moltspay 0.8.1 → 0.8.3

package/.env.example

@@ -0,0 +1,10 @@
+# MoltsPay Server Configuration
+# Copy to ~/.moltspay/.env or ./.env and fill in values
+
+# Network: true = Base mainnet, false = Base Sepolia testnet
+USE_MAINNET=true
+
+# CDP API Credentials (required for mainnet)
+# Get from: https://portal.cdp.coinbase.com/
+CDP_API_KEY_ID=
+CDP_API_KEY_SECRET=

package/dist/cli/index.js

@@ -367,28 +367,105 @@ var MoltsPayClient = class {
 // src/server/index.ts
 var import_fs2 = require("fs");
 var import_http = require("http");
+var path = __toESM(require("path"));
 var X402_VERSION2 = 2;
 var PAYMENT_REQUIRED_HEADER2 = "x-payment-required";
 var PAYMENT_HEADER2 = "x-payment";
 var PAYMENT_RESPONSE_HEADER = "x-payment-response";
-var DEFAULT_FACILITATOR_URL = "https://x402.org/facilitator";
+var FACILITATOR_TESTNET = "https://www.x402.org/facilitator";
+var FACILITATOR_MAINNET = "https://api.cdp.coinbase.com/platform/v2/x402";
+var USDC_ADDRESSES = {
+  "eip155:8453": "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913",
+  // Base mainnet
+  "eip155:84532": "0x036CbD53842c5426634e7929541eC2318f3dCF7e"
+  // Base Sepolia
+};
+var USDC_DOMAIN = {
+  name: "USD Coin",
+  version: "2"
+};
+function loadEnvFiles() {
+  try {
+    const dotenv = require("dotenv");
+    const envPaths = [
+      path.join(process.cwd(), ".env"),
+      path.join(process.env.HOME || "", ".moltspay", ".env")
+    ];
+    for (const envPath of envPaths) {
+      if ((0, import_fs2.existsSync)(envPath)) {
+        dotenv.config({ path: envPath });
+        console.log(`[MoltsPay] Loaded config from ${envPath}`);
+        break;
+      }
+    }
+  } catch {
+  }
+}
+function getCDPConfig() {
+  loadEnvFiles();
+  return {
+    useMainnet: process.env.USE_MAINNET?.toLowerCase() === "true",
+    apiKeyId: process.env.CDP_API_KEY_ID,
+    apiKeySecret: process.env.CDP_API_KEY_SECRET
+  };
+}
+async function getCDPAuthHeaders(method, urlPath, body) {
+  const config = getCDPConfig();
+  if (!config.apiKeyId || !config.apiKeySecret) {
+    throw new Error("CDP_API_KEY_ID and CDP_API_KEY_SECRET required for mainnet");
+  }
+  try {
+    const { getAuthHeaders } = await import("@coinbase/cdp-sdk/auth");
+    const headers = await getAuthHeaders({
+      apiKeyId: config.apiKeyId,
+      apiKeySecret: config.apiKeySecret,
+      requestMethod: method,
+      requestHost: "api.cdp.coinbase.com",
+      requestPath: urlPath,
+      requestBody: body
+    });
+    return headers;
+  } catch (err) {
+    console.error("[MoltsPay] Failed to generate CDP auth headers:", err.message);
+    throw err;
+  }
+}
 var MoltsPayServer = class {
   manifest;
   skills = /* @__PURE__ */ new Map();
   options;
+  cdpConfig;
   facilitatorUrl;
+  networkId;
   constructor(servicesPath, options = {}) {
+    this.cdpConfig = getCDPConfig();
     const content = (0, import_fs2.readFileSync)(servicesPath, "utf-8");
     this.manifest = JSON.parse(content);
     this.options = {
       port: options.port || 3e3,
       host: options.host || "0.0.0.0"
     };
-    this.facilitatorUrl = options.facilitatorUrl || DEFAULT_FACILITATOR_URL;
+    if (this.cdpConfig.useMainnet) {
+      if (!this.cdpConfig.apiKeyId || !this.cdpConfig.apiKeySecret) {
+        console.warn("[MoltsPay] WARNING: USE_MAINNET=true but CDP keys not set!");
+        console.warn("[MoltsPay] Set CDP_API_KEY_ID and CDP_API_KEY_SECRET in ~/.moltspay/.env");
+      }
+      this.facilitatorUrl = FACILITATOR_MAINNET;
+      this.networkId = "eip155:8453";
+    } else {
+      this.facilitatorUrl = options.facilitatorUrl || FACILITATOR_TESTNET;
+      this.networkId = "eip155:84532";
+    }
+    const networkName = this.cdpConfig.useMainnet ? "Base mainnet" : "Base Sepolia (testnet)";
+    const facilitatorName = this.cdpConfig.useMainnet ? "CDP" : "x402.org";
     console.log(`[MoltsPay] Loaded ${this.manifest.services.length} services from ${servicesPath}`);
     console.log(`[MoltsPay] Provider: ${this.manifest.provider.name}`);
     console.log(`[MoltsPay] Receive wallet: ${this.manifest.provider.wallet}`);
-    console.log(`[MoltsPay] Facilitator: ${this.facilitatorUrl}`);
+    console.log(`[MoltsPay] Network: ${this.networkId} (${networkName})`);
+    console.log(`[MoltsPay] Facilitator: ${facilitatorName} (${this.facilitatorUrl})`);
+    if (this.cdpConfig.useMainnet && this.cdpConfig.apiKeyId) {
+      console.log(`[MoltsPay] CDP API Key: ${this.cdpConfig.apiKeyId.slice(0, 8)}...`);
+    }
     console.log(`[MoltsPay] Protocol: x402 (gasless for both client AND server)`);
   }
   /**
@@ -449,7 +526,6 @@ var MoltsPayServer = class {
    * GET /services - List available services
    */
   handleGetServices(res) {
-    const chain = getChain(this.manifest.provider.chain);
     const services = this.manifest.services.map((s) => ({
       id: s.id,
       name: s.name,
@@ -465,16 +541,15 @@ var MoltsPayServer = class {
       services,
       x402: {
         version: X402_VERSION2,
-        network: `eip155:${chain.chainId}`,
+        network: this.networkId,
         schemes: ["exact"],
-        facilitator: this.facilitatorUrl
+        facilitator: this.cdpConfig.useMainnet ? "cdp" : "x402.org",
+        mainnet: this.cdpConfig.useMainnet
       }
     });
   }
   /**
    * POST /execute - Execute service with x402 payment
-   * Body: { service: string, params: object }
-   * Header: X-Payment (optional - if missing, returns 402)
    */
   async handleExecute(body, paymentHeader, res) {
     const { service, params } = body;
@@ -549,17 +624,8 @@ var MoltsPayServer = class {
    * Return 402 with x402 payment requirements
    */
   sendPaymentRequired(config, res) {
-    const chain = getChain(this.manifest.provider.chain);
-    const amountInUnits = Math.floor(config.price * 1e6).toString();
-    const requirements = [{
-      scheme: "exact",
-      network: `eip155:${chain.chainId}`,
-      maxAmountRequired: amountInUnits,
-      resource: this.manifest.provider.wallet,
-      description: `${config.name} - $${config.price} ${config.currency}`,
-      // Include facilitator info for client
-      extra: JSON.stringify({ facilitator: this.facilitatorUrl })
-    }];
+    const requirements = [this.buildPaymentRequirements(config)];
+    requirements[0].description = `${config.name} - $${config.price} ${config.currency}`;
     const encoded = Buffer.from(JSON.stringify(requirements)).toString("base64");
     res.writeHead(402, {
       "Content-Type": "application/json",
@@ -572,7 +638,7 @@ var MoltsPayServer = class {
     }, null, 2));
   }
   /**
-   * Basic payment validation (before calling facilitator)
+   * Basic payment validation
    */
   validatePayment(payment, config) {
     if (payment.x402Version !== X402_VERSION2) {
@@ -581,37 +647,57 @@ var MoltsPayServer = class {
     if (payment.scheme !== "exact") {
       return { valid: false, error: `Unsupported scheme: ${payment.scheme}` };
     }
-    const chain = getChain(this.manifest.provider.chain);
-    const expectedNetwork = `eip155:${chain.chainId}`;
-    if (payment.network !== expectedNetwork) {
-      return { valid: false, error: `Network mismatch: expected ${expectedNetwork}` };
+    if (payment.network !== this.networkId) {
+      return { valid: false, error: `Network mismatch: expected ${this.networkId}, got ${payment.network}` };
     }
     return { valid: true };
   }
   /**
-   * Verify payment with facilitator
+   * Build complete payment requirements for facilitator
+   */
+  buildPaymentRequirements(config) {
+    const amountInUnits = Math.floor(config.price * 1e6).toString();
+    const usdcAddress = USDC_ADDRESSES[this.networkId];
+    return {
+      scheme: "exact",
+      network: this.networkId,
+      maxAmountRequired: amountInUnits,
+      amount: amountInUnits,
+      asset: usdcAddress,
+      payTo: this.manifest.provider.wallet,
+      maxTimeoutSeconds: 300,
+      extra: USDC_DOMAIN
+    };
+  }
+  /**
+   * Verify payment with facilitator (testnet or CDP)
    */
   async verifyWithFacilitator(payment, config) {
     try {
-      const chain = getChain(this.manifest.provider.chain);
-      const amountInUnits = Math.floor(config.price * 1e6).toString();
-      const requirements = {
-        scheme: "exact",
-        network: `eip155:${chain.chainId}`,
-        maxAmountRequired: amountInUnits,
-        resource: this.manifest.provider.wallet
+      const requirements = this.buildPaymentRequirements(config);
+      const requestBody = {
+        paymentPayload: payment,
+        paymentRequirements: requirements
       };
+      console.log("[MoltsPay] Verify request:", JSON.stringify(requestBody, null, 2));
+      let headers = { "Content-Type": "application/json" };
+      if (this.cdpConfig.useMainnet) {
+        const authHeaders = await getCDPAuthHeaders(
+          "POST",
+          "/platform/v2/x402/verify",
+          requestBody
+        );
+        headers = { ...headers, ...authHeaders };
+      }
       const response = await fetch(`${this.facilitatorUrl}/verify`, {
         method: "POST",
-        headers: { "Content-Type": "application/json" },
-        body: JSON.stringify({
-          paymentPayload: payment,
-          paymentRequirements: requirements
-        })
+        headers,
+        body: JSON.stringify(requestBody)
       });
       const result = await response.json();
+      console.log("[MoltsPay] Verify response:", JSON.stringify(result, null, 2));
       if (!response.ok || !result.isValid) {
-        return { valid: false, error: result.invalidReason || "Verification failed" };
+        return { valid: false, error: result.invalidReason || result.error || "Verification failed" };
       }
       return { valid: true };
     } catch (err) {
@@ -622,25 +708,28 @@ var MoltsPayServer = class {
    * Settle payment with facilitator (execute on-chain transfer)
    */
   async settleWithFacilitator(payment, config) {
-    const chain = getChain(this.manifest.provider.chain);
-    const amountInUnits = Math.floor(config.price * 1e6).toString();
-    const requirements = {
-      scheme: "exact",
-      network: `eip155:${chain.chainId}`,
-      maxAmountRequired: amountInUnits,
-      resource: this.manifest.provider.wallet
+    const requirements = this.buildPaymentRequirements(config);
+    const requestBody = {
+      paymentPayload: payment,
+      paymentRequirements: requirements
     };
+    let headers = { "Content-Type": "application/json" };
+    if (this.cdpConfig.useMainnet) {
+      const authHeaders = await getCDPAuthHeaders(
+        "POST",
+        "/platform/v2/x402/settle",
+        requestBody
+      );
+      headers = { ...headers, ...authHeaders };
+    }
     const response = await fetch(`${this.facilitatorUrl}/settle`, {
       method: "POST",
-      headers: { "Content-Type": "application/json" },
-      body: JSON.stringify({
-        paymentPayload: payment,
-        paymentRequirements: requirements
-      })
+      headers,
+      body: JSON.stringify(requestBody)
     });
     const result = await response.json();
-    if (!response.ok) {
-      throw new Error(result.error || "Settlement failed");
+    if (!response.ok || !result.success) {
+      throw new Error(result.error || result.errorReason || "Settlement failed");
     }
     return {
       transaction: result.transaction,