npm - moltspay - Versions diffs - 0.2.2 → 0.2.4 - Mend

moltspay 0.2.2 → 0.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/dist/index.mjs CHANGED Viewed

@@ -1143,8 +1143,352 @@ After signing, send { v, r, s, deadline } to the Agent.
 \u26A0\uFE0F Note: This authorization only allows the Agent to spend up to ${amount} USDC from your wallet. Your private key is never exposed.`;
 }
-// src/permit/Permit.ts
+// src/wallet/signPermit.ts
 import { ethers as ethers5 } from "ethers";
+async function signPermit(config, params) {
+  const chain = config.chain || "base";
+  const chainConfig = getChain(chain);
+  const privateKey = config.privateKey || process.env.PAYMENT_AGENT_PRIVATE_KEY;
+  if (!privateKey) {
+    throw new Error("privateKey is required");
+  }
+  const rpcUrl = config.rpcUrl || chainConfig.rpc;
+  const provider = new ethers5.JsonRpcProvider(rpcUrl);
+  const wallet = new ethers5.Wallet(privateKey, provider);
+  const usdcContract = new ethers5.Contract(chainConfig.usdc, ERC20_ABI, provider);
+  const nonce = Number(await usdcContract.nonces(wallet.address));
+  let deadline;
+  if (!params.deadline) {
+    deadline = Math.floor(Date.now() / 1e3) + 30 * 60;
+  } else if (params.deadline < 1e6) {
+    deadline = Math.floor(Date.now() / 1e3) + params.deadline * 60;
+  } else {
+    deadline = params.deadline;
+  }
+  const value = BigInt(Math.floor(params.amount * 1e6)).toString();
+  const domain = {
+    name: "USD Coin",
+    version: "2",
+    chainId: chainConfig.chainId,
+    verifyingContract: chainConfig.usdc
+  };
+  const types = {
+    Permit: [
+      { name: "owner", type: "address" },
+      { name: "spender", type: "address" },
+      { name: "value", type: "uint256" },
+      { name: "nonce", type: "uint256" },
+      { name: "deadline", type: "uint256" }
+    ]
+  };
+  const message = {
+    owner: wallet.address,
+    spender: params.spender,
+    value,
+    nonce,
+    deadline
+  };
+  const signature = await wallet.signTypedData(domain, types, message);
+  const sig = ethers5.Signature.from(signature);
+  return {
+    owner: wallet.address,
+    spender: params.spender,
+    value,
+    deadline,
+    nonce,
+    v: sig.v,
+    r: sig.r,
+    s: sig.s
+  };
+}
+var PermitSigner = class {
+  config;
+  constructor(config) {
+    this.config = config;
+  }
+  async sign(params) {
+    return signPermit(this.config, params);
+  }
+};
+// src/wallet/AllowanceWallet.ts
+import { ethers as ethers6 } from "ethers";
+var PERMIT_ABI2 = [
+  ...ERC20_ABI,
+  "function permit(address owner, address spender, uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s)",
+  "function transferFrom(address from, address to, uint256 amount) returns (bool)",
+  "function allowance(address owner, address spender) view returns (uint256)",
+  "function nonces(address owner) view returns (uint256)"
+];
+var AllowanceWallet = class {
+  chain;
+  chainConfig;
+  address;
+  // Agent's address
+  wallet;
+  provider;
+  usdcContract;
+  /** Stored permits from owners */
+  permits = /* @__PURE__ */ new Map();
+  constructor(config) {
+    this.chain = config.chain || "base_sepolia";
+    this.chainConfig = getChain(this.chain);
+    const rpcUrl = config.rpcUrl || this.chainConfig.rpc;
+    this.provider = new ethers6.JsonRpcProvider(rpcUrl);
+    this.wallet = new ethers6.Wallet(config.privateKey, this.provider);
+    this.address = this.wallet.address;
+    this.usdcContract = new ethers6.Contract(
+      this.chainConfig.usdc,
+      PERMIT_ABI2,
+      this.wallet
+    );
+  }
+  /**
+   * Store a Permit received from Owner
+   * Call this when Owner sends you a signed Permit
+   */
+  storePermit(permit) {
+    const ownerLower = permit.owner.toLowerCase();
+    this.permits.set(ownerLower, permit);
+  }
+  /**
+   * Get stored Permit for an owner
+   */
+  getPermit(owner) {
+    return this.permits.get(owner.toLowerCase());
+  }
+  /**
+   * Check allowance status with an owner
+   */
+  async checkAllowance(owner) {
+    const ownerAddress = ethers6.getAddress(owner);
+    const [allowance, ownerBalance, agentGasBalance] = await Promise.all([
+      this.usdcContract.allowance(ownerAddress, this.address),
+      this.usdcContract.balanceOf(ownerAddress),
+      this.provider.getBalance(this.address)
+    ]);
+    const allowanceNum = Number(allowance) / 1e6;
+    const hasGas = Number(ethers6.formatEther(agentGasBalance)) >= 1e-4;
+    return {
+      owner: ownerAddress,
+      agent: this.address,
+      allowance: allowanceNum.toFixed(2),
+      ownerBalance: (Number(ownerBalance) / 1e6).toFixed(2),
+      agentGasBalance: ethers6.formatEther(agentGasBalance),
+      canSpend: allowanceNum > 0 && hasGas,
+      chain: this.chainConfig.name
+    };
+  }
+  /**
+   * Spend from Owner's wallet using Permit allowance
+   *
+   * @example
+   * ```typescript
+   * const agent = new AllowanceWallet({
+   *   chain: 'base',
+   *   privateKey: process.env.AGENT_KEY  // Only needs gas
+   * });
+   *
+   * // Owner gave us a Permit
+   * agent.storePermit(ownerPermit);
+   *
+   * // Spend to pay for a service
+   * const result = await agent.spend({
+   *   to: '0xServiceProvider...',
+   *   amount: 2.99,
+   * });
+   * ```
+   */
+  async spend(params) {
+    const { to, amount, permit } = params;
+    try {
+      const toAddress = ethers6.getAddress(to);
+      const amountWei = BigInt(Math.floor(amount * 1e6));
+      let ownerPermit = permit;
+      let ownerAddress;
+      if (ownerPermit) {
+        ownerAddress = ethers6.getAddress(ownerPermit.owner);
+        this.storePermit(ownerPermit);
+      } else {
+        for (const [owner, p] of this.permits) {
+          const allowance = await this.usdcContract.allowance(owner, this.address);
+          if (BigInt(allowance) >= amountWei) {
+            ownerAddress = ethers6.getAddress(owner);
+            ownerPermit = p;
+            break;
+          }
+        }
+        if (!ownerPermit) {
+          return {
+            success: false,
+            error: "No valid permit found. Ask Owner to sign a Permit first.",
+            from: "",
+            to: toAddress,
+            amount
+          };
+        }
+      }
+      const currentAllowance = await this.usdcContract.allowance(ownerAddress, this.address);
+      if (BigInt(currentAllowance) < amountWei) {
+        const now = Math.floor(Date.now() / 1e3);
+        if (ownerPermit.deadline < now) {
+          return {
+            success: false,
+            error: `Permit expired at ${new Date(ownerPermit.deadline * 1e3).toISOString()}. Ask Owner for a new Permit.`,
+            from: ownerAddress,
+            to: toAddress,
+            amount
+          };
+        }
+        const currentNonce = await this.usdcContract.nonces(ownerAddress);
+        if (Number(currentNonce) !== ownerPermit.nonce) {
+          return {
+            success: false,
+            error: `Permit nonce mismatch (expected ${ownerPermit.nonce}, got ${currentNonce}). Owner may have used this permit or signed a new one.`,
+            from: ownerAddress,
+            to: toAddress,
+            amount
+          };
+        }
+        console.log("[AllowanceWallet] Submitting permit on-chain...");
+        const permitTx = await this.usdcContract.permit(
+          ownerAddress,
+          this.address,
+          ownerPermit.value,
+          ownerPermit.deadline,
+          ownerPermit.v,
+          ownerPermit.r,
+          ownerPermit.s
+        );
+        await permitTx.wait();
+        console.log("[AllowanceWallet] Permit submitted:", permitTx.hash);
+      }
+      console.log("[AllowanceWallet] Executing transferFrom...");
+      const tx = await this.usdcContract.transferFrom(
+        ownerAddress,
+        toAddress,
+        amountWei
+      );
+      const receipt = await tx.wait();
+      const newAllowance = await this.usdcContract.allowance(ownerAddress, this.address);
+      return {
+        success: true,
+        txHash: tx.hash,
+        from: ownerAddress,
+        to: toAddress,
+        amount,
+        remainingAllowance: (Number(newAllowance) / 1e6).toFixed(2),
+        explorerUrl: `${this.chainConfig.explorerTx}${tx.hash}`
+      };
+    } catch (error) {
+      const message = error.message;
+      if (message.includes("ERC20InsufficientAllowance")) {
+        return {
+          success: false,
+          error: "Insufficient allowance. Ask Owner to sign a new Permit with higher amount.",
+          from: "",
+          to,
+          amount
+        };
+      }
+      if (message.includes("ERC20InsufficientBalance")) {
+        return {
+          success: false,
+          error: "Owner's wallet has insufficient USDC balance.",
+          from: "",
+          to,
+          amount
+        };
+      }
+      return {
+        success: false,
+        error: message,
+        from: "",
+        to,
+        amount
+      };
+    }
+  }
+  /**
+   * Get Agent's gas balance (ETH)
+   */
+  async getGasBalance() {
+    const balance = await this.provider.getBalance(this.address);
+    return ethers6.formatEther(balance);
+  }
+};
+function generatePermitInstructions(params) {
+  const { ownerAddress, agentAddress, amount, deadlineHours = 24, chain = "base" } = params;
+  const chainConfig = getChain(chain);
+  const deadline = Math.floor(Date.now() / 1e3) + deadlineHours * 3600;
+  const value = BigInt(Math.floor(amount * 1e6)).toString();
+  const eip712Domain = {
+    name: "USD Coin",
+    version: "2",
+    chainId: chainConfig.chainId,
+    verifyingContract: chainConfig.usdc
+  };
+  const typedData = {
+    types: {
+      EIP712Domain: [
+        { name: "name", type: "string" },
+        { name: "version", type: "string" },
+        { name: "chainId", type: "uint256" },
+        { name: "verifyingContract", type: "address" }
+      ],
+      Permit: [
+        { name: "owner", type: "address" },
+        { name: "spender", type: "address" },
+        { name: "value", type: "uint256" },
+        { name: "nonce", type: "uint256" },
+        { name: "deadline", type: "uint256" }
+      ]
+    },
+    primaryType: "Permit",
+    domain: eip712Domain,
+    message: {
+      owner: ownerAddress,
+      spender: agentAddress,
+      value,
+      nonce: "<GET_FROM_USDC_CONTRACT>",
+      // Owner needs to query this
+      deadline
+    }
+  };
+  const instructions = `
+\u{1F510} **Grant USDC Spending Allowance to Your Agent**
+Your Agent (${agentAddress}) is requesting permission to spend up to ${amount} USDC from your wallet.
+**What this does:**
+- Allows your Agent to pay for services on your behalf
+- Your USDC stays in YOUR wallet until spent
+- Agent can only spend up to the authorized amount
+- Expires in ${deadlineHours} hours
+- You can revoke anytime by moving your USDC
+**How to sign (MetaMask / any web3 wallet):**
+1. Go to https://etherscan.io/address/${chainConfig.usdc}#readContract
+2. Query \`nonces(${ownerAddress})\` to get your current nonce
+3. Use eth_signTypedData_v4 with the data below (replace nonce)
+4. Send the signature {v, r, s, deadline, nonce} to your Agent
+**Chain:** ${chainConfig.name}
+**USDC Contract:** ${chainConfig.usdc}
+**EIP-712 Typed Data:**
+\`\`\`json
+${JSON.stringify(typedData, null, 2)}
+\`\`\`
+\u26A0\uFE0F Never share your private key. This signature only authorizes spending, not wallet access.
+`;
+  return { instructions, typedData, eip712Domain };
+}
+// src/permit/Permit.ts
+import { ethers as ethers7 } from "ethers";
 var PermitPayment = class {
   chain;
   chainConfig;
@@ -1157,13 +1501,13 @@ var PermitPayment = class {
     this.chainConfig = getChain(this.chain);
     this.spenderAddress = config.spenderAddress || process.env.PAYMENT_AGENT_WALLET || "";
     const rpcUrl = config.rpcUrl || this.chainConfig.rpc;
-    this.provider = new ethers5.JsonRpcProvider(rpcUrl);
+    this.provider = new ethers7.JsonRpcProvider(rpcUrl);
     const privateKey = config.privateKey || process.env.PAYMENT_AGENT_PRIVATE_KEY;
     if (privateKey) {
-      this.wallet = new ethers5.Wallet(privateKey, this.provider);
+      this.wallet = new ethers7.Wallet(privateKey, this.provider);
       this.spenderAddress = this.wallet.address;
     }
-    this.usdcContract = new ethers5.Contract(
+    this.usdcContract = new ethers7.Contract(
       this.chainConfig.usdc,
       ERC20_ABI,
       this.wallet || this.provider
@@ -1446,8 +1790,8 @@ var OrderManager = class {
 };
 // src/verify/index.ts
-import { ethers as ethers6 } from "ethers";
-var TRANSFER_EVENT_TOPIC = ethers6.id("Transfer(address,address,uint256)");
+import { ethers as ethers8 } from "ethers";
+var TRANSFER_EVENT_TOPIC = ethers8.id("Transfer(address,address,uint256)");
 async function verifyPayment(params) {
   const { txHash, expectedAmount, expectedTo } = params;
   let chain;
@@ -1464,7 +1808,7 @@ async function verifyPayment(params) {
     return { verified: false, error: `Unsupported chain: ${params.chain}` };
   }
   try {
-    const provider = new ethers6.JsonRpcProvider(chain.rpc);
+    const provider = new ethers8.JsonRpcProvider(chain.rpc);
     const receipt = await provider.getTransactionReceipt(txHash);
     if (!receipt) {
       return { verified: false, error: "Transaction not found or not confirmed" };
@@ -1524,7 +1868,7 @@ async function getTransactionStatus(txHash, chain = "base") {
     return { status: "not_found" };
   }
   try {
-    const provider = new ethers6.JsonRpcProvider(chainConfig.rpc);
+    const provider = new ethers8.JsonRpcProvider(chainConfig.rpc);
     const receipt = await provider.getTransactionReceipt(txHash);
     if (!receipt) {
       const tx = await provider.getTransaction(txHash);
@@ -1561,7 +1905,7 @@ async function waitForTransaction(txHash, chain = "base", confirmations = 1, tim
   } catch (e) {
     return { verified: false, confirmed: false, error: `Unsupported chain: ${chain}` };
   }
-  const provider = new ethers6.JsonRpcProvider(chainConfig.rpc);
+  const provider = new ethers8.JsonRpcProvider(chainConfig.rpc);
   try {
     const receipt = await provider.waitForTransaction(txHash, confirmations, timeoutMs);
     if (!receipt) {
@@ -1984,6 +2328,58 @@ ${receipt.delivery?.url ? `- Delivery: ${receipt.delivery.url}` : ""}
    */
   end() {
     return `Thank you for your purchase. This transaction is complete. Feel free to reach out if you need modifications or new services.`;
+  },
+  // ============ Permit Payment (Seller receives Permit from Client) ============
+  /**
+   * Offer Permit payment option
+   */
+  offerPermitPayment(params) {
+    const { service, price, sellerAddress, chain = "base", invoiceId } = params;
+    const chainConfig = getChain(chain);
+    return `Quote:
+- Service: ${service}
+- Price: ${price} USDC
+- Chain: ${chainConfig.name}
+- Invoice: ${invoiceId}
+You can pay by signing a Permit authorizing my wallet to collect payment:
+- Spender (me): \`${sellerAddress}\`
+- Amount: ${price} USDC
+Sign the Permit and send me the data. I'll then execute the collection.
+[status:awaiting_permit invoice=${invoiceId}]`;
+  },
+  /**
+   * Confirm Permit received, executing payment
+   */
+  executingPermit(invoiceId) {
+    return `Permit received for invoice ${invoiceId}. Executing payment collection now...`;
+  },
+  /**
+   * Permit payment successful
+   */
+  permitPaymentReceived(params) {
+    const { amount, txHash, invoiceId } = params;
+    return `Payment collected successfully!
+- Invoice: ${invoiceId}
+- Amount: ${amount} USDC
+- Tx Hash: \`${txHash}\`
+Starting to process your request now.
+[status:payment_confirmed tx=${txHash}]`;
+  },
+  /**
+   * Permit payment failed
+   */
+  permitPaymentFailed(error, invoiceId) {
+    return `Failed to collect payment for invoice ${invoiceId}: ${error}
+Please check:
+- Permit signature is valid
+- Permit hasn't expired
+- Your wallet has sufficient USDC balance
+You can re-sign and send a new Permit.`;
   }
 };
 var BuyerTemplates = {
@@ -2076,11 +2472,46 @@ ${requirements}`;
     const { amount, agentAddress, deadlineHours = 24, reason } = params;
     return `Boss, I need a USDC spending allowance (Permit) for ${reason || "purchasing services"}.
 Please authorize ${amount} USDC to my wallet ${agentAddress}, valid for ${deadlineHours} hours.`;
+  },
+  // ============ Permit Payment (Client signs Permit to Seller) ============
+  /**
+   * Confirm willing to pay via Permit
+   */
+  confirmPermitPayment() {
+    return `Confirmed. I'll sign a Permit authorizing you to collect the payment.`;
+  },
+  /**
+   * Send signed Permit to Seller
+   */
+  sendPermit(params) {
+    const { permit, invoiceId, amount } = params;
+    return `Payment authorized via Permit.
+Invoice: ${invoiceId}
+Amount: ${amount} USDC
+Permit Data:
+\`\`\`json
+${JSON.stringify(permit, null, 2)}
+\`\`\`
+[status:permit_sent invoice=${invoiceId} amount=${amount}]`;
+  },
+  /**
+   * Simplified Permit message (compact JSON for agent parsing)
+   */
+  sendPermitCompact(params) {
+    const { permit, invoiceId } = params;
+    return `Permit signed for invoice ${invoiceId}:
+${JSON.stringify(permit)}
+[status:permit_sent invoice=${invoiceId}]`;
   }
 };
 var StatusMarkers = {
   walletReady: "[status:wallet_ready]",
   permitReady: (amount) => `[status:permit_ready USDC=${amount}]`,
+  permitSent: (invoiceId, amount) => `[status:permit_sent invoice=${invoiceId} amount=${amount}]`,
+  awaitingPermit: (invoiceId) => `[status:awaiting_permit invoice=${invoiceId}]`,
   paymentSent: (txHash, amount) => `[status:payment_sent tx=${txHash} amount=${amount} USDC]`,
   paymentConfirmed: (txHash) => `[status:payment_confirmed tx=${txHash}]`,
   delivered: (url, hash) => `[status:delivered url=${url}${hash ? ` hash=${hash}` : ""}]`,
@@ -2100,6 +2531,24 @@ function parseStatusMarker(message) {
       data: { amount: amountMatch?.[1] || "0" }
     };
   }
+  if (content.startsWith("permit_sent")) {
+    const invoiceMatch = content.match(/invoice=(\S+)/);
+    const amountMatch = content.match(/amount=(\d+(?:\.\d+)?)/);
+    return {
+      type: "permit_sent",
+      data: {
+        invoiceId: invoiceMatch?.[1] || "",
+        amount: amountMatch?.[1] || "0"
+      }
+    };
+  }
+  if (content.startsWith("awaiting_permit")) {
+    const invoiceMatch = content.match(/invoice=(\S+)/);
+    return {
+      type: "awaiting_permit",
+      data: { invoiceId: invoiceMatch?.[1] || "" }
+    };
+  }
   if (content.startsWith("payment_sent")) {
     const txMatch = content.match(/tx=(\S+)/);
     const amountMatch = content.match(/amount=(\d+(?:\.\d+)?)/);
@@ -2143,6 +2592,7 @@ function parseStatusMarker(message) {
   return { type: "unknown", data: { raw: content } };
 }
 export {
+  AllowanceWallet,
   AuditLog,
   BuyerTemplates,
   CHAINS,
@@ -2151,6 +2601,7 @@ export {
   OrderManager,
   PaymentAgent,
   PermitPayment,
+  PermitSigner,
   PermitWallet,
   SecureWallet,
   SellerTemplates,
@@ -2164,6 +2615,7 @@ export {
   formatReceiptText,
   generatePaymentGuide,
   generatePaymentReminder,
+  generatePermitInstructions,
   generateReceipt,
   generateReceiptFromInvoice,
   generateWalletGuide,
@@ -2175,6 +2627,7 @@ export {
   listChains,
   loadWallet,
   parseStatusMarker,
+  signPermit,
   verifyPayment,
   waitForTransaction,
   walletExists