WALLET_NOT_FOUND";
+    if (msg.includes("insufficient"))
+        return "INSUFFICIENT_BALANCE";
+    if (msg.includes("402") || msg.includes("x-payment"))
+        return "X402_CHALLENGE_FAILED";
+    if (msg.includes("fetch") || msg.includes("network") || msg.includes("econn"))
+        return "NETWORK_ERROR";
+    return "SDK_ERROR";
+}
+//# sourceMappingURL=errors.js.map

package/dist/mcp/errors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../src/mcp/errors.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAmBH,MAAM,UAAU,iBAAiB,CAC/B,IAA2B,EAC3B,OAAe,EACf,IAAa;IAKb,MAAM,OAAO,GAA6B,EAAE,UAAU,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;IACxE,IAAI,IAAI;QAAE,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IAC9B,OAAO;QACL,OAAO,EAAE,IAAI;QACb,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;KACpE,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,GAAY;IACxC,IAAI,CAAC,CAAC,GAAG,YAAY,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IAC9C,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;IACtC,IAAI,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC;QAAE,OAAO,gBAAgB,CAAC;IACjF,IAAI,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,gBAAgB,CAAC;QAC7D,OAAO,kBAAkB,CAAC;IAC5B,IAAI,GAAG,CAAC,QAAQ,CAAC,cAAc,CAAC;QAAE,OAAO,sBAAsB,CAAC;IAChE,IAAI,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC;QAAE,OAAO,uBAAuB,CAAC;IACrF,IAAI,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC;QAC3E,OAAO,eAAe,CAAC;IACzB,OAAO,WAAW,CAAC;AACrB,CAAC"}

package/dist/mcp/server.d.ts

@@ -0,0 +1,16 @@
+#!/usr/bin/env node
+/**
+ * Crossmint Wallets MCP server — stdio transport entry point.
+ *
+ * IMPORTANT: this process uses stdout as the JSON-RPC transport channel.
+ * All human-readable logging MUST go to stderr via `console.error(...)`.
+ * Never `console.log` or `process.stdout.write` from anywhere in this
+ * server — the MCP client will treat it as malformed protocol traffic.
+ *
+ * Populated incrementally:
+ *   - Phase 2B (this file): minimal server that registers zero tools and
+ *     connects the stdio transport. Proves the pipeline works.
+ *   - Phase 2E: real tool registration via `registerTools` in ./tools.ts.
+ */
+export {};
+//# sourceMappingURL=server.d.ts.map

package/dist/mcp/server.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/mcp/server.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;GAYG"}

package/dist/mcp/server.js

@@ -0,0 +1,34 @@
+#!/usr/bin/env node
+/**
+ * Crossmint Wallets MCP server — stdio transport entry point.
+ *
+ * IMPORTANT: this process uses stdout as the JSON-RPC transport channel.
+ * All human-readable logging MUST go to stderr via `console.error(...)`.
+ * Never `console.log` or `process.stdout.write` from anywhere in this
+ * server — the MCP client will treat it as malformed protocol traffic.
+ *
+ * Populated incrementally:
+ *   - Phase 2B (this file): minimal server that registers zero tools and
+ *     connects the stdio transport. Proves the pipeline works.
+ *   - Phase 2E: real tool registration via `registerTools` in ./tools.ts.
+ */
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+import { registerTools } from "./tools.js";
+const SERVER_NAME = "crossmint-wallets-mcp";
+const SERVER_VERSION = "0.1.0";
+async function main() {
+    const server = new McpServer({
+        name: SERVER_NAME,
+        version: SERVER_VERSION,
+    });
+    registerTools(server);
+    const transport = new StdioServerTransport();
+    await server.connect(transport);
+    console.error(`[${SERVER_NAME}] v${SERVER_VERSION} connected via stdio transport`);
+}
+main().catch((err) => {
+    console.error(`[${SERVER_NAME}] fatal:`, err);
+    process.exit(1);
+});
+//# sourceMappingURL=server.js.map

package/dist/mcp/server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.js","sourceRoot":"","sources":["../../src/mcp/server.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAE3C,MAAM,WAAW,GAAG,uBAAuB,CAAC;AAC5C,MAAM,cAAc,GAAG,OAAO,CAAC;AAE/B,KAAK,UAAU,IAAI;IACjB,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC;QAC3B,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,cAAc;KACxB,CAAC,CAAC;IAEH,aAAa,CAAC,MAAM,CAAC,CAAC;IAEtB,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAEhC,OAAO,CAAC,KAAK,CACX,IAAI,WAAW,MAAM,cAAc,gCAAgC,CACpE,CAAC;AACJ,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACnB,OAAO,CAAC,KAAK,CAAC,IAAI,WAAW,UAAU,EAAE,GAAG,CAAC,CAAC;IAC9C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/mcp/tools.d.ts

@@ -0,0 +1,3 @@
+import type { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+export declare function registerTools(server: McpServer): void;
+//# sourceMappingURL=tools.d.ts.map

package/dist/mcp/tools.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tools.d.ts","sourceRoot":"","sources":["../../src/mcp/tools.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AA0CzE,wBAAgB,aAAa,CAAC,MAAM,EAAE,SAAS,GAAG,IAAI,CAwMrD"}