moltspay 1.3.0 → 1.4.1

package/dist/index.js

@@ -395,6 +395,63 @@ var CHAINS = {
     explorerTx: "https://explore.testnet.tempo.xyz/tx/",
     avgBlockTime: 0.5
     // ~500ms finality
+  },
+  // ============ BNB Chain Testnet ============
+  bnb_testnet: {
+    name: "BNB Testnet",
+    chainId: 97,
+    rpc: "https://data-seed-prebsc-1-s1.binance.org:8545",
+    tokens: {
+      // Note: BNB uses 18 decimals for stablecoins (unlike Base/Polygon which use 6)
+      // Using official Binance-Peg testnet tokens
+      USDC: {
+        address: "0x64544969ed7EBf5f083679233325356EbE738930",
+        // Testnet USDC
+        decimals: 18,
+        symbol: "USDC",
+        eip712Name: "USD Coin"
+      },
+      USDT: {
+        address: "0x337610d27c682E347C9cD60BD4b3b107C9d34dDd",
+        // Testnet USDT
+        decimals: 18,
+        symbol: "USDT",
+        eip712Name: "Tether USD"
+      }
+    },
+    usdc: "0x64544969ed7EBf5f083679233325356EbE738930",
+    explorer: "https://testnet.bscscan.com/address/",
+    explorerTx: "https://testnet.bscscan.com/tx/",
+    avgBlockTime: 3,
+    // BNB-specific: requires approval for pay-for-success flow
+    requiresApproval: true
+  },
+  // ============ BNB Chain Mainnet ============
+  bnb: {
+    name: "BNB Smart Chain",
+    chainId: 56,
+    rpc: "https://bsc-dataseed.binance.org",
+    tokens: {
+      // Note: BNB uses 18 decimals for stablecoins
+      USDC: {
+        address: "0x8AC76a51cc950d9822D68b83fE1Ad97B32Cd580d",
+        decimals: 18,
+        symbol: "USDC",
+        eip712Name: "USD Coin"
+      },
+      USDT: {
+        address: "0x55d398326f99059fF775485246999027B3197955",
+        decimals: 18,
+        symbol: "USDT",
+        eip712Name: "Tether USD"
+      }
+    },
+    usdc: "0x8AC76a51cc950d9822D68b83fE1Ad97B32Cd580d",
+    explorer: "https://bscscan.com/address/",
+    explorerTx: "https://bscscan.com/tx/",
+    avgBlockTime: 3,
+    // BNB-specific: requires approval for pay-for-success flow
+    requiresApproval: true
   }
 };
 function getChain(name) {
@@ -544,7 +601,573 @@ var TempoFacilitator = class extends BaseFacilitator {
   }
 };
 
+// src/facilitators/bnb.ts
+var import_accounts = require("viem/accounts");
+var TRANSFER_EVENT_TOPIC2 = "0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef";
+var EIP712_DOMAIN = {
+  name: "MoltsPay",
+  version: "1"
+};
+var INTENT_TYPES = {
+  PaymentIntent: [
+    { name: "from", type: "address" },
+    { name: "to", type: "address" },
+    { name: "amount", type: "uint256" },
+    { name: "token", type: "address" },
+    { name: "service", type: "string" },
+    { name: "nonce", type: "uint256" },
+    { name: "deadline", type: "uint256" }
+  ]
+};
+var BNBFacilitator = class extends BaseFacilitator {
+  name = "bnb";
+  displayName = "BNB Smart Chain";
+  supportedNetworks = ["eip155:56", "eip155:97"];
+  // Mainnet + Testnet
+  serverPrivateKey;
+  spenderAddress = null;
+  chainConfigs;
+  constructor(serverPrivateKey) {
+    super();
+    this.serverPrivateKey = serverPrivateKey || process.env.BNB_SERVER_PRIVATE_KEY || "";
+    if (this.serverPrivateKey) {
+      const key = this.serverPrivateKey.startsWith("0x") ? this.serverPrivateKey : `0x${this.serverPrivateKey}`;
+      const account = (0, import_accounts.privateKeyToAccount)(key);
+      this.spenderAddress = account.address;
+    }
+    this.chainConfigs = {
+      56: { rpc: CHAINS.bnb.rpc, chain: CHAINS.bnb },
+      97: { rpc: CHAINS.bnb_testnet.rpc, chain: CHAINS.bnb_testnet }
+    };
+  }
+  async healthCheck() {
+    const start = Date.now();
+    try {
+      const response = await fetch(this.chainConfigs[56].rpc, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({
+          jsonrpc: "2.0",
+          method: "eth_chainId",
+          params: [],
+          id: 1
+        })
+      });
+      const data = await response.json();
+      const chainId = parseInt(data.result, 16);
+      if (chainId !== 56) {
+        return { healthy: false, error: `Wrong chainId: ${chainId}` };
+      }
+      return { healthy: true, latencyMs: Date.now() - start };
+    } catch (error) {
+      return { healthy: false, error: String(error) };
+    }
+  }
+  /**
+   * Verify a payment intent signature (before service execution)
+   * 
+   * This verifies:
+   * 1. Signature is valid for the intent
+   * 2. Client has approved server wallet
+   * 3. Client has sufficient balance
+   * 4. Intent hasn't expired
+   */
+  async verify(paymentPayload, requirements) {
+    try {
+      const bnbPayload = paymentPayload.payload;
+      if (!bnbPayload?.intent) {
+        return { valid: false, error: "Missing intent in payment payload" };
+      }
+      const { intent, chainId } = bnbPayload;
+      const config = this.chainConfigs[chainId];
+      if (!config) {
+        return { valid: false, error: `Unsupported chainId: ${chainId}` };
+      }
+      if (intent.deadline < Date.now()) {
+        return { valid: false, error: "Intent expired" };
+      }
+      const recoveredAddress = await this.recoverIntentSigner(intent, chainId);
+      if (recoveredAddress.toLowerCase() !== intent.from.toLowerCase()) {
+        return { valid: false, error: "Invalid signature" };
+      }
+      if (intent.to.toLowerCase() !== requirements.payTo.toLowerCase()) {
+        return { valid: false, error: `Wrong recipient: ${intent.to}` };
+      }
+      if (BigInt(intent.amount) < BigInt(requirements.amount)) {
+        return { valid: false, error: `Insufficient amount: ${intent.amount}` };
+      }
+      if (intent.token.toLowerCase() !== requirements.asset.toLowerCase()) {
+        return { valid: false, error: `Wrong token: ${intent.token}` };
+      }
+      const serverAddress = await this.getServerAddress();
+      const allowance = await this.getAllowance(intent.from, serverAddress, intent.token, config.rpc);
+      if (BigInt(allowance) < BigInt(intent.amount)) {
+        return { valid: false, error: "Insufficient allowance. Run: npx moltspay init --chain bnb" };
+      }
+      const balance = await this.getBalance(intent.from, intent.token, config.rpc);
+      if (BigInt(balance) < BigInt(intent.amount)) {
+        return { valid: false, error: "Insufficient balance" };
+      }
+      return {
+        valid: true,
+        details: {
+          from: intent.from,
+          to: intent.to,
+          amount: intent.amount,
+          token: intent.token,
+          service: intent.service,
+          nonce: intent.nonce,
+          deadline: intent.deadline
+        }
+      };
+    } catch (error) {
+      return { valid: false, error: `Verification failed: ${error}` };
+    }
+  }
+  /**
+   * Settle a payment by executing transferFrom
+   * 
+   * This is called AFTER the service has been successfully delivered.
+   * Server pays gas, transfers tokens from client to provider.
+   */
+  async settle(paymentPayload, requirements) {
+    if (!this.serverPrivateKey) {
+      return { success: false, error: "Server wallet not configured (BNB_SERVER_PRIVATE_KEY)" };
+    }
+    try {
+      const verifyResult = await this.verify(paymentPayload, requirements);
+      if (!verifyResult.valid) {
+        return { success: false, error: verifyResult.error };
+      }
+      const bnbPayload = paymentPayload.payload;
+      const { intent, chainId } = bnbPayload;
+      const config = this.chainConfigs[chainId];
+      const txHash = await this.executeTransferFrom(
+        intent.from,
+        intent.to,
+        intent.amount,
+        intent.token,
+        config.rpc
+      );
+      return {
+        success: true,
+        transaction: txHash,
+        status: "settled"
+      };
+    } catch (error) {
+      return { success: false, error: `Settlement failed: ${error}` };
+    }
+  }
+  /**
+   * Check if client has approved the server wallet
+   */
+  async checkApproval(clientAddress, token, chainId) {
+    const config = this.chainConfigs[chainId];
+    if (!config) {
+      throw new Error(`Unsupported chainId: ${chainId}`);
+    }
+    const serverAddress = await this.getServerAddress();
+    const allowance = await this.getAllowance(clientAddress, serverAddress, token, config.rpc);
+    const minAllowance = BigInt("1000000000000000000000");
+    return {
+      approved: BigInt(allowance) >= minAllowance,
+      allowance
+    };
+  }
+  /**
+   * Verify a completed transaction (for checking past payments)
+   */
+  async verifyTransaction(txHash, expected, chainId) {
+    const config = this.chainConfigs[chainId];
+    if (!config) {
+      return { valid: false, error: `Unsupported chainId: ${chainId}` };
+    }
+    try {
+      const receipt = await this.getTransactionReceipt(txHash, config.rpc);
+      if (!receipt) {
+        return { valid: false, error: "Transaction not found" };
+      }
+      if (receipt.status !== "0x1") {
+        return { valid: false, error: "Transaction failed" };
+      }
+      const transferLog = receipt.logs.find(
+        (log) => log.topics[0] === TRANSFER_EVENT_TOPIC2 && log.address.toLowerCase() === expected.token.toLowerCase()
+      );
+      if (!transferLog) {
+        return { valid: false, error: "No Transfer event found" };
+      }
+      const toAddress = "0x" + transferLog.topics[2].slice(26).toLowerCase();
+      if (toAddress !== expected.to.toLowerCase()) {
+        return { valid: false, error: `Wrong recipient: ${toAddress}` };
+      }
+      const amount = BigInt(transferLog.data);
+      if (amount < BigInt(expected.amount)) {
+        return { valid: false, error: `Insufficient amount: ${amount}` };
+      }
+      return {
+        valid: true,
+        details: {
+          txHash,
+          from: "0x" + transferLog.topics[1].slice(26),
+          to: toAddress,
+          amount: amount.toString(),
+          token: transferLog.address
+        }
+      };
+    } catch (error) {
+      return { valid: false, error: `Verification failed: ${error}` };
+    }
+  }
+  // ==================== Private Methods ====================
+  /**
+   * Get the server's spender address (public, for 402 responses)
+   * Returns cached value computed at construction time.
+   */
+  getSpenderAddress() {
+    return this.spenderAddress;
+  }
+  async getServerAddress() {
+    const { ethers: ethers5 } = await import("ethers");
+    const wallet = new ethers5.Wallet(this.serverPrivateKey);
+    return wallet.address;
+  }
+  async recoverIntentSigner(intent, chainId) {
+    const { ethers: ethers5 } = await import("ethers");
+    const domain = {
+      ...EIP712_DOMAIN,
+      chainId
+    };
+    const message = {
+      from: intent.from,
+      to: intent.to,
+      amount: intent.amount,
+      token: intent.token,
+      service: intent.service,
+      nonce: intent.nonce,
+      deadline: intent.deadline
+    };
+    const recoveredAddress = ethers5.verifyTypedData(
+      domain,
+      INTENT_TYPES,
+      message,
+      intent.signature
+    );
+    return recoveredAddress;
+  }
+  async getAllowance(owner, spender, token, rpcUrl) {
+    const selector = "0xdd62ed3e";
+    const ownerPadded = owner.toLowerCase().replace("0x", "").padStart(64, "0");
+    const spenderPadded = spender.toLowerCase().replace("0x", "").padStart(64, "0");
+    const data = selector + ownerPadded + spenderPadded;
+    const response = await fetch(rpcUrl, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({
+        jsonrpc: "2.0",
+        method: "eth_call",
+        params: [{ to: token, data }, "latest"],
+        id: 1
+      })
+    });
+    const result = await response.json();
+    return result.result || "0x0";
+  }
+  async getBalance(account, token, rpcUrl) {
+    const selector = "0x70a08231";
+    const accountPadded = account.toLowerCase().replace("0x", "").padStart(64, "0");
+    const data = selector + accountPadded;
+    const response = await fetch(rpcUrl, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({
+        jsonrpc: "2.0",
+        method: "eth_call",
+        params: [{ to: token, data }, "latest"],
+        id: 1
+      })
+    });
+    const result = await response.json();
+    return result.result || "0x0";
+  }
+  async executeTransferFrom(from, to, amount, token, rpcUrl) {
+    const { ethers: ethers5 } = await import("ethers");
+    const provider = new ethers5.JsonRpcProvider(rpcUrl);
+    const wallet = new ethers5.Wallet(this.serverPrivateKey, provider);
+    const tokenContract = new ethers5.Contract(token, [
+      "function transferFrom(address from, address to, uint256 amount) returns (bool)"
+    ], wallet);
+    const tx = await tokenContract.transferFrom(from, to, amount);
+    const receipt = await tx.wait();
+    return receipt.hash;
+  }
+  async getTransactionReceipt(txHash, rpcUrl) {
+    const response = await fetch(rpcUrl, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({
+        jsonrpc: "2.0",
+        method: "eth_getTransactionReceipt",
+        params: [txHash],
+        id: 1
+      })
+    });
+    const data = await response.json();
+    return data.result;
+  }
+};
+
+// src/facilitators/solana.ts
+var import_web32 = require("@solana/web3.js");
+var import_spl_token = require("@solana/spl-token");
+
+// src/chains/solana.ts
+var import_web3 = require("@solana/web3.js");
+var SOLANA_CHAINS = {
+  solana: {
+    name: "Solana Mainnet",
+    cluster: "mainnet-beta",
+    rpc: "https://api.mainnet-beta.solana.com",
+    explorer: "https://solscan.io/account/",
+    explorerTx: "https://solscan.io/tx/",
+    tokens: {
+      USDC: {
+        mint: "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
+        // Circle official USDC
+        decimals: 6
+      }
+    }
+  },
+  solana_devnet: {
+    name: "Solana Devnet",
+    cluster: "devnet",
+    rpc: "https://api.devnet.solana.com",
+    explorer: "https://solscan.io/account/",
+    explorerTx: "https://solscan.io/tx/",
+    tokens: {
+      USDC: {
+        // Circle's devnet USDC (if not available, we'll deploy our own test token)
+        mint: "4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU",
+        decimals: 6
+      }
+    }
+  }
+};
+
+// src/facilitators/solana.ts
+var SolanaFacilitator = class extends BaseFacilitator {
+  name = "solana";
+  displayName = "Solana Direct";
+  supportedNetworks = ["solana:mainnet", "solana:devnet"];
+  connections = /* @__PURE__ */ new Map();
+  feePayerKeypair;
+  constructor(config) {
+    super();
+    this.feePayerKeypair = config?.feePayerKeypair;
+    for (const [chain, config2] of Object.entries(SOLANA_CHAINS)) {
+      this.connections.set(
+        chain,
+        new import_web32.Connection(config2.rpc, "confirmed")
+      );
+    }
+    if (this.feePayerKeypair) {
+      console.log(`[SolanaFacilitator] Gasless mode enabled. Fee payer: ${this.feePayerKeypair.publicKey.toBase58()}`);
+    }
+  }
+  /**
+   * Get fee payer public key (for gasless transactions)
+   */
+  getFeePayerPubkey() {
+    return this.feePayerKeypair?.publicKey.toBase58() || null;
+  }
+  getConnection(chain) {
+    const conn = this.connections.get(chain);
+    if (!conn) {
+      throw new Error(`No connection for chain: ${chain}`);
+    }
+    return conn;
+  }
+  /**
+   * Convert our chain name to network identifier
+   */
+  static chainToNetwork(chain) {
+    return chain === "solana" ? "solana:mainnet" : "solana:devnet";
+  }
+  /**
+   * Convert network identifier to chain name
+   */
+  static networkToChain(network) {
+    if (network === "solana:mainnet") return "solana";
+    if (network === "solana:devnet") return "solana_devnet";
+    return null;
+  }
+  async healthCheck() {
+    const start = Date.now();
+    try {
+      const conn = this.getConnection("solana_devnet");
+      await conn.getSlot();
+      return {
+        healthy: true,
+        latencyMs: Date.now() - start
+      };
+    } catch (error) {
+      return {
+        healthy: false,
+        error: error.message
+      };
+    }
+  }
+  /**
+   * Verify a Solana payment
+   * 
+   * Checks:
+   * 1. Transaction is valid and properly signed
+   * 2. Transfer instruction matches expected amount and recipient
+   */
+  async verify(paymentPayload, requirements) {
+    try {
+      const solanaPayload = paymentPayload.payload;
+      if (!solanaPayload || !solanaPayload.signedTransaction) {
+        return { valid: false, error: "Missing signed transaction" };
+      }
+      const chain = solanaPayload.chain || "solana_devnet";
+      const chainConfig = SOLANA_CHAINS[chain];
+      if (!chainConfig) {
+        return { valid: false, error: `Invalid chain: ${chain}` };
+      }
+      const txBuffer = Buffer.from(solanaPayload.signedTransaction, "base64");
+      let tx;
+      try {
+        tx = import_web32.Transaction.from(txBuffer);
+      } catch {
+        tx = import_web32.VersionedTransaction.deserialize(txBuffer);
+      }
+      if (tx instanceof import_web32.Transaction) {
+        const hasAnySignature = tx.signatures.some(
+          (sig) => sig.signature && !sig.signature.every((b) => b === 0)
+        );
+        if (!hasAnySignature) {
+          return { valid: false, error: "Transaction not signed" };
+        }
+      }
+      const expectedAmount = BigInt(requirements.amount);
+      const expectedRecipient = new import_web32.PublicKey(requirements.payTo);
+      return {
+        valid: true,
+        details: {
+          chain,
+          sender: solanaPayload.sender,
+          recipient: requirements.payTo,
+          amount: requirements.amount
+        }
+      };
+    } catch (error) {
+      return { valid: false, error: error.message };
+    }
+  }
+  /**
+   * Settle a Solana payment
+   * 
+   * Submits the signed transaction to the network.
+   * In gasless mode, adds fee payer signature before submitting.
+   */
+  async settle(paymentPayload, requirements) {
+    try {
+      const solanaPayload = paymentPayload.payload;
+      if (!solanaPayload || !solanaPayload.signedTransaction) {
+        return { success: false, error: "Missing signed transaction" };
+      }
+      const chain = solanaPayload.chain || "solana_devnet";
+      const connection = this.getConnection(chain);
+      const txBuffer = Buffer.from(solanaPayload.signedTransaction, "base64");
+      let txToSend;
+      try {
+        const tx = import_web32.Transaction.from(txBuffer);
+        if (this.feePayerKeypair && tx.feePayer) {
+          const feePayerPubkey = this.feePayerKeypair.publicKey.toBase58();
+          const txFeePayer = tx.feePayer.toBase58();
+          if (txFeePayer === feePayerPubkey) {
+            console.log(`[SolanaFacilitator] Gasless mode: adding fee payer signature`);
+            tx.partialSign(this.feePayerKeypair);
+          }
+        }
+        txToSend = tx.serialize();
+      } catch (e) {
+        txToSend = txBuffer;
+      }
+      const signature = await connection.sendRawTransaction(txToSend, {
+        skipPreflight: false,
+        preflightCommitment: "confirmed"
+      });
+      const confirmation = await connection.confirmTransaction(signature, "confirmed");
+      if (confirmation.value.err) {
+        return {
+          success: false,
+          error: `Transaction failed: ${JSON.stringify(confirmation.value.err)}`,
+          transaction: signature
+        };
+      }
+      return {
+        success: true,
+        transaction: signature,
+        status: "confirmed"
+      };
+    } catch (error) {
+      return { success: false, error: error.message };
+    }
+  }
+  supportsNetwork(network) {
+    return this.supportedNetworks.includes(network);
+  }
+};
+async function createSolanaPaymentTransaction(senderPubkey, recipientPubkey, amount, chain, feePayerPubkey) {
+  const chainConfig = SOLANA_CHAINS[chain];
+  const connection = new import_web32.Connection(chainConfig.rpc, "confirmed");
+  const mint = new import_web32.PublicKey(chainConfig.tokens.USDC.mint);
+  const actualFeePayer = feePayerPubkey || senderPubkey;
+  const senderATA = await (0, import_spl_token.getAssociatedTokenAddress)(mint, senderPubkey);
+  const recipientATA = await (0, import_spl_token.getAssociatedTokenAddress)(mint, recipientPubkey);
+  const transaction = new import_web32.Transaction();
+  try {
+    await (0, import_spl_token.getAccount)(connection, recipientATA);
+  } catch {
+    transaction.add(
+      (0, import_spl_token.createAssociatedTokenAccountInstruction)(
+        actualFeePayer,
+        // payer (fee payer in gasless mode)
+        recipientATA,
+        // ata to create
+        recipientPubkey,
+        // owner
+        mint
+        // mint
+      )
+    );
+  }
+  transaction.add(
+    (0, import_spl_token.createTransferCheckedInstruction)(
+      senderATA,
+      // source
+      mint,
+      // mint
+      recipientATA,
+      // destination
+      senderPubkey,
+      // owner (sender still authorizes the transfer)
+      amount,
+      // amount
+      chainConfig.tokens.USDC.decimals
+      // decimals
+    )
+  );
+  const { blockhash, lastValidBlockHeight } = await connection.getLatestBlockhash();
+  transaction.recentBlockhash = blockhash;
+  transaction.feePayer = actualFeePayer;
+  return transaction;
+}
+
 // src/facilitators/registry.ts
+var import_web33 = require("@solana/web3.js");
+var import_bs58 = __toESM(require("bs58"));
 var FacilitatorRegistry = class {
   factories = /* @__PURE__ */ new Map();
   instances = /* @__PURE__ */ new Map();
@@ -553,7 +1176,20 @@ var FacilitatorRegistry = class {
   constructor(selection) {
     this.registerFactory("cdp", (config) => new CDPFacilitator(config));
     this.registerFactory("tempo", () => new TempoFacilitator());
-    this.selection = selection || { primary: "cdp", fallback: ["tempo"], strategy: "failover" };
+    this.registerFactory("bnb", (config) => new BNBFacilitator(config?.serverPrivateKey));
+    this.registerFactory("solana", (config) => {
+      let feePayerKeypair;
+      const feePayerKey = config?.feePayerPrivateKey || process.env.SOLANA_FEE_PAYER_KEY;
+      if (feePayerKey) {
+        try {
+          feePayerKeypair = import_web33.Keypair.fromSecretKey(import_bs58.default.decode(feePayerKey));
+        } catch (e) {
+          console.warn(`[SolanaFacilitator] Invalid fee payer key: ${e.message}`);
+        }
+      }
+      return new SolanaFacilitator({ feePayerKeypair });
+    });
+    this.selection = selection || { primary: "cdp", fallback: ["tempo", "bnb", "solana"], strategy: "failover" };
   }
   /**
    * Register a new facilitator factory
@@ -807,14 +1443,40 @@ var TOKEN_ADDRESSES = {
     // pathUSD
     USDT: "0x20c0000000000000000000000000000000000001"
     // alphaUSD
+  },
+  // BNB Smart Chain mainnet
+  "eip155:56": {
+    USDC: "0x8AC76a51cc950d9822D68b83fE1Ad97B32Cd580d",
+    USDT: "0x55d398326f99059fF775485246999027B3197955"
+  },
+  // BNB Smart Chain testnet
+  "eip155:97": {
+    USDC: "0x64544969ed7EBf5f083679233325356EbE738930",
+    USDT: "0x337610d27c682E347C9cD60BD4b3b107C9d34dDd"
+  },
+  // Solana networks use mint addresses (SPL tokens)
+  "solana:mainnet": {
+    USDC: "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v"
+    // Circle USDC
+  },
+  "solana:devnet": {
+    USDC: "4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU"
+    // Devnet USDC
   }
 };
 var CHAIN_TO_NETWORK = {
   "base": "eip155:8453",
   "base_sepolia": "eip155:84532",
   "polygon": "eip155:137",
-  "tempo_moderato": "eip155:42431"
+  "tempo_moderato": "eip155:42431",
+  "bnb": "eip155:56",
+  "bnb_testnet": "eip155:97",
+  "solana": "solana:mainnet",
+  "solana_devnet": "solana:devnet"
 };
+function isSolanaNetwork(network) {
+  return network.startsWith("solana:");
+}
 var TOKEN_DOMAINS = {
   // Base mainnet
   "eip155:8453": {
@@ -836,6 +1498,16 @@ var TOKEN_DOMAINS = {
   "eip155:42431": {
     USDC: { name: "pathUSD", version: "1" },
     USDT: { name: "alphaUSD", version: "1" }
+  },
+  // BNB Smart Chain mainnet
+  "eip155:56": {
+    USDC: { name: "USD Coin", version: "1" },
+    USDT: { name: "Tether USD", version: "1" }
+  },
+  // BNB Smart Chain testnet
+  "eip155:97": {
+    USDC: { name: "USD Coin", version: "1" },
+    USDT: { name: "Tether USD", version: "1" }
   }
 };
 function getTokenDomain(network, token) {
@@ -893,7 +1565,7 @@ var MoltsPayServer = class {
     };
     this.useMainnet = process.env.USE_MAINNET?.toLowerCase() === "true";
     this.networkId = this.useMainnet ? "eip155:8453" : "eip155:84532";
-    const defaultFallback = ["tempo"];
+    const defaultFallback = ["tempo", "bnb", "solana"];
     const envFallback = process.env.FACILITATOR_FALLBACK?.split(",").filter(Boolean);
     const facilitatorConfig = options.facilitators || {
       primary: process.env.FACILITATOR_PRIMARY || "cdp",
@@ -936,12 +1608,20 @@ var MoltsPayServer = class {
    */
   getProviderChains() {
     const provider = this.manifest.provider;
+    const getWalletForChain = (chainName, explicitWallet) => {
+      if (explicitWallet) return explicitWallet;
+      if ((chainName === "solana" || chainName === "solana_devnet") && provider.solana_wallet) {
+        return provider.solana_wallet;
+      }
+      return provider.wallet;
+    };
     if (provider.chains && provider.chains.length > 0) {
       return provider.chains.map((c) => {
         const chainName = typeof c === "string" ? c : c.chain;
+        const explicitWallet = typeof c === "object" ? c.wallet : null;
         return {
           network: CHAIN_TO_NETWORK[chainName] || "eip155:8453",
-          wallet: (typeof c === "object" ? c.wallet : null) || provider.wallet,
+          wallet: getWalletForChain(chainName, explicitWallet || void 0),
           tokens: (typeof c === "object" ? c.tokens : null) || ["USDC"]
         };
       });
@@ -950,7 +1630,7 @@ var MoltsPayServer = class {
     const network = CHAIN_TO_NETWORK[chain] || this.networkId;
     return [{
       network,
-      wallet: provider.wallet,
+      wallet: getWalletForChain(chain),
       tokens: ["USDC"]
     }];
   }
@@ -1021,7 +1701,8 @@ var MoltsPayServer = class {
         }
         const body = await this.readBody(req);
         const paymentHeader = req.headers[PAYMENT_HEADER];
-        return await this.handleProxy(body, paymentHeader, res);
+        const authHeader = req.headers[MPP_AUTH_HEADER];
+        return await this.handleProxy(body, paymentHeader, authHeader, res);
       }
       const servicePath = url.pathname.replace(/^\//, "");
       const skill = this.skills.get(servicePath);
@@ -1058,7 +1739,9 @@ var MoltsPayServer = class {
         name: this.manifest.provider.name,
         description: this.manifest.provider.description,
         wallet: this.manifest.provider.wallet,
-        chain: this.manifest.provider.chain || "base"
+        chain: this.manifest.provider.chain || "base",
+        solana_wallet: this.manifest.provider.solana_wallet,
+        chains: this.manifest.provider.chains
       },
       services,
       endpoints: {
@@ -1171,6 +1854,21 @@ var MoltsPayServer = class {
       });
     }
     console.log(`[MoltsPay] Verified by ${verifyResult.facilitator}`);
+    const isSolana = isSolanaNetwork(paymentNetwork);
+    let settlement = null;
+    if (isSolana) {
+      console.log(`[MoltsPay] Solana detected - settling payment FIRST (blockhash expiry protection)`);
+      try {
+        settlement = await this.registry.settle(payment, requirements);
+        console.log(`[MoltsPay] Payment settled by ${settlement.facilitator}: ${settlement.transaction || "pending"}`);
+      } catch (err) {
+        console.error("[MoltsPay] Solana settlement failed:", err.message);
+        return this.sendJson(res, 402, {
+          error: "Payment settlement failed",
+          message: err.message
+        });
+      }
+    }
     const timeoutSeconds = parseInt(process.env.SKILL_TIMEOUT_SECONDS || "1200");
     console.log(`[MoltsPay] Executing skill: ${service} (timeout: ${timeoutSeconds}s)`);
     let result;
@@ -1185,16 +1883,19 @@ var MoltsPayServer = class {
       console.error("[MoltsPay] Skill execution failed:", err.message);
       return this.sendJson(res, 500, {
         error: "Service execution failed",
-        message: err.message
+        message: err.message,
+        paymentSettled: isSolana ? true : false,
+        note: isSolana ? "Payment was settled before execution. Contact support for refund." : void 0
       });
     }
-    console.log(`[MoltsPay] Skill succeeded, settling payment...`);
-    let settlement = null;
-    try {
-      settlement = await this.registry.settle(payment, requirements);
-      console.log(`[MoltsPay] Payment settled by ${settlement.facilitator}: ${settlement.transaction || "pending"}`);
-    } catch (err) {
-      console.error("[MoltsPay] Settlement failed:", err.message);
+    if (!isSolana) {
+      console.log(`[MoltsPay] Skill succeeded, settling payment...`);
+      try {
+        settlement = await this.registry.settle(payment, requirements);
+        console.log(`[MoltsPay] Payment settled by ${settlement.facilitator}: ${settlement.transaction || "pending"}`);
+      } catch (err) {
+        console.error("[MoltsPay] Settlement failed:", err.message);
+      }
     }
     const responseHeaders = {};
     if (settlement?.success) {
@@ -1470,7 +2171,7 @@ var MoltsPayServer = class {
     const tokenAddresses = TOKEN_ADDRESSES[selectedNetwork] || {};
     const tokenAddress = tokenAddresses[selectedToken];
     const tokenDomain = getTokenDomain(selectedNetwork, selectedToken);
-    return {
+    const requirements = {
       scheme: "exact",
       network: selectedNetwork,
       asset: tokenAddress,
@@ -1479,6 +2180,27 @@ var MoltsPayServer = class {
       maxTimeoutSeconds: 300,
       extra: tokenDomain
     };
+    if (selectedNetwork === "solana:mainnet" || selectedNetwork === "solana:devnet") {
+      const solanaFacilitator = this.registry.get("solana");
+      const feePayerPubkey = solanaFacilitator?.getFeePayerPubkey?.();
+      if (feePayerPubkey) {
+        requirements.extra = {
+          ...requirements.extra || {},
+          solanaFeePayer: feePayerPubkey
+        };
+      }
+    }
+    if (selectedNetwork === "eip155:56" || selectedNetwork === "eip155:97") {
+      const bnbFacilitator = this.registry.get("bnb");
+      const spenderAddress = bnbFacilitator?.getSpenderAddress?.();
+      if (spenderAddress) {
+        requirements.extra = {
+          ...requirements.extra || {},
+          bnbSpender: spenderAddress
+        };
+      }
+    }
+    return requirements;
   }
   /**
    * Detect which token is being used in the payment
@@ -1531,8 +2253,10 @@ var MoltsPayServer = class {
   isProxyAllowed(clientIP) {
     const allowedIPs = process.env.PROXY_ALLOWED_IPS?.split(",").map((ip) => ip.trim()) || [];
     if (allowedIPs.length === 0) {
-      console.log(`[MoltsPay] /proxy denied: no PROXY_ALLOWED_IPS configured`);
-      return false;
+      return true;
+    }
+    if (allowedIPs.includes("*")) {
+      return true;
     }
     const normalizedIP = clientIP === "::1" ? "127.0.0.1" : clientIP.replace("::ffff:", "");
     const allowed = allowedIPs.includes(normalizedIP) || allowedIPs.includes(clientIP);
@@ -1544,31 +2268,42 @@ var MoltsPayServer = class {
   /**
    * POST /proxy - Handle payment for external services (moltspay-creators)
    * 
-   * This endpoint allows other services to delegate x402 payment handling.
+   * This endpoint allows other services to delegate x402/MPP payment handling.
    * It does NOT execute any skill - just handles payment verification/settlement.
    * 
    * Request body:
    *   { wallet, amount, currency, chain, memo, serviceId, description }
    * 
-   * Without X-Payment header: returns 402 with payment requirements
-   * With X-Payment header: verifies payment and returns result
+   * For x402 (base, polygon, base_sepolia):
+   *   Without X-Payment header: returns 402 with X-Payment-Required
+   *   With X-Payment header: verifies payment via CDP
+   * 
+   * For MPP (tempo_moderato):
+   *   Without Authorization header: returns 402 with WWW-Authenticate
+   *   With Authorization: Payment header: verifies tx on Tempo chain
    */
-  async handleProxy(body, paymentHeader, res) {
+  async handleProxy(body, paymentHeader, authHeader, res) {
     const { wallet, amount, currency, chain, memo, serviceId, description } = body;
     if (!wallet || !amount) {
       return this.sendJson(res, 400, { error: "Missing required fields: wallet, amount" });
     }
-    if (!/^0x[a-fA-F0-9]{40}$/.test(wallet)) {
-      return this.sendJson(res, 400, { error: "Invalid wallet address format" });
+    const supportedChains = ["base", "polygon", "base_sepolia", "tempo_moderato", "bnb", "bnb_testnet", "solana", "solana_devnet"];
+    if (chain && !supportedChains.includes(chain)) {
+      return this.sendJson(res, 400, { error: `Unsupported chain: ${chain}. Supported: ${supportedChains.join(", ")}` });
+    }
+    const isSolanaChain = chain === "solana" || chain === "solana_devnet";
+    const isValidEvmAddress = /^0x[a-fA-F0-9]{40}$/.test(wallet);
+    const isValidSolanaAddress = /^[1-9A-HJ-NP-Za-km-z]{32,44}$/.test(wallet);
+    if (isSolanaChain && !isValidSolanaAddress) {
+      return this.sendJson(res, 400, { error: "Invalid Solana wallet address format" });
+    }
+    if (!isSolanaChain && !isValidEvmAddress) {
+      return this.sendJson(res, 400, { error: "Invalid EVM wallet address format" });
     }
     const amountNum = parseFloat(amount);
     if (isNaN(amountNum) || amountNum <= 0) {
       return this.sendJson(res, 400, { error: "Invalid amount" });
     }
-    const supportedChains = ["base", "polygon", "base_sepolia"];
-    if (chain && !supportedChains.includes(chain)) {
-      return this.sendJson(res, 400, { error: `Unsupported chain: ${chain}. Supported: ${supportedChains.join(", ")}` });
-    }
     const proxyConfig = {
       id: serviceId || "proxy",
       name: description || "Proxy Payment",
@@ -1580,6 +2315,9 @@ var MoltsPayServer = class {
       input: {},
       output: {}
     };
+    if (chain === "tempo_moderato") {
+      return await this.handleProxyMPP(body, proxyConfig, authHeader, res);
+    }
     const requirements = this.buildProxyPaymentRequirements(proxyConfig, wallet, currency, chain);
     if (!paymentHeader) {
       return this.sendProxyPaymentRequired(proxyConfig, wallet, memo, chain, res);
@@ -1591,37 +2329,225 @@ var MoltsPayServer = class {
     } catch {
       return this.sendJson(res, 400, { error: "Invalid X-Payment header" });
     }
-    if (payment.x402Version !== X402_VERSION2) {
-      return this.sendJson(res, 402, { error: `Unsupported x402 version: ${payment.x402Version}` });
+    if (payment.x402Version !== X402_VERSION2) {
+      return this.sendJson(res, 402, { error: `Unsupported x402 version: ${payment.x402Version}` });
+    }
+    const scheme = payment.accepted?.scheme || payment.scheme;
+    const network = payment.accepted?.network || payment.network;
+    if (scheme !== "exact") {
+      return this.sendJson(res, 402, { error: `Unsupported scheme: ${scheme}` });
+    }
+    const expectedNetwork = chain ? CHAIN_TO_NETWORK[chain] || this.networkId : this.networkId;
+    if (network !== expectedNetwork) {
+      return this.sendJson(res, 402, { error: `Network mismatch: expected ${expectedNetwork}, got ${network}` });
+    }
+    console.log(`[MoltsPay] /proxy: Verifying payment for ${wallet}...`);
+    const verifyResult = await this.registry.verify(payment, requirements);
+    if (!verifyResult.valid) {
+      return this.sendJson(res, 402, {
+        success: false,
+        error: `Payment verification failed: ${verifyResult.error}`,
+        facilitator: verifyResult.facilitator
+      });
+    }
+    console.log(`[MoltsPay] /proxy: Verified by ${verifyResult.facilitator}`);
+    const { execute, service, params } = body;
+    if (execute && service) {
+      const skill = this.skills.get(service);
+      if (!skill) {
+        console.log(`[MoltsPay] /proxy: Service not found: ${service} - NOT settling`);
+        return this.sendJson(res, 404, {
+          success: false,
+          paymentSettled: false,
+          error: `Service not found: ${service}`
+        });
+      }
+      const isSolana = isSolanaNetwork(network);
+      let settlement2 = null;
+      if (isSolana) {
+        console.log(`[MoltsPay] /proxy: Solana detected - settling payment FIRST`);
+        try {
+          settlement2 = await this.registry.settle(payment, requirements);
+          console.log(`[MoltsPay] /proxy: Payment settled by ${settlement2.facilitator}: ${settlement2.transaction || "pending"}`);
+          if (!settlement2.success) {
+            console.error(`[MoltsPay] /proxy: Solana settlement failed: ${settlement2.error}`);
+            return this.sendJson(res, 402, {
+              success: false,
+              paymentSettled: false,
+              error: `Payment settlement failed: ${settlement2.error || "Unknown error"}`
+            });
+          }
+        } catch (err) {
+          console.error("[MoltsPay] /proxy: Solana settlement failed:", err.message);
+          return this.sendJson(res, 402, {
+            success: false,
+            paymentSettled: false,
+            error: `Payment settlement failed: ${err.message}`
+          });
+        }
+      } else {
+        console.log(`[MoltsPay] /proxy: Executing skill first (pay on success): ${service}`);
+      }
+      const timeoutSeconds = parseInt(process.env.SKILL_TIMEOUT_SECONDS || "1200");
+      let result;
+      try {
+        result = await Promise.race([
+          skill.handler(params || {}),
+          new Promise(
+            (_, reject) => setTimeout(() => reject(new Error(`Skill timeout after ${timeoutSeconds}s`)), timeoutSeconds * 1e3)
+          )
+        ]);
+        console.log(`[MoltsPay] /proxy: Skill succeeded`);
+      } catch (err) {
+        console.error(`[MoltsPay] /proxy: Skill failed: ${err.message}`);
+        return this.sendJson(res, 500, {
+          success: false,
+          paymentSettled: isSolana ? true : false,
+          error: `Service execution failed: ${err.message}`,
+          note: isSolana ? "Payment was settled before execution. Contact support for refund." : void 0
+        });
+      }
+      if (!isSolana) {
+        console.log(`[MoltsPay] /proxy: Settling payment...`);
+        try {
+          settlement2 = await this.registry.settle(payment, requirements);
+          console.log(`[MoltsPay] /proxy: Payment settled by ${settlement2.facilitator}: ${settlement2.transaction || "pending"}`);
+        } catch (err) {
+          console.error("[MoltsPay] /proxy: Settlement failed:", err.message);
+          return this.sendJson(res, 200, {
+            success: true,
+            verified: true,
+            settled: false,
+            settlementError: err.message,
+            from: payment.payload?.authorization?.from,
+            paidTo: wallet,
+            amount: amountNum,
+            currency: currency || "USDC",
+            memo,
+            result
+          });
+        }
+      }
+      return this.sendJson(res, 200, {
+        success: true,
+        verified: true,
+        settled: settlement2?.success || false,
+        txHash: settlement2?.transaction,
+        from: payment.payload?.authorization?.from,
+        paidTo: wallet,
+        amount: amountNum,
+        currency: currency || "USDC",
+        facilitator: settlement2?.facilitator,
+        memo,
+        result
+      });
+    }
+    console.log(`[MoltsPay] /proxy: Settling payment (no execution)...`);
+    let settlement = null;
+    try {
+      settlement = await this.registry.settle(payment, requirements);
+      console.log(`[MoltsPay] /proxy: Payment settled by ${settlement.facilitator}: ${settlement.transaction || "pending"}`);
+    } catch (err) {
+      console.error("[MoltsPay] /proxy: Settlement failed:", err.message);
+      return this.sendJson(res, 500, {
+        success: false,
+        error: `Settlement failed: ${err.message}`
+      });
+    }
+    this.sendJson(res, 200, {
+      success: true,
+      verified: true,
+      settled: settlement?.success || false,
+      txHash: settlement?.transaction,
+      from: payment.payload?.authorization?.from,
+      // Buyer's wallet address
+      paidTo: wallet,
+      amount: amountNum,
+      currency: currency || "USDC",
+      facilitator: settlement?.facilitator,
+      memo
+    });
+  }
+  /**
+   * Handle MPP payment flow for /proxy endpoint (tempo_moderato chain)
+   */
+  async handleProxyMPP(body, config, authHeader, res) {
+    const { wallet, amount, memo, serviceId } = body;
+    const amountNum = parseFloat(amount);
+    const amountInUnits = Math.floor(amountNum * 1e6).toString();
+    if (!authHeader || !authHeader.toLowerCase().startsWith("payment ")) {
+      const challengeId = this.generateChallengeId();
+      const tokenAddress = TOKEN_ADDRESSES["eip155:42431"]?.USDC || "0x20c0000000000000000000000000000000000000";
+      const mppRequest = {
+        amount: amountInUnits,
+        currency: tokenAddress,
+        methodDetails: {
+          chainId: 42431,
+          feePayer: true
+        },
+        recipient: wallet
+      };
+      const mppRequestEncoded = Buffer.from(JSON.stringify(mppRequest)).toString("base64");
+      const expiresAt = new Date(Date.now() + 5 * 60 * 1e3).toISOString();
+      const wwwAuth = `Payment id="${challengeId}", realm="MoltsPay Proxy", method="tempo", intent="charge", request="${mppRequestEncoded}", description="${config.name}", expires="${expiresAt}"`;
+      res.writeHead(402, {
+        "Content-Type": "application/problem+json",
+        [MPP_WWW_AUTH_HEADER]: wwwAuth
+      });
+      res.end(JSON.stringify({
+        type: "https://paymentauth.org/problems/payment-required",
+        title: "Payment Required",
+        status: 402,
+        detail: `Payment is required (${config.name}).`,
+        service: serviceId || "proxy",
+        price: amountNum,
+        currency: "USDC"
+      }, null, 2));
+      return;
+    }
+    const credentialMatch = authHeader.match(/Payment\s+(.+)/i);
+    if (!credentialMatch) {
+      return this.sendJson(res, 400, { error: "Invalid Authorization header format" });
     }
-    const scheme = payment.accepted?.scheme || payment.scheme;
-    const network = payment.accepted?.network || payment.network;
-    if (scheme !== "exact") {
-      return this.sendJson(res, 402, { error: `Unsupported scheme: ${scheme}` });
+    let mppCredential;
+    try {
+      const base64 = credentialMatch[1].replace(/-/g, "+").replace(/_/g, "/");
+      const decoded = Buffer.from(base64, "base64").toString("utf-8");
+      mppCredential = JSON.parse(decoded);
+    } catch (err) {
+      console.error("[MoltsPay] /proxy MPP: Failed to parse credential:", err);
+      return this.sendJson(res, 400, { error: "Invalid payment credential encoding" });
     }
-    const expectedNetwork = chain ? CHAIN_TO_NETWORK[chain] || this.networkId : this.networkId;
-    if (network !== expectedNetwork) {
-      return this.sendJson(res, 402, { error: `Network mismatch: expected ${expectedNetwork}, got ${network}` });
+    let txHash;
+    if (mppCredential.payload?.type === "hash" && mppCredential.payload?.hash) {
+      txHash = mppCredential.payload.hash;
+    } else {
+      return this.sendJson(res, 400, { error: "Missing transaction hash in credential" });
     }
-    console.log(`[MoltsPay] /proxy: Verifying payment for ${wallet}...`);
-    const verifyResult = await this.registry.verify(payment, requirements);
-    if (!verifyResult.valid) {
+    console.log(`[MoltsPay] /proxy MPP: Verifying tx ${txHash} on Tempo...`);
+    const requirements = this.buildPaymentRequirements(config, "eip155:42431", wallet, "USDC");
+    const paymentPayload = {
+      x402Version: X402_VERSION2,
+      scheme: "exact",
+      network: "eip155:42431",
+      payload: { txHash, chainId: 42431 }
+    };
+    const verification = await this.registry.verify(paymentPayload, requirements);
+    if (!verification.valid) {
       return this.sendJson(res, 402, {
-        success: false,
-        error: `Payment verification failed: ${verifyResult.error}`,
-        facilitator: verifyResult.facilitator
+        error: `Payment verification failed: ${verification.error}`
       });
     }
-    console.log(`[MoltsPay] /proxy: Verified by ${verifyResult.facilitator}`);
+    console.log(`[MoltsPay] /proxy MPP: Payment verified by ${verification.facilitator}`);
     const { execute, service, params } = body;
     if (execute && service) {
-      console.log(`[MoltsPay] /proxy: Executing skill first (pay on success): ${service}`);
+      console.log(`[MoltsPay] /proxy MPP: Executing skill: ${service}`);
       const skill = this.skills.get(service);
       if (!skill) {
-        console.log(`[MoltsPay] /proxy: Service not found: ${service} - NOT settling`);
         return this.sendJson(res, 404, {
           success: false,
-          paymentSettled: false,
+          paymentSettled: true,
+          // Payment already happened on Tempo
           error: `Service not found: ${service}`
         });
       }
@@ -1634,73 +2560,36 @@ var MoltsPayServer = class {
             (_, reject) => setTimeout(() => reject(new Error(`Skill timeout after ${timeoutSeconds}s`)), timeoutSeconds * 1e3)
           )
         ]);
-        console.log(`[MoltsPay] /proxy: Skill succeeded, now settling payment...`);
       } catch (err) {
-        console.error(`[MoltsPay] /proxy: Skill failed: ${err.message} - NOT settling`);
+        console.error(`[MoltsPay] /proxy MPP: Skill failed: ${err.message}`);
         return this.sendJson(res, 500, {
           success: false,
-          paymentSettled: false,
+          paymentSettled: true,
           error: `Service execution failed: ${err.message}`
         });
       }
-      let settlement2 = null;
-      try {
-        settlement2 = await this.registry.settle(payment, requirements);
-        console.log(`[MoltsPay] /proxy: Payment settled by ${settlement2.facilitator}: ${settlement2.transaction || "pending"}`);
-      } catch (err) {
-        console.error("[MoltsPay] /proxy: Settlement failed:", err.message);
-        return this.sendJson(res, 200, {
-          success: true,
-          verified: true,
-          settled: false,
-          settlementError: err.message,
-          from: payment.payload?.authorization?.from,
-          // Buyer's wallet address
-          paidTo: wallet,
-          amount: amountNum,
-          currency: currency || "USDC",
-          memo,
-          result
-        });
-      }
       return this.sendJson(res, 200, {
         success: true,
         verified: true,
-        settled: settlement2?.success || false,
-        txHash: settlement2?.transaction,
-        from: payment.payload?.authorization?.from,
-        // Buyer's wallet address
+        txHash,
+        chain: "tempo_moderato",
         paidTo: wallet,
         amount: amountNum,
-        currency: currency || "USDC",
-        facilitator: settlement2?.facilitator,
+        currency: "USDC",
+        facilitator: verification.facilitator,
         memo,
         result
       });
     }
-    console.log(`[MoltsPay] /proxy: Settling payment (no execution)...`);
-    let settlement = null;
-    try {
-      settlement = await this.registry.settle(payment, requirements);
-      console.log(`[MoltsPay] /proxy: Payment settled by ${settlement.facilitator}: ${settlement.transaction || "pending"}`);
-    } catch (err) {
-      console.error("[MoltsPay] /proxy: Settlement failed:", err.message);
-      return this.sendJson(res, 500, {
-        success: false,
-        error: `Settlement failed: ${err.message}`
-      });
-    }
     this.sendJson(res, 200, {
       success: true,
       verified: true,
-      settled: settlement?.success || false,
-      txHash: settlement?.transaction,
-      from: payment.payload?.authorization?.from,
-      // Buyer's wallet address
+      txHash,
+      chain: "tempo_moderato",
       paidTo: wallet,
       amount: amountNum,
-      currency: currency || "USDC",
-      facilitator: settlement?.facilitator,
+      currency: "USDC",
+      facilitator: verification.facilitator,
       memo
     });
   }
@@ -1715,7 +2604,7 @@ var MoltsPayServer = class {
     const tokenAddresses = TOKEN_ADDRESSES[networkId] || TOKEN_ADDRESSES[this.networkId] || {};
     const tokenAddress = tokenAddresses[selectedToken];
     const tokenDomain = getTokenDomain(networkId, selectedToken);
-    return {
+    const requirements = {
       scheme: "exact",
       network: networkId,
       asset: tokenAddress,
@@ -1725,6 +2614,17 @@ var MoltsPayServer = class {
       maxTimeoutSeconds: 300,
       extra: tokenDomain
     };
+    if (networkId === "eip155:56" || networkId === "eip155:97") {
+      const bnbFacilitator = this.registry.get("bnb");
+      const spenderAddress = bnbFacilitator?.getSpenderAddress?.();
+      if (spenderAddress) {
+        requirements.extra = {
+          ...requirements.extra || {},
+          bnbSpender: spenderAddress
+        };
+      }
+    }
+    return requirements;
   }
   /**
    * Return 402 with x402 payment requirements for proxy endpoint
@@ -1755,10 +2655,40 @@ var MoltsPayServer = class {
 };
 
 // src/client/index.ts
+var import_fs4 = require("fs");
+var import_os2 = require("os");
+var import_path2 = require("path");
+var import_ethers = require("ethers");
+
+// src/wallet/solana.ts
+var import_web34 = require("@solana/web3.js");
+var import_spl_token2 = require("@solana/spl-token");
 var import_fs3 = require("fs");
-var import_os = require("os");
 var import_path = require("path");
-var import_ethers = require("ethers");
+var import_os = require("os");
+var import_bs582 = __toESM(require("bs58"));
+var DEFAULT_CONFIG_DIR = (0, import_path.join)((0, import_os.homedir)(), ".moltspay");
+var SOLANA_WALLET_FILE = "wallet-solana.json";
+function getSolanaWalletPath(configDir = DEFAULT_CONFIG_DIR) {
+  return (0, import_path.join)(configDir, SOLANA_WALLET_FILE);
+}
+function loadSolanaWallet(configDir = DEFAULT_CONFIG_DIR) {
+  const walletPath = getSolanaWalletPath(configDir);
+  if (!(0, import_fs3.existsSync)(walletPath)) {
+    return null;
+  }
+  try {
+    const data = JSON.parse((0, import_fs3.readFileSync)(walletPath, "utf-8"));
+    const secretKey = import_bs582.default.decode(data.secretKey);
+    return import_web34.Keypair.fromSecretKey(secretKey);
+  } catch (error) {
+    console.error("Failed to load Solana wallet:", error);
+    return null;
+  }
+}
+
+// src/client/index.ts
+var import_web35 = require("@solana/web3.js");
 var X402_VERSION3 = 2;
 var PAYMENT_REQUIRED_HEADER2 = "x-payment-required";
 var PAYMENT_HEADER2 = "x-payment";
@@ -1777,7 +2707,7 @@ var MoltsPayClient = class {
   todaySpending = 0;
   lastSpendingReset = 0;
   constructor(options = {}) {
-    this.configDir = options.configDir || (0, import_path.join)((0, import_os.homedir)(), ".moltspay");
+    this.configDir = options.configDir || (0, import_path2.join)((0, import_os2.homedir)(), ".moltspay");
     this.config = this.loadConfig();
     this.walletData = this.loadWallet();
     this.loadSpending();
@@ -1797,6 +2727,12 @@ var MoltsPayClient = class {
   get address() {
     return this.wallet?.address || null;
   }
+  /**
+   * Get wallet instance (for direct operations like approvals)
+   */
+  getWallet() {
+    return this.wallet;
+  }
   /**
    * Get current config
    */
@@ -1850,11 +2786,26 @@ var MoltsPayClient = class {
       throw new Error("Client not initialized. Run: npx moltspay init");
     }
     console.log(`[MoltsPay] Requesting service: ${service}`);
-    const requestBody = { service, params };
+    let executeUrl = `${serverUrl}/execute`;
+    try {
+      const services = await this.getServices(serverUrl);
+      const svc = services.services?.find((s) => s.id === service);
+      if (svc?.endpoint) {
+        executeUrl = `${serverUrl}${svc.endpoint}`;
+        console.log(`[MoltsPay] Using service endpoint: ${svc.endpoint}`);
+      }
+    } catch {
+    }
+    let requestBody;
+    if (options.rawData) {
+      requestBody = { service, ...params };
+    } else {
+      requestBody = { service, params };
+    }
     if (options.chain) {
       requestBody.chain = options.chain;
     }
-    const initialRes = await fetch(`${serverUrl}/execute`, {
+    const initialRes = await fetch(executeUrl, {
       method: "POST",
       headers: { "Content-Type": "application/json" },
       body: JSON.stringify(requestBody)
@@ -1866,9 +2817,14 @@ var MoltsPayClient = class {
       }
       throw new Error(data.error || "Unexpected response");
     }
+    const wwwAuthHeader = initialRes.headers.get("www-authenticate");
     const paymentRequiredHeader = initialRes.headers.get(PAYMENT_REQUIRED_HEADER2);
+    if (wwwAuthHeader && wwwAuthHeader.toLowerCase().includes("payment")) {
+      console.log("[MoltsPay] Detected MPP protocol, using Tempo flow...");
+      return await this.handleMPPPayment(executeUrl, service, params, wwwAuthHeader, options);
+    }
     if (!paymentRequiredHeader) {
-      throw new Error("Missing x-payment-required header");
+      throw new Error("Missing payment header (x-payment-required or www-authenticate)");
     }
     let requirements;
     try {
@@ -1885,17 +2841,22 @@ var MoltsPayClient = class {
       throw new Error("Invalid x-payment-required header");
     }
     const networkToChainName = (network2) => {
+      if (network2 === "solana:mainnet") return "solana";
+      if (network2 === "solana:devnet") return "solana_devnet";
       const match = network2.match(/^eip155:(\d+)$/);
       if (!match) return null;
       const chainId = parseInt(match[1]);
       if (chainId === 8453) return "base";
       if (chainId === 137) return "polygon";
       if (chainId === 84532) return "base_sepolia";
+      if (chainId === 42431) return "tempo_moderato";
+      if (chainId === 56) return "bnb";
+      if (chainId === 97) return "bnb_testnet";
       return null;
     };
     const serverChains = requirements.map((r) => networkToChainName(r.network)).filter((c) => c !== null);
-    let chainName;
     const userSpecifiedChain = options.chain;
+    let selectedChain;
     if (userSpecifiedChain) {
       if (!serverChains.includes(userSpecifiedChain)) {
         throw new Error(
@@ -1903,17 +2864,27 @@ var MoltsPayClient = class {
 Server accepts: ${serverChains.join(", ")}`
         );
       }
-      chainName = userSpecifiedChain;
+      selectedChain = userSpecifiedChain;
     } else {
       if (serverChains.length === 1 && serverChains[0] === "base") {
-        chainName = "base";
+        selectedChain = "base";
       } else {
         throw new Error(
           `Server accepts: ${serverChains.join(", ")}
-Please specify: --chain base, --chain polygon, or --chain base_sepolia`
+Please specify: --chain <chain_name>`
         );
       }
     }
+    if (selectedChain === "solana" || selectedChain === "solana_devnet") {
+      const solanaChain = selectedChain;
+      const network2 = solanaChain === "solana" ? "solana:mainnet" : "solana:devnet";
+      const req2 = requirements.find((r) => r.network === network2);
+      if (!req2) {
+        throw new Error(`Failed to find payment requirement for ${selectedChain}`);
+      }
+      return await this.handleSolanaPayment(executeUrl, service, params, req2, solanaChain, options);
+    }
+    const chainName = selectedChain;
     const chain = getChain(chainName);
     const network = `eip155:${chain.chainId}`;
     const req = requirements.find((r) => r.scheme === "exact" && r.network === network);
@@ -1948,6 +2919,25 @@ Please specify: --chain base, --chain polygon, or --chain base_sepolia`
     } else {
       console.log(`[MoltsPay] Signing payment: $${amount} ${token} (gasless)`);
     }
+    if (chainName === "bnb" || chainName === "bnb_testnet") {
+      console.log(`[MoltsPay] Using BNB intent-based payment flow...`);
+      const payTo2 = req.payTo || req.resource;
+      if (!payTo2) {
+        throw new Error("Missing payTo address in payment requirements");
+      }
+      const bnbSpender = req.extra?.bnbSpender;
+      if (!bnbSpender) {
+        throw new Error("Server did not provide bnbSpender address. Server may not support BNB payments.");
+      }
+      return await this.handleBNBPayment(executeUrl, service, params, {
+        to: payTo2,
+        amount,
+        token,
+        chainName,
+        chain,
+        spender: bnbSpender
+      }, options);
+    }
     const payTo = req.payTo || req.resource;
     if (!payTo) {
       throw new Error("Missing payTo address in payment requirements");
@@ -1977,11 +2967,11 @@ Please specify: --chain base, --chain polygon, or --chain base_sepolia`
     };
     const paymentHeader = Buffer.from(JSON.stringify(payload)).toString("base64");
     console.log(`[MoltsPay] Sending request with payment...`);
-    const paidRequestBody = { service, params };
+    const paidRequestBody = options.rawData ? { service, ...params } : { service, params };
     if (options.chain) {
       paidRequestBody.chain = options.chain;
     }
-    const paidRes = await fetch(`${serverUrl}/execute`, {
+    const paidRes = await fetch(executeUrl, {
       method: "POST",
       headers: {
         "Content-Type": "application/json",
@@ -1995,7 +2985,304 @@ Please specify: --chain base, --chain polygon, or --chain base_sepolia`
     }
     this.recordSpending(amount);
     console.log(`[MoltsPay] Success! Payment: ${result.payment?.status || "claimed"}`);
-    return result.result;
+    return result.result || result;
+  }
+  /**
+   * Handle MPP (Machine Payments Protocol) payment flow
+   * Called when pay() detects WWW-Authenticate header in 402 response
+   */
+  async handleMPPPayment(executeUrl, service, params, wwwAuthHeader, options = {}) {
+    const { privateKeyToAccount: privateKeyToAccount2 } = await import("viem/accounts");
+    const { createWalletClient, createPublicClient, http } = await import("viem");
+    const { tempoModerato } = await import("viem/chains");
+    const { Actions } = await import("viem/tempo");
+    const privateKey = this.walletData.privateKey;
+    const account = privateKeyToAccount2(privateKey);
+    console.log(`[MoltsPay] Using MPP protocol on Tempo`);
+    console.log(`[MoltsPay] Account: ${account.address}`);
+    const parseAuthParam = (header, key) => {
+      const match = header.match(new RegExp(`${key}="([^"]+)"`, "i"));
+      return match ? match[1] : null;
+    };
+    const challengeId = parseAuthParam(wwwAuthHeader, "id");
+    const method = parseAuthParam(wwwAuthHeader, "method");
+    const realm = parseAuthParam(wwwAuthHeader, "realm");
+    const requestB64 = parseAuthParam(wwwAuthHeader, "request");
+    if (method !== "tempo") {
+      throw new Error(`Unsupported payment method: ${method}`);
+    }
+    if (!requestB64) {
+      throw new Error("Missing request in WWW-Authenticate");
+    }
+    const requestJson = Buffer.from(requestB64, "base64").toString("utf-8");
+    const paymentRequest = JSON.parse(requestJson);
+    const { amount, currency, recipient, methodDetails } = paymentRequest;
+    const chainId = methodDetails?.chainId || 42431;
+    const amountDisplay = Number(amount) / 1e6;
+    console.log(`[MoltsPay] Payment: $${amountDisplay} to ${recipient}`);
+    this.checkLimits(amountDisplay);
+    console.log(`[MoltsPay] Sending transaction on Tempo...`);
+    const tempoChain = { ...tempoModerato, feeToken: currency };
+    const publicClient = createPublicClient({
+      chain: tempoChain,
+      transport: http("https://rpc.moderato.tempo.xyz")
+    });
+    const walletClient = createWalletClient({
+      account,
+      chain: tempoChain,
+      transport: http("https://rpc.moderato.tempo.xyz")
+    });
+    const txHash = await Actions.token.transfer(walletClient, {
+      to: recipient,
+      amount: BigInt(amount),
+      token: currency
+    });
+    console.log(`[MoltsPay] Transaction: ${txHash}`);
+    await publicClient.waitForTransactionReceipt({ hash: txHash });
+    console.log(`[MoltsPay] Confirmed! Retrying with credential...`);
+    const credential = {
+      challenge: {
+        id: challengeId,
+        realm,
+        method: "tempo",
+        intent: "charge",
+        request: paymentRequest
+      },
+      payload: { hash: txHash, type: "hash" },
+      source: `did:pkh:eip155:${chainId}:${account.address}`
+    };
+    const credentialB64 = Buffer.from(JSON.stringify(credential)).toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+    const retryBody = options.rawData ? { service, ...params, chain: "tempo_moderato" } : { service, params, chain: "tempo_moderato" };
+    const paidRes = await fetch(executeUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        "Authorization": `Payment ${credentialB64}`
+      },
+      body: JSON.stringify(retryBody)
+    });
+    const result = await paidRes.json();
+    if (!paidRes.ok) {
+      throw new Error(result.error || "Payment verification failed");
+    }
+    this.recordSpending(amountDisplay);
+    console.log(`[MoltsPay] Success!`);
+    return result.result || result;
+  }
+  /**
+   * Handle BNB Chain payment flow (pre-approval + intent signature)
+   * 
+   * Flow:
+   * 1. Check client has approved server wallet (done via `moltspay init`)
+   * 2. Sign EIP-712 payment intent (no gas, just signature)
+   * 3. Send intent to server
+   * 4. Server executes service
+   * 5. Server calls transferFrom if successful (pay-for-success)
+   */
+  async handleBNBPayment(executeUrl, service, params, paymentDetails, options = {}) {
+    const { to, amount, token, chainName, chain, spender } = paymentDetails;
+    const tokenConfig = chain.tokens[token];
+    const provider = new import_ethers.ethers.JsonRpcProvider(chain.rpc);
+    const allowance = await this.checkAllowance(tokenConfig.address, spender, provider);
+    const amountWeiCheck = BigInt(Math.floor(amount * 10 ** tokenConfig.decimals));
+    if (allowance < amountWeiCheck) {
+      const nativeBalance = await provider.getBalance(this.wallet.address);
+      const minGasBalance = import_ethers.ethers.parseEther("0.0005");
+      if (nativeBalance < minGasBalance) {
+        const nativeBNB = parseFloat(import_ethers.ethers.formatEther(nativeBalance)).toFixed(4);
+        const isTestnet = chainName === "bnb_testnet";
+        if (isTestnet) {
+          throw new Error(
+            `\u274C Insufficient tBNB for approval transaction
+
+   Current tBNB: ${nativeBNB}
+   Required:     ~0.001 tBNB
+
+   Get testnet tokens: npx moltspay faucet --chain bnb_testnet
+   (Gives USDC + tBNB for gas)`
+          );
+        } else {
+          throw new Error(
+            `\u274C Insufficient BNB for approval transaction
+
+   Current BNB: ${nativeBNB}
+   Required:    ~0.001 BNB (~$0.60)
+
+   To get BNB:
+   \u2022 Withdraw from Binance/exchange to your wallet
+   \u2022 Most exchanges include BNB dust with withdrawals
+
+   After funding, run:
+   npx moltspay approve --chain ${chainName} --spender ${spender}`
+          );
+        }
+      }
+      throw new Error(
+        `Insufficient allowance for ${spender.slice(0, 10)}...
+Run: npx moltspay approve --chain ${chainName} --spender ${spender}`
+      );
+    }
+    const amountWei = BigInt(Math.floor(amount * 10 ** tokenConfig.decimals)).toString();
+    const intent = {
+      from: this.wallet.address,
+      to,
+      amount: amountWei,
+      token: tokenConfig.address,
+      service,
+      nonce: Date.now(),
+      // Use timestamp as nonce for simplicity
+      deadline: Date.now() + 36e5
+      // 1 hour
+    };
+    const domain = {
+      name: "MoltsPay",
+      version: "1",
+      chainId: chain.chainId
+    };
+    const types = {
+      PaymentIntent: [
+        { name: "from", type: "address" },
+        { name: "to", type: "address" },
+        { name: "amount", type: "uint256" },
+        { name: "token", type: "address" },
+        { name: "service", type: "string" },
+        { name: "nonce", type: "uint256" },
+        { name: "deadline", type: "uint256" }
+      ]
+    };
+    console.log(`[MoltsPay] Signing BNB payment intent...`);
+    const signature = await this.wallet.signTypedData(domain, types, intent);
+    const network = `eip155:${chain.chainId}`;
+    const payload = {
+      x402Version: 2,
+      scheme: "exact",
+      network,
+      payload: {
+        intent: {
+          ...intent,
+          signature
+        },
+        chainId: chain.chainId
+      },
+      accepted: {
+        scheme: "exact",
+        network,
+        asset: tokenConfig.address,
+        amount: amountWei,
+        payTo: to,
+        maxTimeoutSeconds: 300
+      }
+    };
+    const paymentHeader = Buffer.from(JSON.stringify(payload)).toString("base64");
+    console.log(`[MoltsPay] Sending BNB payment request...`);
+    const bnbRequestBody = options.rawData ? { service, ...params, chain: chainName } : { service, params, chain: chainName };
+    const paidRes = await fetch(executeUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        "X-Payment": paymentHeader
+      },
+      body: JSON.stringify(bnbRequestBody)
+    });
+    const result = await paidRes.json();
+    if (!paidRes.ok) {
+      throw new Error(result.error || "BNB payment failed");
+    }
+    this.recordSpending(amount);
+    console.log(`[MoltsPay] Success! BNB payment settled.`);
+    return result.result || result;
+  }
+  /**
+   * Handle Solana payment flow
+   * 
+   * Solana uses SPL token transfers with pay-for-success model:
+   * 1. Client creates and signs a transfer transaction
+   * 2. Server submits the transaction after service completes
+   */
+  async handleSolanaPayment(executeUrl, service, params, requirements, chain, options = {}) {
+    const solanaWallet = loadSolanaWallet(this.configDir);
+    if (!solanaWallet) {
+      throw new Error("No Solana wallet found. Run: npx moltspay init --chain solana_devnet");
+    }
+    const amount = Number(requirements.amount);
+    const amountUSDC = amount / 1e6;
+    this.checkLimits(amountUSDC);
+    console.log(`[MoltsPay] Creating Solana payment: $${amountUSDC} USDC`);
+    if (!requirements.payTo) {
+      throw new Error("Missing payTo address in payment requirements");
+    }
+    const solanaFeePayer = requirements.extra?.solanaFeePayer;
+    const feePayerPubkey = solanaFeePayer ? new import_web35.PublicKey(solanaFeePayer) : void 0;
+    if (feePayerPubkey) {
+      console.log(`[MoltsPay] Gasless mode: server pays fees`);
+    }
+    const recipientPubkey = new import_web35.PublicKey(requirements.payTo);
+    const transaction = await createSolanaPaymentTransaction(
+      solanaWallet.publicKey,
+      recipientPubkey,
+      BigInt(amount),
+      chain,
+      feePayerPubkey
+      // Optional fee payer for gasless mode
+    );
+    if (feePayerPubkey) {
+      transaction.partialSign(solanaWallet);
+    } else {
+      transaction.sign(solanaWallet);
+    }
+    const signedTx = transaction.serialize({ requireAllSignatures: false }).toString("base64");
+    console.log(`[MoltsPay] Transaction signed, sending to server...`);
+    const network = chain === "solana" ? "solana:mainnet" : "solana:devnet";
+    const payload = {
+      x402Version: 2,
+      scheme: "exact",
+      network,
+      payload: {
+        signedTransaction: signedTx,
+        sender: solanaWallet.publicKey.toBase58(),
+        chain
+      },
+      accepted: {
+        scheme: "exact",
+        network,
+        asset: requirements.asset,
+        amount: requirements.amount,
+        payTo: requirements.payTo,
+        maxTimeoutSeconds: 300
+      }
+    };
+    const paymentHeader = Buffer.from(JSON.stringify(payload)).toString("base64");
+    const solanaRequestBody = options.rawData ? { service, ...params, chain } : { service, params, chain };
+    const paidRes = await fetch(executeUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        "X-Payment": paymentHeader
+      },
+      body: JSON.stringify(solanaRequestBody)
+    });
+    const result = await paidRes.json();
+    if (!paidRes.ok) {
+      throw new Error(result.error || "Solana payment failed");
+    }
+    this.recordSpending(amountUSDC);
+    console.log(`[MoltsPay] Success! Solana payment settled.`);
+    if (result.payment?.transaction) {
+      const explorerUrl = chain === "solana" ? `https://solscan.io/tx/${result.payment.transaction}` : `https://solscan.io/tx/${result.payment.transaction}?cluster=devnet`;
+      console.log(`[MoltsPay] Transaction: ${explorerUrl}`);
+    }
+    return result.result || result;
+  }
+  /**
+   * Check ERC20 allowance for a spender
+   */
+  async checkAllowance(tokenAddress, spender, provider) {
+    const contract = new import_ethers.ethers.Contract(
+      tokenAddress,
+      ["function allowance(address owner, address spender) view returns (uint256)"],
+      provider
+    );
+    return await contract.allowance(this.wallet.address, spender);
   }
   /**
    * Sign EIP-3009 transferWithAuthorization (GASLESS)
@@ -2067,26 +3354,26 @@ Please specify: --chain base, --chain polygon, or --chain base_sepolia`
   }
   // --- Config & Wallet Management ---
   loadConfig() {
-    const configPath = (0, import_path.join)(this.configDir, "config.json");
-    if ((0, import_fs3.existsSync)(configPath)) {
-      const content = (0, import_fs3.readFileSync)(configPath, "utf-8");
+    const configPath = (0, import_path2.join)(this.configDir, "config.json");
+    if ((0, import_fs4.existsSync)(configPath)) {
+      const content = (0, import_fs4.readFileSync)(configPath, "utf-8");
       return { ...DEFAULT_CONFIG, ...JSON.parse(content) };
     }
     return { ...DEFAULT_CONFIG };
   }
   saveConfig() {
-    (0, import_fs3.mkdirSync)(this.configDir, { recursive: true });
-    const configPath = (0, import_path.join)(this.configDir, "config.json");
-    (0, import_fs3.writeFileSync)(configPath, JSON.stringify(this.config, null, 2));
+    (0, import_fs4.mkdirSync)(this.configDir, { recursive: true });
+    const configPath = (0, import_path2.join)(this.configDir, "config.json");
+    (0, import_fs4.writeFileSync)(configPath, JSON.stringify(this.config, null, 2));
   }
   /**
    * Load spending data from disk
    */
   loadSpending() {
-    const spendingPath = (0, import_path.join)(this.configDir, "spending.json");
-    if ((0, import_fs3.existsSync)(spendingPath)) {
+    const spendingPath = (0, import_path2.join)(this.configDir, "spending.json");
+    if ((0, import_fs4.existsSync)(spendingPath)) {
       try {
-        const data = JSON.parse((0, import_fs3.readFileSync)(spendingPath, "utf-8"));
+        const data = JSON.parse((0, import_fs4.readFileSync)(spendingPath, "utf-8"));
         const today = (/* @__PURE__ */ new Date()).setHours(0, 0, 0, 0);
         if (data.date && data.date === today) {
           this.todaySpending = data.amount || 0;
@@ -2105,29 +3392,29 @@ Please specify: --chain base, --chain polygon, or --chain base_sepolia`
    * Save spending data to disk
    */
   saveSpending() {
-    (0, import_fs3.mkdirSync)(this.configDir, { recursive: true });
-    const spendingPath = (0, import_path.join)(this.configDir, "spending.json");
+    (0, import_fs4.mkdirSync)(this.configDir, { recursive: true });
+    const spendingPath = (0, import_path2.join)(this.configDir, "spending.json");
     const data = {
       date: this.lastSpendingReset || (/* @__PURE__ */ new Date()).setHours(0, 0, 0, 0),
       amount: this.todaySpending,
       updatedAt: Date.now()
     };
-    (0, import_fs3.writeFileSync)(spendingPath, JSON.stringify(data, null, 2));
+    (0, import_fs4.writeFileSync)(spendingPath, JSON.stringify(data, null, 2));
   }
   loadWallet() {
-    const walletPath = (0, import_path.join)(this.configDir, "wallet.json");
-    if ((0, import_fs3.existsSync)(walletPath)) {
+    const walletPath = (0, import_path2.join)(this.configDir, "wallet.json");
+    if ((0, import_fs4.existsSync)(walletPath)) {
       try {
-        const stats = (0, import_fs3.statSync)(walletPath);
+        const stats = (0, import_fs4.statSync)(walletPath);
         const mode = stats.mode & 511;
         if (mode !== 384) {
           console.warn(`[MoltsPay] WARNING: wallet.json has insecure permissions (${mode.toString(8)})`);
           console.warn(`[MoltsPay] Fixing permissions to 0600...`);
-          (0, import_fs3.chmodSync)(walletPath, 384);
+          (0, import_fs4.chmodSync)(walletPath, 384);
         }
       } catch (err) {
       }
-      const content = (0, import_fs3.readFileSync)(walletPath, "utf-8");
+      const content = (0, import_fs4.readFileSync)(walletPath, "utf-8");
       return JSON.parse(content);
     }
     return null;
@@ -2136,15 +3423,15 @@ Please specify: --chain base, --chain polygon, or --chain base_sepolia`
    * Initialize a new wallet (called by CLI)
    */
   static init(configDir, options) {
-    (0, import_fs3.mkdirSync)(configDir, { recursive: true });
+    (0, import_fs4.mkdirSync)(configDir, { recursive: true });
     const wallet = import_ethers.Wallet.createRandom();
     const walletData = {
       address: wallet.address,
       privateKey: wallet.privateKey,
       createdAt: Date.now()
     };
-    const walletPath = (0, import_path.join)(configDir, "wallet.json");
-    (0, import_fs3.writeFileSync)(walletPath, JSON.stringify(walletData, null, 2), { mode: 384 });
+    const walletPath = (0, import_path2.join)(configDir, "wallet.json");
+    (0, import_fs4.writeFileSync)(walletPath, JSON.stringify(walletData, null, 2), { mode: 384 });
     const config = {
       chain: options.chain,
       limits: {
@@ -2152,8 +3439,8 @@ Please specify: --chain base, --chain polygon, or --chain base_sepolia`
         maxPerDay: options.maxPerDay
       }
     };
-    const configPath = (0, import_path.join)(configDir, "config.json");
-    (0, import_fs3.writeFileSync)(configPath, JSON.stringify(config, null, 2));
+    const configPath = (0, import_path2.join)(configDir, "config.json");
+    (0, import_fs4.writeFileSync)(configPath, JSON.stringify(config, null, 2));
     return { address: wallet.address, configDir };
   }
   /**
@@ -2189,7 +3476,7 @@ Please specify: --chain base, --chain polygon, or --chain base_sepolia`
     if (!this.wallet) {
       throw new Error("Client not initialized");
     }
-    const supportedChains = ["base", "polygon", "base_sepolia", "tempo_moderato"];
+    const supportedChains = ["base", "polygon", "base_sepolia", "tempo_moderato", "bnb", "bnb_testnet"];
     const tokenAbi = ["function balanceOf(address) view returns (uint256)"];
     const results = {};
     const tempoTokens = {
@@ -2260,12 +3547,12 @@ Please specify: --chain base, --chain polygon, or --chain base_sepolia`
     if (!this.wallet || !this.walletData) {
       throw new Error("Client not initialized. Run: npx moltspay init");
     }
-    const { privateKeyToAccount } = await import("viem/accounts");
+    const { privateKeyToAccount: privateKeyToAccount2 } = await import("viem/accounts");
     const { createWalletClient, createPublicClient, http } = await import("viem");
     const { tempoModerato } = await import("viem/chains");
     const { Actions } = await import("viem/tempo");
     const privateKey = this.walletData.privateKey;
-    const account = privateKeyToAccount(privateKey);
+    const account = privateKeyToAccount2(privateKey);
     console.log(`[MoltsPay] Making MPP request to: ${url}`);
     console.log(`[MoltsPay] Using account: ${account.address}`);
     const initResponse = await fetch(url, {
@@ -2365,10 +3652,10 @@ var import_ethers2 = require("ethers");
 
 // src/wallet/createWallet.ts
 var import_ethers3 = require("ethers");
-var import_fs4 = require("fs");
-var import_path2 = require("path");
+var import_fs5 = require("fs");
+var import_path3 = require("path");
 var import_crypto = require("crypto");
-var DEFAULT_STORAGE_DIR = (0, import_path2.join)(process.env.HOME || "~", ".moltspay");
+var DEFAULT_STORAGE_DIR = (0, import_path3.join)(process.env.HOME || "~", ".moltspay");
 var DEFAULT_STORAGE_FILE = "wallet.json";
 function encryptPrivateKey(privateKey, password) {
   const salt = (0, import_crypto.randomBytes)(16);
@@ -2391,10 +3678,10 @@ function decryptPrivateKey(encrypted, password, iv, salt) {
   return decrypted;
 }
 function createWallet(options = {}) {
-  const storagePath = options.storagePath || (0, import_path2.join)(DEFAULT_STORAGE_DIR, DEFAULT_STORAGE_FILE);
-  if ((0, import_fs4.existsSync)(storagePath) && !options.overwrite) {
+  const storagePath = options.storagePath || (0, import_path3.join)(DEFAULT_STORAGE_DIR, DEFAULT_STORAGE_FILE);
+  if ((0, import_fs5.existsSync)(storagePath) && !options.overwrite) {
     try {
-      const existing = JSON.parse((0, import_fs4.readFileSync)(storagePath, "utf8"));
+      const existing = JSON.parse((0, import_fs5.readFileSync)(storagePath, "utf8"));
       return {
         success: true,
         address: existing.address,
@@ -2425,11 +3712,11 @@ function createWallet(options = {}) {
     } else {
       walletData.privateKey = wallet.privateKey;
     }
-    const dir = (0, import_path2.dirname)(storagePath);
-    if (!(0, import_fs4.existsSync)(dir)) {
-      (0, import_fs4.mkdirSync)(dir, { recursive: true });
+    const dir = (0, import_path3.dirname)(storagePath);
+    if (!(0, import_fs5.existsSync)(dir)) {
+      (0, import_fs5.mkdirSync)(dir, { recursive: true });
     }
-    (0, import_fs4.writeFileSync)(storagePath, JSON.stringify(walletData, null, 2), { mode: 384 });
+    (0, import_fs5.writeFileSync)(storagePath, JSON.stringify(walletData, null, 2), { mode: 384 });
     return {
       success: true,
       address: wallet.address,
@@ -2444,12 +3731,12 @@ function createWallet(options = {}) {
   }
 }
 function loadWallet(options = {}) {
-  const storagePath = options.storagePath || (0, import_path2.join)(DEFAULT_STORAGE_DIR, DEFAULT_STORAGE_FILE);
-  if (!(0, import_fs4.existsSync)(storagePath)) {
+  const storagePath = options.storagePath || (0, import_path3.join)(DEFAULT_STORAGE_DIR, DEFAULT_STORAGE_FILE);
+  if (!(0, import_fs5.existsSync)(storagePath)) {
     return { success: false, error: "Wallet not found. Run createWallet() first." };
   }
   try {
-    const data = JSON.parse((0, import_fs4.readFileSync)(storagePath, "utf8"));
+    const data = JSON.parse((0, import_fs5.readFileSync)(storagePath, "utf8"));
     if (data.encrypted) {
       if (!options.password) {
         return { success: false, error: "Wallet is encrypted. Password required." };
@@ -2464,25 +3751,25 @@ function loadWallet(options = {}) {
   }
 }
 function getWalletAddress(storagePath) {
-  const path4 = storagePath || (0, import_path2.join)(DEFAULT_STORAGE_DIR, DEFAULT_STORAGE_FILE);
-  if (!(0, import_fs4.existsSync)(path4)) {
+  const path4 = storagePath || (0, import_path3.join)(DEFAULT_STORAGE_DIR, DEFAULT_STORAGE_FILE);
+  if (!(0, import_fs5.existsSync)(path4)) {
     return null;
   }
   try {
-    const data = JSON.parse((0, import_fs4.readFileSync)(path4, "utf8"));
+    const data = JSON.parse((0, import_fs5.readFileSync)(path4, "utf8"));
     return data.address;
   } catch {
     return null;
   }
 }
 function walletExists(storagePath) {
-  const path4 = storagePath || (0, import_path2.join)(DEFAULT_STORAGE_DIR, DEFAULT_STORAGE_FILE);
-  return (0, import_fs4.existsSync)(path4);
+  const path4 = storagePath || (0, import_path3.join)(DEFAULT_STORAGE_DIR, DEFAULT_STORAGE_FILE);
+  return (0, import_fs5.existsSync)(path4);
 }
 
 // src/verify/index.ts
 var import_ethers4 = require("ethers");
-var TRANSFER_EVENT_TOPIC2 = import_ethers4.ethers.id("Transfer(address,address,uint256)");
+var TRANSFER_EVENT_TOPIC3 = import_ethers4.ethers.id("Transfer(address,address,uint256)");
 async function verifyPayment(params) {
   const { txHash, expectedAmount, expectedTo, expectedToken } = params;
   let chain;
@@ -2523,7 +3810,7 @@ async function verifyPayment(params) {
       if (!detectedToken) {
         continue;
       }
-      if (log.topics.length < 3 || log.topics[0] !== TRANSFER_EVENT_TOPIC2) {
+      if (log.topics.length < 3 || log.topics[0] !== TRANSFER_EVENT_TOPIC3) {
         continue;
       }
       const from = "0x" + log.topics[1].slice(-40);