npm - javascript-solid-server - Versions diffs - 0.0.103 → 0.0.105 - Mend

javascript-solid-server 0.0.103 → 0.0.105

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md CHANGED Viewed

@@ -156,6 +156,8 @@ jss --help             # Show help
 | `--pay-cost <n>` | Cost per request in satoshis | 1 |
 | `--pay-mempool-url <url>` | Mempool API URL for deposit verification | (testnet4) |
 | `--pay-address <addr>` | Address for receiving deposits | - |
+| `--pay-token <ticker>` | Token to sell (enables primary market + withdrawal) | - |
+| `--pay-rate <n>` | Sats per token for buy/withdraw | 1 |
 | `--mongo` | Enable MongoDB-backed /db/ route | false |
 | `--mongo-url <url>` | MongoDB connection URL | mongodb://localhost:27017 |
 | `--mongo-database <name>` | MongoDB database name | solid |
@@ -187,6 +189,8 @@ export JSS_SOLIDOS_UI=true
 export JSS_PAY=true
 export JSS_PAY_COST=10
 export JSS_PAY_ADDRESS=your-address
+export JSS_PAY_TOKEN=PODS
+export JSS_PAY_RATE=10
 export JSS_MONGO=true
 export JSS_MONGO_URL=mongodb://localhost:27017
 export JSS_MONGO_DATABASE=solid
@@ -823,15 +827,18 @@ Supported formats: `50MB`, `1GB`, `500KB`, `1TB`
 Monetize API endpoints with per-request satoshi payments. Resources under `/pay/*` require NIP-98 authentication and a positive balance.
 ```bash
-jss start --pay --pay-cost 10 --pay-address your-address
+jss start --pay --pay-cost 10 --pay-address your-address --pay-token PODS --pay-rate 10
 ```
 ### Routes
 | Method | Path | Description |
 |--------|------|-------------|
+| GET | `/pay/.info` | Public: cost, token info, available routes |
 | GET | `/pay/.balance` | Check your balance (NIP-98 auth) |
-| POST | `/pay/.deposit` | Deposit sats via TXO URI (`txid:vout`) |
+| POST | `/pay/.deposit` | Deposit sats via TXO URI or MRC20 state proof |
+| POST | `/pay/.buy` | Buy tokens with sat balance (requires `--pay-token`) |
+| POST | `/pay/.withdraw` | Withdraw balance as portable tokens (requires `--pay-token`) |
 | GET | `/pay/*` | Paid resource access (deducts balance) |
 ### How It Works
@@ -840,7 +847,8 @@ jss start --pay --pay-cost 10 --pay-address your-address
 2. Check balance at `/pay/.balance`
 3. Deposit sats by POSTing a TXO URI to `/pay/.deposit`
 4. Access paid resources — each request deducts the configured cost
-5. Balance tracked in a [Web Ledger](https://webledgers.org/) at `/.well-known/webledgers/webledgers.json`
+5. Optionally buy tokens (`/pay/.buy`) or withdraw as portable tokens (`/pay/.withdraw`)
+6. Balance tracked in a [Web Ledger](https://webledgers.org/) at `/.well-known/webledgers/webledgers.json`
 ### Example
@@ -855,9 +863,21 @@ curl -X POST -H "Authorization: Nostr <base64-event>" \
 # Access paid resource
 curl -H "Authorization: Nostr <base64-event>" http://localhost:3000/pay/my-resource
+# Buy tokens with sat balance
+curl -X POST -H "Authorization: Nostr <base64-event>" \
+  -H "Content-Type: application/json" \
+  http://localhost:3000/pay/.buy \
+  -d '{"amount": 100}'
+# Withdraw entire balance as portable tokens
+curl -X POST -H "Authorization: Nostr <base64-event>" \
+  -H "Content-Type: application/json" \
+  http://localhost:3000/pay/.withdraw \
+  -d '{"all": true}'
 ```
-Deposit verification uses the mempool API (default: testnet4). The `X-Balance` and `X-Cost` headers are returned on successful paid requests.
+Deposit verification uses the mempool API (default: testnet4). The `X-Balance` and `X-Cost` headers are returned on successful paid requests. Buy and withdraw return portable MRC20 proofs with Bitcoin anchor data for independent verification.
 ## Authentication

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "javascript-solid-server",
-  "version": "0.0.103",
+  "version": "0.0.105",
   "description": "A minimal, fast Solid server",
   "main": "src/index.js",
   "type": "module",

package/src/handlers/pay.js CHANGED Viewed

@@ -5,10 +5,13 @@
  * Authentication via NIP-98. Balance tracking via Web Ledgers spec.
  *
  * Routes:
- *   GET  /pay/.balance  — check your balance
- *   POST /pay/.deposit  — deposit sats (TXO URI) or tokens (MRC20 state proof)
- *   GET  /pay/*         — paid resource access (requires balance >= cost)
- *   PUT  /pay/*         — upload resources (standard auth)
+ *   GET  /pay/.info      — public endpoint: cost, token info, available routes
+ *   GET  /pay/.balance   — check your balance
+ *   POST /pay/.deposit   — deposit sats (TXO URI) or tokens (MRC20 state proof)
+ *   POST /pay/.buy       — buy tokens with sat balance (primary market)
+ *   POST /pay/.withdraw  — withdraw balance as tokens (portable MRC20 proof)
+ *   GET  /pay/*          — paid resource access (requires balance >= cost)
+ *   PUT  /pay/*          — upload resources (standard auth)
  *
  * Ledger: /.well-known/webledgers/webledgers.json (webledgers.org spec)
  *
@@ -155,6 +158,30 @@ export function createPayHandler(options = {}) {
     const url = request.url.split('?')[0];
     if (!isPayRequest(request.url)) return;
+    // --- GET /pay/.info — public, no auth ---
+    if (url === '/pay/.info' && request.method === 'GET') {
+      const info = {
+        cost,
+        unit: 'sat',
+        deposit: '/pay/.deposit',
+        balance: '/pay/.balance'
+      };
+      if (payToken) {
+        const trail = await loadTrail(payToken);
+        info.token = {
+          ticker: payToken,
+          rate: payRate,
+          buy: '/pay/.buy',
+          withdraw: '/pay/.withdraw'
+        };
+        if (trail) {
+          info.token.supply = trail.latestState?.supply ?? null;
+          info.token.issuer = trail.pubkeyBase ?? null;
+        }
+      }
+      return reply.send(info);
+    }
     // --- GET /pay/.balance ---
     if (url === '/pay/.balance' && request.method === 'GET') {
       const pubkey = await getNostrPubkey(request);
@@ -363,6 +390,102 @@ export function createPayHandler(options = {}) {
       });
     }
+    // --- POST /pay/.withdraw — withdraw balance as tokens ---
+    if (url === '/pay/.withdraw' && request.method === 'POST') {
+      const pubkey = await getNostrPubkey(request);
+      if (!pubkey) {
+        return reply.code(401).send({ error: 'NIP-98 authentication required' });
+      }
+      if (!payToken) {
+        return reply.code(400).send({ error: 'Withdrawal not configured (no --pay-token set)' });
+      }
+      // Parse withdraw request
+      let body = request.body;
+      if (Buffer.isBuffer(body)) body = JSON.parse(body.toString('utf8'));
+      if (typeof body === 'string') body = JSON.parse(body);
+      const didUri = pubkeyToDidNostr(pubkey);
+      const ledger = await readLedger();
+      const balance = getBalance(ledger, didUri);
+      // Calculate withdrawal amount
+      let satCost, tokenAmount;
+      if (body?.all) {
+        satCost = balance;
+        tokenAmount = Math.floor(balance / payRate);
+      } else if (body?.sats) {
+        satCost = Math.floor(body.sats);
+        tokenAmount = Math.floor(satCost / payRate);
+      } else if (body?.tokens) {
+        tokenAmount = Math.floor(body.tokens);
+        satCost = tokenAmount * payRate;
+      } else {
+        return reply.code(400).send({
+          error: 'Specify tokens, sats, or all: true',
+          balance,
+          rate: payRate,
+          unit: 'sat/token'
+        });
+      }
+      if (tokenAmount <= 0) {
+        return reply.code(400).send({ error: 'Nothing to withdraw', balance, rate: payRate });
+      }
+      if (balance < satCost) {
+        return reply.code(402).send({
+          error: 'Insufficient balance',
+          balance,
+          cost: satCost,
+          rate: payRate
+        });
+      }
+      // Load token trail
+      const trail = await loadTrail(payToken);
+      if (!trail) {
+        return reply.code(500).send({ error: `Token ${payToken} not minted on this pod` });
+      }
+      // Transfer tokens to user
+      let result;
+      try {
+        result = await transferToken({
+          ticker: payToken,
+          to: pubkey,
+          amount: tokenAmount,
+          mempoolUrl
+        });
+      } catch (err) {
+        return reply.code(500).send({ error: `Transfer failed: ${err.message}` });
+      }
+      // Debit balance
+      debit(ledger, didUri, satCost);
+      await writeLedger(ledger);
+      return reply.send({
+        withdrawn: tokenAmount,
+        ticker: payToken,
+        cost: satCost,
+        rate: payRate,
+        balance: getBalance(ledger, didUri),
+        unit: 'sat',
+        txid: result.txid,
+        proof: {
+          state: result.state,
+          prevState: result.prevState,
+          anchor: {
+            pubkey: result.trail.pubkeyBase,
+            stateStrings: result.trail.stateStrings,
+            network: result.trail.network
+          }
+        }
+      });
+    }
     // --- GET/HEAD /pay/* — paid resource access ---
     if (request.method === 'GET' || request.method === 'HEAD') {
       const pubkey = await getNostrPubkey(request);