npm - moltspay - Versions diffs - 0.8.0 → 0.8.1 - Mend

moltspay 0.8.0 → 0.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/dist/index.js CHANGED Viewed

@@ -30369,7 +30369,6 @@ init_cjs_shims();
 init_cjs_shims();
 var import_fs = require("fs");
 var import_http = require("http");
-var import_ethers = require("ethers");
 // src/chains/index.ts
 init_cjs_shims();
@@ -30456,34 +30455,26 @@ init_cjs_shims();
 var X402_VERSION = 2;
 var PAYMENT_REQUIRED_HEADER = "x-payment-required";
 var PAYMENT_HEADER = "x-payment";
+var PAYMENT_RESPONSE_HEADER = "x-payment-response";
+var DEFAULT_FACILITATOR_URL = "https://x402.org/facilitator";
 var MoltsPayServer = class {
   manifest;
   skills = /* @__PURE__ */ new Map();
   options;
-  provider = null;
-  wallet = null;
+  facilitatorUrl;
   constructor(servicesPath, options = {}) {
     const content = (0, import_fs.readFileSync)(servicesPath, "utf-8");
     this.manifest = JSON.parse(content);
     this.options = {
       port: options.port || 3e3,
-      host: options.host || "0.0.0.0",
-      privateKey: options.privateKey || process.env.MOLTSPAY_PRIVATE_KEY
+      host: options.host || "0.0.0.0"
     };
-    if (this.options.privateKey) {
-      try {
-        const chain2 = getChain(this.manifest.provider.chain);
-        this.provider = new import_ethers.ethers.JsonRpcProvider(chain2.rpc);
-        this.wallet = new import_ethers.ethers.Wallet(this.options.privateKey, this.provider);
-        console.log(`[MoltsPay] Payment wallet: ${this.wallet.address}`);
-      } catch (err) {
-        console.warn("[MoltsPay] Warning: Could not initialize wallet for payment claims");
-      }
-    }
+    this.facilitatorUrl = options.facilitatorUrl || DEFAULT_FACILITATOR_URL;
     console.log(`[MoltsPay] Loaded ${this.manifest.services.length} services from ${servicesPath}`);
     console.log(`[MoltsPay] Provider: ${this.manifest.provider.name}`);
     console.log(`[MoltsPay] Receive wallet: ${this.manifest.provider.wallet}`);
-    console.log(`[MoltsPay] Protocol: x402 (gasless, pay-for-success)`);
+    console.log(`[MoltsPay] Facilitator: ${this.facilitatorUrl}`);
+    console.log(`[MoltsPay] Protocol: x402 (gasless for both client AND server)`);
   }
   /**
    * Register a skill handler for a service
@@ -30493,48 +30484,45 @@ var MoltsPayServer = class {
     if (!config) {
       throw new Error(`Service '${serviceId}' not found in manifest`);
     }
-    this.skills.set(serviceId, {
-      id: serviceId,
-      config,
-      handler
-    });
-    console.log(`[MoltsPay] Registered skill: ${serviceId} ($${config.price} ${config.currency})`);
+    this.skills.set(serviceId, { id: serviceId, config, handler });
     return this;
   }
   /**
-   * Start the server
+   * Start HTTP server
    */
   listen(port) {
-    const p = port || this.options.port;
+    const p = port || this.options.port || 3e3;
+    const host = this.options.host || "0.0.0.0";
     const server = (0, import_http.createServer)((req, res) => this.handleRequest(req, res));
-    server.listen(p, this.options.host, () => {
-      console.log(`[MoltsPay] Server listening on http://${this.options.host}:${p}`);
+    server.listen(p, host, () => {
+      console.log(`[MoltsPay] Server listening on http://${host}:${p}`);
       console.log(`[MoltsPay] Endpoints:`);
       console.log(`  GET  /services     - List available services`);
       console.log(`  POST /execute      - Execute service (x402 payment)`);
     });
   }
+  /**
+   * Handle incoming request
+   */
   async handleRequest(req, res) {
-    const url = new URL(req.url || "/", `http://${req.headers.host}`);
-    const path2 = url.pathname;
-    const method = req.method || "GET";
     res.setHeader("Access-Control-Allow-Origin", "*");
     res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
     res.setHeader("Access-Control-Allow-Headers", "Content-Type, X-Payment");
     res.setHeader("Access-Control-Expose-Headers", "X-Payment-Required, X-Payment-Response");
-    if (method === "OPTIONS") {
+    if (req.method === "OPTIONS") {
       res.writeHead(204);
       res.end();
       return;
     }
     try {
-      if (method === "GET" && path2 === "/services") {
+      const url = new URL(req.url || "/", `http://${req.headers.host}`);
+      if (url.pathname === "/services" && req.method === "GET") {
         return this.handleGetServices(res);
       }
-      if (method === "POST" && path2 === "/execute") {
+      if (url.pathname === "/execute" && req.method === "POST") {
         const body = await this.readBody(req);
         const paymentHeader = req.headers[PAYMENT_HEADER];
-        return this.handleExecute(body, paymentHeader, res);
+        return await this.handleExecute(body, paymentHeader, res);
       }
       this.sendJson(res, 404, { error: "Not found" });
     } catch (err) {
@@ -30563,7 +30551,8 @@ var MoltsPayServer = class {
       x402: {
         version: X402_VERSION,
         network: `eip155:${chain2.chainId}`,
-        schemes: ["exact"]
+        schemes: ["exact"],
+        facilitator: this.facilitatorUrl
       }
     });
   }
@@ -30600,6 +30589,11 @@ var MoltsPayServer = class {
     if (!validation.valid) {
       return this.sendJson(res, 402, { error: validation.error });
     }
+    console.log(`[MoltsPay] Verifying payment with facilitator...`);
+    const verifyResult = await this.verifyWithFacilitator(payment, skill.config);
+    if (!verifyResult.valid) {
+      return this.sendJson(res, 402, { error: `Payment verification failed: ${verifyResult.error}` });
+    }
     console.log(`[MoltsPay] Executing skill: ${service}`);
     let result;
     try {
@@ -30611,19 +30605,30 @@ var MoltsPayServer = class {
         message: err.message
       });
     }
-    console.log(`[MoltsPay] Skill succeeded, claiming payment...`);
-    let txHash = null;
+    console.log(`[MoltsPay] Skill succeeded, settling payment...`);
+    let settlement = null;
     try {
-      txHash = await this.claimPayment(payment);
-      console.log(`[MoltsPay] Payment claimed: ${txHash}`);
+      settlement = await this.settleWithFacilitator(payment, skill.config);
+      console.log(`[MoltsPay] Payment settled: ${settlement.transaction || "pending"}`);
     } catch (err) {
-      console.error("[MoltsPay] Payment claim failed:", err.message);
+      console.error("[MoltsPay] Settlement failed:", err.message);
+    }
+    const responseHeaders = {};
+    if (settlement) {
+      const responsePayload = {
+        success: true,
+        transaction: settlement.transaction,
+        network: payment.network
+      };
+      responseHeaders[PAYMENT_RESPONSE_HEADER] = Buffer.from(
+        JSON.stringify(responsePayload)
+      ).toString("base64");
     }
     this.sendJson(res, 200, {
       success: true,
       result,
-      payment: txHash ? { txHash, status: "claimed" } : { status: "pending" }
-    });
+      payment: settlement ? { transaction: settlement.transaction, status: "settled" } : { status: "pending" }
+    }, responseHeaders);
   }
   /**
    * Return 402 with x402 payment requirements
@@ -30636,7 +30641,9 @@ var MoltsPayServer = class {
       network: `eip155:${chain2.chainId}`,
       maxAmountRequired: amountInUnits,
       resource: this.manifest.provider.wallet,
-      description: `${config.name} - $${config.price} ${config.currency}`
+      description: `${config.name} - $${config.price} ${config.currency}`,
+      // Include facilitator info for client
+      extra: JSON.stringify({ facilitator: this.facilitatorUrl })
     }];
     const encoded = Buffer.from(JSON.stringify(requirements)).toString("base64");
     res.writeHead(402, {
@@ -30650,7 +30657,7 @@ var MoltsPayServer = class {
     }, null, 2));
   }
   /**
-   * Validate x402 payment payload
+   * Basic payment validation (before calling facilitator)
    */
   validatePayment(payment, config) {
     if (payment.x402Version !== X402_VERSION) {
@@ -30664,51 +30671,66 @@ var MoltsPayServer = class {
     if (payment.network !== expectedNetwork) {
       return { valid: false, error: `Network mismatch: expected ${expectedNetwork}` };
     }
-    const auth = payment.payload.authorization;
-    if (auth.to.toLowerCase() !== this.manifest.provider.wallet.toLowerCase()) {
-      return { valid: false, error: "Payment recipient mismatch" };
-    }
-    const amount = Number(auth.value) / 1e6;
-    if (amount < config.price) {
-      return { valid: false, error: `Insufficient amount: $${amount} < $${config.price}` };
-    }
-    const now = Math.floor(Date.now() / 1e3);
-    if (Number(auth.validBefore) < now) {
-      return { valid: false, error: "Payment authorization expired" };
-    }
-    if (Number(auth.validAfter) > now) {
-      return { valid: false, error: "Payment authorization not yet valid" };
-    }
     return { valid: true };
   }
   /**
-   * Claim payment using transferWithAuthorization
+   * Verify payment with facilitator
    */
-  async claimPayment(payment) {
-    if (!this.wallet || !this.provider) {
-      throw new Error("Wallet not configured for payment claims");
+  async verifyWithFacilitator(payment, config) {
+    try {
+      const chain2 = getChain(this.manifest.provider.chain);
+      const amountInUnits = Math.floor(config.price * 1e6).toString();
+      const requirements = {
+        scheme: "exact",
+        network: `eip155:${chain2.chainId}`,
+        maxAmountRequired: amountInUnits,
+        resource: this.manifest.provider.wallet
+      };
+      const response = await fetch(`${this.facilitatorUrl}/verify`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({
+          paymentPayload: payment,
+          paymentRequirements: requirements
+        })
+      });
+      const result = await response.json();
+      if (!response.ok || !result.isValid) {
+        return { valid: false, error: result.invalidReason || "Verification failed" };
+      }
+      return { valid: true };
+    } catch (err) {
+      return { valid: false, error: `Facilitator error: ${err.message}` };
     }
+  }
+  /**
+   * Settle payment with facilitator (execute on-chain transfer)
+   */
+  async settleWithFacilitator(payment, config) {
     const chain2 = getChain(this.manifest.provider.chain);
-    const auth = payment.payload.authorization;
-    const sig = payment.payload.signature;
-    const { r, s, v } = import_ethers.ethers.Signature.from(sig);
-    const usdcAbi = [
-      "function transferWithAuthorization(address from, address to, uint256 value, uint256 validAfter, uint256 validBefore, bytes32 nonce, uint8 v, bytes32 r, bytes32 s)"
-    ];
-    const usdc = new import_ethers.ethers.Contract(chain2.usdc, usdcAbi, this.wallet);
-    const tx = await usdc.transferWithAuthorization(
-      auth.from,
-      auth.to,
-      auth.value,
-      auth.validAfter,
-      auth.validBefore,
-      auth.nonce,
-      v,
-      r,
-      s
-    );
-    const receipt = await tx.wait();
-    return receipt.hash;
+    const amountInUnits = Math.floor(config.price * 1e6).toString();
+    const requirements = {
+      scheme: "exact",
+      network: `eip155:${chain2.chainId}`,
+      maxAmountRequired: amountInUnits,
+      resource: this.manifest.provider.wallet
+    };
+    const response = await fetch(`${this.facilitatorUrl}/settle`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({
+        paymentPayload: payment,
+        paymentRequirements: requirements
+      })
+    });
+    const result = await response.json();
+    if (!response.ok) {
+      throw new Error(result.error || "Settlement failed");
+    }
+    return {
+      transaction: result.transaction,
+      status: result.status || "settled"
+    };
   }
   async readBody(req) {
     return new Promise((resolve, reject) => {
@@ -30724,8 +30746,12 @@ var MoltsPayServer = class {
       req.on("error", reject);
     });
   }
-  sendJson(res, status, data) {
-    res.writeHead(status, { "Content-Type": "application/json" });
+  sendJson(res, status, data, extraHeaders) {
+    const headers = { "Content-Type": "application/json" };
+    if (extraHeaders) {
+      Object.assign(headers, extraHeaders);
+    }
+    res.writeHead(status, headers);
     res.end(JSON.stringify(data, null, 2));
   }
 };
@@ -30735,7 +30761,7 @@ init_cjs_shims();
 var import_fs2 = require("fs");
 var import_os = require("os");
 var import_path = require("path");
-var import_ethers2 = require("ethers");
+var import_ethers = require("ethers");
 // src/client/types.ts
 init_cjs_shims();
@@ -30763,7 +30789,7 @@ var MoltsPayClient = class {
     this.config = this.loadConfig();
     this.walletData = this.loadWallet();
     if (this.walletData) {
-      this.wallet = new import_ethers2.Wallet(this.walletData.privateKey);
+      this.wallet = new import_ethers.Wallet(this.walletData.privateKey);
     }
   }
   /**
@@ -30884,7 +30910,7 @@ var MoltsPayClient = class {
   async signEIP3009(to, amount, chain2) {
     const validAfter = 0;
     const validBefore = Math.floor(Date.now() / 1e3) + 3600;
-    const nonce = import_ethers2.ethers.hexlify(import_ethers2.ethers.randomBytes(32));
+    const nonce = import_ethers.ethers.hexlify(import_ethers.ethers.randomBytes(32));
     const value = BigInt(Math.floor(amount * 1e6)).toString();
     const authorization = {
       from: this.wallet.address,
@@ -30966,7 +30992,7 @@ var MoltsPayClient = class {
    */
   static init(configDir, options) {
     (0, import_fs2.mkdirSync)(configDir, { recursive: true });
-    const wallet = import_ethers2.Wallet.createRandom();
+    const wallet = import_ethers.Wallet.createRandom();
     const walletData = {
       address: wallet.address,
       privateKey: wallet.privateKey,
@@ -30998,14 +31024,14 @@ var MoltsPayClient = class {
     } catch {
       throw new Error(`Unknown chain: ${this.config.chain}`);
     }
-    const provider = new import_ethers2.ethers.JsonRpcProvider(chain2.rpc);
+    const provider = new import_ethers.ethers.JsonRpcProvider(chain2.rpc);
     const nativeBalance = await provider.getBalance(this.wallet.address);
     const usdcAbi = ["function balanceOf(address) view returns (uint256)"];
-    const usdc = new import_ethers2.ethers.Contract(chain2.usdc, usdcAbi, provider);
+    const usdc = new import_ethers.ethers.Contract(chain2.usdc, usdcAbi, provider);
     const usdcBalance = await usdc.balanceOf(this.wallet.address);
     return {
-      usdc: parseFloat(import_ethers2.ethers.formatUnits(usdcBalance, 6)),
-      native: parseFloat(import_ethers2.ethers.formatEther(nativeBalance))
+      usdc: parseFloat(import_ethers.ethers.formatUnits(usdcBalance, 6)),
+      native: parseFloat(import_ethers.ethers.formatEther(nativeBalance))
     };
   }
 };
@@ -31015,11 +31041,11 @@ init_cjs_shims();
 // src/wallet/Wallet.ts
 init_cjs_shims();
-var import_ethers3 = require("ethers");
+var import_ethers2 = require("ethers");
 // src/wallet/createWallet.ts
 init_cjs_shims();
-var import_ethers4 = require("ethers");
+var import_ethers3 = require("ethers");
 var import_fs3 = require("fs");
 var import_path2 = require("path");
 var import_crypto = require("crypto");
@@ -31064,7 +31090,7 @@ function createWallet(options = {}) {
     }
   }
   try {
-    const wallet = import_ethers4.ethers.Wallet.createRandom();
+    const wallet = import_ethers3.ethers.Wallet.createRandom();
     const walletData = {
       address: wallet.address,
       label: options.label,
@@ -31137,8 +31163,8 @@ function walletExists(storagePath) {
 // src/verify/index.ts
 init_cjs_shims();
-var import_ethers5 = require("ethers");
-var TRANSFER_EVENT_TOPIC = import_ethers5.ethers.id("Transfer(address,address,uint256)");
+var import_ethers4 = require("ethers");
+var TRANSFER_EVENT_TOPIC = import_ethers4.ethers.id("Transfer(address,address,uint256)");
 async function verifyPayment(params) {
   const { txHash, expectedAmount, expectedTo } = params;
   let chain2;
@@ -31155,7 +31181,7 @@ async function verifyPayment(params) {
     return { verified: false, error: `Unsupported chain: ${params.chain}` };
   }
   try {
-    const provider = new import_ethers5.ethers.JsonRpcProvider(chain2.rpc);
+    const provider = new import_ethers4.ethers.JsonRpcProvider(chain2.rpc);
     const receipt = await provider.getTransactionReceipt(txHash);
     if (!receipt) {
       return { verified: false, error: "Transaction not found or not confirmed" };
@@ -31215,7 +31241,7 @@ async function getTransactionStatus(txHash, chain2 = "base") {
     return { status: "not_found" };
   }
   try {
-    const provider = new import_ethers5.ethers.JsonRpcProvider(chainConfig.rpc);
+    const provider = new import_ethers4.ethers.JsonRpcProvider(chainConfig.rpc);
     const receipt = await provider.getTransactionReceipt(txHash);
     if (!receipt) {
       const tx = await provider.getTransaction(txHash);
@@ -31252,7 +31278,7 @@ async function waitForTransaction(txHash, chain2 = "base", confirmations = 1, ti
   } catch (e) {
     return { verified: false, confirmed: false, error: `Unsupported chain: ${chain2}` };
   }
-  const provider = new import_ethers5.ethers.JsonRpcProvider(chainConfig.rpc);
+  const provider = new import_ethers4.ethers.JsonRpcProvider(chainConfig.rpc);
   try {
     const receipt = await provider.waitForTransaction(txHash, confirmations, timeoutMs);
     if (!receipt) {
@@ -31393,9 +31419,9 @@ var CDPWallet = class {
    * Get USDC balance
    */
   async getBalance() {
-    const { ethers: ethers6 } = await import("ethers");
-    const provider = new ethers6.JsonRpcProvider(this.chainConfig.rpc);
-    const usdcContract = new ethers6.Contract(
+    const { ethers: ethers5 } = await import("ethers");
+    const provider = new ethers5.JsonRpcProvider(this.chainConfig.rpc);
+    const usdcContract = new ethers5.Contract(
       this.chainConfig.usdc,
       ["function balanceOf(address) view returns (uint256)"],
       provider
@@ -31406,7 +31432,7 @@ var CDPWallet = class {
     ]);
     return {
       usdc: (Number(usdcBalance) / 1e6).toFixed(2),
-      eth: ethers6.formatEther(ethBalance)
+      eth: ethers5.formatEther(ethBalance)
     };
   }
   /**
@@ -31424,7 +31450,7 @@ var CDPWallet = class {
     }
     try {
       const { CdpClient } = await import("@coinbase/cdp-sdk");
-      const { ethers: ethers6 } = await import("ethers");
+      const { ethers: ethers5 } = await import("ethers");
       const cdp = new CdpClient({
         apiKeyId: creds.apiKeyId,
         apiKeySecret: creds.apiKeySecret,
@@ -31432,7 +31458,7 @@ var CDPWallet = class {
       });
       const account = await cdp.evm.getAccount({ address: this.address });
       const amountWei = BigInt(Math.floor(params.amount * 1e6));
-      const iface = new ethers6.Interface([
+      const iface = new ethers5.Interface([
         "function transfer(address to, uint256 amount) returns (bool)"
       ]);
       const callData = iface.encodeFunctionData("transfer", [params.to, amountWei]);