npm - moltspay - Versions diffs - 1.3.0 → 1.4.0 - Mend

moltspay 1.3.0 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (57) hide show

package/README.md +221 -38
package/dist/cdp/index.d.mts +4 -4
package/dist/cdp/index.d.ts +4 -4
package/dist/cdp/index.js +57 -0
package/dist/cdp/index.js.map +1 -1
package/dist/cdp/index.mjs +57 -0
package/dist/cdp/index.mjs.map +1 -1
package/dist/chains/index.d.mts +9 -8
package/dist/chains/index.d.ts +9 -8
package/dist/chains/index.js +57 -0
package/dist/chains/index.js.map +1 -1
package/dist/chains/index.mjs +57 -0
package/dist/chains/index.mjs.map +1 -1
package/dist/cli/index.js +1975 -273
package/dist/cli/index.js.map +1 -1
package/dist/cli/index.mjs +1977 -265
package/dist/cli/index.mjs.map +1 -1
package/dist/client/index.d.mts +36 -3
package/dist/client/index.d.ts +36 -3
package/dist/client/index.js +540 -32
package/dist/client/index.js.map +1 -1
package/dist/client/index.mjs +548 -30
package/dist/client/index.mjs.map +1 -1
package/dist/facilitators/index.d.mts +220 -1
package/dist/facilitators/index.d.ts +220 -1
package/dist/facilitators/index.js +664 -1
package/dist/facilitators/index.js.map +1 -1
package/dist/facilitators/index.mjs +670 -1
package/dist/facilitators/index.mjs.map +1 -1
package/dist/{index-On9ZaGDW.d.mts → index-D_2FkLwV.d.mts} +6 -2
package/dist/{index-On9ZaGDW.d.ts → index-D_2FkLwV.d.ts} +6 -2
package/dist/index.d.mts +2 -1
package/dist/index.d.ts +2 -1
package/dist/index.js +1413 -146
package/dist/index.js.map +1 -1
package/dist/index.mjs +1421 -144
package/dist/index.mjs.map +1 -1
package/dist/server/index.d.mts +13 -3
package/dist/server/index.d.ts +13 -3
package/dist/server/index.js +905 -52
package/dist/server/index.js.map +1 -1
package/dist/server/index.mjs +915 -52
package/dist/server/index.mjs.map +1 -1
package/dist/verify/index.d.mts +1 -1
package/dist/verify/index.d.ts +1 -1
package/dist/verify/index.js +57 -0
package/dist/verify/index.js.map +1 -1
package/dist/verify/index.mjs +57 -0
package/dist/verify/index.mjs.map +1 -1
package/dist/wallet/index.d.mts +3 -3
package/dist/wallet/index.d.ts +3 -3
package/dist/wallet/index.js +57 -0
package/dist/wallet/index.js.map +1 -1
package/dist/wallet/index.mjs +57 -0
package/dist/wallet/index.mjs.map +1 -1
package/package.json +4 -1
package/schemas/moltspay.services.schema.json +27 -132

package/dist/server/index.js CHANGED Viewed

@@ -370,6 +370,63 @@ var CHAINS = {
     explorerTx: "https://explore.testnet.tempo.xyz/tx/",
     avgBlockTime: 0.5
     // ~500ms finality
+  },
+  // ============ BNB Chain Testnet ============
+  bnb_testnet: {
+    name: "BNB Testnet",
+    chainId: 97,
+    rpc: "https://data-seed-prebsc-1-s1.binance.org:8545",
+    tokens: {
+      // Note: BNB uses 18 decimals for stablecoins (unlike Base/Polygon which use 6)
+      // Using official Binance-Peg testnet tokens
+      USDC: {
+        address: "0x64544969ed7EBf5f083679233325356EbE738930",
+        // Testnet USDC
+        decimals: 18,
+        symbol: "USDC",
+        eip712Name: "USD Coin"
+      },
+      USDT: {
+        address: "0x337610d27c682E347C9cD60BD4b3b107C9d34dDd",
+        // Testnet USDT
+        decimals: 18,
+        symbol: "USDT",
+        eip712Name: "Tether USD"
+      }
+    },
+    usdc: "0x64544969ed7EBf5f083679233325356EbE738930",
+    explorer: "https://testnet.bscscan.com/address/",
+    explorerTx: "https://testnet.bscscan.com/tx/",
+    avgBlockTime: 3,
+    // BNB-specific: requires approval for pay-for-success flow
+    requiresApproval: true
+  },
+  // ============ BNB Chain Mainnet ============
+  bnb: {
+    name: "BNB Smart Chain",
+    chainId: 56,
+    rpc: "https://bsc-dataseed.binance.org",
+    tokens: {
+      // Note: BNB uses 18 decimals for stablecoins
+      USDC: {
+        address: "0x8AC76a51cc950d9822D68b83fE1Ad97B32Cd580d",
+        decimals: 18,
+        symbol: "USDC",
+        eip712Name: "USD Coin"
+      },
+      USDT: {
+        address: "0x55d398326f99059fF775485246999027B3197955",
+        decimals: 18,
+        symbol: "USDT",
+        eip712Name: "Tether USD"
+      }
+    },
+    usdc: "0x8AC76a51cc950d9822D68b83fE1Ad97B32Cd580d",
+    explorer: "https://bscscan.com/address/",
+    explorerTx: "https://bscscan.com/tx/",
+    avgBlockTime: 3,
+    // BNB-specific: requires approval for pay-for-success flow
+    requiresApproval: true
   }
 };
@@ -493,7 +550,528 @@ var TempoFacilitator = class extends BaseFacilitator {
   }
 };
+// src/facilitators/bnb.ts
+var import_accounts = require("viem/accounts");
+var TRANSFER_EVENT_TOPIC2 = "0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef";
+var EIP712_DOMAIN = {
+  name: "MoltsPay",
+  version: "1"
+};
+var INTENT_TYPES = {
+  PaymentIntent: [
+    { name: "from", type: "address" },
+    { name: "to", type: "address" },
+    { name: "amount", type: "uint256" },
+    { name: "token", type: "address" },
+    { name: "service", type: "string" },
+    { name: "nonce", type: "uint256" },
+    { name: "deadline", type: "uint256" }
+  ]
+};
+var BNBFacilitator = class extends BaseFacilitator {
+  name = "bnb";
+  displayName = "BNB Smart Chain";
+  supportedNetworks = ["eip155:56", "eip155:97"];
+  // Mainnet + Testnet
+  serverPrivateKey;
+  spenderAddress = null;
+  chainConfigs;
+  constructor(serverPrivateKey) {
+    super();
+    this.serverPrivateKey = serverPrivateKey || process.env.BNB_SERVER_PRIVATE_KEY || "";
+    if (this.serverPrivateKey) {
+      const key = this.serverPrivateKey.startsWith("0x") ? this.serverPrivateKey : `0x${this.serverPrivateKey}`;
+      const account = (0, import_accounts.privateKeyToAccount)(key);
+      this.spenderAddress = account.address;
+    }
+    this.chainConfigs = {
+      56: { rpc: CHAINS.bnb.rpc, chain: CHAINS.bnb },
+      97: { rpc: CHAINS.bnb_testnet.rpc, chain: CHAINS.bnb_testnet }
+    };
+  }
+  async healthCheck() {
+    const start = Date.now();
+    try {
+      const response = await fetch(this.chainConfigs[56].rpc, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({
+          jsonrpc: "2.0",
+          method: "eth_chainId",
+          params: [],
+          id: 1
+        })
+      });
+      const data = await response.json();
+      const chainId = parseInt(data.result, 16);
+      if (chainId !== 56) {
+        return { healthy: false, error: `Wrong chainId: ${chainId}` };
+      }
+      return { healthy: true, latencyMs: Date.now() - start };
+    } catch (error) {
+      return { healthy: false, error: String(error) };
+    }
+  }
+  /**
+   * Verify a payment intent signature (before service execution)
+   *
+   * This verifies:
+   * 1. Signature is valid for the intent
+   * 2. Client has approved server wallet
+   * 3. Client has sufficient balance
+   * 4. Intent hasn't expired
+   */
+  async verify(paymentPayload, requirements) {
+    try {
+      const bnbPayload = paymentPayload.payload;
+      if (!bnbPayload?.intent) {
+        return { valid: false, error: "Missing intent in payment payload" };
+      }
+      const { intent, chainId } = bnbPayload;
+      const config = this.chainConfigs[chainId];
+      if (!config) {
+        return { valid: false, error: `Unsupported chainId: ${chainId}` };
+      }
+      if (intent.deadline < Date.now()) {
+        return { valid: false, error: "Intent expired" };
+      }
+      const recoveredAddress = await this.recoverIntentSigner(intent, chainId);
+      if (recoveredAddress.toLowerCase() !== intent.from.toLowerCase()) {
+        return { valid: false, error: "Invalid signature" };
+      }
+      if (intent.to.toLowerCase() !== requirements.payTo.toLowerCase()) {
+        return { valid: false, error: `Wrong recipient: ${intent.to}` };
+      }
+      if (BigInt(intent.amount) < BigInt(requirements.amount)) {
+        return { valid: false, error: `Insufficient amount: ${intent.amount}` };
+      }
+      if (intent.token.toLowerCase() !== requirements.asset.toLowerCase()) {
+        return { valid: false, error: `Wrong token: ${intent.token}` };
+      }
+      const serverAddress = await this.getServerAddress();
+      const allowance = await this.getAllowance(intent.from, serverAddress, intent.token, config.rpc);
+      if (BigInt(allowance) < BigInt(intent.amount)) {
+        return { valid: false, error: "Insufficient allowance. Run: npx moltspay init --chain bnb" };
+      }
+      const balance = await this.getBalance(intent.from, intent.token, config.rpc);
+      if (BigInt(balance) < BigInt(intent.amount)) {
+        return { valid: false, error: "Insufficient balance" };
+      }
+      return {
+        valid: true,
+        details: {
+          from: intent.from,
+          to: intent.to,
+          amount: intent.amount,
+          token: intent.token,
+          service: intent.service,
+          nonce: intent.nonce,
+          deadline: intent.deadline
+        }
+      };
+    } catch (error) {
+      return { valid: false, error: `Verification failed: ${error}` };
+    }
+  }
+  /**
+   * Settle a payment by executing transferFrom
+   *
+   * This is called AFTER the service has been successfully delivered.
+   * Server pays gas, transfers tokens from client to provider.
+   */
+  async settle(paymentPayload, requirements) {
+    if (!this.serverPrivateKey) {
+      return { success: false, error: "Server wallet not configured (BNB_SERVER_PRIVATE_KEY)" };
+    }
+    try {
+      const verifyResult = await this.verify(paymentPayload, requirements);
+      if (!verifyResult.valid) {
+        return { success: false, error: verifyResult.error };
+      }
+      const bnbPayload = paymentPayload.payload;
+      const { intent, chainId } = bnbPayload;
+      const config = this.chainConfigs[chainId];
+      const txHash = await this.executeTransferFrom(
+        intent.from,
+        intent.to,
+        intent.amount,
+        intent.token,
+        config.rpc
+      );
+      return {
+        success: true,
+        transaction: txHash,
+        status: "settled"
+      };
+    } catch (error) {
+      return { success: false, error: `Settlement failed: ${error}` };
+    }
+  }
+  /**
+   * Check if client has approved the server wallet
+   */
+  async checkApproval(clientAddress, token, chainId) {
+    const config = this.chainConfigs[chainId];
+    if (!config) {
+      throw new Error(`Unsupported chainId: ${chainId}`);
+    }
+    const serverAddress = await this.getServerAddress();
+    const allowance = await this.getAllowance(clientAddress, serverAddress, token, config.rpc);
+    const minAllowance = BigInt("1000000000000000000000");
+    return {
+      approved: BigInt(allowance) >= minAllowance,
+      allowance
+    };
+  }
+  /**
+   * Verify a completed transaction (for checking past payments)
+   */
+  async verifyTransaction(txHash, expected, chainId) {
+    const config = this.chainConfigs[chainId];
+    if (!config) {
+      return { valid: false, error: `Unsupported chainId: ${chainId}` };
+    }
+    try {
+      const receipt = await this.getTransactionReceipt(txHash, config.rpc);
+      if (!receipt) {
+        return { valid: false, error: "Transaction not found" };
+      }
+      if (receipt.status !== "0x1") {
+        return { valid: false, error: "Transaction failed" };
+      }
+      const transferLog = receipt.logs.find(
+        (log) => log.topics[0] === TRANSFER_EVENT_TOPIC2 && log.address.toLowerCase() === expected.token.toLowerCase()
+      );
+      if (!transferLog) {
+        return { valid: false, error: "No Transfer event found" };
+      }
+      const toAddress = "0x" + transferLog.topics[2].slice(26).toLowerCase();
+      if (toAddress !== expected.to.toLowerCase()) {
+        return { valid: false, error: `Wrong recipient: ${toAddress}` };
+      }
+      const amount = BigInt(transferLog.data);
+      if (amount < BigInt(expected.amount)) {
+        return { valid: false, error: `Insufficient amount: ${amount}` };
+      }
+      return {
+        valid: true,
+        details: {
+          txHash,
+          from: "0x" + transferLog.topics[1].slice(26),
+          to: toAddress,
+          amount: amount.toString(),
+          token: transferLog.address
+        }
+      };
+    } catch (error) {
+      return { valid: false, error: `Verification failed: ${error}` };
+    }
+  }
+  // ==================== Private Methods ====================
+  /**
+   * Get the server's spender address (public, for 402 responses)
+   * Returns cached value computed at construction time.
+   */
+  getSpenderAddress() {
+    return this.spenderAddress;
+  }
+  async getServerAddress() {
+    const { ethers } = await import("ethers");
+    const wallet = new ethers.Wallet(this.serverPrivateKey);
+    return wallet.address;
+  }
+  async recoverIntentSigner(intent, chainId) {
+    const { ethers } = await import("ethers");
+    const domain = {
+      ...EIP712_DOMAIN,
+      chainId
+    };
+    const message = {
+      from: intent.from,
+      to: intent.to,
+      amount: intent.amount,
+      token: intent.token,
+      service: intent.service,
+      nonce: intent.nonce,
+      deadline: intent.deadline
+    };
+    const recoveredAddress = ethers.verifyTypedData(
+      domain,
+      INTENT_TYPES,
+      message,
+      intent.signature
+    );
+    return recoveredAddress;
+  }
+  async getAllowance(owner, spender, token, rpcUrl) {
+    const selector = "0xdd62ed3e";
+    const ownerPadded = owner.toLowerCase().replace("0x", "").padStart(64, "0");
+    const spenderPadded = spender.toLowerCase().replace("0x", "").padStart(64, "0");
+    const data = selector + ownerPadded + spenderPadded;
+    const response = await fetch(rpcUrl, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({
+        jsonrpc: "2.0",
+        method: "eth_call",
+        params: [{ to: token, data }, "latest"],
+        id: 1
+      })
+    });
+    const result = await response.json();
+    return result.result || "0x0";
+  }
+  async getBalance(account, token, rpcUrl) {
+    const selector = "0x70a08231";
+    const accountPadded = account.toLowerCase().replace("0x", "").padStart(64, "0");
+    const data = selector + accountPadded;
+    const response = await fetch(rpcUrl, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({
+        jsonrpc: "2.0",
+        method: "eth_call",
+        params: [{ to: token, data }, "latest"],
+        id: 1
+      })
+    });
+    const result = await response.json();
+    return result.result || "0x0";
+  }
+  async executeTransferFrom(from, to, amount, token, rpcUrl) {
+    const { ethers } = await import("ethers");
+    const provider = new ethers.JsonRpcProvider(rpcUrl);
+    const wallet = new ethers.Wallet(this.serverPrivateKey, provider);
+    const tokenContract = new ethers.Contract(token, [
+      "function transferFrom(address from, address to, uint256 amount) returns (bool)"
+    ], wallet);
+    const tx = await tokenContract.transferFrom(from, to, amount);
+    const receipt = await tx.wait();
+    return receipt.hash;
+  }
+  async getTransactionReceipt(txHash, rpcUrl) {
+    const response = await fetch(rpcUrl, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({
+        jsonrpc: "2.0",
+        method: "eth_getTransactionReceipt",
+        params: [txHash],
+        id: 1
+      })
+    });
+    const data = await response.json();
+    return data.result;
+  }
+};
+// src/facilitators/solana.ts
+var import_web32 = require("@solana/web3.js");
+var import_spl_token = require("@solana/spl-token");
+// src/chains/solana.ts
+var import_web3 = require("@solana/web3.js");
+var SOLANA_CHAINS = {
+  solana: {
+    name: "Solana Mainnet",
+    cluster: "mainnet-beta",
+    rpc: "https://api.mainnet-beta.solana.com",
+    explorer: "https://solscan.io/account/",
+    explorerTx: "https://solscan.io/tx/",
+    tokens: {
+      USDC: {
+        mint: "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
+        // Circle official USDC
+        decimals: 6
+      }
+    }
+  },
+  solana_devnet: {
+    name: "Solana Devnet",
+    cluster: "devnet",
+    rpc: "https://api.devnet.solana.com",
+    explorer: "https://solscan.io/account/",
+    explorerTx: "https://solscan.io/tx/",
+    tokens: {
+      USDC: {
+        // Circle's devnet USDC (if not available, we'll deploy our own test token)
+        mint: "4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU",
+        decimals: 6
+      }
+    }
+  }
+};
+// src/facilitators/solana.ts
+var SolanaFacilitator = class extends BaseFacilitator {
+  name = "solana";
+  displayName = "Solana Direct";
+  supportedNetworks = ["solana:mainnet", "solana:devnet"];
+  connections = /* @__PURE__ */ new Map();
+  feePayerKeypair;
+  constructor(config) {
+    super();
+    this.feePayerKeypair = config?.feePayerKeypair;
+    for (const [chain, config2] of Object.entries(SOLANA_CHAINS)) {
+      this.connections.set(
+        chain,
+        new import_web32.Connection(config2.rpc, "confirmed")
+      );
+    }
+    if (this.feePayerKeypair) {
+      console.log(`[SolanaFacilitator] Gasless mode enabled. Fee payer: ${this.feePayerKeypair.publicKey.toBase58()}`);
+    }
+  }
+  /**
+   * Get fee payer public key (for gasless transactions)
+   */
+  getFeePayerPubkey() {
+    return this.feePayerKeypair?.publicKey.toBase58() || null;
+  }
+  getConnection(chain) {
+    const conn = this.connections.get(chain);
+    if (!conn) {
+      throw new Error(`No connection for chain: ${chain}`);
+    }
+    return conn;
+  }
+  /**
+   * Convert our chain name to network identifier
+   */
+  static chainToNetwork(chain) {
+    return chain === "solana" ? "solana:mainnet" : "solana:devnet";
+  }
+  /**
+   * Convert network identifier to chain name
+   */
+  static networkToChain(network) {
+    if (network === "solana:mainnet") return "solana";
+    if (network === "solana:devnet") return "solana_devnet";
+    return null;
+  }
+  async healthCheck() {
+    const start = Date.now();
+    try {
+      const conn = this.getConnection("solana_devnet");
+      await conn.getSlot();
+      return {
+        healthy: true,
+        latencyMs: Date.now() - start
+      };
+    } catch (error) {
+      return {
+        healthy: false,
+        error: error.message
+      };
+    }
+  }
+  /**
+   * Verify a Solana payment
+   *
+   * Checks:
+   * 1. Transaction is valid and properly signed
+   * 2. Transfer instruction matches expected amount and recipient
+   */
+  async verify(paymentPayload, requirements) {
+    try {
+      const solanaPayload = paymentPayload.payload;
+      if (!solanaPayload || !solanaPayload.signedTransaction) {
+        return { valid: false, error: "Missing signed transaction" };
+      }
+      const chain = solanaPayload.chain || "solana_devnet";
+      const chainConfig = SOLANA_CHAINS[chain];
+      if (!chainConfig) {
+        return { valid: false, error: `Invalid chain: ${chain}` };
+      }
+      const txBuffer = Buffer.from(solanaPayload.signedTransaction, "base64");
+      let tx;
+      try {
+        tx = import_web32.Transaction.from(txBuffer);
+      } catch {
+        tx = import_web32.VersionedTransaction.deserialize(txBuffer);
+      }
+      if (tx instanceof import_web32.Transaction) {
+        const hasAnySignature = tx.signatures.some(
+          (sig) => sig.signature && !sig.signature.every((b) => b === 0)
+        );
+        if (!hasAnySignature) {
+          return { valid: false, error: "Transaction not signed" };
+        }
+      }
+      const expectedAmount = BigInt(requirements.amount);
+      const expectedRecipient = new import_web32.PublicKey(requirements.payTo);
+      return {
+        valid: true,
+        details: {
+          chain,
+          sender: solanaPayload.sender,
+          recipient: requirements.payTo,
+          amount: requirements.amount
+        }
+      };
+    } catch (error) {
+      return { valid: false, error: error.message };
+    }
+  }
+  /**
+   * Settle a Solana payment
+   *
+   * Submits the signed transaction to the network.
+   * In gasless mode, adds fee payer signature before submitting.
+   */
+  async settle(paymentPayload, requirements) {
+    try {
+      const solanaPayload = paymentPayload.payload;
+      if (!solanaPayload || !solanaPayload.signedTransaction) {
+        return { success: false, error: "Missing signed transaction" };
+      }
+      const chain = solanaPayload.chain || "solana_devnet";
+      const connection = this.getConnection(chain);
+      const txBuffer = Buffer.from(solanaPayload.signedTransaction, "base64");
+      let txToSend;
+      try {
+        const tx = import_web32.Transaction.from(txBuffer);
+        if (this.feePayerKeypair && tx.feePayer) {
+          const feePayerPubkey = this.feePayerKeypair.publicKey.toBase58();
+          const txFeePayer = tx.feePayer.toBase58();
+          if (txFeePayer === feePayerPubkey) {
+            console.log(`[SolanaFacilitator] Gasless mode: adding fee payer signature`);
+            tx.partialSign(this.feePayerKeypair);
+          }
+        }
+        txToSend = tx.serialize();
+      } catch (e) {
+        txToSend = txBuffer;
+      }
+      const signature = await connection.sendRawTransaction(txToSend, {
+        skipPreflight: false,
+        preflightCommitment: "confirmed"
+      });
+      const confirmation = await connection.confirmTransaction(signature, "confirmed");
+      if (confirmation.value.err) {
+        return {
+          success: false,
+          error: `Transaction failed: ${JSON.stringify(confirmation.value.err)}`,
+          transaction: signature
+        };
+      }
+      return {
+        success: true,
+        transaction: signature,
+        status: "confirmed"
+      };
+    } catch (error) {
+      return { success: false, error: error.message };
+    }
+  }
+  supportsNetwork(network) {
+    return this.supportedNetworks.includes(network);
+  }
+};
 // src/facilitators/registry.ts
+var import_web33 = require("@solana/web3.js");
+var import_bs58 = __toESM(require("bs58"));
 var FacilitatorRegistry = class {
   factories = /* @__PURE__ */ new Map();
   instances = /* @__PURE__ */ new Map();
@@ -502,7 +1080,20 @@ var FacilitatorRegistry = class {
   constructor(selection) {
     this.registerFactory("cdp", (config) => new CDPFacilitator(config));
     this.registerFactory("tempo", () => new TempoFacilitator());
-    this.selection = selection || { primary: "cdp", fallback: ["tempo"], strategy: "failover" };
+    this.registerFactory("bnb", (config) => new BNBFacilitator(config?.serverPrivateKey));
+    this.registerFactory("solana", (config) => {
+      let feePayerKeypair;
+      const feePayerKey = config?.feePayerPrivateKey || process.env.SOLANA_FEE_PAYER_KEY;
+      if (feePayerKey) {
+        try {
+          feePayerKeypair = import_web33.Keypair.fromSecretKey(import_bs58.default.decode(feePayerKey));
+        } catch (e) {
+          console.warn(`[SolanaFacilitator] Invalid fee payer key: ${e.message}`);
+        }
+      }
+      return new SolanaFacilitator({ feePayerKeypair });
+    });
+    this.selection = selection || { primary: "cdp", fallback: ["tempo", "bnb", "solana"], strategy: "failover" };
   }
   /**
    * Register a new facilitator factory
@@ -746,14 +1337,40 @@ var TOKEN_ADDRESSES = {
     // pathUSD
     USDT: "0x20c0000000000000000000000000000000000001"
     // alphaUSD
+  },
+  // BNB Smart Chain mainnet
+  "eip155:56": {
+    USDC: "0x8AC76a51cc950d9822D68b83fE1Ad97B32Cd580d",
+    USDT: "0x55d398326f99059fF775485246999027B3197955"
+  },
+  // BNB Smart Chain testnet
+  "eip155:97": {
+    USDC: "0x64544969ed7EBf5f083679233325356EbE738930",
+    USDT: "0x337610d27c682E347C9cD60BD4b3b107C9d34dDd"
+  },
+  // Solana networks use mint addresses (SPL tokens)
+  "solana:mainnet": {
+    USDC: "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v"
+    // Circle USDC
+  },
+  "solana:devnet": {
+    USDC: "4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU"
+    // Devnet USDC
   }
 };
 var CHAIN_TO_NETWORK = {
   "base": "eip155:8453",
   "base_sepolia": "eip155:84532",
   "polygon": "eip155:137",
-  "tempo_moderato": "eip155:42431"
+  "tempo_moderato": "eip155:42431",
+  "bnb": "eip155:56",
+  "bnb_testnet": "eip155:97",
+  "solana": "solana:mainnet",
+  "solana_devnet": "solana:devnet"
 };
+function isSolanaNetwork(network) {
+  return network.startsWith("solana:");
+}
 var TOKEN_DOMAINS = {
   // Base mainnet
   "eip155:8453": {
@@ -775,6 +1392,16 @@ var TOKEN_DOMAINS = {
   "eip155:42431": {
     USDC: { name: "pathUSD", version: "1" },
     USDT: { name: "alphaUSD", version: "1" }
+  },
+  // BNB Smart Chain mainnet
+  "eip155:56": {
+    USDC: { name: "USD Coin", version: "1" },
+    USDT: { name: "Tether USD", version: "1" }
+  },
+  // BNB Smart Chain testnet
+  "eip155:97": {
+    USDC: { name: "USD Coin", version: "1" },
+    USDT: { name: "Tether USD", version: "1" }
   }
 };
 function getTokenDomain(network, token) {
@@ -832,7 +1459,7 @@ var MoltsPayServer = class {
     };
     this.useMainnet = process.env.USE_MAINNET?.toLowerCase() === "true";
     this.networkId = this.useMainnet ? "eip155:8453" : "eip155:84532";
-    const defaultFallback = ["tempo"];
+    const defaultFallback = ["tempo", "bnb", "solana"];
     const envFallback = process.env.FACILITATOR_FALLBACK?.split(",").filter(Boolean);
     const facilitatorConfig = options.facilitators || {
       primary: process.env.FACILITATOR_PRIMARY || "cdp",
@@ -875,12 +1502,20 @@ var MoltsPayServer = class {
    */
   getProviderChains() {
     const provider = this.manifest.provider;
+    const getWalletForChain = (chainName, explicitWallet) => {
+      if (explicitWallet) return explicitWallet;
+      if ((chainName === "solana" || chainName === "solana_devnet") && provider.solana_wallet) {
+        return provider.solana_wallet;
+      }
+      return provider.wallet;
+    };
     if (provider.chains && provider.chains.length > 0) {
       return provider.chains.map((c) => {
         const chainName = typeof c === "string" ? c : c.chain;
+        const explicitWallet = typeof c === "object" ? c.wallet : null;
         return {
           network: CHAIN_TO_NETWORK[chainName] || "eip155:8453",
-          wallet: (typeof c === "object" ? c.wallet : null) || provider.wallet,
+          wallet: getWalletForChain(chainName, explicitWallet || void 0),
           tokens: (typeof c === "object" ? c.tokens : null) || ["USDC"]
         };
       });
@@ -889,7 +1524,7 @@ var MoltsPayServer = class {
     const network = CHAIN_TO_NETWORK[chain] || this.networkId;
     return [{
       network,
-      wallet: provider.wallet,
+      wallet: getWalletForChain(chain),
       tokens: ["USDC"]
     }];
   }
@@ -960,7 +1595,8 @@ var MoltsPayServer = class {
         }
         const body = await this.readBody(req);
         const paymentHeader = req.headers[PAYMENT_HEADER];
-        return await this.handleProxy(body, paymentHeader, res);
+        const authHeader = req.headers[MPP_AUTH_HEADER];
+        return await this.handleProxy(body, paymentHeader, authHeader, res);
       }
       const servicePath = url.pathname.replace(/^\//, "");
       const skill = this.skills.get(servicePath);
@@ -997,7 +1633,9 @@ var MoltsPayServer = class {
         name: this.manifest.provider.name,
         description: this.manifest.provider.description,
         wallet: this.manifest.provider.wallet,
-        chain: this.manifest.provider.chain || "base"
+        chain: this.manifest.provider.chain || "base",
+        solana_wallet: this.manifest.provider.solana_wallet,
+        chains: this.manifest.provider.chains
       },
       services,
       endpoints: {
@@ -1110,6 +1748,21 @@ var MoltsPayServer = class {
       });
     }
     console.log(`[MoltsPay] Verified by ${verifyResult.facilitator}`);
+    const isSolana = isSolanaNetwork(paymentNetwork);
+    let settlement = null;
+    if (isSolana) {
+      console.log(`[MoltsPay] Solana detected - settling payment FIRST (blockhash expiry protection)`);
+      try {
+        settlement = await this.registry.settle(payment, requirements);
+        console.log(`[MoltsPay] Payment settled by ${settlement.facilitator}: ${settlement.transaction || "pending"}`);
+      } catch (err) {
+        console.error("[MoltsPay] Solana settlement failed:", err.message);
+        return this.sendJson(res, 402, {
+          error: "Payment settlement failed",
+          message: err.message
+        });
+      }
+    }
     const timeoutSeconds = parseInt(process.env.SKILL_TIMEOUT_SECONDS || "1200");
     console.log(`[MoltsPay] Executing skill: ${service} (timeout: ${timeoutSeconds}s)`);
     let result;
@@ -1124,16 +1777,19 @@ var MoltsPayServer = class {
       console.error("[MoltsPay] Skill execution failed:", err.message);
       return this.sendJson(res, 500, {
         error: "Service execution failed",
-        message: err.message
+        message: err.message,
+        paymentSettled: isSolana ? true : false,
+        note: isSolana ? "Payment was settled before execution. Contact support for refund." : void 0
       });
     }
-    console.log(`[MoltsPay] Skill succeeded, settling payment...`);
-    let settlement = null;
-    try {
-      settlement = await this.registry.settle(payment, requirements);
-      console.log(`[MoltsPay] Payment settled by ${settlement.facilitator}: ${settlement.transaction || "pending"}`);
-    } catch (err) {
-      console.error("[MoltsPay] Settlement failed:", err.message);
+    if (!isSolana) {
+      console.log(`[MoltsPay] Skill succeeded, settling payment...`);
+      try {
+        settlement = await this.registry.settle(payment, requirements);
+        console.log(`[MoltsPay] Payment settled by ${settlement.facilitator}: ${settlement.transaction || "pending"}`);
+      } catch (err) {
+        console.error("[MoltsPay] Settlement failed:", err.message);
+      }
     }
     const responseHeaders = {};
     if (settlement?.success) {
@@ -1409,7 +2065,7 @@ var MoltsPayServer = class {
     const tokenAddresses = TOKEN_ADDRESSES[selectedNetwork] || {};
     const tokenAddress = tokenAddresses[selectedToken];
     const tokenDomain = getTokenDomain(selectedNetwork, selectedToken);
-    return {
+    const requirements = {
       scheme: "exact",
       network: selectedNetwork,
       asset: tokenAddress,
@@ -1418,6 +2074,27 @@ var MoltsPayServer = class {
       maxTimeoutSeconds: 300,
       extra: tokenDomain
     };
+    if (selectedNetwork === "solana:mainnet" || selectedNetwork === "solana:devnet") {
+      const solanaFacilitator = this.registry.get("solana");
+      const feePayerPubkey = solanaFacilitator?.getFeePayerPubkey?.();
+      if (feePayerPubkey) {
+        requirements.extra = {
+          ...requirements.extra || {},
+          solanaFeePayer: feePayerPubkey
+        };
+      }
+    }
+    if (selectedNetwork === "eip155:56" || selectedNetwork === "eip155:97") {
+      const bnbFacilitator = this.registry.get("bnb");
+      const spenderAddress = bnbFacilitator?.getSpenderAddress?.();
+      if (spenderAddress) {
+        requirements.extra = {
+          ...requirements.extra || {},
+          bnbSpender: spenderAddress
+        };
+      }
+    }
+    return requirements;
   }
   /**
    * Detect which token is being used in the payment
@@ -1483,31 +2160,42 @@ var MoltsPayServer = class {
   /**
    * POST /proxy - Handle payment for external services (moltspay-creators)
    *
-   * This endpoint allows other services to delegate x402 payment handling.
+   * This endpoint allows other services to delegate x402/MPP payment handling.
    * It does NOT execute any skill - just handles payment verification/settlement.
    *
    * Request body:
    *   { wallet, amount, currency, chain, memo, serviceId, description }
    *
-   * Without X-Payment header: returns 402 with payment requirements
-   * With X-Payment header: verifies payment and returns result
+   * For x402 (base, polygon, base_sepolia):
+   *   Without X-Payment header: returns 402 with X-Payment-Required
+   *   With X-Payment header: verifies payment via CDP
+   *
+   * For MPP (tempo_moderato):
+   *   Without Authorization header: returns 402 with WWW-Authenticate
+   *   With Authorization: Payment header: verifies tx on Tempo chain
    */
-  async handleProxy(body, paymentHeader, res) {
+  async handleProxy(body, paymentHeader, authHeader, res) {
     const { wallet, amount, currency, chain, memo, serviceId, description } = body;
     if (!wallet || !amount) {
       return this.sendJson(res, 400, { error: "Missing required fields: wallet, amount" });
     }
-    if (!/^0x[a-fA-F0-9]{40}$/.test(wallet)) {
-      return this.sendJson(res, 400, { error: "Invalid wallet address format" });
+    const supportedChains = ["base", "polygon", "base_sepolia", "tempo_moderato", "bnb", "bnb_testnet", "solana", "solana_devnet"];
+    if (chain && !supportedChains.includes(chain)) {
+      return this.sendJson(res, 400, { error: `Unsupported chain: ${chain}. Supported: ${supportedChains.join(", ")}` });
+    }
+    const isSolanaChain = chain === "solana" || chain === "solana_devnet";
+    const isValidEvmAddress = /^0x[a-fA-F0-9]{40}$/.test(wallet);
+    const isValidSolanaAddress = /^[1-9A-HJ-NP-Za-km-z]{32,44}$/.test(wallet);
+    if (isSolanaChain && !isValidSolanaAddress) {
+      return this.sendJson(res, 400, { error: "Invalid Solana wallet address format" });
+    }
+    if (!isSolanaChain && !isValidEvmAddress) {
+      return this.sendJson(res, 400, { error: "Invalid EVM wallet address format" });
     }
     const amountNum = parseFloat(amount);
     if (isNaN(amountNum) || amountNum <= 0) {
       return this.sendJson(res, 400, { error: "Invalid amount" });
     }
-    const supportedChains = ["base", "polygon", "base_sepolia"];
-    if (chain && !supportedChains.includes(chain)) {
-      return this.sendJson(res, 400, { error: `Unsupported chain: ${chain}. Supported: ${supportedChains.join(", ")}` });
-    }
     const proxyConfig = {
       id: serviceId || "proxy",
       name: description || "Proxy Payment",
@@ -1519,6 +2207,9 @@ var MoltsPayServer = class {
       input: {},
       output: {}
     };
+    if (chain === "tempo_moderato") {
+      return await this.handleProxyMPP(body, proxyConfig, authHeader, res);
+    }
     const requirements = this.buildProxyPaymentRequirements(proxyConfig, wallet, currency, chain);
     if (!paymentHeader) {
       return this.sendProxyPaymentRequired(proxyConfig, wallet, memo, chain, res);
@@ -1554,7 +2245,6 @@ var MoltsPayServer = class {
     console.log(`[MoltsPay] /proxy: Verified by ${verifyResult.facilitator}`);
     const { execute, service, params } = body;
     if (execute && service) {
-      console.log(`[MoltsPay] /proxy: Executing skill first (pay on success): ${service}`);
       const skill = this.skills.get(service);
       if (!skill) {
         console.log(`[MoltsPay] /proxy: Service not found: ${service} - NOT settling`);
@@ -1564,6 +2254,32 @@ var MoltsPayServer = class {
           error: `Service not found: ${service}`
         });
       }
+      const isSolana = isSolanaNetwork(network);
+      let settlement2 = null;
+      if (isSolana) {
+        console.log(`[MoltsPay] /proxy: Solana detected - settling payment FIRST`);
+        try {
+          settlement2 = await this.registry.settle(payment, requirements);
+          console.log(`[MoltsPay] /proxy: Payment settled by ${settlement2.facilitator}: ${settlement2.transaction || "pending"}`);
+          if (!settlement2.success) {
+            console.error(`[MoltsPay] /proxy: Solana settlement failed: ${settlement2.error}`);
+            return this.sendJson(res, 402, {
+              success: false,
+              paymentSettled: false,
+              error: `Payment settlement failed: ${settlement2.error || "Unknown error"}`
+            });
+          }
+        } catch (err) {
+          console.error("[MoltsPay] /proxy: Solana settlement failed:", err.message);
+          return this.sendJson(res, 402, {
+            success: false,
+            paymentSettled: false,
+            error: `Payment settlement failed: ${err.message}`
+          });
+        }
+      } else {
+        console.log(`[MoltsPay] /proxy: Executing skill first (pay on success): ${service}`);
+      }
       const timeoutSeconds = parseInt(process.env.SKILL_TIMEOUT_SECONDS || "1200");
       let result;
       try {
@@ -1573,34 +2289,36 @@ var MoltsPayServer = class {
             (_, reject) => setTimeout(() => reject(new Error(`Skill timeout after ${timeoutSeconds}s`)), timeoutSeconds * 1e3)
           )
         ]);
-        console.log(`[MoltsPay] /proxy: Skill succeeded, now settling payment...`);
+        console.log(`[MoltsPay] /proxy: Skill succeeded`);
       } catch (err) {
-        console.error(`[MoltsPay] /proxy: Skill failed: ${err.message} - NOT settling`);
+        console.error(`[MoltsPay] /proxy: Skill failed: ${err.message}`);
         return this.sendJson(res, 500, {
           success: false,
-          paymentSettled: false,
-          error: `Service execution failed: ${err.message}`
+          paymentSettled: isSolana ? true : false,
+          error: `Service execution failed: ${err.message}`,
+          note: isSolana ? "Payment was settled before execution. Contact support for refund." : void 0
         });
       }
-      let settlement2 = null;
-      try {
-        settlement2 = await this.registry.settle(payment, requirements);
-        console.log(`[MoltsPay] /proxy: Payment settled by ${settlement2.facilitator}: ${settlement2.transaction || "pending"}`);
-      } catch (err) {
-        console.error("[MoltsPay] /proxy: Settlement failed:", err.message);
-        return this.sendJson(res, 200, {
-          success: true,
-          verified: true,
-          settled: false,
-          settlementError: err.message,
-          from: payment.payload?.authorization?.from,
-          // Buyer's wallet address
-          paidTo: wallet,
-          amount: amountNum,
-          currency: currency || "USDC",
-          memo,
-          result
-        });
+      if (!isSolana) {
+        console.log(`[MoltsPay] /proxy: Settling payment...`);
+        try {
+          settlement2 = await this.registry.settle(payment, requirements);
+          console.log(`[MoltsPay] /proxy: Payment settled by ${settlement2.facilitator}: ${settlement2.transaction || "pending"}`);
+        } catch (err) {
+          console.error("[MoltsPay] /proxy: Settlement failed:", err.message);
+          return this.sendJson(res, 200, {
+            success: true,
+            verified: true,
+            settled: false,
+            settlementError: err.message,
+            from: payment.payload?.authorization?.from,
+            paidTo: wallet,
+            amount: amountNum,
+            currency: currency || "USDC",
+            memo,
+            result
+          });
+        }
       }
       return this.sendJson(res, 200, {
         success: true,
@@ -1608,7 +2326,6 @@ var MoltsPayServer = class {
         settled: settlement2?.success || false,
         txHash: settlement2?.transaction,
         from: payment.payload?.authorization?.from,
-        // Buyer's wallet address
         paidTo: wallet,
         amount: amountNum,
         currency: currency || "USDC",
@@ -1643,6 +2360,131 @@ var MoltsPayServer = class {
       memo
     });
   }
+  /**
+   * Handle MPP payment flow for /proxy endpoint (tempo_moderato chain)
+   */
+  async handleProxyMPP(body, config, authHeader, res) {
+    const { wallet, amount, memo, serviceId } = body;
+    const amountNum = parseFloat(amount);
+    const amountInUnits = Math.floor(amountNum * 1e6).toString();
+    if (!authHeader || !authHeader.toLowerCase().startsWith("payment ")) {
+      const challengeId = this.generateChallengeId();
+      const tokenAddress = TOKEN_ADDRESSES["eip155:42431"]?.USDC || "0x20c0000000000000000000000000000000000000";
+      const mppRequest = {
+        amount: amountInUnits,
+        currency: tokenAddress,
+        methodDetails: {
+          chainId: 42431,
+          feePayer: true
+        },
+        recipient: wallet
+      };
+      const mppRequestEncoded = Buffer.from(JSON.stringify(mppRequest)).toString("base64");
+      const expiresAt = new Date(Date.now() + 5 * 60 * 1e3).toISOString();
+      const wwwAuth = `Payment id="${challengeId}", realm="MoltsPay Proxy", method="tempo", intent="charge", request="${mppRequestEncoded}", description="${config.name}", expires="${expiresAt}"`;
+      res.writeHead(402, {
+        "Content-Type": "application/problem+json",
+        [MPP_WWW_AUTH_HEADER]: wwwAuth
+      });
+      res.end(JSON.stringify({
+        type: "https://paymentauth.org/problems/payment-required",
+        title: "Payment Required",
+        status: 402,
+        detail: `Payment is required (${config.name}).`,
+        service: serviceId || "proxy",
+        price: amountNum,
+        currency: "USDC"
+      }, null, 2));
+      return;
+    }
+    const credentialMatch = authHeader.match(/Payment\s+(.+)/i);
+    if (!credentialMatch) {
+      return this.sendJson(res, 400, { error: "Invalid Authorization header format" });
+    }
+    let mppCredential;
+    try {
+      const base64 = credentialMatch[1].replace(/-/g, "+").replace(/_/g, "/");
+      const decoded = Buffer.from(base64, "base64").toString("utf-8");
+      mppCredential = JSON.parse(decoded);
+    } catch (err) {
+      console.error("[MoltsPay] /proxy MPP: Failed to parse credential:", err);
+      return this.sendJson(res, 400, { error: "Invalid payment credential encoding" });
+    }
+    let txHash;
+    if (mppCredential.payload?.type === "hash" && mppCredential.payload?.hash) {
+      txHash = mppCredential.payload.hash;
+    } else {
+      return this.sendJson(res, 400, { error: "Missing transaction hash in credential" });
+    }
+    console.log(`[MoltsPay] /proxy MPP: Verifying tx ${txHash} on Tempo...`);
+    const requirements = this.buildPaymentRequirements(config, "eip155:42431", wallet, "USDC");
+    const paymentPayload = {
+      x402Version: X402_VERSION2,
+      scheme: "exact",
+      network: "eip155:42431",
+      payload: { txHash, chainId: 42431 }
+    };
+    const verification = await this.registry.verify(paymentPayload, requirements);
+    if (!verification.valid) {
+      return this.sendJson(res, 402, {
+        error: `Payment verification failed: ${verification.error}`
+      });
+    }
+    console.log(`[MoltsPay] /proxy MPP: Payment verified by ${verification.facilitator}`);
+    const { execute, service, params } = body;
+    if (execute && service) {
+      console.log(`[MoltsPay] /proxy MPP: Executing skill: ${service}`);
+      const skill = this.skills.get(service);
+      if (!skill) {
+        return this.sendJson(res, 404, {
+          success: false,
+          paymentSettled: true,
+          // Payment already happened on Tempo
+          error: `Service not found: ${service}`
+        });
+      }
+      const timeoutSeconds = parseInt(process.env.SKILL_TIMEOUT_SECONDS || "1200");
+      let result;
+      try {
+        result = await Promise.race([
+          skill.handler(params || {}),
+          new Promise(
+            (_, reject) => setTimeout(() => reject(new Error(`Skill timeout after ${timeoutSeconds}s`)), timeoutSeconds * 1e3)
+          )
+        ]);
+      } catch (err) {
+        console.error(`[MoltsPay] /proxy MPP: Skill failed: ${err.message}`);
+        return this.sendJson(res, 500, {
+          success: false,
+          paymentSettled: true,
+          error: `Service execution failed: ${err.message}`
+        });
+      }
+      return this.sendJson(res, 200, {
+        success: true,
+        verified: true,
+        txHash,
+        chain: "tempo_moderato",
+        paidTo: wallet,
+        amount: amountNum,
+        currency: "USDC",
+        facilitator: verification.facilitator,
+        memo,
+        result
+      });
+    }
+    this.sendJson(res, 200, {
+      success: true,
+      verified: true,
+      txHash,
+      chain: "tempo_moderato",
+      paidTo: wallet,
+      amount: amountNum,
+      currency: "USDC",
+      facilitator: verification.facilitator,
+      memo
+    });
+  }
   /**
    * Build payment requirements for proxy endpoint (uses provided wallet)
    */
@@ -1654,7 +2496,7 @@ var MoltsPayServer = class {
     const tokenAddresses = TOKEN_ADDRESSES[networkId] || TOKEN_ADDRESSES[this.networkId] || {};
     const tokenAddress = tokenAddresses[selectedToken];
     const tokenDomain = getTokenDomain(networkId, selectedToken);
-    return {
+    const requirements = {
       scheme: "exact",
       network: networkId,
       asset: tokenAddress,
@@ -1664,6 +2506,17 @@ var MoltsPayServer = class {
       maxTimeoutSeconds: 300,
       extra: tokenDomain
     };
+    if (networkId === "eip155:56" || networkId === "eip155:97") {
+      const bnbFacilitator = this.registry.get("bnb");
+      const spenderAddress = bnbFacilitator?.getSpenderAddress?.();
+      if (spenderAddress) {
+        requirements.extra = {
+          ...requirements.extra || {},
+          bnbSpender: spenderAddress
+        };
+      }
+    }
+    return requirements;
   }
   /**
    * Return 402 with x402 payment requirements for proxy endpoint