mppx 0.4.6 → 0.4.8

package/src/server/Mppx.ts

@@ -329,19 +329,36 @@ function createMethodFn(parameters: createMethodFn.Parameters): createMethodFn.R
         }
 
         // Verify the credential's challenge matches this route's configured
-        // request. Prevents cross-route scope confusion where a credential
-        // issued for a cheap route is presented at an expensive route.
+        // method, intent, realm, and request. Prevents cross-route scope
+        // confusion where a credential issued for a cheap route (or different
+        // method/intent) is presented at an expensive route.
         // Note: we compare specific payment parameters rather than the full
         // request because the `request` hook may produce credential-dependent
         // output (e.g. `feePayer` differs between 402 and credential calls).
         {
+          for (const field of ['method', 'intent', 'realm'] as const) {
+            if (credential.challenge[field] !== challenge[field]) {
+              const response = await transport.respondChallenge({
+                challenge,
+                input,
+                error: new Errors.InvalidChallengeError({
+                  id: credential.challenge.id,
+                  reason: `credential ${field} does not match this route's requirements`,
+                }),
+              })
+              return { challenge: response, status: 402 }
+            }
+          }
+
           const routeReq = challenge.request as Record<string, unknown>
           const echoedReq = credential.challenge.request as Record<string, unknown>
+          const routeDetails = (routeReq.methodDetails ?? {}) as Record<string, unknown>
+          const echoedDetails = (echoedReq.methodDetails ?? {}) as Record<string, unknown>
           for (const field of ['amount', 'currency', 'recipient'] as const) {
+            const routeVal = routeReq[field] ?? routeDetails[field]
             if (
-              routeReq[field] !== undefined &&
-              echoedReq[field] !== undefined &&
-              String(routeReq[field]) !== String(echoedReq[field])
+              routeVal !== undefined &&
+              String(routeVal) !== String(echoedReq[field] ?? echoedDetails[field])
             ) {
               const response = await transport.respondChallenge({
                 challenge,
@@ -578,22 +595,24 @@ export function compose(
       if (credential) {
         const { method: credMethod, intent: credIntent } = credential.challenge
         const credReq = credential.challenge.request as Record<string, unknown>
+        const credDetails = (credReq.methodDetails ?? {}) as Record<string, unknown>
 
         // Filter by name+intent, then narrow by comparing stable request fields
         // from the echoed challenge against each handler's canonical request.
         // Uses the schema-parsed canonical form (not raw options) so that
         // transformed fields (e.g. amount with decimals) match correctly.
+        // Also checks inside methodDetails for fields moved there by transforms.
         const candidates = handlers.filter((h) => {
           const meta = (h as ConfiguredHandler)._internal
           if (!meta || meta.name !== credMethod || meta.intent !== credIntent) return false
           const canonical = meta._canonicalRequest
           if (!canonical) return true
+          const canonicalDetails = (canonical.methodDetails ?? {}) as Record<string, unknown>
           for (const field of ['amount', 'currency', 'recipient', 'chainId'] as const) {
-            const canonicalVal = canonical[field]
+            const canonicalVal = canonical[field] ?? canonicalDetails[field]
             if (
               canonicalVal !== undefined &&
-              credReq[field] !== undefined &&
-              String(canonicalVal) !== String(credReq[field])
+              String(canonicalVal) !== String(credReq[field] ?? credDetails[field])
             )
               return false
           }

package/src/tempo/client/SessionManager.ts

@@ -59,6 +59,7 @@ export function sessionManager(parameters: sessionManager.Parameters): SessionMa
   let channel: ChannelEntry | null = null
   let lastChallenge: Challenge.Challenge | null = null
   let lastUrl: RequestInfo | URL | null = null
+  let spent = 0n
 
   const method = sessionPlugin({
     account: parameters.account,
@@ -68,6 +69,7 @@ export function sessionManager(parameters: sessionManager.Parameters): SessionMa
     decimals: parameters.decimals,
     maxDeposit: parameters.maxDeposit,
     onChannelUpdate(entry) {
+      if (entry.channelId !== channel?.channelId) spent = 0n
       channel = entry
     },
   })
@@ -81,9 +83,16 @@ export function sessionManager(parameters: sessionManager.Parameters): SessionMa
     },
   })
 
+  function updateSpentFromReceipt(receipt: SessionReceipt | null | undefined) {
+    if (!receipt || receipt.channelId !== channel?.channelId) return
+    const next = BigInt(receipt.spent)
+    spent = spent > next ? spent : next
+  }
+
   function toPaymentResponse(response: Response): PaymentResponse {
     const receiptHeader = response.headers.get('Payment-Receipt')
     const receipt = receiptHeader ? deserializeSessionReceipt(receiptHeader) : null
+    updateSpentFromReceipt(receipt)
     return Object.assign(response, {
       receipt,
       challenge: lastChallenge,
@@ -216,6 +225,7 @@ export function sessionManager(parameters: sessionManager.Parameters): SessionMa
                 }
 
                 case 'payment-receipt':
+                  updateSpentFromReceipt(event.data)
                   onReceipt?.(event.data)
                   break
               }
@@ -237,7 +247,7 @@ export function sessionManager(parameters: sessionManager.Parameters): SessionMa
         context: {
           action: 'close',
           channelId: channel.channelId,
-          cumulativeAmountRaw: channel.cumulativeAmount.toString(),
+          cumulativeAmountRaw: spent.toString(),
         },
       })
 

package/src/tempo/internal/address.ts

@@ -0,0 +1,6 @@
+// TODO: Add `isEqual` to `TempoAddress`.
+import type { TempoAddress } from 'ox/tempo'
+
+export function isEqual(a: TempoAddress.Address, b: TempoAddress.Address) {
+  return a.toLowerCase() === b.toLowerCase()
+}

package/src/tempo/internal/auto-swap.ts

@@ -1,7 +1,7 @@
 import type { Address, Client } from 'viem'
-import { isAddressEqual } from 'viem'
 import { readContract } from 'viem/actions'
 import { Actions, Addresses } from 'viem/tempo'
+import * as TempoAddress from './address.js'
 import * as defaults from './defaults.js'
 
 /** Basis-point denominator (100% = 10 000 bps). */
@@ -26,7 +26,7 @@ export async function findCalls(
 ): Promise<findCalls.ReturnType> {
   const { account, amountOut, tokenOut, tokenIn, slippage } = parameters
 
-  const candidates = tokenIn.filter((t) => !isAddressEqual(t, tokenOut))
+  const candidates = tokenIn.filter((t) => !TempoAddress.isEqual(t, tokenOut))
 
   const balanceResults = await Promise.allSettled([
     readContract(client, Actions.token.getBalance.call({ account, token: tokenOut }) as never),
@@ -108,7 +108,7 @@ export function resolve(
   const tokenIn = value.tokenIn
     ? [
         ...value.tokenIn,
-        ...defaultCurrencies.filter((d) => !value.tokenIn!.some((c) => isAddressEqual(c, d))),
+        ...defaultCurrencies.filter((d) => !value.tokenIn!.some((c) => TempoAddress.isEqual(c, d))),
       ]
     : defaultCurrencies
   return {

package/src/tempo/internal/fee-payer.ts

@@ -1,7 +1,18 @@
-import { decodeFunctionData, isAddressEqual } from 'viem'
+import type { TempoAddress } from 'ox/tempo'
+import { TxEnvelopeTempo } from 'ox/tempo'
+import { decodeFunctionData } from 'viem'
 import { Abis, Addresses } from 'viem/tempo'
+import * as TempoAddress_internal from './address.js'
 import * as Selectors from './selectors.js'
 
+/** Returns true if the serialized transaction has a Tempo envelope prefix. */
+export function isTempoTransaction(serialized: string | undefined): boolean {
+  return (
+    serialized?.startsWith(TxEnvelopeTempo.serializedType) === true ||
+    serialized?.startsWith(TxEnvelopeTempo.feePayerMagic) === true
+  )
+}
+
 /**
  * Allowed call patterns for fee-payer sponsored transactions.
  * Each inner array is an ordered list of function selectors.
@@ -15,7 +26,7 @@ export const callScopes = [
 
 /** Validates that a set of transaction calls matches an allowed fee-payer pattern. */
 export function validateCalls(
-  calls: readonly { data?: `0x${string}` | undefined; to?: `0x${string}` | undefined }[],
+  calls: readonly { data?: `0x${string}` | undefined; to?: TempoAddress.Address | undefined }[],
   details: Record<string, string>,
 ) {
   const callSelectors = calls.map((c) => c.data?.slice(0, 10))
@@ -31,11 +42,14 @@ export function validateCalls(
   const approveCall = calls.find((c) => c.data?.slice(0, 10) === Selectors.approve)
   if (approveCall) {
     const { args } = decodeFunctionData({ abi: Abis.tip20, data: approveCall.data! })
-    if (!isAddressEqual((args as [`0x${string}`])[0]!, Addresses.stablecoinDex))
+    if (!TempoAddress_internal.isEqual((args as [`0x${string}`])[0]!, Addresses.stablecoinDex))
       throw new FeePayerValidationError('approve spender is not the DEX', details)
   }
   const buyCall = calls.find((c) => c.data?.slice(0, 10) === Selectors.swapExactAmountOut)
-  if (buyCall && (!buyCall.to || !isAddressEqual(buyCall.to, Addresses.stablecoinDex)))
+  if (
+    buyCall &&
+    (!buyCall.to || !TempoAddress_internal.isEqual(buyCall.to, Addresses.stablecoinDex))
+  )
     throw new FeePayerValidationError('buy target is not the DEX', details)
 }