kawasekit 0.1.0-alpha.0 → 0.1.0-alpha.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (20) hide show
  1. package/dist/{chunk-3S34WBAW.js → chunk-2QYCWRYR.js} +12 -4
  2. package/dist/chunk-2QYCWRYR.js.map +1 -0
  3. package/dist/{chunk-GGPXRIXM.js → chunk-7DWIT6D4.js} +3 -3
  4. package/dist/{chunk-GGPXRIXM.js.map → chunk-7DWIT6D4.js.map} +1 -1
  5. package/dist/{chunk-6M7UN23J.js → chunk-LNXYCHRY.js} +3 -3
  6. package/dist/{chunk-6M7UN23J.js.map → chunk-LNXYCHRY.js.map} +1 -1
  7. package/dist/cli/index.js +3 -3
  8. package/dist/index.cjs +10 -2
  9. package/dist/index.cjs.map +1 -1
  10. package/dist/index.js +3 -3
  11. package/dist/x402/hono/index.cjs +1 -1
  12. package/dist/x402/hono/index.cjs.map +1 -1
  13. package/dist/x402/hono/index.js +1 -1
  14. package/dist/x402/index.cjs +10 -2
  15. package/dist/x402/index.cjs.map +1 -1
  16. package/dist/x402/index.d.cts +19 -0
  17. package/dist/x402/index.d.ts +19 -0
  18. package/dist/x402/index.js +2 -2
  19. package/package.json +2 -1
  20. package/dist/chunk-3S34WBAW.js.map +0 -1
package/dist/{chunk-3S34WBAW.js → chunk-2QYCWRYR.js} RENAMED
@@ -1,4 +1,4 @@
1
- import { X402InvalidPayloadError, X402_VERSION, chainIdToX402Network, X402_HEADER_PAYMENT_SIGNATURE, encodePaymentSignatureHeader, X402_HEADER_PAYMENT_RESPONSE, decodePaymentResponseHeader, x402NetworkToChainId, JPYC_V2_ADDRESS, JPYC_EIP712_DOMAIN_HINT, X402_HEADER_PAYMENT_REQUIRED, decodePaymentRequiredHeader, jpycAbi } from './chunk-6M7UN23J.js';
1
+ import { X402InvalidPayloadError, X402_VERSION, chainIdToX402Network, X402_HEADER_PAYMENT_SIGNATURE, encodePaymentSignatureHeader, X402_HEADER_PAYMENT_RESPONSE, decodePaymentResponseHeader, x402NetworkToChainId, JPYC_V2_ADDRESS, JPYC_EIP712_DOMAIN_HINT, X402_HEADER_PAYMENT_REQUIRED, decodePaymentRequiredHeader, jpycAbi } from './chunk-LNXYCHRY.js';
2
2
  import { getChain, isSupportedChainId } from './chunk-SA7LMQFG.js';
3
3
  import { invokeHookSafely } from './chunk-LEHWRDVS.js';
4
4
  import { parseSignature, getAddress, recoverTypedDataAddress, isAddress } from 'viem';
@@ -348,6 +348,8 @@ function failSettle(network, reason, options = {}) {
348
348
  function createSelfFacilitator(params) {
349
349
  const { walletClient, publicClient } = params;
350
350
  const receiptTimeoutMs = params.receiptTimeoutMs ?? 6e4;
351
+ const defaultConfirmations = params.network === "mainnet" ? 4 : 1;
352
+ const confirmations = params.confirmations ?? defaultConfirmations;
351
353
  const facilitatorChainId = walletClient.chain.id;
352
354
  if (!isSupportedChainId(facilitatorChainId)) {
353
355
  throw new Error(
@@ -366,6 +368,11 @@ function createSelfFacilitator(params) {
366
368
  `createSelfFacilitator: network="testnet" but walletClient.chain "${chain.name}" (chainId ${supportedChainId}) is a mainnet \u2014 refusing to broadcast with real funds`
367
369
  );
368
370
  }
371
+ if (walletClient.account.nonceManager === void 0) {
372
+ throw new Error(
373
+ 'createSelfFacilitator: walletClient.account must be constructed with viem\'s `nonceManager` to serialise nonces under concurrent settle(). Example:\n import { nonceManager, privateKeyToAccount } from "viem/accounts";\n const account = privateKeyToAccount(pk, { nonceManager });\n const walletClient = createWalletClient({ chain, transport, account });'
374
+ );
375
+ }
369
376
  const network = chainIdToX402Network(supportedChainId);
370
377
  const hooks = params.hooks;
371
378
  function buildVerifyEvent(req, response, startedAtMs) {
@@ -608,7 +615,8 @@ function createSelfFacilitator(params) {
608
615
  try {
609
616
  const receipt = await publicClient.waitForTransactionReceipt({
610
617
  hash: txHash,
611
- timeout: receiptTimeoutMs
618
+ timeout: receiptTimeoutMs,
619
+ confirmations
612
620
  });
613
621
  if (receipt.status !== "success") {
614
622
  return failSettle(req.paymentRequirements.network, "invalid_transaction_state", {
@@ -852,5 +860,5 @@ function wrapFetch(params) {
852
860
  }
853
861
 
854
862
  export { X402_DEFAULT_AUTHORIZATION_LIFETIME_SECONDS, X402_FACILITATOR_ERROR_CODES, authorizationDeadlineFromNow, createCoinbaseFacilitator, createHttpFacilitator, createSelfFacilitator, createX402PaymentSigner, generateAuthorizationNonce, signCancelAuthorization, signReceiveWithAuthorization, signTransferWithAuthorization, wrapFetch };
855
- //# sourceMappingURL=chunk-3S34WBAW.js.map
856
- //# sourceMappingURL=chunk-3S34WBAW.js.map
863
+ //# sourceMappingURL=chunk-2QYCWRYR.js.map
864
+ //# sourceMappingURL=chunk-2QYCWRYR.js.map
package/dist/chunk-2QYCWRYR.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/tokens/eip3009.ts","../src/x402/client.ts","../src/x402/facilitator.ts","../src/x402/fetch.ts"],"names":["getAddress","resolveDomain","parseSignature"],"mappings":";;;;;AAmEA,IAAM,8BAAA,GAAiC;AAAA,EACtC,yBAAA,EAA2B;AAAA,IAC1B,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,SAAA,EAAU;AAAA,IAChC,EAAE,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,SAAA,EAAU;AAAA,IAC9B,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,SAAA,EAAU;AAAA,IACjC,EAAE,IAAA,EAAM,YAAA,EAAc,IAAA,EAAM,SAAA,EAAU;AAAA,IACtC,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,SAAA,EAAU;AAAA,IACvC,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,SAAA;AAAU;AAEnC,CAAA;AAEA,IAAM,6BAAA,GAAgC;AAAA,EACrC,wBAAA,EAA0B;AAAA,IACzB,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,SAAA,EAAU;AAAA,IAChC,EAAE,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,SAAA,EAAU;AAAA,IAC9B,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,SAAA,EAAU;AAAA,IACjC,EAAE,IAAA,EAAM,YAAA,EAAc,IAAA,EAAM,SAAA,EAAU;AAAA,IACtC,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,SAAA,EAAU;AAAA,IACvC,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,SAAA;AAAU;AAEnC,CAAA;AAEA,IAAM,wBAAA,GAA2B;AAAA,EAChC,mBAAA,EAAqB;AAAA,IACpB,EAAE,IAAA,EAAM,YAAA,EAAc,IAAA,EAAM,SAAA,EAAU;AAAA,IACtC,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,SAAA;AAAU;AAEnC,CAAA;AAmBO,SAAS,0BAAA,GAAkC;AACjD,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,EAAE,CAAA;AAC/B,EAAA,MAAA,CAAO,gBAAgB,KAAK,CAAA;AAC5B,EAAA,OAAO,KAAK,KAAA,CAAM,IAAA,CAAK,KAAA,EAAO,CAAC,MAAM,CAAA,CAAE,QAAA,CAAS,EAAE,CAAA,CAAE,SAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,IAAA,CAAK,EAAE,CAAC,CAAA,CAAA;AAC/E;AAeO,SAAS,4BAAA,CAA6B,SAAiB,MAAA,EAAyB;AACtF,EAAA,MAAM,GAAA,GAAM,UAAU,MAAA,CAAO,IAAA,CAAK,MAAM,IAAA,CAAK,GAAA,EAAI,GAAI,GAAI,CAAC,CAAA;AAC1D,EAAA,OAAO,GAAA,GAAM,OAAO,OAAO,CAAA;AAC5B;AAEA,SAAS,qBAAqB,OAAA,EAAyD;AACtF,EAAA,IAAI,CAAC,QAAQ,aAAA,EAAe;AAC3B,IAAA,MAAM,IAAI,KAAA;AAAA,MACT,CAAA,QAAA,EAAW,QAAQ,OAAO,CAAA,+FAAA;AAAA,KAC3B;AAAA,EACD;AACA,EAAA,OAAO,OAAA,CAAQ,aAAA,CAAc,IAAA,CAAK,OAAO,CAAA;AAC1C;AAEA,SAAS,mBAAA,CAAoB,OAAA,EAAkB,YAAA,EAAuB,IAAA,EAAoB;AACzF,EAAA,IAAI,WAAW,OAAA,CAAQ,OAAO,CAAA,KAAM,UAAA,CAAW,YAAY,CAAA,EAAG;AAC7D,IAAA,MAAM,IAAI,KAAA;AAAA,MACT,CAAA,SAAA,EAAY,IAAI,CAAA,4BAAA,EAA+B,IAAA,KAAS,QAAA,GAAW,YAAA,GAAe,MAAM,CAAA,eAAA,EAAkB,OAAA,CAAQ,OAAO,CAAA,eAAA,EAAkB,YAAY,CAAA,CAAA;AAAA,KACxJ;AAAA,EACD;AACD;AAuCA,eAAsB,6BAAA,CACrB,OAAA,EACA,MAAA,EACA,OAAA,EACiE;AACjE,EAAA,mBAAA,CAAoB,OAAA,EAAS,OAAA,CAAQ,IAAA,EAAM,UAAU,CAAA;AACrD,EAAA,MAAM,IAAA,GAAO,qBAAqB,OAAO,CAAA;AACzC,EAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK;AAAA,IAC5B,MAAA;AAAA,IACA,KAAA,EAAO,8BAAA;AAAA,IACP,WAAA,EAAa,2BAAA;AAAA,IACb;AAAA,GACA,CAAA;AACD,EAAA,OAAO,kBAAA,CAAmB,SAAA,EAAW,MAAA,EAAQ,OAAO,CAAA;AACrD;AAWA,eAAsB,4BAAA,CACrB,OAAA,EACA,MAAA,EACA,OAAA,EACgE;AAChE,EAAA,mBAAA,CAAoB,OAAA,EAAS,OAAA,CAAQ,IAAA,EAAM,SAAS,CAAA;AACpD,EAAA,MAAM,IAAA,GAAO,qBAAqB,OAAO,CAAA;AACzC,EAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK;AAAA,IAC5B,MAAA;AAAA,IACA,KAAA,EAAO,6BAAA;AAAA,IACP,WAAA,EAAa,0BAAA;AAAA,IACb;AAAA,GACA,CAAA;AACD,EAAA,OAAO,kBAAA,CAAmB,SAAA,EAAW,MAAA,EAAQ,OAAO,CAAA;AACrD;AAQA,eAAsB,uBAAA,CACrB,OAAA,EACA,MAAA,EACA,OAAA,EAC2D;AAC3D,EAAA,mBAAA,CAAoB,OAAA,EAAS,OAAA,CAAQ,UAAA,EAAY,QAAQ,CAAA;AACzD,EAAA,MAAM,IAAA,GAAO,qBAAqB,OAAO,CAAA;AACzC,EAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK;AAAA,IAC5B,MAAA;AAAA,IACA,KAAA,EAAO,wBAAA;AAAA,IACP,WAAA,EAAa,qBAAA;AAAA,IACb;AAAA,GACA,CAAA;AACD,EAAA,OAAO,kBAAA,CAAmB,SAAA,EAAW,MAAA,EAAQ,OAAO,CAAA;AACrD;AAEA,SAAS,kBAAA,CACR,SAAA,EACA,MAAA,EACA,OAAA,EACgC;AAChC,EAAA,MAAM,MAAA,GAAS,eAAe,SAAS,CAAA;AAEvC,EAAA,MAAM,CAAA,GAAI,MAAA,CAAO,CAAA,KAAM,MAAA,GAAY,MAAA,CAAO,OAAO,CAAC,CAAA,GAAA,CAAK,MAAA,CAAO,OAAA,IAAW,CAAA,IAAK,EAAA;AAC9E,EAAA,OAAO;AAAA,IACN,SAAA;AAAA,IACA,CAAA;AAAA,IACA,GAAG,MAAA,CAAO,CAAA;AAAA,IACV,GAAG,MAAA,CAAO,CAAA;AAAA,IACV,MAAA;AAAA,IACA;AAAA,GACD;AACD;AC/NO,IAAM,2CAAA,GAA8C;AAsE3D,IAAM,WAAA,GAAA,CAAe,MAAM,IAAA,IAAQ,EAAA;AACnC,IAAM,eAAA,GAAkB,mBAAA;AAExB,SAAS,eAAA,CAAgB,OAAe,KAAA,EAAuB;AAC9D,EAAA,IAAI,CAAC,eAAA,CAAgB,IAAA,CAAK,KAAK,CAAA,EAAG;AACjC,IAAA,MAAM,IAAI,uBAAA;AAAA,MACT,qBAAA;AAAA,MACA,KAAK,KAAK,CAAA,8CAAA,EAAiD,IAAA,CAAK,SAAA,CAAU,KAAK,CAAC,CAAA;AAAA,KACjF;AAAA,EACD;AACA,EAAA,MAAM,MAAA,GAAS,OAAO,KAAK,CAAA;AAC3B,EAAA,IAAI,SAAS,WAAA,EAAa;AACzB,IAAA,MAAM,IAAI,uBAAA;AAAA,MACT,qBAAA;AAAA,MACA,CAAA,EAAA,EAAK,KAAK,CAAA,wBAAA,EAA2B,KAAK,CAAA;AAAA,KAC3C;AAAA,EACD;AACA,EAAA,OAAO,MAAA;AACR;AAEA,SAAS,aAAA,CAAc,OAAe,KAAA,EAAwB;AAC7D,EAAA,IAAI,CAAC,SAAA,CAAU,KAAA,EAAO,EAAE,MAAA,EAAQ,KAAA,EAAO,CAAA,EAAG;AACzC,IAAA,MAAM,IAAI,uBAAA;AAAA,MACT,qBAAA;AAAA,MACA,CAAA,EAAA,EAAK,KAAK,CAAA,2BAAA,EAA8B,KAAK,CAAA;AAAA,KAC9C;AAAA,EACD;AACA,EAAA,OAAO,KAAA;AACR;AAEA,SAAS,aAAA,CACR,cACA,QAAA,EACkB;AAClB,EAAA,IAAI,QAAA,EAAU;AACb,IAAA,OAAO,QAAA;AAAA,EACR;AACA,EAAA,MAAM,QAAQ,YAAA,CAAa,KAAA;AAC3B,EAAA,IAAI,OAAO,KAAA,CAAM,IAAA,KAAS,YAAY,OAAO,KAAA,CAAM,YAAY,QAAA,EAAU;AACxE,IAAA,OAAO,EAAE,IAAA,EAAM,KAAA,CAAM,IAAA,EAAM,OAAA,EAAS,MAAM,OAAA,EAAQ;AAAA,EACnD;AACA,EAAA,IAAIA,WAAW,YAAA,CAAa,KAAK,CAAA,KAAMA,UAAAA,CAAW,eAAe,CAAA,EAAG;AACnE,IAAA,OAAO,uBAAA;AAAA,EACR;AACA,EAAA,MAAM,IAAI,uBAAA;AAAA,IACT,qBAAA;AAAA,IACA;AAAA,GACD;AACD;AAEA,SAAS,qBAAqB,YAAA,EAK5B;AACD,EAAA,IAAI,YAAA,CAAa,WAAW,OAAA,EAAS;AACpC,IAAA,MAAM,IAAI,uBAAA;AAAA,MACT,qBAAA;AAAA,MACA,CAAA,oBAAA,EAAuB,aAAa,MAAM,CAAA;AAAA,KAC3C;AAAA,EACD;AACA,EAAA,MAAM,OAAA,GAAU,oBAAA,CAAqB,YAAA,CAAa,OAAO,CAAA;AACzD,EAAA,IAAI,CAAC,kBAAA,CAAmB,OAAO,CAAA,EAAG;AAGjC,IAAA,MAAM,IAAI,uBAAA;AAAA,MACT,qBAAA;AAAA,MACA,CAAA,qBAAA,EAAwB,aAAa,OAAO,CAAA;AAAA,KAC7C;AAAA,EACD;AACA,EAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,YAAA,CAAa,MAAA,EAAQ,QAAQ,CAAA;AAC3D,EAAA,IAAI,UAAU,EAAA,EAAI;AACjB,IAAA,MAAM,IAAI,uBAAA,CAAwB,qBAAA,EAAuB,2BAA2B,CAAA;AAAA,EACrF;AACA,EAAA,IAAI,YAAA,CAAa,qBAAqB,CAAA,EAAG;AACxC,IAAA,MAAM,IAAI,uBAAA;AAAA,MACT,qBAAA;AAAA,MACA,CAAA,4CAAA,EAA+C,aAAa,iBAAiB,CAAA;AAAA,KAC9E;AAAA,EACD;AACA,EAAA,MAAM,KAAA,GAAQ,aAAA,CAAc,YAAA,CAAa,KAAA,EAAO,OAAO,CAAA;AACvD,EAAA,MAAM,KAAA,GAAQ,aAAA,CAAc,YAAA,CAAa,KAAA,EAAO,OAAO,CAAA;AACvD,EAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,KAAA,EAAM;AACvC;AAyBO,SAAS,wBAAwB,MAAA,EAA0D;AACjG,EAAA,MAAM,EAAE,OAAA,EAAS,OAAA,EAAQ,GAAI,MAAA;AAC7B,EAAA,MAAM,sBAAA,GACL,OAAO,sBAAA,IAA0B,2CAAA;AAClC,EAAA,IAAI,0BAA0B,CAAA,EAAG;AAChC,IAAA,MAAM,IAAI,uBAAA;AAAA,MACT,yBAAA;AAAA,MACA,oDAAoD,sBAAsB,CAAA;AAAA,KAC3E;AAAA,EACD;AACA,EAAA,MAAM,iBAAiB,MAAA,CAAO,cAAA;AAE9B,EAAA,OAAO;AAAA,IACN,SAAS,OAAA,CAAQ,OAAA;AAAA,IACjB,MAAM,KAAK,UAAA,EAAY;AACtB,MAAA,MAAM,EAAE,qBAAoB,GAAI,UAAA;AAChC,MAAA,MAAM,EAAE,OAAA,EAAS,KAAA,EAAO,OAAO,KAAA,EAAM,GAAI,qBAAqB,mBAAmB,CAAA;AACjF,MAAA,MAAM,KAAA,GAAQ,SAAS,OAAO,CAAA;AAC9B,MAAA,IAAI,OAAA,KAAY,SAAA,IAAa,KAAA,CAAM,SAAA,EAAW;AAC7C,QAAA,MAAM,IAAI,uBAAA;AAAA,UACT,qBAAA;AAAA,UACA,CAAA,sEAAA,EAAyE,mBAAA,CAAoB,OAAO,CAAA,WAAA,EAAc,OAAO,CAAA,cAAA;AAAA,SAC1H;AAAA,MACD;AACA,MAAA,IAAI,OAAA,KAAY,SAAA,IAAa,CAAC,KAAA,CAAM,SAAA,EAAW;AAC9C,QAAA,MAAM,IAAI,uBAAA;AAAA,UACT,qBAAA;AAAA,UACA,CAAA,sEAAA,EAAyE,mBAAA,CAAoB,OAAO,CAAA,WAAA,EAAc,OAAO,CAAA,6DAAA;AAAA,SAC1H;AAAA,MACD;AACA,MAAA,MAAM,MAAA,GAAS,aAAA,CAAc,mBAAA,EAAqB,cAAc,CAAA;AAEhE,MAAA,MAAM,QAAA,GAAW,IAAA,CAAK,GAAA,CAAI,sBAAA,EAAwB,oBAAoB,iBAAiB,CAAA;AACvF,MAAA,MAAM,UAAA,GAAa,WAAW,UAAA,IAAc,EAAA;AAC5C,MAAA,MAAM,WAAA,GAAc,UAAA,CAAW,WAAA,IAAe,4BAAA,CAA6B,QAAQ,CAAA;AACnF,MAAA,IAAI,eAAe,UAAA,EAAY;AAC9B,QAAA,MAAM,IAAI,uBAAA;AAAA,UACT,qBAAA;AAAA,UACA,CAAA,iBAAA,EAAoB,WAAW,CAAA,uCAAA,EAA0C,UAAU,CAAA,CAAA;AAAA,SACpF;AAAA,MACD;AAEA,MAAA,MAAM,QAAQ,0BAAA,EAA2B;AACzC,MAAA,MAAM,SAAS,MAAM,6BAAA;AAAA,QACpB,OAAA;AAAA,QACA,EAAE,MAAM,MAAA,CAAO,IAAA,EAAM,SAAS,MAAA,CAAO,OAAA,EAAS,OAAA,EAAS,iBAAA,EAAmB,KAAA,EAAM;AAAA,QAChF;AAAA,UACC,MAAM,OAAA,CAAQ,OAAA;AAAA,UACd,EAAA,EAAI,KAAA;AAAA,UACJ,KAAA;AAAA,UACA,UAAA;AAAA,UACA,WAAA;AAAA,UACA;AAAA;AACD,OACD;AAEA,MAAA,MAAM,OAAA,GAA+B;AAAA,QACpC,WAAW,MAAA,CAAO,SAAA;AAAA,QAClB,aAAA,EAAe;AAAA,UACd,IAAA,EAAM,OAAO,OAAA,CAAQ,IAAA;AAAA,UACrB,EAAA,EAAI,OAAO,OAAA,CAAQ,EAAA;AAAA,UACnB,KAAA,EAAO,MAAA,CAAO,OAAA,CAAQ,KAAA,CAAM,QAAA,EAAS;AAAA,UACrC,UAAA,EAAY,MAAA,CAAO,OAAA,CAAQ,UAAA,CAAW,QAAA,EAAS;AAAA,UAC/C,WAAA,EAAa,MAAA,CAAO,OAAA,CAAQ,WAAA,CAAY,QAAA,EAAS;AAAA,UACjD,KAAA,EAAO,OAAO,OAAA,CAAQ;AAAA;AACvB,OACD;AAEA,MAAA,MAAM,MAAA,GAA6B,WAAW,QAAA,GAC3C;AAAA,QACA,WAAA,EAAa,YAAA;AAAA,QACb,UAAU,UAAA,CAAW,QAAA;AAAA,QACrB,QAAA,EAAU,mBAAA;AAAA,QACV,OAAA,EAAS,EAAE,GAAG,OAAA;AAAQ,OACvB,GACC;AAAA,QACA,WAAA,EAAa,YAAA;AAAA,QACb,QAAA,EAAU,mBAAA;AAAA,QACV,OAAA,EAAS,EAAE,GAAG,OAAA;AAAQ,OACvB;AACF,MAAA,OAAO,MAAA;AAAA,IACR;AAAA,GACD;AACD;ACtQO,IAAM,4BAAA,GAA+B;AAAA,EAC3C,kBAAA,EAAoB,oBAAA;AAAA,EACpB,mDAAA,EACC,qDAAA;AAAA,EACD,oDAAA,EACC,sDAAA;AAAA,EACD,sDAAA,EACC,wDAAA;AAAA,EACD,4CAAA,EAA8C,8CAAA;AAAA,EAC9C,mCAAA,EAAqC,qCAAA;AAAA,EACrC,eAAA,EAAiB,iBAAA;AAAA,EACjB,eAAA,EAAiB,iBAAA;AAAA,EACjB,cAAA,EAAgB,gBAAA;AAAA,EAChB,yBAAA,EAA2B,2BAAA;AAAA,EAC3B,uBAAA,EAAyB,yBAAA;AAAA,EACzB,uBAAA,EAAyB;AAC1B;AAqBA,SAAS,MAAM,KAAA,EAA8B;AAC5C,EAAA,OAAO,OAAO,KAAA,KAAU,QAAA,IAAY,kBAAA,CAAmB,KAAK,KAAK,CAAA;AAClE;AAEA,SAAS,cAAc,KAAA,EAAkC;AACxD,EAAA,OAAO,OAAO,KAAA,KAAU,QAAA,IAAY,qBAAA,CAAsB,KAAK,KAAK,CAAA;AACrE;AAEA,SAAS,gBAAgB,KAAA,EAAiC;AACzD,EAAA,OAAO,OAAO,KAAA,KAAU,QAAA,IAAY,mBAAA,CAAoB,KAAK,KAAK,CAAA;AACnE;AAEA,SAAS,sBAAsB,OAAA,EAAgE;AAC9F,EAAA,MAAM,CAAA,GAAI,OAAA;AACV,EAAA,IAAI,CAAC,KAAA,CAAM,CAAA,CAAE,SAAS,GAAG,OAAO,IAAA;AAChC,EAAA,IAAI,OAAO,CAAA,CAAE,aAAA,KAAkB,YAAY,CAAA,CAAE,aAAA,KAAkB,MAAM,OAAO,IAAA;AAC5E,EAAA,MAAM,IAAI,CAAA,CAAE,aAAA;AAQZ,EAAA,IAAI,CAAC,aAAA,CAAc,CAAA,CAAE,IAAI,GAAG,OAAO,IAAA;AACnC,EAAA,IAAI,CAAC,aAAA,CAAc,CAAA,CAAE,EAAE,GAAG,OAAO,IAAA;AACjC,EAAA,IAAI,CAAC,eAAA,CAAgB,CAAA,CAAE,KAAK,GAAG,OAAO,IAAA;AACtC,EAAA,IAAI,CAAC,eAAA,CAAgB,CAAA,CAAE,UAAU,GAAG,OAAO,IAAA;AAC3C,EAAA,IAAI,CAAC,eAAA,CAAgB,CAAA,CAAE,WAAW,GAAG,OAAO,IAAA;AAC5C,EAAA,IAAI,CAAC,KAAA,CAAM,CAAA,CAAE,KAAK,GAAG,OAAO,IAAA;AAC5B,EAAA,OAAO;AAAA,IACN,WAAW,CAAA,CAAE,SAAA;AAAA,IACb,aAAA,EAAe;AAAA,MACd,MAAM,CAAA,CAAE,IAAA;AAAA,MACR,IAAI,CAAA,CAAE,EAAA;AAAA,MACN,OAAO,CAAA,CAAE,KAAA;AAAA,MACT,YAAY,CAAA,CAAE,UAAA;AAAA,MACd,aAAa,CAAA,CAAE,WAAA;AAAA,MACf,OAAO,CAAA,CAAE;AAAA;AACV,GACD;AACD;AAEA,IAAM,4BAAA,GAA+B;AAAA,EACpC,yBAAA,EAA2B;AAAA,IAC1B,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,SAAA,EAAU;AAAA,IAChC,EAAE,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,SAAA,EAAU;AAAA,IAC9B,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,SAAA,EAAU;AAAA,IACjC,EAAE,IAAA,EAAM,YAAA,EAAc,IAAA,EAAM,SAAA,EAAU;AAAA,IACtC,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,SAAA,EAAU;AAAA,IACvC,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,SAAA;AAAU;AAEnC,CAAA;AAEA,SAASC,eAAc,YAAA,EAGrB;AACD,EAAA,MAAM,QAAQ,YAAA,CAAa,KAAA;AAC3B,EAAA,IAAI,OAAO,KAAA,CAAM,IAAA,KAAS,YAAY,OAAO,KAAA,CAAM,YAAY,QAAA,EAAU;AACxE,IAAA,OAAO,EAAE,IAAA,EAAM,KAAA,CAAM,IAAA,EAAM,OAAA,EAAS,MAAM,OAAA,EAAQ;AAAA,EACnD;AACA,EAAA,IAAID,WAAW,YAAA,CAAa,KAAK,CAAA,KAAMA,UAAAA,CAAW,eAAe,CAAA,EAAG;AACnE,IAAA,OAAO,uBAAA;AAAA,EACR;AACA,EAAA,MAAM,IAAI,KAAA;AAAA,IACT;AAAA,GACD;AACD;AAEA,SAAS,UAAA,CACR,MAAA,EACA,OAAA,EACA,KAAA,EACqB;AACrB,EAAA,IAAI,OAAA,KAAY,MAAA,IAAa,KAAA,KAAU,MAAA,EAAW;AACjD,IAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,eAAe,MAAA,EAAQ,cAAA,EAAgB,SAAS,KAAA,EAAM;AAAA,EAChF;AACA,EAAA,IAAI,YAAY,MAAA,EAAW;AAC1B,IAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,aAAA,EAAe,MAAA,EAAQ,gBAAgB,OAAA,EAAQ;AAAA,EACzE;AACA,EAAA,IAAI,UAAU,MAAA,EAAW;AACxB,IAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,aAAA,EAAe,QAAQ,KAAA,EAAM;AAAA,EACvD;AACA,EAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,aAAA,EAAe,MAAA,EAAO;AAChD;AAEA,SAAS,UAAA,CACR,OAAA,EACA,MAAA,EACA,OAAA,GAAuE,EAAC,EACnD;AACrB,EAAA,MAAM,WAAA,GAAc,QAAQ,WAAA,IAAe,EAAA;AAC3C,EAAA,MAAM,IAAA,GAA2B;AAAA,IAChC,OAAA,EAAS,KAAA;AAAA,IACT,WAAA,EAAa,MAAA;AAAA,IACb,WAAA;AAAA,IACA;AAAA,GACD;AACA,EAAA,IAAI,OAAA,CAAQ,OAAA,KAAY,MAAA,IAAa,OAAA,CAAQ,UAAU,MAAA,EAAW;AACjE,IAAA,OAAO,EAAE,GAAG,IAAA,EAAM,YAAA,EAAc,QAAQ,OAAA,EAAS,KAAA,EAAO,QAAQ,KAAA,EAAM;AAAA,EACvE;AACA,EAAA,IAAI,OAAA,CAAQ,YAAY,MAAA,EAAW;AAClC,IAAA,OAAO,EAAE,GAAG,IAAA,EAAM,YAAA,EAAc,QAAQ,OAAA,EAAQ;AAAA,EACjD;AACA,EAAA,IAAI,OAAA,CAAQ,UAAU,MAAA,EAAW;AAChC,IAAA,OAAO,EAAE,GAAG,IAAA,EAAM,KAAA,EAAO,QAAQ,KAAA,EAAM;AAAA,EACxC;AACA,EAAA,OAAO,IAAA;AACR;AAoGO,SAAS,sBAAsB,MAAA,EAAkD;AACvF,EAAA,MAAM,EAAE,YAAA,EAAc,YAAA,EAAa,GAAI,MAAA;AACvC,EAAA,MAAM,gBAAA,GAAmB,OAAO,gBAAA,IAAoB,GAAA;AAKpD,EAAA,MAAM,oBAAA,GAAuB,MAAA,CAAO,OAAA,KAAY,SAAA,GAAY,CAAA,GAAI,CAAA;AAChE,EAAA,MAAM,aAAA,GAAgB,OAAO,aAAA,IAAiB,oBAAA;AAC9C,EAAA,MAAM,kBAAA,GAAqB,aAAa,KAAA,CAAM,EAAA;AAC9C,EAAA,IAAI,CAAC,kBAAA,CAAmB,kBAAkB,CAAA,EAAG;AAC5C,IAAA,MAAM,IAAI,KAAA;AAAA,MACT,gDAAgD,kBAAkB,CAAA,mCAAA;AAAA,KACnE;AAAA,EACD;AACA,EAAA,MAAM,gBAAA,GAAqC,kBAAA;AAC3C,EAAA,MAAM,KAAA,GAAQ,SAAS,gBAAgB,CAAA;AACvC,EAAA,IAAI,MAAA,CAAO,OAAA,KAAY,SAAA,IAAa,KAAA,CAAM,SAAA,EAAW;AACpD,IAAA,MAAM,IAAI,KAAA;AAAA,MACT,CAAA,iEAAA,EAAoE,KAAA,CAAM,IAAI,CAAA,WAAA,EAAc,gBAAgB,CAAA,cAAA;AAAA,KAC7G;AAAA,EACD;AACA,EAAA,IAAI,MAAA,CAAO,OAAA,KAAY,SAAA,IAAa,CAAC,MAAM,SAAA,EAAW;AACrD,IAAA,MAAM,IAAI,KAAA;AAAA,MACT,CAAA,iEAAA,EAAoE,KAAA,CAAM,IAAI,CAAA,WAAA,EAAc,gBAAgB,CAAA,2DAAA;AAAA,KAC7G;AAAA,EACD;AAUA,EAAA,IAAI,YAAA,CAAa,OAAA,CAAQ,YAAA,KAAiB,MAAA,EAAW;AACpD,IAAA,MAAM,IAAI,KAAA;AAAA,MACT;AAAA,KACD;AAAA,EACD;AAEA,EAAA,MAAM,OAAA,GAAU,qBAAqB,gBAAgB,CAAA;AACrD,EAAA,MAAM,QAAQ,MAAA,CAAO,KAAA;AAErB,EAAA,SAAS,gBAAA,CACR,GAAA,EACA,QAAA,EACA,WAAA,EACc;AACd,IAAA,MAAM,UAAA,GAAa,IAAA,CAAK,GAAA,EAAI,GAAI,WAAA;AAChC,IAAA,MAAM,YAAA,GAAe,IAAI,mBAAA,CAAoB,OAAA;AAC7C,IAAA,IAAI,QAAA,CAAS,OAAA,IAAW,QAAA,CAAS,KAAA,KAAU,MAAA,EAAW;AACrD,MAAA,OAAO;AAAA,QACN,IAAA,EAAM,QAAA;AAAA,QACN,MAAA,EAAQ,SAAA;AAAA,QACR,WAAA;AAAA,QACA,UAAA;AAAA,QACA,OAAA,EAAS,YAAA;AAAA,QACT,OAAO,QAAA,CAAS,KAAA;AAAA,QAChB,MAAA,EAAQ,IAAI,mBAAA,CAAoB;AAAA,OACjC;AAAA,IACD;AACA,IAAA,IAAI,SAAS,OAAA,EAAS;AAIrB,MAAA,OAAO;AAAA,QACN,IAAA,EAAM,QAAA;AAAA,QACN,MAAA,EAAQ,SAAA;AAAA,QACR,WAAA;AAAA,QACA,UAAA;AAAA,QACA,OAAA,EAAS,YAAA;AAAA,QACT,aAAA,EAAe,yBAAA;AAAA,QACf,cAAA,EAAgB;AAAA,OACjB;AAAA,IACD;AACA,IAAA,MAAM,IAAA,GAAO;AAAA,MACZ,IAAA,EAAM,QAAA;AAAA,MACN,MAAA,EAAQ,SAAA;AAAA,MACR,WAAA;AAAA,MACA,UAAA;AAAA,MACA,OAAA,EAAS,YAAA;AAAA,MACT,aAAA,EAAe,SAAS,aAAA,IAAiB;AAAA,KAC1C;AACA,IAAA,IAAI,QAAA,CAAS,KAAA,KAAU,MAAA,IAAa,QAAA,CAAS,mBAAmB,MAAA,EAAW;AAC1E,MAAA,OAAO,EAAE,GAAG,IAAA,EAAM,KAAA,EAAO,SAAS,KAAA,EAAO,cAAA,EAAgB,SAAS,cAAA,EAAe;AAAA,IAClF;AACA,IAAA,IAAI,QAAA,CAAS,UAAU,MAAA,EAAW;AACjC,MAAA,OAAO,EAAE,GAAG,IAAA,EAAM,KAAA,EAAO,SAAS,KAAA,EAAM;AAAA,IACzC;AACA,IAAA,IAAI,QAAA,CAAS,mBAAmB,MAAA,EAAW;AAC1C,MAAA,OAAO,EAAE,GAAG,IAAA,EAAM,cAAA,EAAgB,SAAS,cAAA,EAAe;AAAA,IAC3D;AACA,IAAA,OAAO,IAAA;AAAA,EACR;AAEA,EAAA,SAAS,gBAAA,CACR,GAAA,EACA,QAAA,EACA,WAAA,EACc;AACd,IAAA,MAAM,UAAA,GAAa,IAAA,CAAK,GAAA,EAAI,GAAI,WAAA;AAChC,IAAA,MAAM,YAAA,GAAe,IAAI,mBAAA,CAAoB,OAAA;AAC7C,IAAA,IAAI,QAAA,CAAS,OAAA,IAAW,QAAA,CAAS,KAAA,KAAU,MAAA,EAAW;AACrD,MAAA,OAAO;AAAA,QACN,IAAA,EAAM,QAAA;AAAA,QACN,MAAA,EAAQ,SAAA;AAAA,QACR,WAAA;AAAA,QACA,UAAA;AAAA,QACA,OAAA,EAAS,YAAA;AAAA,QACT,OAAO,QAAA,CAAS,KAAA;AAAA,QAChB,MAAA,EAAQ,IAAI,mBAAA,CAAoB,MAAA;AAAA,QAChC,aAAa,QAAA,CAAS;AAAA,OACvB;AAAA,IACD;AACA,IAAA,IAAI,SAAS,OAAA,EAAS;AAIrB,MAAA,OAAO;AAAA,QACN,IAAA,EAAM,QAAA;AAAA,QACN,MAAA,EAAQ,SAAA;AAAA,QACR,WAAA;AAAA,QACA,UAAA;AAAA,QACA,OAAA,EAAS,YAAA;AAAA,QACT,WAAA,EAAa,yBAAA;AAAA,QACb,YAAA,EAAc,6CAAA;AAAA,QACd,aAAa,QAAA,CAAS;AAAA,OACvB;AAAA,IACD;AACA,IAAA,MAAM,IAAA,GAAO;AAAA,MACZ,IAAA,EAAM,QAAA;AAAA,MACN,MAAA,EAAQ,SAAA;AAAA,MACR,WAAA;AAAA,MACA,UAAA;AAAA,MACA,OAAA,EAAS,YAAA;AAAA,MACT,WAAA,EAAa,SAAS,WAAA,IAAe;AAAA,KACtC;AACA,IAAA,MAAM,SAAA,GAAY,QAAA,CAAS,KAAA,KAAU,MAAA,GAAY,EAAE,GAAG,IAAA,EAAM,KAAA,EAAO,QAAA,CAAS,KAAA,EAAM,GAAI,IAAA;AACtF,IAAA,MAAM,WAAA,GACL,QAAA,CAAS,YAAA,KAAiB,MAAA,GACvB,EAAE,GAAG,SAAA,EAAW,YAAA,EAAc,QAAA,CAAS,YAAA,EAAa,GACpD,SAAA;AACJ,IAAA,IAAI,QAAA,CAAS,WAAA,KAAgB,EAAA,IAAM,QAAA,CAAS,gBAAgB,MAAA,EAAW;AACtE,MAAA,OAAO,EAAE,GAAG,WAAA,EAAa,WAAA,EAAa,SAAS,WAAA,EAAmB;AAAA,IACnE;AACA,IAAA,OAAO,WAAA;AAAA,EACR;AAEA,EAAA,eAAe,WAAW,GAAA,EAAqD;AAE9E,IAAA,IAAI,GAAA,CAAI,mBAAA,CAAoB,MAAA,KAAW,OAAA,EAAS;AAC/C,MAAA,OAAO,WAAW,gBAAgB,CAAA;AAAA,IACnC;AACA,IAAA,IAAI,GAAA,CAAI,cAAA,CAAe,QAAA,CAAS,MAAA,KAAW,OAAA,EAAS;AACnD,MAAA,OAAO,WAAW,gBAAgB,CAAA;AAAA,IACnC;AACA,IAAA,MAAM,UAAA,GAAa,oBAAA,CAAqB,GAAA,CAAI,mBAAA,CAAoB,OAAO,CAAA;AACvE,IAAA,IAAI,eAAe,gBAAA,EAAkB;AACpC,MAAA,OAAO,WAAW,iBAAiB,CAAA;AAAA,IACpC;AACA,IAAA,IAAI,IAAI,cAAA,CAAe,QAAA,CAAS,OAAA,KAAY,GAAA,CAAI,oBAAoB,OAAA,EAAS;AAC5E,MAAA,OAAO,WAAW,iBAAiB,CAAA;AAAA,IACpC;AAGA,IAAA,MAAM,KAAA,GAAQ,qBAAA,CAAsB,GAAA,CAAI,cAAA,CAAe,OAAO,CAAA;AAC9D,IAAA,IAAI,UAAU,IAAA,EAAM;AACnB,MAAA,OAAO,WAAW,iBAAiB,CAAA;AAAA,IACpC;AACA,IAAA,MAAM,OAAO,KAAA,CAAM,aAAA;AAGnB,IAAA,IAAI,IAAA,CAAK,KAAA,KAAU,GAAA,CAAI,mBAAA,CAAoB,MAAA,EAAQ;AAClD,MAAA,OAAO,UAAA;AAAA,QACN,wDAAA;AAAA,QACA,MAAA;AAAA,QACA,IAAA,CAAK;AAAA,OACN;AAAA,IACD;AACA,IAAA,IAAIA,UAAAA,CAAW,KAAK,EAAE,CAAA,KAAMA,WAAW,GAAA,CAAI,mBAAA,CAAoB,KAAK,CAAA,EAAG;AACtE,MAAA,OAAO,UAAA,CAAW,8CAAA,EAAgD,MAAA,EAAW,IAAA,CAAK,IAAI,CAAA;AAAA,IACvF;AAGA,IAAA,MAAM,GAAA,GAAM,OAAO,IAAA,CAAK,KAAA,CAAM,KAAK,GAAA,EAAI,GAAI,GAAI,CAAC,CAAA;AAChD,IAAA,MAAM,UAAA,GAAa,MAAA,CAAO,IAAA,CAAK,UAAU,CAAA;AACzC,IAAA,MAAM,WAAA,GAAc,MAAA,CAAO,IAAA,CAAK,WAAW,CAAA;AAC3C,IAAA,IAAI,MAAM,UAAA,EAAY;AACrB,MAAA,OAAO,UAAA;AAAA,QACN,qDAAA;AAAA,QACA,MAAA;AAAA,QACA,IAAA,CAAK;AAAA,OACN;AAAA,IACD;AACA,IAAA,IAAI,OAAO,WAAA,EAAa;AACvB,MAAA,OAAO,UAAA;AAAA,QACN,sDAAA;AAAA,QACA,MAAA;AAAA,QACA,IAAA,CAAK;AAAA,OACN;AAAA,IACD;AAGA,IAAA,IAAI,SAAA;AACJ,IAAA,IAAI;AACH,MAAA,MAAM,MAAA,GAASC,cAAAA,CAAc,GAAA,CAAI,mBAAmB,CAAA;AACpD,MAAA,SAAA,GAAY,MAAM,uBAAA,CAAwB;AAAA,QACzC,MAAA,EAAQ;AAAA,UACP,MAAM,MAAA,CAAO,IAAA;AAAA,UACb,SAAS,MAAA,CAAO,OAAA;AAAA,UAChB,OAAA,EAAS,UAAA;AAAA,UACT,iBAAA,EAAmB,IAAI,mBAAA,CAAoB;AAAA,SAC5C;AAAA,QACA,KAAA,EAAO,4BAAA;AAAA,QACP,WAAA,EAAa,2BAAA;AAAA,QACb,OAAA,EAAS;AAAA,UACR,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,KAAA,EAAO,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA;AAAA,UACxB,UAAA;AAAA,UACA,WAAA;AAAA,UACA,OAAO,IAAA,CAAK;AAAA,SACb;AAAA,QACA,WAAW,KAAA,CAAM;AAAA,OACjB,CAAA;AAAA,IACF,SAAS,KAAA,EAAO;AACf,MAAA,OAAO,UAAA;AAAA,QACN,yBAAA;AAAA,QACA,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK,CAAA;AAAA,QACrD,IAAA,CAAK;AAAA,OACN;AAAA,IACD;AACA,IAAA,IAAID,WAAW,SAAS,CAAA,KAAMA,UAAAA,CAAW,IAAA,CAAK,IAAI,CAAA,EAAG;AACpD,MAAA,OAAO,UAAA,CAAW,qCAAA,EAAuC,MAAA,EAAW,IAAA,CAAK,IAAI,CAAA;AAAA,IAC9E;AAGA,IAAA,IAAI;AACH,MAAA,MAAM,CAAC,OAAA,EAAS,IAAI,CAAA,GAAI,MAAM,QAAQ,GAAA,CAAI;AAAA,QACzC,aAAa,YAAA,CAAa;AAAA,UACzB,OAAA,EAAS,IAAI,mBAAA,CAAoB,KAAA;AAAA,UACjC,GAAA,EAAK,OAAA;AAAA,UACL,YAAA,EAAc,WAAA;AAAA,UACd,IAAA,EAAM,CAAC,IAAA,CAAK,IAAI;AAAA,SAChB,CAAA;AAAA,QACD,aAAa,YAAA,CAAa;AAAA,UACzB,OAAA,EAAS,IAAI,mBAAA,CAAoB,KAAA;AAAA,UACjC,GAAA,EAAK,OAAA;AAAA,UACL,YAAA,EAAc,oBAAA;AAAA,UACd,IAAA,EAAM,CAAC,IAAA,CAAK,IAAA,EAAM,KAAK,KAAK;AAAA,SAC5B;AAAA,OACD,CAAA;AACD,MAAA,IAAI,IAAA,EAAM;AACT,QAAA,OAAO,UAAA,CAAW,iBAAA,EAAmB,kCAAA,EAAoC,IAAA,CAAK,IAAI,CAAA;AAAA,MACnF;AACA,MAAA,IAAK,OAAA,GAAqB,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA,EAAG;AAC7C,QAAA,OAAO,UAAA,CAAW,oBAAA,EAAsB,KAAA,CAAA,EAAW,IAAA,CAAK,IAAI,CAAA;AAAA,MAC7D;AAAA,IACD,SAAS,KAAA,EAAO;AACf,MAAA,OAAO,UAAA;AAAA,QACN,yBAAA;AAAA,QACA,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK,CAAA;AAAA,QACrD,IAAA,CAAK;AAAA,OACN;AAAA,IACD;AAEA,IAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,KAAA,EAAO,KAAK,IAAA,EAAK;AAAA,EAC1C;AAEA,EAAA,eAAe,WAAW,GAAA,EAAqD;AAI9E,IAAA,MAAM,YAAA,GAAe,MAAM,MAAA,CAAO,GAAG,CAAA;AACrC,IAAA,IAAI,CAAC,aAAa,OAAA,EAAS;AAC1B,MAAA,OAAO,UAAA;AAAA,QACN,IAAI,mBAAA,CAAoB,OAAA;AAAA,QACvB,aAAa,aAAA,IAA8C,yBAAA;AAAA,QAC5D;AAAA,UACC,GAAI,aAAa,cAAA,KAAmB,MAAA,GACjC,EAAE,OAAA,EAAS,YAAA,CAAa,cAAA,EAAe,GACvC,EAAC;AAAA,UACJ,GAAI,aAAa,KAAA,KAAU,MAAA,GAAY,EAAE,KAAA,EAAO,YAAA,CAAa,KAAA,EAAM,GAAI;AAAC;AACzE,OACD;AAAA,IACD;AAEA,IAAA,MAAM,KAAA,GAAQ,qBAAA,CAAsB,GAAA,CAAI,cAAA,CAAe,OAAO,CAAA;AAC9D,IAAA,IAAI,UAAU,IAAA,EAAM;AACnB,MAAA,OAAO,UAAA,CAAW,GAAA,CAAI,mBAAA,CAAoB,OAAA,EAAS,iBAAiB,CAAA;AAAA,IACrE;AACA,IAAA,MAAM,OAAO,KAAA,CAAM,aAAA;AACnB,IAAA,MAAM,MAAA,GAASE,cAAAA,CAAe,KAAA,CAAM,SAAS,CAAA;AAC7C,IAAA,MAAM,CAAA,GAAI,MAAA,CAAO,CAAA,KAAM,MAAA,GAAY,MAAA,CAAO,OAAO,CAAC,CAAA,GAAA,CAAK,MAAA,CAAO,OAAA,IAAW,CAAA,IAAK,EAAA;AAE9E,IAAA,IAAI,MAAA;AACJ,IAAA,IAAI;AACH,MAAA,MAAA,GAAS,MAAM,aAAa,aAAA,CAAc;AAAA,QACzC,OAAA,EAAS,IAAI,mBAAA,CAAoB,KAAA;AAAA,QACjC,GAAA,EAAK,OAAA;AAAA,QACL,YAAA,EAAc,2BAAA;AAAA,QACd,IAAA,EAAM;AAAA,UACL,IAAA,CAAK,IAAA;AAAA,UACL,IAAA,CAAK,EAAA;AAAA,UACL,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,UACjB,MAAA,CAAO,KAAK,UAAU,CAAA;AAAA,UACtB,MAAA,CAAO,KAAK,WAAW,CAAA;AAAA,UACvB,IAAA,CAAK,KAAA;AAAA,UACL,CAAA;AAAA,UACA,MAAA,CAAO,CAAA;AAAA,UACP,MAAA,CAAO;AAAA;AACR,OACA,CAAA;AAAA,IACF,SAAS,KAAA,EAAO;AACf,MAAA,OAAO,UAAA,CAAW,GAAA,CAAI,mBAAA,CAAoB,OAAA,EAAS,yBAAA,EAA2B;AAAA,QAC7E,SAAS,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK,CAAA;AAAA,QAC9D,OAAO,IAAA,CAAK;AAAA,OACZ,CAAA;AAAA,IACF;AAEA,IAAA,IAAI;AACH,MAAA,MAAM,OAAA,GAAU,MAAM,YAAA,CAAa,yBAAA,CAA0B;AAAA,QAC5D,IAAA,EAAM,MAAA;AAAA,QACN,OAAA,EAAS,gBAAA;AAAA,QACT;AAAA,OACA,CAAA;AACD,MAAA,IAAI,OAAA,CAAQ,WAAW,SAAA,EAAW;AACjC,QAAA,OAAO,UAAA,CAAW,GAAA,CAAI,mBAAA,CAAoB,OAAA,EAAS,2BAAA,EAA6B;AAAA,UAC/E,WAAA,EAAa,MAAA;AAAA,UACb,OAAO,IAAA,CAAK;AAAA,SACZ,CAAA;AAAA,MACF;AAAA,IACD,SAAS,KAAA,EAAO;AACf,MAAA,OAAO,UAAA,CAAW,GAAA,CAAI,mBAAA,CAAoB,OAAA,EAAS,yBAAA,EAA2B;AAAA,QAC7E,SAAS,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK,CAAA;AAAA,QAC9D,OAAO,IAAA,CAAK,IAAA;AAAA,QACZ,WAAA,EAAa;AAAA,OACb,CAAA;AAAA,IACF;AAEA,IAAA,OAAO;AAAA,MACN,OAAA,EAAS,IAAA;AAAA,MACT,WAAA,EAAa,MAAA;AAAA,MACb,OAAA,EAAS,IAAI,mBAAA,CAAoB,OAAA;AAAA,MACjC,OAAO,IAAA,CAAK,IAAA;AAAA,MACZ,QAAQ,IAAA,CAAK;AAAA,KACd;AAAA,EACD;AAEA,EAAA,eAAe,OAAO,GAAA,EAAqD;AAC1E,IAAA,MAAM,WAAA,GAAc,KAAK,GAAA,EAAI;AAC7B,IAAA,MAAM,MAAA,GAAS,MAAM,UAAA,CAAW,GAAG,CAAA;AACnC,IAAA,gBAAA,CAAiB,OAAO,QAAA,EAAU,gBAAA,CAAiB,GAAA,EAAK,MAAA,EAAQ,WAAW,CAAC,CAAA;AAC5E,IAAA,OAAO,MAAA;AAAA,EACR;AAEA,EAAA,eAAe,OAAO,GAAA,EAAqD;AAC1E,IAAA,MAAM,WAAA,GAAc,KAAK,GAAA,EAAI;AAC7B,IAAA,MAAM,MAAA,GAAS,MAAM,UAAA,CAAW,GAAG,CAAA;AACnC,IAAA,gBAAA,CAAiB,OAAO,QAAA,EAAU,gBAAA,CAAiB,GAAA,EAAK,MAAA,EAAQ,WAAW,CAAC,CAAA;AAC5E,IAAA,OAAO,MAAA;AAAA,EACR;AAEA,EAAA,eAAe,iBAAA,GAAoD;AAClE,IAAA,MAAM,IAAA,GAA0B;AAAA,MAC/B,WAAA,EAAa,YAAA;AAAA,MACb,MAAA,EAAQ,OAAA;AAAA,MACR;AAAA,KACD;AACA,IAAA,OAAO;AAAA,MACN,KAAA,EAAO,CAAC,IAAI,CAAA;AAAA,MACZ,YAAY,EAAC;AAAA,MACb,SAAS,EAAE,UAAA,EAAY,CAAC,YAAA,CAAa,OAAA,CAAQ,OAAO,CAAA;AAAE,KACvD;AAAA,EACD;AAEA,EAAA,OAAO;AAAA,IACN,MAAA;AAAA,IACA,MAAA;AAAA,IACA,SAAA,EAAW;AAAA,GACZ;AACD;AAoDO,SAAS,sBAAsB,MAAA,EAAkD;AACvF,EAAA,MAAM,OAAA,GAAU,MAAA,CAAO,OAAA,CAAQ,OAAA,CAAQ,OAAO,EAAE,CAAA;AAChD,EAAA,MAAM,SAAA,GAAY,OAAO,KAAA,IAAS,KAAA;AAClC,EAAA,MAAM,iBAAiB,MAAA,CAAO,cAAA;AAE9B,EAAA,eAAe,IAAA,CAAgB,UAA+B,IAAA,EAAmC;AAChG,IAAA,MAAM,OAAA,GAAkC,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAC7E,IAAA,IAAI,cAAA,EAAgB;AACnB,MAAA,MAAA,CAAO,MAAA,CAAO,OAAA,EAAS,MAAM,cAAA,CAAe,QAAQ,CAAC,CAAA;AAAA,IACtD;AACA,IAAA,MAAM,WAAW,MAAM,SAAA,CAAU,GAAG,OAAO,CAAA,CAAA,EAAI,QAAQ,CAAA,CAAA,EAAI;AAAA,MAC1D,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA;AAAA,MACA,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,IAAI;AAAA,KACzB,CAAA;AACD,IAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AACjC,IAAA,IAAI,MAAA;AACJ,IAAA,IAAI;AACH,MAAA,MAAA,GAAS,IAAA,KAAS,EAAA,GAAK,IAAA,GAAO,IAAA,CAAK,MAAM,IAAI,CAAA;AAAA,IAC9C,CAAA,CAAA,MAAQ;AACP,MAAA,MAAM,IAAI,KAAA;AAAA,QACT,CAAA,YAAA,EAAe,QAAQ,CAAA,2BAAA,EAA8B,QAAA,CAAS,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,CAAA,EAAG,GAAG,CAAC,CAAA;AAAA,OAC7F;AAAA,IACD;AACA,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AACjB,MAAA,MAAM,IAAI,KAAA;AAAA,QACT,CAAA,YAAA,EAAe,QAAQ,CAAA,gBAAA,EAAmB,QAAA,CAAS,MAAM,CAAA,GAAA,EAAM,IAAA,CAAK,SAAA,CAAU,MAAM,CAAA,CAAE,KAAA,CAAM,CAAA,EAAG,GAAG,CAAC,CAAA;AAAA,OACpG;AAAA,IACD;AACA,IAAA,OAAO,MAAA;AAAA,EACR;AAEA,EAAA,eAAe,eAAe,GAAA,EAAqD;AAClF,IAAA,OAAO,KAAyB,QAAA,EAAU;AAAA,MACzC,aAAa,GAAA,CAAI,WAAA;AAAA,MACjB,gBAAgB,GAAA,CAAI,cAAA;AAAA,MACpB,qBAAqB,GAAA,CAAI;AAAA,KACzB,CAAA;AAAA,EACF;AAEA,EAAA,eAAe,eAAe,GAAA,EAAqD;AAClF,IAAA,OAAO,KAAyB,QAAA,EAAU;AAAA,MACzC,aAAa,GAAA,CAAI,WAAA;AAAA,MACjB,gBAAgB,GAAA,CAAI,cAAA;AAAA,MACpB,qBAAqB,GAAA,CAAI;AAAA,KACzB,CAAA;AAAA,EACF;AAEA,EAAA,eAAe,iBAAA,GAAoD;AAClE,IAAA,MAAM,UAAkC,EAAC;AACzC,IAAA,IAAI,cAAA,EAAgB;AACnB,MAAA,MAAA,CAAO,MAAA,CAAO,OAAA,EAAS,MAAM,cAAA,CAAe,WAAW,CAAC,CAAA;AAAA,IACzD;AACA,IAAA,MAAM,QAAA,GAAW,MAAM,SAAA,CAAU,CAAA,EAAG,OAAO,cAAc,EAAE,MAAA,EAAQ,KAAA,EAAO,OAAA,EAAS,CAAA;AACnF,IAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AACjC,IAAA,IAAI,MAAA;AACJ,IAAA,IAAI;AACH,MAAA,MAAA,GAAS,IAAA,KAAS,EAAA,GAAK,IAAA,GAAO,IAAA,CAAK,MAAM,IAAI,CAAA;AAAA,IAC9C,CAAA,CAAA,MAAQ;AACP,MAAA,MAAM,IAAI,KAAA;AAAA,QACT,CAAA,gDAAA,EAAmD,SAAS,MAAM,CAAA,GAAA,EAAM,KAAK,KAAA,CAAM,CAAA,EAAG,GAAG,CAAC,CAAA;AAAA,OAC3F;AAAA,IACD;AACA,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AACjB,MAAA,MAAM,IAAI,KAAA;AAAA,QACT,CAAA,qCAAA,EAAwC,QAAA,CAAS,MAAM,CAAA,GAAA,EAAM,IAAA,CAAK,SAAA,CAAU,MAAM,CAAA,CAAE,KAAA,CAAM,CAAA,EAAG,GAAG,CAAC,CAAA;AAAA,OAClG;AAAA,IACD;AACA,IAAA,OAAO,MAAA;AAAA,EACR;AAEA,EAAA,OAAO;AAAA,IACN,MAAA,EAAQ,cAAA;AAAA,IACR,MAAA,EAAQ,cAAA;AAAA,IACR,SAAA,EAAW;AAAA,GACZ;AACD;AAuBA,IAAI,+BAAA,GAAkC,KAAA;AAQ/B,SAAS,0BAA0B,MAAA,EAAkD;AAC3F,EAAA,IAAI,CAAC,+BAAA,EAAiC;AACrC,IAAA,+BAAA,GAAkC,IAAA;AAClC,IAAA,OAAA,CAAQ,WAAA;AAAA,MACP,mNAAA;AAAA,MACA,EAAE,IAAA,EAAM,oBAAA,EAAsB,IAAA,EAAM,mBAAA;AAAoB,KACzD;AAAA,EACD;AACA,EAAA,OAAO,sBAAsB,MAAM,CAAA;AACpC;;;AChvBA,eAAe,oBACd,QAAA,EAC8C;AAC9C,EAAA,MAAM,WAAA,GAAc,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,4BAA4B,CAAA;AACrE,EAAA,IAAI,WAAA,KAAgB,IAAA,IAAQ,WAAA,KAAgB,EAAA,EAAI;AAC/C,IAAA,IAAI;AACH,MAAA,OAAO,4BAA4B,WAAW,CAAA;AAAA,IAC/C,CAAA,CAAA,MAAQ;AAAA,IAGR;AAAA,EACD;AACA,EAAA,IAAI;AACH,IAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,KAAA,GAAQ,IAAA,EAAK;AACzC,IAAA,IAAI,IAAA,KAAS,IAAI,OAAO,IAAA;AACxB,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,IAAI,CAAA;AAC9B,IAAA,IAAI,MAAA,KAAW,QAAQ,OAAO,MAAA,KAAW,YAAY,KAAA,CAAM,OAAA,CAAQ,MAAM,CAAA,EAAG;AAC3E,MAAA,OAAO,IAAA;AAAA,IACR;AACA,IAAA,OAAO,MAAA;AAAA,EACR,CAAA,CAAA,MAAQ;AACP,IAAA,OAAO,IAAA;AAAA,EACR;AACD;AAEA,SAAS,0BACR,OAAA,EACiC;AACjC,EAAA,OAAO,OAAA,CAAQ,CAAC,CAAA,IAAK,IAAA;AACtB;AAwBO,SAAS,UAAU,MAAA,EAAoC;AAC7D,EAAA,MAAM,SAAA,GAAuB,OAAO,KAAA,KAAU,CAAC,OAAO,IAAA,KAAS,KAAA,CAAM,OAAO,IAAI,CAAA,CAAA;AAChF,EAAA,MAAM,kBAAA,GAAqB,OAAO,kBAAA,IAAsB,yBAAA;AACxD,EAAA,MAAM,YAAY,MAAA,CAAO,SAAA;AACzB,EAAA,MAAM,QAAQ,MAAA,CAAO,KAAA;AAErB,EAAA,OAAO,eAAe,SAAA,CAAU,KAAA,EAAO,IAAA,EAAM;AAC5C,IAAA,MAAM,WAAA,GAAc,KAAK,GAAA,EAAI;AAC7B,IAAA,MAAM,UAAA,GACL,OAAO,KAAA,KAAU,QAAA,GAAW,QAAQ,KAAA,YAAiB,GAAA,GAAM,KAAA,CAAM,IAAA,GAAO,KAAA,CAAM,GAAA;AAE/E,IAAA,MAAM,WAAA,GAAc,CAAC,MAAA,EAAgB,UAAA,KAAyC;AAC7E,MAAA,MAAM,KAAA,GAA4B;AAAA,QACjC,IAAA,EAAM,gBAAA;AAAA,QACN,MAAA,EAAQ,SAAA;AAAA,QACR,WAAA;AAAA,QACA,UAAA,EAAY,IAAA,CAAK,GAAA,EAAI,GAAI,WAAA;AAAA,QACzB,UAAA;AAAA,QACA,MAAA;AAAA,QACA,GAAI,UAAA,KAAe,MAAA,GAAY,EAAE,UAAA,KAAe;AAAC,OAClD;AACA,MAAA,gBAAA,CAAiB,KAAA,EAAO,iBAAiB,KAAK,CAAA;AAAA,IAC/C,CAAA;AAEA,IAAA,MAAM,eAAA,GAAkB,MAAM,SAAA,CAAU,KAAA,EAAO,IAAI,CAAA;AACnD,IAAA,IAAI,eAAA,CAAgB,WAAW,GAAA,EAAK;AACnC,MAAA,OAAO,eAAA;AAAA,IACR;AAEA,IAAA,MAAM,eAAA,GAAkB,MAAM,mBAAA,CAAoB,eAAe,CAAA;AACjE,IAAA,IAAI,eAAA,KAAoB,IAAA,IAAQ,eAAA,CAAgB,OAAA,CAAQ,WAAW,CAAA,EAAG;AACrE,MAAA,WAAA,CAAY,6BAA6B,GAAG,CAAA;AAC5C,MAAA,OAAO,eAAA;AAAA,IACR;AAEA,IAAA,MAAM,MAAA,GAAS,kBAAA,CAAmB,eAAA,CAAgB,OAAA,EAAS,eAAe,CAAA;AAC1E,IAAA,IAAI,WAAW,IAAA,EAAM;AACpB,MAAA,WAAA,CAAY,6BAA6B,GAAG,CAAA;AAC5C,MAAA,OAAO,eAAA;AAAA,IACR;AAEA,IAAA,IAAI,SAAA,EAAW;AACd,MAAA,MAAM,OAAA,GAAU,MAAM,SAAA,CAAU,MAAA,EAAQ,eAAe,CAAA;AACvD,MAAA,IAAI,YAAY,KAAA,EAAO;AACtB,QAAA,WAAA,CAAY,sBAAsB,GAAG,CAAA;AACrC,QAAA,OAAO,eAAA;AAAA,MACR;AAAA,IACD;AAEA,IAAA,MAAM,cAAA,GAAiB,MAAM,MAAA,CAAO,MAAA,CAAO,IAAA,CAAK;AAAA,MAC/C,mBAAA,EAAqB,MAAA;AAAA,MACrB,GAAI,gBAAgB,QAAA,GAAW,EAAE,UAAU,eAAA,CAAgB,QAAA,KAAa;AAAC,KACzE,CAAA;AAED,IAAA,MAAM,YAAA,GAAe,IAAI,OAAA,CAAQ,IAAA,EAAM,OAAO,CAAA;AAC9C,IAAA,YAAA,CAAa,GAAA,CAAI,6BAAA,EAA+B,4BAAA,CAA6B,cAAc,CAAC,CAAA;AAE5F,IAAA,MAAM,aAAA,GAAgB,MAAM,SAAA,CAAU,KAAA,EAAO,EAAE,GAAG,IAAA,EAAM,OAAA,EAAS,YAAA,EAAc,CAAA;AAE/E,IAAA,IAAI,aAAA,CAAc,MAAA,IAAU,GAAA,IAAO,aAAA,CAAc,SAAS,GAAA,EAAK;AAC9D,MAAA,MAAM,gBAAA,GAAmB,aAAA,CAAc,OAAA,CAAQ,GAAA,CAAI,4BAA4B,CAAA;AAC/E,MAAA,IAAI,WAAA;AACJ,MAAA,IAAI,gBAAA,KAAqB,IAAA,IAAQ,gBAAA,KAAqB,EAAA,EAAI;AACzD,QAAA,IAAI;AACH,UAAA,MAAM,UAAA,GAAa,4BAA4B,gBAAgB,CAAA;AAC/D,UAAA,IAAI,UAAA,CAAW,gBAAgB,EAAA,EAAI;AAClC,YAAA,WAAA,GAAc,UAAA,CAAW,WAAA;AAAA,UAC1B;AAAA,QACD,CAAA,CAAA,MAAQ;AAAA,QAGR;AAAA,MACD;AACA,MAAA,MAAM,YAAA,GAAmC;AAAA,QACxC,IAAA,EAAM,gBAAA;AAAA,QACN,MAAA,EAAQ,SAAA;AAAA,QACR,WAAA;AAAA,QACA,UAAA,EAAY,IAAA,CAAK,GAAA,EAAI,GAAI,WAAA;AAAA,QACzB,UAAA;AAAA,QACA,KAAA,EAAO,OAAO,MAAA,CAAO,OAAA;AAAA,QACrB,QAAQ,MAAA,CAAO,MAAA;AAAA,QACf,SAAS,MAAA,CAAO,OAAA;AAAA,QAChB,GAAI,WAAA,KAAgB,MAAA,GAAY,EAAE,WAAA,KAAgB;AAAC,OACpD;AACA,MAAA,gBAAA,CAAiB,KAAA,EAAO,iBAAiB,YAAY,CAAA;AAAA,IACtD,CAAA,MAAO;AACN,MAAA,WAAA;AAAA,QACC,aAAA,CAAc,MAAA,KAAW,GAAA,GAAM,iBAAA,GAAoB,YAAA;AAAA,QACnD,aAAA,CAAc;AAAA,OACf;AAAA,IACD;AAEA,IAAA,OAAO,aAAA;AAAA,EACR,CAAA;AACD","file":"chunk-2QYCWRYR.js","sourcesContent":["/**\n * EIP-3009 typed-data builders and signing helpers.\n *\n * Token-agnostic: works for any EIP-3009-compliant token (JPYC, USDC, USDP,\n * Centre FiatToken family). Pure off-chain construction — no chain RPC, no\n * submission. Submission is the caller's job (M3 x402 flow, or arbitrary\n * gas-paying relayer).\n *\n * @packageDocumentation\n */\n\nimport { type Account, type Address, getAddress, type Hex, parseSignature } from \"viem\";\n\n// ---------------------------------------------------------------------------\n// Domain & typed-data shapes\n// ---------------------------------------------------------------------------\n\n/**\n * EIP-712 domain for an EIP-3009-compliant token.\n *\n * `name` and `version` MUST match the values the token used when computing\n * its `DOMAIN_SEPARATOR`. For JPYC see {@link JPYC_EIP712_DOMAIN_HINT}.\n */\nexport interface Eip3009Domain {\n\treadonly name: string;\n\treadonly version: string;\n\treadonly chainId: number;\n\treadonly verifyingContract: Address;\n}\n\n/** Message body for {@link signTransferWithAuthorization}. */\nexport interface TransferWithAuthorizationMessage {\n\treadonly from: Address;\n\treadonly to: Address;\n\treadonly value: bigint;\n\treadonly validAfter: bigint;\n\treadonly validBefore: bigint;\n\t/** 32-byte random nonce. Generate with {@link generateAuthorizationNonce}. */\n\treadonly nonce: Hex;\n}\n\n/** Message body for {@link signReceiveWithAuthorization}. */\nexport type ReceiveWithAuthorizationMessage = TransferWithAuthorizationMessage;\n\n/** Message body for {@link signCancelAuthorization}. */\nexport interface CancelAuthorizationMessage {\n\treadonly authorizer: Address;\n\treadonly nonce: Hex;\n}\n\n/**\n * A signed EIP-3009 authorization, ready to be passed to the token's\n * `*WithAuthorization` entrypoint as `(v, r, s)`.\n */\nexport interface SignedAuthorization<TMessage> {\n\treadonly signature: Hex;\n\treadonly v: number;\n\treadonly r: Hex;\n\treadonly s: Hex;\n\treadonly domain: Eip3009Domain;\n\treadonly message: TMessage;\n}\n\n// ---------------------------------------------------------------------------\n// EIP-712 type definitions (must match EIP-3009 byte-for-byte)\n// ---------------------------------------------------------------------------\n\nconst transferWithAuthorizationTypes = {\n\tTransferWithAuthorization: [\n\t\t{ name: \"from\", type: \"address\" },\n\t\t{ name: \"to\", type: \"address\" },\n\t\t{ name: \"value\", type: \"uint256\" },\n\t\t{ name: \"validAfter\", type: \"uint256\" },\n\t\t{ name: \"validBefore\", type: \"uint256\" },\n\t\t{ name: \"nonce\", type: \"bytes32\" },\n\t],\n} as const;\n\nconst receiveWithAuthorizationTypes = {\n\tReceiveWithAuthorization: [\n\t\t{ name: \"from\", type: \"address\" },\n\t\t{ name: \"to\", type: \"address\" },\n\t\t{ name: \"value\", type: \"uint256\" },\n\t\t{ name: \"validAfter\", type: \"uint256\" },\n\t\t{ name: \"validBefore\", type: \"uint256\" },\n\t\t{ name: \"nonce\", type: \"bytes32\" },\n\t],\n} as const;\n\nconst cancelAuthorizationTypes = {\n\tCancelAuthorization: [\n\t\t{ name: \"authorizer\", type: \"address\" },\n\t\t{ name: \"nonce\", type: \"bytes32\" },\n\t],\n} as const;\n\n// ---------------------------------------------------------------------------\n// Helpers\n// ---------------------------------------------------------------------------\n\n/**\n * Generates a cryptographically random 32-byte EIP-3009 nonce.\n *\n * The nonce only needs to be unique per `(authorizer, contract)` — duplicates\n * across different tokens are harmless because the contract scopes them.\n *\n * @example\n * ```ts\n * import { generateAuthorizationNonce } from \"kawasekit\";\n *\n * const nonce = generateAuthorizationNonce();\n * ```\n */\nexport function generateAuthorizationNonce(): Hex {\n\tconst bytes = new Uint8Array(32);\n\tcrypto.getRandomValues(bytes);\n\treturn `0x${Array.from(bytes, (b) => b.toString(16).padStart(2, \"0\")).join(\"\")}` as Hex;\n}\n\n/**\n * Returns a `validBefore` UNIX timestamp `seconds` in the future.\n *\n * @param seconds - Lifetime of the authorization, in seconds.\n * @param nowSec - Optional override of \"now\" (defaults to {@link Date.now}).\n *\n * @example\n * ```ts\n * import { authorizationDeadlineFromNow } from \"kawasekit\";\n *\n * const validBefore = authorizationDeadlineFromNow(60 * 5); // 5 minutes\n * ```\n */\nexport function authorizationDeadlineFromNow(seconds: number, nowSec?: bigint): bigint {\n\tconst now = nowSec ?? BigInt(Math.floor(Date.now() / 1000));\n\treturn now + BigInt(seconds);\n}\n\nfunction requireSignTypedData(account: Account): NonNullable<Account[\"signTypedData\"]> {\n\tif (!account.signTypedData) {\n\t\tthrow new Error(\n\t\t\t`Account ${account.address} cannot sign typed data — pass a LocalAccount or a JsonRpcAccount bound to a WalletClient.`,\n\t\t);\n\t}\n\treturn account.signTypedData.bind(account);\n}\n\nfunction assertSignerMatches(account: Account, expectedFrom: Address, role: string): void {\n\tif (getAddress(account.address) !== getAddress(expectedFrom)) {\n\t\tthrow new Error(\n\t\t\t`EIP-3009 ${role} signature must come from \\`${role === \"cancel\" ? \"authorizer\" : \"from\"}\\`: account is ${account.address}, message says ${expectedFrom}.`,\n\t\t);\n\t}\n}\n\n// ---------------------------------------------------------------------------\n// Signers\n// ---------------------------------------------------------------------------\n\n/**\n * Signs an EIP-3009 `TransferWithAuthorization` message.\n *\n * The signing account MUST equal `message.from` — EIP-3009 rejects signatures\n * from anyone else (the on-chain check is pure `ecrecover` against `from`).\n *\n * @example\n * ```ts\n * import { privateKeyToAccount } from \"viem/accounts\";\n * import {\n * authorizationDeadlineFromNow,\n * generateAuthorizationNonce,\n * JPYC_EIP712_DOMAIN_HINT,\n * polygon,\n * signTransferWithAuthorization,\n * } from \"kawasekit\";\n *\n * const account = privateKeyToAccount(\"0x...\");\n * const signed = await signTransferWithAuthorization(account, {\n * ...JPYC_EIP712_DOMAIN_HINT,\n * chainId: polygon.id,\n * verifyingContract: \"0xE7C3D8C9a439feDe00D2600032D5dB0Be71C3c29\",\n * }, {\n * from: account.address,\n * to: \"0xBeef...\",\n * value: 100n * 10n ** 18n,\n * validAfter: 0n,\n * validBefore: authorizationDeadlineFromNow(300),\n * nonce: generateAuthorizationNonce(),\n * });\n * // → submit (v, r, s) to token.transferWithAuthorization(...)\n * ```\n */\nexport async function signTransferWithAuthorization(\n\taccount: Account,\n\tdomain: Eip3009Domain,\n\tmessage: TransferWithAuthorizationMessage,\n): Promise<SignedAuthorization<TransferWithAuthorizationMessage>> {\n\tassertSignerMatches(account, message.from, \"transfer\");\n\tconst sign = requireSignTypedData(account);\n\tconst signature = await sign({\n\t\tdomain,\n\t\ttypes: transferWithAuthorizationTypes,\n\t\tprimaryType: \"TransferWithAuthorization\",\n\t\tmessage,\n\t});\n\treturn splitAuthorization(signature, domain, message);\n}\n\n/**\n * Signs an EIP-3009 `ReceiveWithAuthorization` message.\n *\n * Differs from {@link signTransferWithAuthorization} in two ways:\n * 1. Uses the `ReceiveWithAuthorization` EIP-712 type.\n * 2. The contract additionally enforces `msg.sender == to` at submission\n * time, so only `to` (or a relayer impersonating `to` — impossible in\n * practice) can land the tx.\n */\nexport async function signReceiveWithAuthorization(\n\taccount: Account,\n\tdomain: Eip3009Domain,\n\tmessage: ReceiveWithAuthorizationMessage,\n): Promise<SignedAuthorization<ReceiveWithAuthorizationMessage>> {\n\tassertSignerMatches(account, message.from, \"receive\");\n\tconst sign = requireSignTypedData(account);\n\tconst signature = await sign({\n\t\tdomain,\n\t\ttypes: receiveWithAuthorizationTypes,\n\t\tprimaryType: \"ReceiveWithAuthorization\",\n\t\tmessage,\n\t});\n\treturn splitAuthorization(signature, domain, message);\n}\n\n/**\n * Signs an EIP-3009 `CancelAuthorization` message.\n *\n * Cancelling consumes the nonce so a later `transferWithAuthorization` or\n * `receiveWithAuthorization` with the same nonce will revert.\n */\nexport async function signCancelAuthorization(\n\taccount: Account,\n\tdomain: Eip3009Domain,\n\tmessage: CancelAuthorizationMessage,\n): Promise<SignedAuthorization<CancelAuthorizationMessage>> {\n\tassertSignerMatches(account, message.authorizer, \"cancel\");\n\tconst sign = requireSignTypedData(account);\n\tconst signature = await sign({\n\t\tdomain,\n\t\ttypes: cancelAuthorizationTypes,\n\t\tprimaryType: \"CancelAuthorization\",\n\t\tmessage,\n\t});\n\treturn splitAuthorization(signature, domain, message);\n}\n\nfunction splitAuthorization<TMessage>(\n\tsignature: Hex,\n\tdomain: Eip3009Domain,\n\tmessage: TMessage,\n): SignedAuthorization<TMessage> {\n\tconst parsed = parseSignature(signature);\n\t// viem's parseSignature returns yParity ∈ {0, 1} as well as v when present.\n\tconst v = parsed.v !== undefined ? Number(parsed.v) : (parsed.yParity ?? 0) + 27;\n\treturn {\n\t\tsignature,\n\t\tv,\n\t\tr: parsed.r,\n\t\ts: parsed.s,\n\t\tdomain,\n\t\tmessage,\n\t};\n}\n","/**\n * x402 v2 client-side signer.\n *\n * Given a server-issued {@link X402PaymentRequirements}, produce a\n * {@link X402PaymentPayload} the client can send back in the next request. This\n * is the first runtime consumer of the M2 EIP-3009 helpers\n * ({@link signTransferWithAuthorization}, {@link authorizationDeadlineFromNow},\n * {@link generateAuthorizationNonce}).\n *\n * Scope:\n * - **exact-EVM scheme only.** Permit2 / ERC-7710 are M4+.\n * - **EOA payer only.** EIP-3009 uses pure `ecrecover` (no ERC-1271 fallback)\n * so smart accounts cannot be `from`. The agent-account flow is\n * {@link transferJpyc} (UserOp), not x402.\n *\n * @packageDocumentation\n */\n\nimport type { Account, Address } from \"viem\";\nimport { getAddress, isAddress } from \"viem\";\nimport { getChain, isSupportedChainId } from \"../chains\";\nimport {\n\tauthorizationDeadlineFromNow,\n\tgenerateAuthorizationNonce,\n\tsignTransferWithAuthorization,\n} from \"../tokens/eip3009\";\nimport { JPYC_EIP712_DOMAIN_HINT, JPYC_V2_ADDRESS } from \"../tokens/jpyc\";\nimport { X402InvalidPayloadError } from \"./errors\";\nimport type {\n\tX402ExactEvmPayload,\n\tX402PaymentPayload,\n\tX402PaymentRequirements,\n\tX402ResourceInfo,\n} from \"./types\";\nimport { X402_VERSION, x402NetworkToChainId } from \"./types\";\n\n// ---------------------------------------------------------------------------\n// Defaults\n// ---------------------------------------------------------------------------\n\n/**\n * Default authorization lifetime (`validBefore = now + this`) when the caller\n * does not pass an override. Capped per-sign by `paymentRequirements.maxTimeoutSeconds`.\n *\n * 300 s matches the M3 example app's tolerance for Polygon Amoy bundler\n * inclusion latency (see plan risk #6).\n */\nexport const X402_DEFAULT_AUTHORIZATION_LIFETIME_SECONDS = 300;\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** EIP-712 token domain `name` / `version` pair. */\nexport interface X402TokenDomain {\n\treadonly name: string;\n\treadonly version: string;\n}\n\n/** Parameters for {@link createX402PaymentSigner}. */\nexport interface CreateX402PaymentSignerParams {\n\t/**\n\t * Declared production-vs-test intent. Each `sign()` call verifies that\n\t * `paymentRequirements.network` resolves to a chain whose `isTestnet`\n\t * agrees with this value, and throws otherwise. The point is to refuse\n\t * to sign a real-funds payment when the signer was configured for testnet\n\t * (e.g. the server unexpectedly demanded `polygon-mainnet` instead of\n\t * `polygon-amoy`).\n\t */\n\treadonly network: \"mainnet\" | \"testnet\";\n\t/**\n\t * EOA / LocalAccount that signs the EIP-3009 `TransferWithAuthorization`.\n\t * MUST be the same address the requirements' `from` will name.\n\t */\n\treadonly account: Account;\n\t/**\n\t * Default authorization lifetime in seconds. Bounded by each\n\t * requirement's `maxTimeoutSeconds` at sign time.\n\t * Defaults to {@link X402_DEFAULT_AUTHORIZATION_LIFETIME_SECONDS}.\n\t */\n\treadonly defaultLifetimeSeconds?: number;\n\t/**\n\t * Optional override of the EIP-712 domain `name` / `version`. Skips the\n\t * lookup of `paymentRequirements.extra.name` / `.version`. Useful when\n\t * the caller wants to pin to a known-good domain regardless of what the\n\t * server advertised.\n\t */\n\treadonly domainOverride?: X402TokenDomain;\n}\n\n/** Parameters for {@link X402PaymentSigner.sign}. */\nexport interface SignX402PaymentParams {\n\t/** The chosen entry from the server's `accepts` array. */\n\treadonly paymentRequirements: X402PaymentRequirements;\n\t/** Optional {@link X402ResourceInfo} to echo back in the payload. */\n\treadonly resource?: X402ResourceInfo;\n\t/** Unix-seconds override of `validAfter`. Defaults to `0n`. */\n\treadonly validAfter?: bigint;\n\t/**\n\t * Unix-seconds override of `validBefore`. Defaults to `now + lifetime`\n\t * where lifetime = `min(signer default, requirements.maxTimeoutSeconds)`.\n\t */\n\treadonly validBefore?: bigint;\n}\n\n/** Signer returned by {@link createX402PaymentSigner}. */\nexport interface X402PaymentSigner {\n\t/** Address of the EOA bound to this signer. */\n\treadonly address: Address;\n\t/** Sign a payment for one {@link X402PaymentRequirements}. */\n\tsign(params: SignX402PaymentParams): Promise<X402PaymentPayload>;\n}\n\n// ---------------------------------------------------------------------------\n// Internal helpers\n// ---------------------------------------------------------------------------\n\nconst UINT256_MAX = (1n << 256n) - 1n;\nconst UINT256_DECIMAL = /^(0|[1-9][0-9]*)$/;\n\nfunction parseUintString(value: string, field: string): bigint {\n\tif (!UINT256_DECIMAL.test(value)) {\n\t\tthrow new X402InvalidPayloadError(\n\t\t\t\"PaymentRequirements\",\n\t\t\t`\\`${field}\\` must be a non-negative decimal string, got ${JSON.stringify(value)}`,\n\t\t);\n\t}\n\tconst parsed = BigInt(value);\n\tif (parsed > UINT256_MAX) {\n\t\tthrow new X402InvalidPayloadError(\n\t\t\t\"PaymentRequirements\",\n\t\t\t`\\`${field}\\` exceeds uint256, got ${value}`,\n\t\t);\n\t}\n\treturn parsed;\n}\n\nfunction assertAddress(value: string, field: string): Address {\n\tif (!isAddress(value, { strict: false })) {\n\t\tthrow new X402InvalidPayloadError(\n\t\t\t\"PaymentRequirements\",\n\t\t\t`\\`${field}\\` is not a valid address: ${value}`,\n\t\t);\n\t}\n\treturn value as Address;\n}\n\nfunction resolveDomain(\n\trequirements: X402PaymentRequirements,\n\toverride: X402TokenDomain | undefined,\n): X402TokenDomain {\n\tif (override) {\n\t\treturn override;\n\t}\n\tconst extra = requirements.extra as { name?: unknown; version?: unknown };\n\tif (typeof extra.name === \"string\" && typeof extra.version === \"string\") {\n\t\treturn { name: extra.name, version: extra.version };\n\t}\n\tif (getAddress(requirements.asset) === getAddress(JPYC_V2_ADDRESS)) {\n\t\treturn JPYC_EIP712_DOMAIN_HINT;\n\t}\n\tthrow new X402InvalidPayloadError(\n\t\t\"PaymentRequirements\",\n\t\t\"`extra.name` and `extra.version` are required for exact-EVM signing on a non-JPYC asset\",\n\t);\n}\n\nfunction validateRequirements(requirements: X402PaymentRequirements): {\n\treadonly chainId: number;\n\treadonly value: bigint;\n\treadonly asset: Address;\n\treadonly payTo: Address;\n} {\n\tif (requirements.scheme !== \"exact\") {\n\t\tthrow new X402InvalidPayloadError(\n\t\t\t\"PaymentRequirements\",\n\t\t\t`unsupported scheme: ${requirements.scheme}`,\n\t\t);\n\t}\n\tconst chainId = x402NetworkToChainId(requirements.network);\n\tif (!isSupportedChainId(chainId)) {\n\t\t// Defensive: an inbound payload typed as X402PaymentRequirements that\n\t\t// nonetheless smuggled an unsupported chainId via type-cast.\n\t\tthrow new X402InvalidPayloadError(\n\t\t\t\"PaymentRequirements\",\n\t\t\t`unsupported network: ${requirements.network}`,\n\t\t);\n\t}\n\tconst value = parseUintString(requirements.amount, \"amount\");\n\tif (value === 0n) {\n\t\tthrow new X402InvalidPayloadError(\"PaymentRequirements\", \"`amount` must be positive\");\n\t}\n\tif (requirements.maxTimeoutSeconds <= 0) {\n\t\tthrow new X402InvalidPayloadError(\n\t\t\t\"PaymentRequirements\",\n\t\t\t`\\`maxTimeoutSeconds\\` must be positive, got ${requirements.maxTimeoutSeconds}`,\n\t\t);\n\t}\n\tconst asset = assertAddress(requirements.asset, \"asset\");\n\tconst payTo = assertAddress(requirements.payTo, \"payTo\");\n\treturn { chainId, value, asset, payTo };\n}\n\n// ---------------------------------------------------------------------------\n// Public API\n// ---------------------------------------------------------------------------\n\n/**\n * Build an {@link X402PaymentSigner} bound to a single signing account.\n *\n * The returned signer can produce many {@link X402PaymentPayload}s in\n * succession — one per accepted requirement. Each call generates a fresh\n * EIP-3009 nonce.\n *\n * @example\n * ```ts\n * import { privateKeyToAccount } from \"viem/accounts\";\n * import { createX402PaymentSigner } from \"kawasekit\";\n *\n * const account = privateKeyToAccount(\"0x...\");\n * const signer = createX402PaymentSigner({ network: \"testnet\", account });\n *\n * // ...after receiving a 402 with PAYMENT-REQUIRED header...\n * const paymentPayload = await signer.sign({ paymentRequirements });\n * ```\n */\nexport function createX402PaymentSigner(params: CreateX402PaymentSignerParams): X402PaymentSigner {\n\tconst { account, network } = params;\n\tconst defaultLifetimeSeconds =\n\t\tparams.defaultLifetimeSeconds ?? X402_DEFAULT_AUTHORIZATION_LIFETIME_SECONDS;\n\tif (defaultLifetimeSeconds <= 0) {\n\t\tthrow new X402InvalidPayloadError(\n\t\t\t\"X402PaymentSignerConfig\",\n\t\t\t`\\`defaultLifetimeSeconds\\` must be positive, got ${defaultLifetimeSeconds}`,\n\t\t);\n\t}\n\tconst domainOverride = params.domainOverride;\n\n\treturn {\n\t\taddress: account.address,\n\t\tasync sign(signParams) {\n\t\t\tconst { paymentRequirements } = signParams;\n\t\t\tconst { chainId, value, asset, payTo } = validateRequirements(paymentRequirements);\n\t\t\tconst chain = getChain(chainId);\n\t\t\tif (network === \"mainnet\" && chain.isTestnet) {\n\t\t\t\tthrow new X402InvalidPayloadError(\n\t\t\t\t\t\"PaymentRequirements\",\n\t\t\t\t\t`signer was configured for network=\"mainnet\" but requirements.network=\"${paymentRequirements.network}\" (chainId ${chainId}) is a testnet`,\n\t\t\t\t);\n\t\t\t}\n\t\t\tif (network === \"testnet\" && !chain.isTestnet) {\n\t\t\t\tthrow new X402InvalidPayloadError(\n\t\t\t\t\t\"PaymentRequirements\",\n\t\t\t\t\t`signer was configured for network=\"testnet\" but requirements.network=\"${paymentRequirements.network}\" (chainId ${chainId}) is a mainnet — refusing to sign payment for real funds`,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst domain = resolveDomain(paymentRequirements, domainOverride);\n\n\t\t\tconst lifetime = Math.min(defaultLifetimeSeconds, paymentRequirements.maxTimeoutSeconds);\n\t\t\tconst validAfter = signParams.validAfter ?? 0n;\n\t\t\tconst validBefore = signParams.validBefore ?? authorizationDeadlineFromNow(lifetime);\n\t\t\tif (validBefore <= validAfter) {\n\t\t\t\tthrow new X402InvalidPayloadError(\n\t\t\t\t\t\"PaymentRequirements\",\n\t\t\t\t\t`\\`validBefore\\` (${validBefore}) must be greater than \\`validAfter\\` (${validAfter})`,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst nonce = generateAuthorizationNonce();\n\t\t\tconst signed = await signTransferWithAuthorization(\n\t\t\t\taccount,\n\t\t\t\t{ name: domain.name, version: domain.version, chainId, verifyingContract: asset },\n\t\t\t\t{\n\t\t\t\t\tfrom: account.address,\n\t\t\t\t\tto: payTo,\n\t\t\t\t\tvalue,\n\t\t\t\t\tvalidAfter,\n\t\t\t\t\tvalidBefore,\n\t\t\t\t\tnonce,\n\t\t\t\t},\n\t\t\t);\n\n\t\t\tconst payload: X402ExactEvmPayload = {\n\t\t\t\tsignature: signed.signature,\n\t\t\t\tauthorization: {\n\t\t\t\t\tfrom: signed.message.from,\n\t\t\t\t\tto: signed.message.to,\n\t\t\t\t\tvalue: signed.message.value.toString(),\n\t\t\t\t\tvalidAfter: signed.message.validAfter.toString(),\n\t\t\t\t\tvalidBefore: signed.message.validBefore.toString(),\n\t\t\t\t\tnonce: signed.message.nonce,\n\t\t\t\t},\n\t\t\t};\n\n\t\t\tconst result: X402PaymentPayload = signParams.resource\n\t\t\t\t? {\n\t\t\t\t\t\tx402Version: X402_VERSION,\n\t\t\t\t\t\tresource: signParams.resource,\n\t\t\t\t\t\taccepted: paymentRequirements,\n\t\t\t\t\t\tpayload: { ...payload },\n\t\t\t\t\t}\n\t\t\t\t: {\n\t\t\t\t\t\tx402Version: X402_VERSION,\n\t\t\t\t\t\taccepted: paymentRequirements,\n\t\t\t\t\t\tpayload: { ...payload },\n\t\t\t\t\t};\n\t\t\treturn result;\n\t\t},\n\t};\n}\n","/**\n * Facilitator implementations: local viem-backed (`createSelfFacilitator`) and\n * HTTP-proxied (`createHttpFacilitator`).\n *\n * Both expose the same {@link Facilitator} interface — `verify` / `settle` /\n * `supported` — so {@link createX402Handler} can swap one for the other based\n * on environment (testnet vs. mainnet, self-hosted vs. Coinbase CDP).\n *\n * Spec references:\n * - Error codes: x402 v2 spec §9 (Error Handling)\n * - Verification steps: scheme_exact_evm.md §1 Phase 2\n * - Facilitator HTTP API: x402 v2 spec §7\n *\n * @packageDocumentation\n */\n\nimport type { Account, Address, Chain, Hex, PublicClient, Transport, WalletClient } from \"viem\";\nimport { getAddress, parseSignature, recoverTypedDataAddress } from \"viem\";\nimport { getChain, isSupportedChainId, type SupportedChainId } from \"../chains\";\nimport {\n\tinvokeHookSafely,\n\ttype ObservabilityHooks,\n\ttype SettleEvent,\n\ttype VerifyEvent,\n} from \"../observability/hooks\";\nimport { JPYC_EIP712_DOMAIN_HINT, JPYC_V2_ADDRESS, jpycAbi } from \"../tokens/jpyc\";\nimport type {\n\tFacilitator,\n\tX402PaymentRequirements,\n\tX402SettleRequest,\n\tX402SettleResponse,\n\tX402SupportedKind,\n\tX402SupportedResponse,\n\tX402VerifyRequest,\n\tX402VerifyResponse,\n} from \"./types\";\nimport { chainIdToX402Network, X402_VERSION, x402NetworkToChainId } from \"./types\";\n\n// ---------------------------------------------------------------------------\n// Error code vocabulary (x402 v2 §9)\n// ---------------------------------------------------------------------------\n\n/**\n * Standard x402 v2 error codes used as `invalidReason` (verify) and\n * `errorReason` (settle). Kept as string literals so that consumers can\n * `switch` on the union; values match the spec verbatim.\n */\nexport const X402_FACILITATOR_ERROR_CODES = {\n\tinsufficient_funds: \"insufficient_funds\",\n\tinvalid_exact_evm_payload_authorization_valid_after:\n\t\t\"invalid_exact_evm_payload_authorization_valid_after\",\n\tinvalid_exact_evm_payload_authorization_valid_before:\n\t\t\"invalid_exact_evm_payload_authorization_valid_before\",\n\tinvalid_exact_evm_payload_authorization_value_mismatch:\n\t\t\"invalid_exact_evm_payload_authorization_value_mismatch\",\n\tinvalid_exact_evm_payload_recipient_mismatch: \"invalid_exact_evm_payload_recipient_mismatch\",\n\tinvalid_exact_evm_payload_signature: \"invalid_exact_evm_payload_signature\",\n\tinvalid_network: \"invalid_network\",\n\tinvalid_payload: \"invalid_payload\",\n\tinvalid_scheme: \"invalid_scheme\",\n\tinvalid_transaction_state: \"invalid_transaction_state\",\n\tunexpected_settle_error: \"unexpected_settle_error\",\n\tunexpected_verify_error: \"unexpected_verify_error\",\n} as const;\n\ntype X402FacilitatorErrorCode =\n\t(typeof X402_FACILITATOR_ERROR_CODES)[keyof typeof X402_FACILITATOR_ERROR_CODES];\n\n// ---------------------------------------------------------------------------\n// Shared helpers\n// ---------------------------------------------------------------------------\n\ninterface NarrowExactEvmPayload {\n\treadonly signature: Hex;\n\treadonly authorization: {\n\t\treadonly from: Address;\n\t\treadonly to: Address;\n\t\treadonly value: string;\n\t\treadonly validAfter: string;\n\t\treadonly validBefore: string;\n\t\treadonly nonce: Hex;\n\t};\n}\n\nfunction isHex(value: unknown): value is Hex {\n\treturn typeof value === \"string\" && /^0x[0-9a-fA-F]*$/.test(value);\n}\n\nfunction isAddressLike(value: unknown): value is Address {\n\treturn typeof value === \"string\" && /^0x[0-9a-fA-F]{40}$/.test(value);\n}\n\nfunction isDecimalString(value: unknown): value is string {\n\treturn typeof value === \"string\" && /^(0|[1-9][0-9]*)$/.test(value);\n}\n\nfunction narrowExactEvmPayload(payload: Record<string, unknown>): NarrowExactEvmPayload | null {\n\tconst p = payload as { signature?: unknown; authorization?: unknown };\n\tif (!isHex(p.signature)) return null;\n\tif (typeof p.authorization !== \"object\" || p.authorization === null) return null;\n\tconst a = p.authorization as {\n\t\tfrom?: unknown;\n\t\tto?: unknown;\n\t\tvalue?: unknown;\n\t\tvalidAfter?: unknown;\n\t\tvalidBefore?: unknown;\n\t\tnonce?: unknown;\n\t};\n\tif (!isAddressLike(a.from)) return null;\n\tif (!isAddressLike(a.to)) return null;\n\tif (!isDecimalString(a.value)) return null;\n\tif (!isDecimalString(a.validAfter)) return null;\n\tif (!isDecimalString(a.validBefore)) return null;\n\tif (!isHex(a.nonce)) return null;\n\treturn {\n\t\tsignature: p.signature,\n\t\tauthorization: {\n\t\t\tfrom: a.from,\n\t\t\tto: a.to,\n\t\t\tvalue: a.value,\n\t\t\tvalidAfter: a.validAfter,\n\t\t\tvalidBefore: a.validBefore,\n\t\t\tnonce: a.nonce,\n\t\t},\n\t};\n}\n\nconst TRANSFER_AUTHORIZATION_TYPES = {\n\tTransferWithAuthorization: [\n\t\t{ name: \"from\", type: \"address\" },\n\t\t{ name: \"to\", type: \"address\" },\n\t\t{ name: \"value\", type: \"uint256\" },\n\t\t{ name: \"validAfter\", type: \"uint256\" },\n\t\t{ name: \"validBefore\", type: \"uint256\" },\n\t\t{ name: \"nonce\", type: \"bytes32\" },\n\t],\n} as const;\n\nfunction resolveDomain(requirements: X402PaymentRequirements): {\n\treadonly name: string;\n\treadonly version: string;\n} {\n\tconst extra = requirements.extra as { name?: unknown; version?: unknown };\n\tif (typeof extra.name === \"string\" && typeof extra.version === \"string\") {\n\t\treturn { name: extra.name, version: extra.version };\n\t}\n\tif (getAddress(requirements.asset) === getAddress(JPYC_V2_ADDRESS)) {\n\t\treturn JPYC_EIP712_DOMAIN_HINT;\n\t}\n\tthrow new Error(\n\t\t\"resolveDomain: `extra.name` and `extra.version` are required for non-JPYC assets\",\n\t);\n}\n\nfunction failVerify(\n\treason: X402FacilitatorErrorCode,\n\tmessage?: string,\n\tpayer?: Address,\n): X402VerifyResponse {\n\tif (message !== undefined && payer !== undefined) {\n\t\treturn { isValid: false, invalidReason: reason, invalidMessage: message, payer };\n\t}\n\tif (message !== undefined) {\n\t\treturn { isValid: false, invalidReason: reason, invalidMessage: message };\n\t}\n\tif (payer !== undefined) {\n\t\treturn { isValid: false, invalidReason: reason, payer };\n\t}\n\treturn { isValid: false, invalidReason: reason };\n}\n\nfunction failSettle(\n\tnetwork: X402SettleResponse[\"network\"],\n\treason: X402FacilitatorErrorCode,\n\toptions: { message?: string; payer?: Address; transaction?: string } = {},\n): X402SettleResponse {\n\tconst transaction = options.transaction ?? \"\";\n\tconst base: X402SettleResponse = {\n\t\tsuccess: false,\n\t\terrorReason: reason,\n\t\ttransaction,\n\t\tnetwork,\n\t};\n\tif (options.message !== undefined && options.payer !== undefined) {\n\t\treturn { ...base, errorMessage: options.message, payer: options.payer };\n\t}\n\tif (options.message !== undefined) {\n\t\treturn { ...base, errorMessage: options.message };\n\t}\n\tif (options.payer !== undefined) {\n\t\treturn { ...base, payer: options.payer };\n\t}\n\treturn base;\n}\n\n// ---------------------------------------------------------------------------\n// Self-facilitator (local viem-backed)\n// ---------------------------------------------------------------------------\n\n/** Parameters for {@link createSelfFacilitator}. */\nexport interface CreateSelfFacilitatorParams {\n\t/**\n\t * Declared production-vs-test intent. MUST agree with `walletClient.chain`:\n\t * - `\"mainnet\"` requires a kawasekit chain with `isTestnet === false`.\n\t * - `\"testnet\"` requires a kawasekit chain with `isTestnet === true`.\n\t *\n\t * The check is enforced at construction time and throws a fatal error on\n\t * disagreement. The point is to make accidentally pointing a testnet\n\t * configuration at a mainnet RPC (or vice versa) impossible — that mistake\n\t * would broadcast real-fund transactions silently.\n\t */\n\treadonly network: \"mainnet\" | \"testnet\";\n\t/**\n\t * Pre-configured wallet client that broadcasts settlement transactions.\n\t * The bound account pays gas. `walletClient.chain.id` determines the only\n\t * chain this facilitator serves, and `walletClient.chain.isTestnet` MUST\n\t * agree with the declared {@link network}.\n\t */\n\treadonly walletClient: WalletClient<Transport, Chain, Account>;\n\t/**\n\t * Pre-configured public client on the same chain as `walletClient`. Used\n\t * for balance and authorization-state reads during verify.\n\t */\n\treadonly publicClient: PublicClient<Transport, Chain>;\n\t/**\n\t * Timeout (ms) for `waitForTransactionReceipt` during settle.\n\t * Defaults to 60_000.\n\t */\n\treadonly receiptTimeoutMs?: number;\n\t/**\n\t * Number of block confirmations to wait past the settle tx inclusion\n\t * before considering settlement final. Mitigates threat 2.8 (settle\n\t * tx reorg producing a \"content delivered, payment reverted\" state)\n\t * by raising the bar past Polygon PoS's typical reorg depth.\n\t *\n\t * Chain-aware defaults if omitted:\n\t * - testnet (Polygon Amoy): `1` — fast feedback for dev loops, no\n\t * real funds at risk\n\t * - mainnet (Polygon): `4` — roughly ~8 s of soft finality at\n\t * Polygon's ~2 s block time, suitable for the small-value paywall\n\t * hits kawasekit targets (sub-100 JPYC per call)\n\t *\n\t * For high-value merchants — or any deployment uncomfortable with\n\t * shallow reorg risk — raise this to 32+ and bump\n\t * {@link receiptTimeoutMs} so the timeout still accommodates the\n\t * wait. See `docs/THREAT_MODEL.md` §2.8 / §6.6.\n\t */\n\treadonly confirmations?: number;\n\t/**\n\t * Optional observability callbacks. Hooks are fire-and-forget — any throw\n\t * or rejection inside a hook is silently discarded and never propagates to\n\t * the verify / settle return path. See {@link ObservabilityHooks}.\n\t *\n\t * The facilitator emits `onVerify` after every `verify()` call (including\n\t * the internal re-verify that runs at the start of `settle()`) and\n\t * `onSettle` after every `settle()` call.\n\t */\n\treadonly hooks?: ObservabilityHooks;\n}\n\n/**\n * Builds a facilitator that verifies and broadcasts exact-EVM EIP-3009\n * payments using a locally-held EOA private key (gas payer).\n *\n * Intended for self-hosted paywalls and testnet (Polygon Amoy) where the\n * Coinbase CDP facilitator is not guaranteed to support the chain.\n *\n * **Concurrent settle() calls**: under any meaningful load (e.g. an LLM\n * agent fan-out) you will issue multiple `transferWithAuthorization`\n * broadcasts from the same facilitator EOA in parallel. Without local nonce\n * sequencing those broadcasts race for the same on-chain nonce and only\n * one lands. Pass viem's `nonceManager` when constructing the facilitator\n * account to make this safe — see `@example` below.\n *\n * @example\n * ```ts\n * import { createPublicClient, createWalletClient, http } from \"viem\";\n * import { nonceManager, privateKeyToAccount } from \"viem/accounts\";\n * import { createSelfFacilitator, polygonAmoy } from \"kawasekit\";\n *\n * // `nonceManager` is REQUIRED whenever you expect concurrent settlements.\n * const account = privateKeyToAccount(\n * process.env.FACILITATOR_PK as `0x${string}`,\n * { nonceManager },\n * );\n * const transport = http(process.env.RPC_URL);\n * const facilitator = createSelfFacilitator({\n * network: \"testnet\", // must agree with polygonAmoy.isTestnet === true\n * walletClient: createWalletClient({ chain: polygonAmoy, transport, account }),\n * publicClient: createPublicClient({ chain: polygonAmoy, transport }),\n * });\n * ```\n */\nexport function createSelfFacilitator(params: CreateSelfFacilitatorParams): Facilitator {\n\tconst { walletClient, publicClient } = params;\n\tconst receiptTimeoutMs = params.receiptTimeoutMs ?? 60_000;\n\t// Chain-aware confirmation depth (threat 2.8 / §6.6 mitigation). Defaults\n\t// kick in only when the operator did not pass an explicit value; the\n\t// network-vs-isTestnet check below has already locked down which side we\n\t// are on.\n\tconst defaultConfirmations = params.network === \"mainnet\" ? 4 : 1;\n\tconst confirmations = params.confirmations ?? defaultConfirmations;\n\tconst facilitatorChainId = walletClient.chain.id;\n\tif (!isSupportedChainId(facilitatorChainId)) {\n\t\tthrow new Error(\n\t\t\t`createSelfFacilitator: walletClient.chain.id ${facilitatorChainId} is not a kawasekit-supported chain`,\n\t\t);\n\t}\n\tconst supportedChainId: SupportedChainId = facilitatorChainId;\n\tconst chain = getChain(supportedChainId);\n\tif (params.network === \"mainnet\" && chain.isTestnet) {\n\t\tthrow new Error(\n\t\t\t`createSelfFacilitator: network=\"mainnet\" but walletClient.chain \"${chain.name}\" (chainId ${supportedChainId}) is a testnet`,\n\t\t);\n\t}\n\tif (params.network === \"testnet\" && !chain.isTestnet) {\n\t\tthrow new Error(\n\t\t\t`createSelfFacilitator: network=\"testnet\" but walletClient.chain \"${chain.name}\" (chainId ${supportedChainId}) is a mainnet — refusing to broadcast with real funds`,\n\t\t);\n\t}\n\n\t// Threat 2.2 (concurrent settle nonce race) enforcement. The facilitator\n\t// will broadcast `transferWithAuthorization` calls in parallel under any\n\t// fan-out workload (LLM agent tool calls are the canonical example).\n\t// Without viem's nonceManager attached, every parallel `writeContract`\n\t// reads the same on-chain nonce and only one tx lands — settlements\n\t// silently dropped. Enforcing this at construction time means the\n\t// failure mode shows up at boot, not at the first parallel hit in\n\t// production. See `docs/THREAT_MODEL.md#22-concurrent-settle-nonce-race`.\n\tif (walletClient.account.nonceManager === undefined) {\n\t\tthrow new Error(\n\t\t\t'createSelfFacilitator: walletClient.account must be constructed with viem\\'s `nonceManager` to serialise nonces under concurrent settle(). Example:\\n import { nonceManager, privateKeyToAccount } from \"viem/accounts\";\\n const account = privateKeyToAccount(pk, { nonceManager });\\n const walletClient = createWalletClient({ chain, transport, account });',\n\t\t);\n\t}\n\n\tconst network = chainIdToX402Network(supportedChainId);\n\tconst hooks = params.hooks;\n\n\tfunction buildVerifyEvent(\n\t\treq: X402VerifyRequest,\n\t\tresponse: X402VerifyResponse,\n\t\tstartedAtMs: number,\n\t): VerifyEvent {\n\t\tconst durationMs = Date.now() - startedAtMs;\n\t\tconst eventNetwork = req.paymentRequirements.network;\n\t\tif (response.isValid && response.payer !== undefined) {\n\t\t\treturn {\n\t\t\t\tkind: \"verify\",\n\t\t\t\tresult: \"success\",\n\t\t\t\tstartedAtMs,\n\t\t\t\tdurationMs,\n\t\t\t\tnetwork: eventNetwork,\n\t\t\t\tpayer: response.payer,\n\t\t\t\tamount: req.paymentRequirements.amount,\n\t\t\t};\n\t\t}\n\t\tif (response.isValid) {\n\t\t\t// verifyCore always sets payer on success, but the X402VerifyResponse\n\t\t\t// type permits it to be absent; downgrade to a synthetic failure\n\t\t\t// event so the discriminated union remains sound for adapters.\n\t\t\treturn {\n\t\t\t\tkind: \"verify\",\n\t\t\t\tresult: \"failure\",\n\t\t\t\tstartedAtMs,\n\t\t\t\tdurationMs,\n\t\t\t\tnetwork: eventNetwork,\n\t\t\t\tinvalidReason: \"unexpected_verify_error\",\n\t\t\t\tinvalidMessage: \"verify succeeded but payer was not surfaced\",\n\t\t\t};\n\t\t}\n\t\tconst base = {\n\t\t\tkind: \"verify\" as const,\n\t\t\tresult: \"failure\" as const,\n\t\t\tstartedAtMs,\n\t\t\tdurationMs,\n\t\t\tnetwork: eventNetwork,\n\t\t\tinvalidReason: response.invalidReason ?? \"unexpected_verify_error\",\n\t\t};\n\t\tif (response.payer !== undefined && response.invalidMessage !== undefined) {\n\t\t\treturn { ...base, payer: response.payer, invalidMessage: response.invalidMessage };\n\t\t}\n\t\tif (response.payer !== undefined) {\n\t\t\treturn { ...base, payer: response.payer };\n\t\t}\n\t\tif (response.invalidMessage !== undefined) {\n\t\t\treturn { ...base, invalidMessage: response.invalidMessage };\n\t\t}\n\t\treturn base;\n\t}\n\n\tfunction buildSettleEvent(\n\t\treq: X402SettleRequest,\n\t\tresponse: X402SettleResponse,\n\t\tstartedAtMs: number,\n\t): SettleEvent {\n\t\tconst durationMs = Date.now() - startedAtMs;\n\t\tconst eventNetwork = req.paymentRequirements.network;\n\t\tif (response.success && response.payer !== undefined) {\n\t\t\treturn {\n\t\t\t\tkind: \"settle\",\n\t\t\t\tresult: \"success\",\n\t\t\t\tstartedAtMs,\n\t\t\t\tdurationMs,\n\t\t\t\tnetwork: eventNetwork,\n\t\t\t\tpayer: response.payer,\n\t\t\t\tamount: req.paymentRequirements.amount,\n\t\t\t\ttransaction: response.transaction as Hex,\n\t\t\t};\n\t\t}\n\t\tif (response.success) {\n\t\t\t// settleCore always sets payer on success; the spec response type\n\t\t\t// permits it to be absent so we downgrade to a synthetic failure\n\t\t\t// rather than emit a malformed event.\n\t\t\treturn {\n\t\t\t\tkind: \"settle\",\n\t\t\t\tresult: \"failure\",\n\t\t\t\tstartedAtMs,\n\t\t\t\tdurationMs,\n\t\t\t\tnetwork: eventNetwork,\n\t\t\t\terrorReason: \"unexpected_settle_error\",\n\t\t\t\terrorMessage: \"settle succeeded but payer was not surfaced\",\n\t\t\t\ttransaction: response.transaction as Hex,\n\t\t\t};\n\t\t}\n\t\tconst base = {\n\t\t\tkind: \"settle\" as const,\n\t\t\tresult: \"failure\" as const,\n\t\t\tstartedAtMs,\n\t\t\tdurationMs,\n\t\t\tnetwork: eventNetwork,\n\t\t\terrorReason: response.errorReason ?? \"unexpected_settle_error\",\n\t\t};\n\t\tconst withPayer = response.payer !== undefined ? { ...base, payer: response.payer } : base;\n\t\tconst withMessage =\n\t\t\tresponse.errorMessage !== undefined\n\t\t\t\t? { ...withPayer, errorMessage: response.errorMessage }\n\t\t\t\t: withPayer;\n\t\tif (response.transaction !== \"\" && response.transaction !== undefined) {\n\t\t\treturn { ...withMessage, transaction: response.transaction as Hex };\n\t\t}\n\t\treturn withMessage;\n\t}\n\n\tasync function verifyCore(req: X402VerifyRequest): Promise<X402VerifyResponse> {\n\t\t// 1. Scheme / network gates\n\t\tif (req.paymentRequirements.scheme !== \"exact\") {\n\t\t\treturn failVerify(\"invalid_scheme\");\n\t\t}\n\t\tif (req.paymentPayload.accepted.scheme !== \"exact\") {\n\t\t\treturn failVerify(\"invalid_scheme\");\n\t\t}\n\t\tconst reqChainId = x402NetworkToChainId(req.paymentRequirements.network);\n\t\tif (reqChainId !== supportedChainId) {\n\t\t\treturn failVerify(\"invalid_network\");\n\t\t}\n\t\tif (req.paymentPayload.accepted.network !== req.paymentRequirements.network) {\n\t\t\treturn failVerify(\"invalid_network\");\n\t\t}\n\n\t\t// 2. Narrow scheme-specific payload\n\t\tconst exact = narrowExactEvmPayload(req.paymentPayload.payload);\n\t\tif (exact === null) {\n\t\t\treturn failVerify(\"invalid_payload\");\n\t\t}\n\t\tconst auth = exact.authorization;\n\n\t\t// 3. Parameter matching against requirements\n\t\tif (auth.value !== req.paymentRequirements.amount) {\n\t\t\treturn failVerify(\n\t\t\t\t\"invalid_exact_evm_payload_authorization_value_mismatch\",\n\t\t\t\tundefined,\n\t\t\t\tauth.from,\n\t\t\t);\n\t\t}\n\t\tif (getAddress(auth.to) !== getAddress(req.paymentRequirements.payTo)) {\n\t\t\treturn failVerify(\"invalid_exact_evm_payload_recipient_mismatch\", undefined, auth.from);\n\t\t}\n\n\t\t// 4. Time window\n\t\tconst now = BigInt(Math.floor(Date.now() / 1000));\n\t\tconst validAfter = BigInt(auth.validAfter);\n\t\tconst validBefore = BigInt(auth.validBefore);\n\t\tif (now < validAfter) {\n\t\t\treturn failVerify(\n\t\t\t\t\"invalid_exact_evm_payload_authorization_valid_after\",\n\t\t\t\tundefined,\n\t\t\t\tauth.from,\n\t\t\t);\n\t\t}\n\t\tif (now >= validBefore) {\n\t\t\treturn failVerify(\n\t\t\t\t\"invalid_exact_evm_payload_authorization_valid_before\",\n\t\t\t\tundefined,\n\t\t\t\tauth.from,\n\t\t\t);\n\t\t}\n\n\t\t// 5. Signature recovery\n\t\tlet recovered: Address;\n\t\ttry {\n\t\t\tconst domain = resolveDomain(req.paymentRequirements);\n\t\t\trecovered = await recoverTypedDataAddress({\n\t\t\t\tdomain: {\n\t\t\t\t\tname: domain.name,\n\t\t\t\t\tversion: domain.version,\n\t\t\t\t\tchainId: reqChainId,\n\t\t\t\t\tverifyingContract: req.paymentRequirements.asset,\n\t\t\t\t},\n\t\t\t\ttypes: TRANSFER_AUTHORIZATION_TYPES,\n\t\t\t\tprimaryType: \"TransferWithAuthorization\",\n\t\t\t\tmessage: {\n\t\t\t\t\tfrom: auth.from,\n\t\t\t\t\tto: auth.to,\n\t\t\t\t\tvalue: BigInt(auth.value),\n\t\t\t\t\tvalidAfter,\n\t\t\t\t\tvalidBefore,\n\t\t\t\t\tnonce: auth.nonce,\n\t\t\t\t},\n\t\t\t\tsignature: exact.signature,\n\t\t\t});\n\t\t} catch (cause) {\n\t\t\treturn failVerify(\n\t\t\t\t\"unexpected_verify_error\",\n\t\t\t\tcause instanceof Error ? cause.message : String(cause),\n\t\t\t\tauth.from,\n\t\t\t);\n\t\t}\n\t\tif (getAddress(recovered) !== getAddress(auth.from)) {\n\t\t\treturn failVerify(\"invalid_exact_evm_payload_signature\", undefined, auth.from);\n\t\t}\n\n\t\t// 6. On-chain reads: balance + nonce-not-used\n\t\ttry {\n\t\t\tconst [balance, used] = await Promise.all([\n\t\t\t\tpublicClient.readContract({\n\t\t\t\t\taddress: req.paymentRequirements.asset,\n\t\t\t\t\tabi: jpycAbi,\n\t\t\t\t\tfunctionName: \"balanceOf\",\n\t\t\t\t\targs: [auth.from],\n\t\t\t\t}),\n\t\t\t\tpublicClient.readContract({\n\t\t\t\t\taddress: req.paymentRequirements.asset,\n\t\t\t\t\tabi: jpycAbi,\n\t\t\t\t\tfunctionName: \"authorizationState\",\n\t\t\t\t\targs: [auth.from, auth.nonce],\n\t\t\t\t}),\n\t\t\t]);\n\t\t\tif (used) {\n\t\t\t\treturn failVerify(\"invalid_payload\", \"authorization nonce already used\", auth.from);\n\t\t\t}\n\t\t\tif ((balance as bigint) < BigInt(auth.value)) {\n\t\t\t\treturn failVerify(\"insufficient_funds\", undefined, auth.from);\n\t\t\t}\n\t\t} catch (cause) {\n\t\t\treturn failVerify(\n\t\t\t\t\"unexpected_verify_error\",\n\t\t\t\tcause instanceof Error ? cause.message : String(cause),\n\t\t\t\tauth.from,\n\t\t\t);\n\t\t}\n\n\t\treturn { isValid: true, payer: auth.from };\n\t}\n\n\tasync function settleCore(req: X402SettleRequest): Promise<X402SettleResponse> {\n\t\t// Re-verify before broadcasting. The wrapped `verify` is used so the\n\t\t// internal re-verify also emits onVerify; operators can dedupe in their\n\t\t// hook if they don't want the extra event.\n\t\tconst verifyResult = await verify(req);\n\t\tif (!verifyResult.isValid) {\n\t\t\treturn failSettle(\n\t\t\t\treq.paymentRequirements.network,\n\t\t\t\t(verifyResult.invalidReason as X402FacilitatorErrorCode) ?? \"unexpected_settle_error\",\n\t\t\t\t{\n\t\t\t\t\t...(verifyResult.invalidMessage !== undefined\n\t\t\t\t\t\t? { message: verifyResult.invalidMessage }\n\t\t\t\t\t\t: {}),\n\t\t\t\t\t...(verifyResult.payer !== undefined ? { payer: verifyResult.payer } : {}),\n\t\t\t\t},\n\t\t\t);\n\t\t}\n\n\t\tconst exact = narrowExactEvmPayload(req.paymentPayload.payload);\n\t\tif (exact === null) {\n\t\t\treturn failSettle(req.paymentRequirements.network, \"invalid_payload\");\n\t\t}\n\t\tconst auth = exact.authorization;\n\t\tconst parsed = parseSignature(exact.signature);\n\t\tconst v = parsed.v !== undefined ? Number(parsed.v) : (parsed.yParity ?? 0) + 27;\n\n\t\tlet txHash: Hex;\n\t\ttry {\n\t\t\ttxHash = await walletClient.writeContract({\n\t\t\t\taddress: req.paymentRequirements.asset,\n\t\t\t\tabi: jpycAbi,\n\t\t\t\tfunctionName: \"transferWithAuthorization\",\n\t\t\t\targs: [\n\t\t\t\t\tauth.from,\n\t\t\t\t\tauth.to,\n\t\t\t\t\tBigInt(auth.value),\n\t\t\t\t\tBigInt(auth.validAfter),\n\t\t\t\t\tBigInt(auth.validBefore),\n\t\t\t\t\tauth.nonce,\n\t\t\t\t\tv,\n\t\t\t\t\tparsed.r,\n\t\t\t\t\tparsed.s,\n\t\t\t\t],\n\t\t\t});\n\t\t} catch (cause) {\n\t\t\treturn failSettle(req.paymentRequirements.network, \"unexpected_settle_error\", {\n\t\t\t\tmessage: cause instanceof Error ? cause.message : String(cause),\n\t\t\t\tpayer: auth.from,\n\t\t\t});\n\t\t}\n\n\t\ttry {\n\t\t\tconst receipt = await publicClient.waitForTransactionReceipt({\n\t\t\t\thash: txHash,\n\t\t\t\ttimeout: receiptTimeoutMs,\n\t\t\t\tconfirmations,\n\t\t\t});\n\t\t\tif (receipt.status !== \"success\") {\n\t\t\t\treturn failSettle(req.paymentRequirements.network, \"invalid_transaction_state\", {\n\t\t\t\t\ttransaction: txHash,\n\t\t\t\t\tpayer: auth.from,\n\t\t\t\t});\n\t\t\t}\n\t\t} catch (cause) {\n\t\t\treturn failSettle(req.paymentRequirements.network, \"unexpected_settle_error\", {\n\t\t\t\tmessage: cause instanceof Error ? cause.message : String(cause),\n\t\t\t\tpayer: auth.from,\n\t\t\t\ttransaction: txHash,\n\t\t\t});\n\t\t}\n\n\t\treturn {\n\t\t\tsuccess: true,\n\t\t\ttransaction: txHash,\n\t\t\tnetwork: req.paymentRequirements.network,\n\t\t\tpayer: auth.from,\n\t\t\tamount: auth.value,\n\t\t};\n\t}\n\n\tasync function verify(req: X402VerifyRequest): Promise<X402VerifyResponse> {\n\t\tconst startedAtMs = Date.now();\n\t\tconst result = await verifyCore(req);\n\t\tinvokeHookSafely(hooks?.onVerify, buildVerifyEvent(req, result, startedAtMs));\n\t\treturn result;\n\t}\n\n\tasync function settle(req: X402SettleRequest): Promise<X402SettleResponse> {\n\t\tconst startedAtMs = Date.now();\n\t\tconst result = await settleCore(req);\n\t\tinvokeHookSafely(hooks?.onSettle, buildSettleEvent(req, result, startedAtMs));\n\t\treturn result;\n\t}\n\n\tasync function supportedInternal(): Promise<X402SupportedResponse> {\n\t\tconst kind: X402SupportedKind = {\n\t\t\tx402Version: X402_VERSION,\n\t\t\tscheme: \"exact\",\n\t\t\tnetwork,\n\t\t};\n\t\treturn {\n\t\t\tkinds: [kind],\n\t\t\textensions: [],\n\t\t\tsigners: { \"eip155:*\": [walletClient.account.address] },\n\t\t};\n\t}\n\n\treturn {\n\t\tverify,\n\t\tsettle,\n\t\tsupported: supportedInternal,\n\t};\n}\n\n// ---------------------------------------------------------------------------\n// HTTP-proxied facilitator (Coinbase CDP and any other x402 v2-compliant\n// facilitator endpoint)\n// ---------------------------------------------------------------------------\n\n/** Parameters for {@link createHttpFacilitator}. */\nexport interface CreateHttpFacilitatorParams {\n\t/**\n\t * Base URL of the facilitator service (Coinbase CDP, your own host, any\n\t * x402 v2-compliant endpoint). Endpoints `/verify`, `/settle`, `/supported`\n\t * are POST / POST / GET respectively relative to this URL. Trailing slash\n\t * is stripped.\n\t */\n\treadonly baseUrl: string;\n\t/**\n\t * Optional callback invoked per request that returns headers to merge\n\t * into the outbound request (typically `Authorization`). Receives the\n\t * endpoint name so the caller can compute distinct signatures per route.\n\t */\n\treadonly getAuthHeaders?: (\n\t\tendpoint: \"verify\" | \"settle\" | \"supported\",\n\t) => Promise<Record<string, string>> | Record<string, string>;\n\t/**\n\t * Override the global `fetch` (e.g. for in-process testing or to inject\n\t * an `undici` Agent in Node).\n\t */\n\treadonly fetch?: typeof fetch;\n}\n\n/**\n * Builds a facilitator that proxies all RPC over HTTP to a remote endpoint,\n * matching the request / response shapes of x402 v2 spec §7.\n *\n * Works with any x402 v2-compliant facilitator — Coinbase CDP, your own\n * self-hosted facilitator behind nginx, a regional mirror — as long as it\n * exposes `/verify`, `/settle`, and `/supported` per the spec.\n *\n * If your target facilitator doesn't support the chain you need, fall back\n * to {@link createSelfFacilitator} (in-process viem broadcaster).\n *\n * @example\n * ```ts\n * import { createHttpFacilitator } from \"kawasekit\";\n *\n * const facilitator = createHttpFacilitator({\n * baseUrl: process.env.X402_FACILITATOR_URL!, // e.g. Coinbase CDP endpoint\n * getAuthHeaders: () => ({ Authorization: `Bearer ${apiKey}` }),\n * });\n * ```\n */\nexport function createHttpFacilitator(params: CreateHttpFacilitatorParams): Facilitator {\n\tconst baseUrl = params.baseUrl.replace(/\\/$/, \"\");\n\tconst fetchImpl = params.fetch ?? fetch;\n\tconst getAuthHeaders = params.getAuthHeaders;\n\n\tasync function post<TResponse>(endpoint: \"verify\" | \"settle\", body: unknown): Promise<TResponse> {\n\t\tconst headers: Record<string, string> = { \"content-type\": \"application/json\" };\n\t\tif (getAuthHeaders) {\n\t\t\tObject.assign(headers, await getAuthHeaders(endpoint));\n\t\t}\n\t\tconst response = await fetchImpl(`${baseUrl}/${endpoint}`, {\n\t\t\tmethod: \"POST\",\n\t\t\theaders,\n\t\t\tbody: JSON.stringify(body),\n\t\t});\n\t\tconst text = await response.text();\n\t\tlet parsed: unknown;\n\t\ttry {\n\t\t\tparsed = text === \"\" ? null : JSON.parse(text);\n\t\t} catch {\n\t\t\tthrow new Error(\n\t\t\t\t`Facilitator ${endpoint} returned non-JSON (status ${response.status}): ${text.slice(0, 200)}`,\n\t\t\t);\n\t\t}\n\t\tif (!response.ok) {\n\t\t\tthrow new Error(\n\t\t\t\t`Facilitator ${endpoint} failed (status ${response.status}): ${JSON.stringify(parsed).slice(0, 200)}`,\n\t\t\t);\n\t\t}\n\t\treturn parsed as TResponse;\n\t}\n\n\tasync function verifyInternal(req: X402VerifyRequest): Promise<X402VerifyResponse> {\n\t\treturn post<X402VerifyResponse>(\"verify\", {\n\t\t\tx402Version: req.x402Version,\n\t\t\tpaymentPayload: req.paymentPayload,\n\t\t\tpaymentRequirements: req.paymentRequirements,\n\t\t});\n\t}\n\n\tasync function settleInternal(req: X402SettleRequest): Promise<X402SettleResponse> {\n\t\treturn post<X402SettleResponse>(\"settle\", {\n\t\t\tx402Version: req.x402Version,\n\t\t\tpaymentPayload: req.paymentPayload,\n\t\t\tpaymentRequirements: req.paymentRequirements,\n\t\t});\n\t}\n\n\tasync function supportedInternal(): Promise<X402SupportedResponse> {\n\t\tconst headers: Record<string, string> = {};\n\t\tif (getAuthHeaders) {\n\t\t\tObject.assign(headers, await getAuthHeaders(\"supported\"));\n\t\t}\n\t\tconst response = await fetchImpl(`${baseUrl}/supported`, { method: \"GET\", headers });\n\t\tconst text = await response.text();\n\t\tlet parsed: unknown;\n\t\ttry {\n\t\t\tparsed = text === \"\" ? null : JSON.parse(text);\n\t\t} catch {\n\t\t\tthrow new Error(\n\t\t\t\t`Facilitator supported returned non-JSON (status ${response.status}): ${text.slice(0, 200)}`,\n\t\t\t);\n\t\t}\n\t\tif (!response.ok) {\n\t\t\tthrow new Error(\n\t\t\t\t`Facilitator supported failed (status ${response.status}): ${JSON.stringify(parsed).slice(0, 200)}`,\n\t\t\t);\n\t\t}\n\t\treturn parsed as X402SupportedResponse;\n\t}\n\n\treturn {\n\t\tverify: verifyInternal,\n\t\tsettle: settleInternal,\n\t\tsupported: supportedInternal,\n\t};\n}\n\n// ---------------------------------------------------------------------------\n// Deprecated aliases (M3-era names)\n//\n// The HTTP-proxied facilitator used to be called `createCoinbaseFacilitator`\n// because the only x402 v2-compliant endpoint we tested against at the time\n// was Coinbase CDP. The function was never Coinbase-specific — it speaks the\n// raw x402 v2 HTTP shape — and the rename to `createHttpFacilitator` lands in\n// v0.1.0-alpha to make that obvious before the npm publish freezes the API.\n//\n// The aliases below preserve M3-era call sites for the v0.1.x line. Calling\n// `createCoinbaseFacilitator` emits a one-shot Node DeprecationWarning. The\n// aliases will be removed in v0.2.0.\n// ---------------------------------------------------------------------------\n\n/**\n * @deprecated Renamed to {@link CreateHttpFacilitatorParams} in v0.1.0-alpha.\n * The HTTP facilitator works with any x402 v2-compliant endpoint, not only\n * Coinbase CDP. This alias will be removed in v0.2.0.\n */\nexport type CreateCoinbaseFacilitatorParams = CreateHttpFacilitatorParams;\n\nlet warnedCreateCoinbaseFacilitator = false;\n\n/**\n * @deprecated Renamed to {@link createHttpFacilitator} in v0.1.0-alpha.\n * This alias delegates to the new function and emits one\n * `DeprecationWarning` per process on first call. It will be removed in\n * v0.2.0.\n */\nexport function createCoinbaseFacilitator(params: CreateHttpFacilitatorParams): Facilitator {\n\tif (!warnedCreateCoinbaseFacilitator) {\n\t\twarnedCreateCoinbaseFacilitator = true;\n\t\tprocess.emitWarning(\n\t\t\t\"createCoinbaseFacilitator() is deprecated and will be removed in kawasekit v0.2.0. Use createHttpFacilitator() instead — the function works with any x402 v2-compliant HTTP endpoint, not only Coinbase CDP.\",\n\t\t\t{ type: \"DeprecationWarning\", code: \"KAWASEKIT_DEP_001\" },\n\t\t);\n\t}\n\treturn createHttpFacilitator(params);\n}\n","/**\n * `wrapFetch()` — turn any WHATWG `fetch` implementation into an x402-aware\n * client.\n *\n * The returned function makes a first request as usual. If the server replies\n * with `402 Payment Required`, the wrapper decodes the `PAYMENT-REQUIRED`\n * header (or response body as a fallback), picks one entry from `accepts`,\n * signs it with the configured {@link X402PaymentSigner}, and retries the\n * same request with a `PAYMENT-SIGNATURE` header. Non-402 responses are\n * returned unchanged.\n *\n * The wrapper does **not** poll or back off — the latency budget (Polygon Amoy\n * bundler inclusion can take ~60 s) lives entirely on the server side, which\n * holds the connection open while it broadcasts and waits for the receipt.\n * If the second attempt still fails the wrapper returns that response so the\n * caller can decide how to recover.\n *\n * Streaming request bodies are not retry-safe; the wrapper passes `init.body`\n * through verbatim, so callers who need retry must pass a buffered body\n * (string / Uint8Array / ArrayBuffer / FormData).\n *\n * @packageDocumentation\n */\n\nimport type { Hex } from \"viem\";\nimport {\n\ttype ClientPaymentEvent,\n\tinvokeHookSafely,\n\ttype ObservabilityHooks,\n} from \"../observability/hooks\";\nimport type { X402PaymentSigner } from \"./client\";\nimport {\n\tdecodePaymentRequiredHeader,\n\tdecodePaymentResponseHeader,\n\tencodePaymentSignatureHeader,\n\tX402_HEADER_PAYMENT_REQUIRED,\n\tX402_HEADER_PAYMENT_RESPONSE,\n\tX402_HEADER_PAYMENT_SIGNATURE,\n} from \"./encoding\";\nimport type { X402PaymentRequiredResponse, X402PaymentRequirements } from \"./types\";\n\n// ---------------------------------------------------------------------------\n// Types\n// ---------------------------------------------------------------------------\n\n/** Function shape matching the WHATWG `fetch` global. */\nexport type X402Fetch = (input: string | URL | Request, init?: RequestInit) => Promise<Response>;\n\n/** Parameters for {@link wrapFetch}. */\nexport interface WrapFetchParams {\n\t/**\n\t * The signer used to produce {@link X402PaymentPayload}s when the server\n\t * returns 402. Bound to one EOA.\n\t */\n\treadonly signer: X402PaymentSigner;\n\t/**\n\t * Optional underlying fetch implementation. Defaults to `globalThis.fetch`.\n\t */\n\treadonly fetch?: X402Fetch;\n\t/**\n\t * Optional policy for choosing one entry from the server's `accepts` list.\n\t * Defaults to the first entry. Return `null` to abort — the original 402\n\t * response is returned without retry.\n\t */\n\treadonly selectRequirements?: (\n\t\taccepts: readonly X402PaymentRequirements[],\n\t\tresponse: Response,\n\t) => X402PaymentRequirements | null;\n\t/**\n\t * Optional hook invoked just before the retry request goes out. Receives\n\t * the chosen requirements and the parsed 402 body so the caller can log\n\t * spending, prompt the user, or enforce a budget.\n\t *\n\t * Returning `false` aborts the retry — the original 402 is returned.\n\t */\n\treadonly onPayment?: (\n\t\trequirements: X402PaymentRequirements,\n\t\tpaymentRequired: X402PaymentRequiredResponse,\n\t) => boolean | undefined | Promise<boolean | undefined>;\n\t/**\n\t * Optional observability callbacks. {@link wrapFetch} emits an\n\t * `onClientPayment` event for every paywall round-trip — `success` when the\n\t * retry returns 2xx with a PAYMENT-RESPONSE header, `failure` otherwise\n\t * (including `onPayment` declining the retry).\n\t */\n\treadonly hooks?: ObservabilityHooks;\n}\n\n// ---------------------------------------------------------------------------\n// Internal helpers\n// ---------------------------------------------------------------------------\n\nasync function readPaymentRequired(\n\tresponse: Response,\n): Promise<X402PaymentRequiredResponse | null> {\n\tconst headerValue = response.headers.get(X402_HEADER_PAYMENT_REQUIRED);\n\tif (headerValue !== null && headerValue !== \"\") {\n\t\ttry {\n\t\t\treturn decodePaymentRequiredHeader(headerValue);\n\t\t} catch {\n\t\t\t// Fall through to body parse — the header was malformed but the\n\t\t\t// body might still be intact (or vice versa).\n\t\t}\n\t}\n\ttry {\n\t\tconst body = await response.clone().text();\n\t\tif (body === \"\") return null;\n\t\tconst parsed = JSON.parse(body) as unknown;\n\t\tif (parsed === null || typeof parsed !== \"object\" || Array.isArray(parsed)) {\n\t\t\treturn null;\n\t\t}\n\t\treturn parsed as X402PaymentRequiredResponse;\n\t} catch {\n\t\treturn null;\n\t}\n}\n\nfunction defaultSelectRequirements(\n\taccepts: readonly X402PaymentRequirements[],\n): X402PaymentRequirements | null {\n\treturn accepts[0] ?? null;\n}\n\n// ---------------------------------------------------------------------------\n// Public API\n// ---------------------------------------------------------------------------\n\n/**\n * Returns an x402-aware `fetch` that pays for `402` responses on the caller's\n * behalf using the provided signer.\n *\n * @example\n * ```ts\n * import { privateKeyToAccount } from \"viem/accounts\";\n * import { createX402PaymentSigner, wrapFetch } from \"kawasekit\";\n *\n * const signer = createX402PaymentSigner({\n * account: privateKeyToAccount(process.env.PAYER_PK as `0x${string}`),\n * });\n * const fetch402 = wrapFetch({ signer });\n *\n * const res = await fetch402(\"https://api.example.com/weather?city=Tokyo\");\n * console.log(await res.json());\n * ```\n */\nexport function wrapFetch(params: WrapFetchParams): X402Fetch {\n\tconst baseFetch: X402Fetch = params.fetch ?? ((input, init) => fetch(input, init));\n\tconst selectRequirements = params.selectRequirements ?? defaultSelectRequirements;\n\tconst onPayment = params.onPayment;\n\tconst hooks = params.hooks;\n\n\treturn async function x402Fetch(input, init) {\n\t\tconst startedAtMs = Date.now();\n\t\tconst requestUrl =\n\t\t\ttypeof input === \"string\" ? input : input instanceof URL ? input.href : input.url;\n\n\t\tconst emitFailure = (reason: string, httpStatus: number | undefined): void => {\n\t\t\tconst event: ClientPaymentEvent = {\n\t\t\t\tkind: \"client_payment\",\n\t\t\t\tresult: \"failure\",\n\t\t\t\tstartedAtMs,\n\t\t\t\tdurationMs: Date.now() - startedAtMs,\n\t\t\t\trequestUrl,\n\t\t\t\treason,\n\t\t\t\t...(httpStatus !== undefined ? { httpStatus } : {}),\n\t\t\t};\n\t\t\tinvokeHookSafely(hooks?.onClientPayment, event);\n\t\t};\n\n\t\tconst initialResponse = await baseFetch(input, init);\n\t\tif (initialResponse.status !== 402) {\n\t\t\treturn initialResponse;\n\t\t}\n\n\t\tconst paymentRequired = await readPaymentRequired(initialResponse);\n\t\tif (paymentRequired === null || paymentRequired.accepts.length === 0) {\n\t\t\temitFailure(\"no_acceptable_requirement\", 402);\n\t\t\treturn initialResponse;\n\t\t}\n\n\t\tconst chosen = selectRequirements(paymentRequired.accepts, initialResponse);\n\t\tif (chosen === null) {\n\t\t\temitFailure(\"no_acceptable_requirement\", 402);\n\t\t\treturn initialResponse;\n\t\t}\n\n\t\tif (onPayment) {\n\t\t\tconst proceed = await onPayment(chosen, paymentRequired);\n\t\t\tif (proceed === false) {\n\t\t\t\temitFailure(\"onPayment_declined\", 402);\n\t\t\t\treturn initialResponse;\n\t\t\t}\n\t\t}\n\n\t\tconst paymentPayload = await params.signer.sign({\n\t\t\tpaymentRequirements: chosen,\n\t\t\t...(paymentRequired.resource ? { resource: paymentRequired.resource } : {}),\n\t\t});\n\n\t\tconst retryHeaders = new Headers(init?.headers);\n\t\tretryHeaders.set(X402_HEADER_PAYMENT_SIGNATURE, encodePaymentSignatureHeader(paymentPayload));\n\n\t\tconst retryResponse = await baseFetch(input, { ...init, headers: retryHeaders });\n\n\t\tif (retryResponse.status >= 200 && retryResponse.status < 300) {\n\t\t\tconst settlementHeader = retryResponse.headers.get(X402_HEADER_PAYMENT_RESPONSE);\n\t\t\tlet transaction: Hex | undefined;\n\t\t\tif (settlementHeader !== null && settlementHeader !== \"\") {\n\t\t\t\ttry {\n\t\t\t\t\tconst settlement = decodePaymentResponseHeader(settlementHeader);\n\t\t\t\t\tif (settlement.transaction !== \"\") {\n\t\t\t\t\t\ttransaction = settlement.transaction as Hex;\n\t\t\t\t\t}\n\t\t\t\t} catch {\n\t\t\t\t\t// PAYMENT-RESPONSE header malformed — the retry still\n\t\t\t\t\t// succeeded so we treat that as a (degraded) success event.\n\t\t\t\t}\n\t\t\t}\n\t\t\tconst successEvent: ClientPaymentEvent = {\n\t\t\t\tkind: \"client_payment\",\n\t\t\t\tresult: \"success\",\n\t\t\t\tstartedAtMs,\n\t\t\t\tdurationMs: Date.now() - startedAtMs,\n\t\t\t\trequestUrl,\n\t\t\t\tpayer: params.signer.address,\n\t\t\t\tamount: chosen.amount,\n\t\t\t\tnetwork: chosen.network,\n\t\t\t\t...(transaction !== undefined ? { transaction } : {}),\n\t\t\t};\n\t\t\tinvokeHookSafely(hooks?.onClientPayment, successEvent);\n\t\t} else {\n\t\t\temitFailure(\n\t\t\t\tretryResponse.status === 402 ? \"settle_rejected\" : \"http_error\",\n\t\t\t\tretryResponse.status,\n\t\t\t);\n\t\t}\n\n\t\treturn retryResponse;\n\t};\n}\n"]}
package/dist/{chunk-GGPXRIXM.js → chunk-7DWIT6D4.js} RENAMED
@@ -1,4 +1,4 @@
1
- import { getJpycAddress, jpycAbi } from './chunk-6M7UN23J.js';
1
+ import { getJpycAddress, jpycAbi } from './chunk-LNXYCHRY.js';
2
2
  import { isSupportedChainId } from './chunk-SA7LMQFG.js';
3
3
  import { isAddress, encodeFunctionData } from 'viem';
4
4
  import { toCallPolicy, ParamCondition, CallPolicyVersion, toRateLimitPolicy } from '@zerodev/permissions/policies';
@@ -77,5 +77,5 @@ function createJpycDailyLimitPolicies(params) {
77
77
  }
78
78
 
79
79
  export { ONE_DAY_SECONDS, TransferJpycInputError, createJpycDailyLimitPolicies, transferJpyc };
80
- //# sourceMappingURL=chunk-GGPXRIXM.js.map
81
- //# sourceMappingURL=chunk-GGPXRIXM.js.map
80
+ //# sourceMappingURL=chunk-7DWIT6D4.js.map
81
+ //# sourceMappingURL=chunk-7DWIT6D4.js.map
package/dist/{chunk-GGPXRIXM.js.map → chunk-7DWIT6D4.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/client/transfer-jpyc.ts","../src/policy/daily-limit.ts"],"names":[],"mappings":";;;;;AA6DO,IAAM,sBAAA,GAAN,cAAqC,KAAA,CAAM;AAAA,EACjD,YAAY,OAAA,EAAiB;AAC5B,IAAA,KAAA,CAAM,CAAA,cAAA,EAAiB,OAAO,CAAA,CAAE,CAAA;AAChC,IAAA,IAAA,CAAK,IAAA,GAAO,wBAAA;AAAA,EACb;AACD;AAgBA,eAAsB,YAAA,CACrB,cACA,MAAA,EAC8B;AAC9B,EAAA,IAAI,CAAC,UAAU,MAAA,CAAO,EAAA,EAAI,EAAE,MAAA,EAAQ,KAAA,EAAO,CAAA,EAAG;AAC7C,IAAA,MAAM,IAAI,sBAAA,CAAuB,CAAA,+BAAA,EAAkC,MAAA,CAAO,EAAE,CAAA,CAAE,CAAA;AAAA,EAC/E;AACA,EAAA,IAAI,MAAA,CAAO,UAAU,EAAA,EAAI;AACxB,IAAA,MAAM,IAAI,sBAAA,CAAuB,CAAA,iCAAA,EAAoC,MAAA,CAAO,MAAM,CAAA,CAAA,CAAG,CAAA;AAAA,EACtF;AAEA,EAAA,MAAM,OAAA,GAAU,aAAa,KAAA,CAAM,EAAA;AACnC,EAAA,IAAI,CAAC,kBAAA,CAAmB,OAAO,CAAA,EAAG;AACjC,IAAA,MAAM,IAAI,sBAAA,CAAuB,CAAA,SAAA,EAAY,OAAO,CAAA,oCAAA,CAAsC,CAAA;AAAA,EAC3F;AACA,EAAA,MAAM,WAAA,GAAc,eAAe,OAAkC,CAAA;AAErE,EAAA,MAAM,OAAO,kBAAA,CAAmB;AAAA,IAC/B,GAAA,EAAK,OAAA;AAAA,IACL,YAAA,EAAc,UAAA;AAAA,IACd,IAAA,EAAM,CAAC,MAAA,CAAO,EAAA,EAAI,OAAO,MAAM;AAAA,GAC/B,CAAA;AAED,EAAA,MAAM,QAAA,GAAW,MAAM,YAAA,CAAa,OAAA,CAAQ,WAAA,CAAY,CAAC,EAAE,EAAA,EAAI,WAAA,EAAa,KAAA,EAAO,EAAA,EAAI,IAAA,EAAM,CAAC,CAAA;AAE9F,EAAA,MAAM,aAAa,MAAM,YAAA,CAAa,iBAAA,CAAkB,EAAE,UAAU,CAAA;AAEpE,EAAA,IAAI,MAAA,CAAO,mBAAmB,KAAA,EAAO;AACpC,IAAA,OAAO,EAAE,UAAA,EAAY,eAAA,EAAiB,IAAA,EAAM,SAAS,IAAA,EAAK;AAAA,EAC3D;AAEA,EAAA,MAAM,UAAU,MAAM,YAAA,CAAa,4BAA4B,EAAE,IAAA,EAAM,YAAY,CAAA;AACnF,EAAA,OAAO;AAAA,IACN,UAAA;AAAA,IACA,eAAA,EAAiB,QAAQ,OAAA,CAAQ,eAAA;AAAA,IACjC,SAAS,OAAA,CAAQ;AAAA,GAClB;AACD;AC3FO,IAAM,eAAA,GAAkB;AAyCxB,SAAS,6BACf,MAAA,EAC4B;AAC5B,EAAA,IAAI,MAAA,CAAO,kBAAkB,EAAA,EAAI;AAChC,IAAA,MAAM,IAAI,KAAA;AAAA,MACT,CAAA,mEAAA,EAAsE,OAAO,cAAc,CAAA,CAAA;AAAA,KAC5F;AAAA,EACD;AACA,EAAA,IAAI,CAAC,OAAO,SAAA,CAAU,MAAA,CAAO,kBAAkB,CAAA,IAAK,MAAA,CAAO,qBAAqB,CAAA,EAAG;AAClF,IAAA,MAAM,IAAI,KAAA;AAAA,MACT,CAAA,iFAAA,EAAoF,OAAO,kBAAkB,CAAA,CAAA;AAAA,KAC9G;AAAA,EACD;AAEA,EAAA,MAAM,aAAa,YAAA,CAAa;AAAA,IAC/B,aAAA,EAAe,MAAA,CAAO,iBAAA,IAAqB,iBAAA,CAAkB,MAAA;AAAA,IAC7D,WAAA,EAAa;AAAA,MACZ;AAAA,QACC,QAAQ,MAAA,CAAO,WAAA;AAAA,QACf,GAAA,EAAK,OAAA;AAAA,QACL,YAAA,EAAc,UAAA;AAAA,QACd,IAAA,EAAM;AAAA;AAAA,UAEL,IAAA;AAAA;AAAA,UAEA;AAAA,YACC,WAAW,cAAA,CAAe,kBAAA;AAAA,YAC1B,OAAO,MAAA,CAAO;AAAA;AACf;AACD;AACD;AACD,GACA,CAAA;AAED,EAAA,MAAM,kBAAkB,iBAAA,CAAkB;AAAA,IACzC,QAAA,EAAU,eAAA;AAAA,IACV,OAAO,MAAA,CAAO;AAAA,GACd,CAAA;AAED,EAAA,OAAO,CAAC,YAAY,eAAe,CAAA;AACpC","file":"chunk-GGPXRIXM.js","sourcesContent":["/**\n * High-level helper: transfer JPYC from a Kernel smart account via a sponsored\n * UserOp.\n *\n * This is the canonical \"agent payment\" path for M2. The flow:\n * 1. Resolve the JPYC contract address for `kernelClient.chain`.\n * 2. Encode `JPYC.transfer(to, amount)` calldata.\n * 3. Wrap it as a Kernel call and submit via `sendUserOperation`.\n * 4. Wait for the bundler receipt and return both hashes.\n *\n * EIP-3009 `transferWithAuthorization` cannot be used here: JPYC's signature\n * verification is pure `ecrecover`, so a smart account cannot be `from`. See\n * `src/tokens/eip3009.ts` for the EOA-payer path.\n *\n * @packageDocumentation\n */\n\nimport type { KernelAccountClient } from \"@zerodev/sdk\";\nimport type { Address, Chain, Hex, Transport } from \"viem\";\nimport { encodeFunctionData, isAddress } from \"viem\";\nimport type { SmartAccount } from \"viem/account-abstraction\";\nimport { isSupportedChainId, type SupportedChainId } from \"../chains\";\nimport { getJpycAddress, jpycAbi } from \"../tokens/jpyc\";\n\n/** A {@link KernelAccountClient} that is fully configured (chain + account). */\nexport type ConfiguredKernelClient = KernelAccountClient<Transport, Chain, SmartAccount>;\n\n/** Parameters for {@link transferJpyc}. */\nexport interface TransferJpycParams {\n\t/** Recipient address. */\n\treadonly to: Address;\n\t/**\n\t * Raw token amount in the token's smallest unit (JPYC has 18 decimals).\n\t *\n\t * @example\n\t * ```ts\n\t * import { parseUnits } from \"viem\";\n\t * import { JPYC_DECIMALS } from \"kawasekit\";\n\t *\n\t * parseUnits(\"100\", JPYC_DECIMALS); // 100 JPYC\n\t * ```\n\t */\n\treadonly amount: bigint;\n\t/**\n\t * Optional. Defaults to waiting for the bundler receipt before returning.\n\t * Set to `false` to return after the UserOp is submitted but before it\n\t * lands on chain — useful when the caller wants to do its own polling.\n\t */\n\treadonly waitForReceipt?: boolean;\n}\n\n/** Result of a {@link transferJpyc} call. */\nexport interface TransferJpycResult {\n\treadonly userOpHash: Hex;\n\t/** `null` when `waitForReceipt: false` was requested. */\n\treadonly transactionHash: Hex | null;\n\t/** `true` if the bundler receipt reported success; `null` if not awaited. */\n\treadonly success: boolean | null;\n}\n\n/** Thrown when {@link transferJpyc} is called with invalid arguments. */\nexport class TransferJpycInputError extends Error {\n\tconstructor(message: string) {\n\t\tsuper(`transferJpyc: ${message}`);\n\t\tthis.name = \"TransferJpycInputError\";\n\t}\n}\n\n/**\n * Transfer JPYC from the Kernel smart account to `to` via a sponsored UserOp.\n *\n * @example\n * ```ts\n * import { parseUnits } from \"viem\";\n * import { JPYC_DECIMALS, transferJpyc } from \"kawasekit\";\n *\n * const { userOpHash, transactionHash } = await transferJpyc(kernelClient, {\n * to: \"0xBeef0000000000000000000000000000DEADBEEF\",\n * amount: parseUnits(\"100\", JPYC_DECIMALS),\n * });\n * ```\n */\nexport async function transferJpyc(\n\tkernelClient: ConfiguredKernelClient,\n\tparams: TransferJpycParams,\n): Promise<TransferJpycResult> {\n\tif (!isAddress(params.to, { strict: false })) {\n\t\tthrow new TransferJpycInputError(`\\`to\\` is not a valid address: ${params.to}`);\n\t}\n\tif (params.amount <= 0n) {\n\t\tthrow new TransferJpycInputError(`\\`amount\\` must be positive, got ${params.amount}.`);\n\t}\n\n\tconst chainId = kernelClient.chain.id;\n\tif (!isSupportedChainId(chainId)) {\n\t\tthrow new TransferJpycInputError(`Chain ID ${chainId} is not a kawasekit-supported chain.`);\n\t}\n\tconst jpycAddress = getJpycAddress(chainId satisfies SupportedChainId);\n\n\tconst data = encodeFunctionData({\n\t\tabi: jpycAbi,\n\t\tfunctionName: \"transfer\",\n\t\targs: [params.to, params.amount],\n\t});\n\n\tconst callData = await kernelClient.account.encodeCalls([{ to: jpycAddress, value: 0n, data }]);\n\n\tconst userOpHash = await kernelClient.sendUserOperation({ callData });\n\n\tif (params.waitForReceipt === false) {\n\t\treturn { userOpHash, transactionHash: null, success: null };\n\t}\n\n\tconst receipt = await kernelClient.waitForUserOperationReceipt({ hash: userOpHash });\n\treturn {\n\t\tuserOpHash,\n\t\ttransactionHash: receipt.receipt.transactionHash,\n\t\tsuccess: receipt.success,\n\t};\n}\n","/**\n * Daily-limit spending policy for JPYC, built on ZeroDev's Permission System.\n *\n * Composes two ZeroDev policies:\n * 1. **callPolicy** — locks the session key to `JPYC.transfer(to, value)`\n * with `value ≤ maxPerTransfer`. Recipient is unrestricted in M2;\n * add allowlisting in M3 when use cases firm up.\n * 2. **rateLimitPolicy** — caps userOp count to `maxTransfersPerDay` in any\n * 24-hour rolling window.\n *\n * Effective daily cap = `maxPerTransfer × maxTransfersPerDay`. This is not a\n * cumulative-amount tracker (ZeroDev doesn't ship one), but the agent cannot\n * exceed either dimension, so the spirit of \"daily limit\" holds.\n *\n * @packageDocumentation\n */\n\nimport type { Policy } from \"@zerodev/permissions\";\nimport {\n\tCallPolicyVersion,\n\tParamCondition,\n\ttoCallPolicy,\n\ttoRateLimitPolicy,\n} from \"@zerodev/permissions/policies\";\nimport type { Address } from \"viem\";\nimport { jpycAbi } from \"../tokens/jpyc\";\n\n/** One day in seconds — the period for {@link createJpycDailyLimitPolicies}. */\nexport const ONE_DAY_SECONDS = 86_400;\n\n/** Parameters for {@link createJpycDailyLimitPolicies}. */\nexport interface CreateJpycDailyLimitPoliciesParams {\n\t/** JPYC contract address on the target chain. */\n\treadonly jpycAddress: Address;\n\t/** Maximum JPYC (in raw units) the session key may move in one transfer. */\n\treadonly maxPerTransfer: bigint;\n\t/** Maximum number of transfer userOps the session key may submit per day. */\n\treadonly maxTransfersPerDay: number;\n\t/**\n\t * ZeroDev callPolicy on-chain version. Defaults to V0_0_4 (latest at the\n\t * time of writing). Bump only after auditing the new version's semantics.\n\t */\n\treadonly callPolicyVersion?: CallPolicyVersion;\n}\n\n/**\n * Builds the ZeroDev policy bundle that enforces a JPYC daily spend limit.\n *\n * Plug the returned policies into `toPermissionValidator({ policies, … })`\n * — see {@link createAgentSmartAccount} for the common wiring.\n *\n * @example\n * ```ts\n * import { parseUnits } from \"viem\";\n * import {\n * createJpycDailyLimitPolicies,\n * getJpycAddress,\n * JPYC_DECIMALS,\n * polygonAmoy,\n * } from \"kawasekit\";\n *\n * const policies = createJpycDailyLimitPolicies({\n * jpycAddress: getJpycAddress(polygonAmoy.id),\n * maxPerTransfer: parseUnits(\"100\", JPYC_DECIMALS), // 100 JPYC / tx\n * maxTransfersPerDay: 10, // 10 tx / day\n * // effective daily cap = 1000 JPYC\n * });\n * ```\n */\nexport function createJpycDailyLimitPolicies(\n\tparams: CreateJpycDailyLimitPoliciesParams,\n): readonly [Policy, Policy] {\n\tif (params.maxPerTransfer <= 0n) {\n\t\tthrow new Error(\n\t\t\t`createJpycDailyLimitPolicies: maxPerTransfer must be positive, got ${params.maxPerTransfer}.`,\n\t\t);\n\t}\n\tif (!Number.isInteger(params.maxTransfersPerDay) || params.maxTransfersPerDay < 1) {\n\t\tthrow new Error(\n\t\t\t`createJpycDailyLimitPolicies: maxTransfersPerDay must be a positive integer, got ${params.maxTransfersPerDay}.`,\n\t\t);\n\t}\n\n\tconst callPolicy = toCallPolicy({\n\t\tpolicyVersion: params.callPolicyVersion ?? CallPolicyVersion.V0_0_4,\n\t\tpermissions: [\n\t\t\t{\n\t\t\t\ttarget: params.jpycAddress,\n\t\t\t\tabi: jpycAbi,\n\t\t\t\tfunctionName: \"transfer\",\n\t\t\t\targs: [\n\t\t\t\t\t// Recipient: any address allowed (no allowlist in M2).\n\t\t\t\t\tnull,\n\t\t\t\t\t// value: must be ≤ maxPerTransfer.\n\t\t\t\t\t{\n\t\t\t\t\t\tcondition: ParamCondition.LESS_THAN_OR_EQUAL,\n\t\t\t\t\t\tvalue: params.maxPerTransfer,\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t},\n\t\t],\n\t});\n\n\tconst rateLimitPolicy = toRateLimitPolicy({\n\t\tinterval: ONE_DAY_SECONDS,\n\t\tcount: params.maxTransfersPerDay,\n\t});\n\n\treturn [callPolicy, rateLimitPolicy] as const;\n}\n"]}
1
+ {"version":3,"sources":["../src/client/transfer-jpyc.ts","../src/policy/daily-limit.ts"],"names":[],"mappings":";;;;;AA6DO,IAAM,sBAAA,GAAN,cAAqC,KAAA,CAAM;AAAA,EACjD,YAAY,OAAA,EAAiB;AAC5B,IAAA,KAAA,CAAM,CAAA,cAAA,EAAiB,OAAO,CAAA,CAAE,CAAA;AAChC,IAAA,IAAA,CAAK,IAAA,GAAO,wBAAA;AAAA,EACb;AACD;AAgBA,eAAsB,YAAA,CACrB,cACA,MAAA,EAC8B;AAC9B,EAAA,IAAI,CAAC,UAAU,MAAA,CAAO,EAAA,EAAI,EAAE,MAAA,EAAQ,KAAA,EAAO,CAAA,EAAG;AAC7C,IAAA,MAAM,IAAI,sBAAA,CAAuB,CAAA,+BAAA,EAAkC,MAAA,CAAO,EAAE,CAAA,CAAE,CAAA;AAAA,EAC/E;AACA,EAAA,IAAI,MAAA,CAAO,UAAU,EAAA,EAAI;AACxB,IAAA,MAAM,IAAI,sBAAA,CAAuB,CAAA,iCAAA,EAAoC,MAAA,CAAO,MAAM,CAAA,CAAA,CAAG,CAAA;AAAA,EACtF;AAEA,EAAA,MAAM,OAAA,GAAU,aAAa,KAAA,CAAM,EAAA;AACnC,EAAA,IAAI,CAAC,kBAAA,CAAmB,OAAO,CAAA,EAAG;AACjC,IAAA,MAAM,IAAI,sBAAA,CAAuB,CAAA,SAAA,EAAY,OAAO,CAAA,oCAAA,CAAsC,CAAA;AAAA,EAC3F;AACA,EAAA,MAAM,WAAA,GAAc,eAAe,OAAkC,CAAA;AAErE,EAAA,MAAM,OAAO,kBAAA,CAAmB;AAAA,IAC/B,GAAA,EAAK,OAAA;AAAA,IACL,YAAA,EAAc,UAAA;AAAA,IACd,IAAA,EAAM,CAAC,MAAA,CAAO,EAAA,EAAI,OAAO,MAAM;AAAA,GAC/B,CAAA;AAED,EAAA,MAAM,QAAA,GAAW,MAAM,YAAA,CAAa,OAAA,CAAQ,WAAA,CAAY,CAAC,EAAE,EAAA,EAAI,WAAA,EAAa,KAAA,EAAO,EAAA,EAAI,IAAA,EAAM,CAAC,CAAA;AAE9F,EAAA,MAAM,aAAa,MAAM,YAAA,CAAa,iBAAA,CAAkB,EAAE,UAAU,CAAA;AAEpE,EAAA,IAAI,MAAA,CAAO,mBAAmB,KAAA,EAAO;AACpC,IAAA,OAAO,EAAE,UAAA,EAAY,eAAA,EAAiB,IAAA,EAAM,SAAS,IAAA,EAAK;AAAA,EAC3D;AAEA,EAAA,MAAM,UAAU,MAAM,YAAA,CAAa,4BAA4B,EAAE,IAAA,EAAM,YAAY,CAAA;AACnF,EAAA,OAAO;AAAA,IACN,UAAA;AAAA,IACA,eAAA,EAAiB,QAAQ,OAAA,CAAQ,eAAA;AAAA,IACjC,SAAS,OAAA,CAAQ;AAAA,GAClB;AACD;AC3FO,IAAM,eAAA,GAAkB;AAyCxB,SAAS,6BACf,MAAA,EAC4B;AAC5B,EAAA,IAAI,MAAA,CAAO,kBAAkB,EAAA,EAAI;AAChC,IAAA,MAAM,IAAI,KAAA;AAAA,MACT,CAAA,mEAAA,EAAsE,OAAO,cAAc,CAAA,CAAA;AAAA,KAC5F;AAAA,EACD;AACA,EAAA,IAAI,CAAC,OAAO,SAAA,CAAU,MAAA,CAAO,kBAAkB,CAAA,IAAK,MAAA,CAAO,qBAAqB,CAAA,EAAG;AAClF,IAAA,MAAM,IAAI,KAAA;AAAA,MACT,CAAA,iFAAA,EAAoF,OAAO,kBAAkB,CAAA,CAAA;AAAA,KAC9G;AAAA,EACD;AAEA,EAAA,MAAM,aAAa,YAAA,CAAa;AAAA,IAC/B,aAAA,EAAe,MAAA,CAAO,iBAAA,IAAqB,iBAAA,CAAkB,MAAA;AAAA,IAC7D,WAAA,EAAa;AAAA,MACZ;AAAA,QACC,QAAQ,MAAA,CAAO,WAAA;AAAA,QACf,GAAA,EAAK,OAAA;AAAA,QACL,YAAA,EAAc,UAAA;AAAA,QACd,IAAA,EAAM;AAAA;AAAA,UAEL,IAAA;AAAA;AAAA,UAEA;AAAA,YACC,WAAW,cAAA,CAAe,kBAAA;AAAA,YAC1B,OAAO,MAAA,CAAO;AAAA;AACf;AACD;AACD;AACD,GACA,CAAA;AAED,EAAA,MAAM,kBAAkB,iBAAA,CAAkB;AAAA,IACzC,QAAA,EAAU,eAAA;AAAA,IACV,OAAO,MAAA,CAAO;AAAA,GACd,CAAA;AAED,EAAA,OAAO,CAAC,YAAY,eAAe,CAAA;AACpC","file":"chunk-7DWIT6D4.js","sourcesContent":["/**\n * High-level helper: transfer JPYC from a Kernel smart account via a sponsored\n * UserOp.\n *\n * This is the canonical \"agent payment\" path for M2. The flow:\n * 1. Resolve the JPYC contract address for `kernelClient.chain`.\n * 2. Encode `JPYC.transfer(to, amount)` calldata.\n * 3. Wrap it as a Kernel call and submit via `sendUserOperation`.\n * 4. Wait for the bundler receipt and return both hashes.\n *\n * EIP-3009 `transferWithAuthorization` cannot be used here: JPYC's signature\n * verification is pure `ecrecover`, so a smart account cannot be `from`. See\n * `src/tokens/eip3009.ts` for the EOA-payer path.\n *\n * @packageDocumentation\n */\n\nimport type { KernelAccountClient } from \"@zerodev/sdk\";\nimport type { Address, Chain, Hex, Transport } from \"viem\";\nimport { encodeFunctionData, isAddress } from \"viem\";\nimport type { SmartAccount } from \"viem/account-abstraction\";\nimport { isSupportedChainId, type SupportedChainId } from \"../chains\";\nimport { getJpycAddress, jpycAbi } from \"../tokens/jpyc\";\n\n/** A {@link KernelAccountClient} that is fully configured (chain + account). */\nexport type ConfiguredKernelClient = KernelAccountClient<Transport, Chain, SmartAccount>;\n\n/** Parameters for {@link transferJpyc}. */\nexport interface TransferJpycParams {\n\t/** Recipient address. */\n\treadonly to: Address;\n\t/**\n\t * Raw token amount in the token's smallest unit (JPYC has 18 decimals).\n\t *\n\t * @example\n\t * ```ts\n\t * import { parseUnits } from \"viem\";\n\t * import { JPYC_DECIMALS } from \"kawasekit\";\n\t *\n\t * parseUnits(\"100\", JPYC_DECIMALS); // 100 JPYC\n\t * ```\n\t */\n\treadonly amount: bigint;\n\t/**\n\t * Optional. Defaults to waiting for the bundler receipt before returning.\n\t * Set to `false` to return after the UserOp is submitted but before it\n\t * lands on chain — useful when the caller wants to do its own polling.\n\t */\n\treadonly waitForReceipt?: boolean;\n}\n\n/** Result of a {@link transferJpyc} call. */\nexport interface TransferJpycResult {\n\treadonly userOpHash: Hex;\n\t/** `null` when `waitForReceipt: false` was requested. */\n\treadonly transactionHash: Hex | null;\n\t/** `true` if the bundler receipt reported success; `null` if not awaited. */\n\treadonly success: boolean | null;\n}\n\n/** Thrown when {@link transferJpyc} is called with invalid arguments. */\nexport class TransferJpycInputError extends Error {\n\tconstructor(message: string) {\n\t\tsuper(`transferJpyc: ${message}`);\n\t\tthis.name = \"TransferJpycInputError\";\n\t}\n}\n\n/**\n * Transfer JPYC from the Kernel smart account to `to` via a sponsored UserOp.\n *\n * @example\n * ```ts\n * import { parseUnits } from \"viem\";\n * import { JPYC_DECIMALS, transferJpyc } from \"kawasekit\";\n *\n * const { userOpHash, transactionHash } = await transferJpyc(kernelClient, {\n * to: \"0xBeef0000000000000000000000000000DEADBEEF\",\n * amount: parseUnits(\"100\", JPYC_DECIMALS),\n * });\n * ```\n */\nexport async function transferJpyc(\n\tkernelClient: ConfiguredKernelClient,\n\tparams: TransferJpycParams,\n): Promise<TransferJpycResult> {\n\tif (!isAddress(params.to, { strict: false })) {\n\t\tthrow new TransferJpycInputError(`\\`to\\` is not a valid address: ${params.to}`);\n\t}\n\tif (params.amount <= 0n) {\n\t\tthrow new TransferJpycInputError(`\\`amount\\` must be positive, got ${params.amount}.`);\n\t}\n\n\tconst chainId = kernelClient.chain.id;\n\tif (!isSupportedChainId(chainId)) {\n\t\tthrow new TransferJpycInputError(`Chain ID ${chainId} is not a kawasekit-supported chain.`);\n\t}\n\tconst jpycAddress = getJpycAddress(chainId satisfies SupportedChainId);\n\n\tconst data = encodeFunctionData({\n\t\tabi: jpycAbi,\n\t\tfunctionName: \"transfer\",\n\t\targs: [params.to, params.amount],\n\t});\n\n\tconst callData = await kernelClient.account.encodeCalls([{ to: jpycAddress, value: 0n, data }]);\n\n\tconst userOpHash = await kernelClient.sendUserOperation({ callData });\n\n\tif (params.waitForReceipt === false) {\n\t\treturn { userOpHash, transactionHash: null, success: null };\n\t}\n\n\tconst receipt = await kernelClient.waitForUserOperationReceipt({ hash: userOpHash });\n\treturn {\n\t\tuserOpHash,\n\t\ttransactionHash: receipt.receipt.transactionHash,\n\t\tsuccess: receipt.success,\n\t};\n}\n","/**\n * Daily-limit spending policy for JPYC, built on ZeroDev's Permission System.\n *\n * Composes two ZeroDev policies:\n * 1. **callPolicy** — locks the session key to `JPYC.transfer(to, value)`\n * with `value ≤ maxPerTransfer`. Recipient is unrestricted in M2;\n * add allowlisting in M3 when use cases firm up.\n * 2. **rateLimitPolicy** — caps userOp count to `maxTransfersPerDay` in any\n * 24-hour rolling window.\n *\n * Effective daily cap = `maxPerTransfer × maxTransfersPerDay`. This is not a\n * cumulative-amount tracker (ZeroDev doesn't ship one), but the agent cannot\n * exceed either dimension, so the spirit of \"daily limit\" holds.\n *\n * @packageDocumentation\n */\n\nimport type { Policy } from \"@zerodev/permissions\";\nimport {\n\tCallPolicyVersion,\n\tParamCondition,\n\ttoCallPolicy,\n\ttoRateLimitPolicy,\n} from \"@zerodev/permissions/policies\";\nimport type { Address } from \"viem\";\nimport { jpycAbi } from \"../tokens/jpyc\";\n\n/** One day in seconds — the period for {@link createJpycDailyLimitPolicies}. */\nexport const ONE_DAY_SECONDS = 86_400;\n\n/** Parameters for {@link createJpycDailyLimitPolicies}. */\nexport interface CreateJpycDailyLimitPoliciesParams {\n\t/** JPYC contract address on the target chain. */\n\treadonly jpycAddress: Address;\n\t/** Maximum JPYC (in raw units) the session key may move in one transfer. */\n\treadonly maxPerTransfer: bigint;\n\t/** Maximum number of transfer userOps the session key may submit per day. */\n\treadonly maxTransfersPerDay: number;\n\t/**\n\t * ZeroDev callPolicy on-chain version. Defaults to V0_0_4 (latest at the\n\t * time of writing). Bump only after auditing the new version's semantics.\n\t */\n\treadonly callPolicyVersion?: CallPolicyVersion;\n}\n\n/**\n * Builds the ZeroDev policy bundle that enforces a JPYC daily spend limit.\n *\n * Plug the returned policies into `toPermissionValidator({ policies, … })`\n * — see {@link createAgentSmartAccount} for the common wiring.\n *\n * @example\n * ```ts\n * import { parseUnits } from \"viem\";\n * import {\n * createJpycDailyLimitPolicies,\n * getJpycAddress,\n * JPYC_DECIMALS,\n * polygonAmoy,\n * } from \"kawasekit\";\n *\n * const policies = createJpycDailyLimitPolicies({\n * jpycAddress: getJpycAddress(polygonAmoy.id),\n * maxPerTransfer: parseUnits(\"100\", JPYC_DECIMALS), // 100 JPYC / tx\n * maxTransfersPerDay: 10, // 10 tx / day\n * // effective daily cap = 1000 JPYC\n * });\n * ```\n */\nexport function createJpycDailyLimitPolicies(\n\tparams: CreateJpycDailyLimitPoliciesParams,\n): readonly [Policy, Policy] {\n\tif (params.maxPerTransfer <= 0n) {\n\t\tthrow new Error(\n\t\t\t`createJpycDailyLimitPolicies: maxPerTransfer must be positive, got ${params.maxPerTransfer}.`,\n\t\t);\n\t}\n\tif (!Number.isInteger(params.maxTransfersPerDay) || params.maxTransfersPerDay < 1) {\n\t\tthrow new Error(\n\t\t\t`createJpycDailyLimitPolicies: maxTransfersPerDay must be a positive integer, got ${params.maxTransfersPerDay}.`,\n\t\t);\n\t}\n\n\tconst callPolicy = toCallPolicy({\n\t\tpolicyVersion: params.callPolicyVersion ?? CallPolicyVersion.V0_0_4,\n\t\tpermissions: [\n\t\t\t{\n\t\t\t\ttarget: params.jpycAddress,\n\t\t\t\tabi: jpycAbi,\n\t\t\t\tfunctionName: \"transfer\",\n\t\t\t\targs: [\n\t\t\t\t\t// Recipient: any address allowed (no allowlist in M2).\n\t\t\t\t\tnull,\n\t\t\t\t\t// value: must be ≤ maxPerTransfer.\n\t\t\t\t\t{\n\t\t\t\t\t\tcondition: ParamCondition.LESS_THAN_OR_EQUAL,\n\t\t\t\t\t\tvalue: params.maxPerTransfer,\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t},\n\t\t],\n\t});\n\n\tconst rateLimitPolicy = toRateLimitPolicy({\n\t\tinterval: ONE_DAY_SECONDS,\n\t\tcount: params.maxTransfersPerDay,\n\t});\n\n\treturn [callPolicy, rateLimitPolicy] as const;\n}\n"]}
package/dist/{chunk-6M7UN23J.js → chunk-LNXYCHRY.js} RENAMED
@@ -243,7 +243,7 @@ function x402NetworkToChainId(network) {
243
243
  var X402_HEADER_PAYMENT_REQUIRED = "PAYMENT-REQUIRED";
244
244
  var X402_HEADER_PAYMENT_SIGNATURE = "PAYMENT-SIGNATURE";
245
245
  var X402_HEADER_PAYMENT_RESPONSE = "PAYMENT-RESPONSE";
246
- var BASE64_REGEX = /^[A-Za-z0-9+/]*={0,2}$/;
246
+ var BASE64_REGEX = /^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=|[A-Za-z0-9+/]{4})?$/;
247
247
  function bigIntReplacer(_key, value) {
248
248
  return typeof value === "bigint" ? value.toString() : value;
249
249
  }
@@ -542,5 +542,5 @@ function createX402Handler(params) {
542
542
  }
543
543
 
544
544
  export { JPYC_DECIMALS, JPYC_EIP712_DOMAIN_HINT, JPYC_V2_ADDRESS, JpycNotAvailableError, X402InvalidPayloadError, X402_DEFAULT_MAX_TIMEOUT_SECONDS, X402_HEADER_PAYMENT_REQUIRED, X402_HEADER_PAYMENT_RESPONSE, X402_HEADER_PAYMENT_SIGNATURE, X402_VERSION, buildPaymentRequiredResponse, buildPaymentRequirements, chainIdToX402Network, createX402Handler, decodePaymentRequiredHeader, decodePaymentResponseHeader, decodePaymentSignatureHeader, encodePaymentRequiredHeader, encodePaymentResponseHeader, encodePaymentSignatureHeader, getJpycAddress, isX402Network, jpycAbi, jpycDeployments, x402NetworkToChainId };
545
- //# sourceMappingURL=chunk-6M7UN23J.js.map
546
- //# sourceMappingURL=chunk-6M7UN23J.js.map
545
+ //# sourceMappingURL=chunk-LNXYCHRY.js.map
546
+ //# sourceMappingURL=chunk-LNXYCHRY.js.map