mppx 0.4.7 → 0.4.8

package/dist/tempo/session/Voucher.js.map

@@ -1 +1 @@
-{"version":3,"file":"Voucher.js","sourceRoot":"","sources":["../../../src/tempo/session/Voucher.ts"],"names":[],"mappings":"AAAA,OAAO,EAAgB,SAAS,EAAE,MAAM,IAAI,CAAA;AAC5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAA;AAE5C,OAAO,EAAE,cAAc,EAAE,uBAAuB,EAAE,MAAM,MAAM,CAAA;AAC9D,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AAG5C,wEAAwE;AACxE,MAAM,WAAW,GAAG,sBAAsB,CAAA;AAC1C,2EAA2E;AAC3E,MAAM,cAAc,GAAG,GAAG,CAAA;AAE1B;;GAEG;AACH,SAAS,gBAAgB,CAAC,cAA+B,EAAE,OAAe;IACxE,OAAO;QACL,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,cAAc;QACvB,OAAO;QACP,iBAAiB,EAAE,cAAc;KACzB,CAAA;AACZ,CAAC;AAED;;;GAGG;AACH,MAAM,YAAY,GAAG;IACnB,OAAO,EAAE;QACP,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,SAAS,EAAE;QACtC,EAAE,IAAI,EAAE,kBAAkB,EAAE,IAAI,EAAE,SAAS,EAAE;KAC9C;CACO,CAAA;AAEV;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,MAAc,EACd,OAAgB,EAChB,OAAgB,EAChB,cAA+B,EAC/B,OAAe,EACf,gBAA8C;IAE9C,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,MAAM,EAAE;QAC5C,OAAO;QACP,MAAM,EAAE,gBAAgB,CAAC,cAAc,EAAE,OAAO,CAAC;QACjD,KAAK,EAAE,YAAY;QACnB,WAAW,EAAE,SAAS;QACtB,OAAO,EAAE;YACP,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,gBAAgB,EAAE,OAAO,CAAC,gBAAgB;SAC3C;KACF,CAAC,CAAA;IAEF,yEAAyE;IACzE,wEAAwE;IACxE,uDAAuD;IACvD,0DAA0D;IAC1D,IAAI,gBAAgB,EAAE,CAAC;QACrB,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,iBAAiB,CAAC,IAAI,CAAC,SAAyC,CAAC,CAAA;YAClF,IAAI,QAAQ,CAAC,IAAI,KAAK,UAAU,IAAI,QAAQ,CAAC,KAAK,CAAC,IAAI,KAAK,WAAW;gBACrE,OAAO,SAAS,CAAC,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QACpD,CAAC;QAAC,MAAM,CAAC,CAAA,CAAC;IACZ,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,cAA+B,EAC/B,OAAe,EACf,OAAsB,EACtB,cAA+B;IAE/B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,gBAAgB,CAAC,cAAc,EAAE,OAAO,CAAC,CAAA;QACxD,MAAM,OAAO,GAAG;YACd,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,gBAAgB,EAAE,OAAO,CAAC,gBAAgB;SAC3C,CAAA;QAED,MAAM,QAAQ,GAAG,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;QAE1D,sEAAsE;QACtE,kEAAkE;QAClE,IAAI,QAAQ,CAAC,IAAI,KAAK,UAAU;YAAE,OAAO,KAAK,CAAA;QAE9C,yEAAyE;QACzE,8CAA8C;QAC9C,iDAAiD;QACjD,IAAI,QAAQ,CAAC,IAAI,KAAK,WAAW;YAAE,OAAO,KAAK,CAAA;QAE/C,MAAM,MAAM,GAAG,MAAM,uBAAuB,CAAC;YAC3C,MAAM;YACN,KAAK,EAAE,YAAY;YACnB,WAAW,EAAE,SAAS;YACtB,OAAO;YACP,SAAS,EAAE,OAAO,CAAC,SAAS;SAC7B,CAAC,CAAA;QACF,OAAO,cAAc,CAAC,MAAM,EAAE,cAAc,CAAC,CAAA;IAC/C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,uBAAuB,CACrC,SAAc,EACd,gBAAwB,EACxB,SAAc;IAEd,OAAO;QACL,SAAS;QACT,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,CAAC;QAC1C,SAAS;KACV,CAAA;AACH,CAAC"}
+{"version":3,"file":"Voucher.js","sourceRoot":"","sources":["../../../src/tempo/session/Voucher.ts"],"names":[],"mappings":"AAAA,OAAO,EAAgB,SAAS,EAAE,MAAM,IAAI,CAAA;AAC5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAA;AAE5C,OAAO,EAAE,uBAAuB,EAAE,MAAM,MAAM,CAAA;AAC9C,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AAC5C,OAAO,KAAK,YAAY,MAAM,wBAAwB,CAAA;AAGtD,wEAAwE;AACxE,MAAM,WAAW,GAAG,sBAAsB,CAAA;AAC1C,2EAA2E;AAC3E,MAAM,cAAc,GAAG,GAAG,CAAA;AAE1B;;GAEG;AACH,SAAS,gBAAgB,CAAC,cAA+B,EAAE,OAAe;IACxE,OAAO;QACL,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,cAAc;QACvB,OAAO;QACP,iBAAiB,EAAE,cAAc;KACzB,CAAA;AACZ,CAAC;AAED;;;GAGG;AACH,MAAM,YAAY,GAAG;IACnB,OAAO,EAAE;QACP,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,SAAS,EAAE;QACtC,EAAE,IAAI,EAAE,kBAAkB,EAAE,IAAI,EAAE,SAAS,EAAE;KAC9C;CACO,CAAA;AAEV;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,MAAc,EACd,OAAgB,EAChB,OAAgB,EAChB,cAA+B,EAC/B,OAAe,EACf,gBAA8C;IAE9C,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,MAAM,EAAE;QAC5C,OAAO;QACP,MAAM,EAAE,gBAAgB,CAAC,cAAc,EAAE,OAAO,CAAC;QACjD,KAAK,EAAE,YAAY;QACnB,WAAW,EAAE,SAAS;QACtB,OAAO,EAAE;YACP,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,gBAAgB,EAAE,OAAO,CAAC,gBAAgB;SAC3C;KACF,CAAC,CAAA;IAEF,yEAAyE;IACzE,wEAAwE;IACxE,uDAAuD;IACvD,0DAA0D;IAC1D,IAAI,gBAAgB,EAAE,CAAC;QACrB,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,iBAAiB,CAAC,IAAI,CAAC,SAAyC,CAAC,CAAA;YAClF,IAAI,QAAQ,CAAC,IAAI,KAAK,UAAU,IAAI,QAAQ,CAAC,KAAK,CAAC,IAAI,KAAK,WAAW;gBACrE,OAAO,SAAS,CAAC,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QACpD,CAAC;QAAC,MAAM,CAAC,CAAA,CAAC;IACZ,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,cAA+B,EAC/B,OAAe,EACf,OAAsB,EACtB,cAA+B;IAE/B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,gBAAgB,CAAC,cAAc,EAAE,OAAO,CAAC,CAAA;QACxD,MAAM,OAAO,GAAG;YACd,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,gBAAgB,EAAE,OAAO,CAAC,gBAAgB;SAC3C,CAAA;QAED,MAAM,QAAQ,GAAG,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;QAE1D,sEAAsE;QACtE,kEAAkE;QAClE,IAAI,QAAQ,CAAC,IAAI,KAAK,UAAU;YAAE,OAAO,KAAK,CAAA;QAE9C,yEAAyE;QACzE,8CAA8C;QAC9C,iDAAiD;QACjD,IAAI,QAAQ,CAAC,IAAI,KAAK,WAAW;YAAE,OAAO,KAAK,CAAA;QAE/C,MAAM,MAAM,GAAG,MAAM,uBAAuB,CAAC;YAC3C,MAAM;YACN,KAAK,EAAE,YAAY;YACnB,WAAW,EAAE,SAAS;YACtB,OAAO;YACP,SAAS,EAAE,OAAO,CAAC,SAAS;SAC7B,CAAC,CAAA;QACF,OAAO,YAAY,CAAC,OAAO,CAAC,MAAM,EAAE,cAAc,CAAC,CAAA;IACrD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,uBAAuB,CACrC,SAAc,EACd,gBAAwB,EACxB,SAAc;IAEd,OAAO;QACL,SAAS;QACT,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,CAAC;QAC1C,SAAS;KACV,CAAA;AACH,CAAC"}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "mppx",
   "type": "module",
-  "version": "0.4.7",
+  "version": "0.4.8",
   "main": "./dist/index.js",
   "license": "MIT",
   "files": [
@@ -96,7 +96,7 @@
     "elysia": ">=1",
     "express": ">=5",
     "hono": ">=4",
-    "viem": ">=2.46.2"
+    "viem": ">=2.47.5"
   },
   "peerDependenciesMeta": {
     "@modelcontextprotocol/sdk": {

package/src/Store.test-d.ts

@@ -0,0 +1,58 @@
+import { expectTypeOf, test } from 'vitest'
+import * as Store from './Store.js'
+
+test('default Store accepts any string key', () => {
+  const store = Store.memory()
+  expectTypeOf(store.get).parameter(0).toBeString()
+  expectTypeOf(store.put).parameter(0).toBeString()
+  expectTypeOf(store.delete).parameter(0).toBeString()
+})
+
+test('default Store get returns unknown', async () => {
+  const store = Store.memory()
+  const value = await store.get('anything')
+  expectTypeOf(value).toEqualTypeOf<unknown>()
+})
+
+test('typed Store constrains keys', () => {
+  type ItemMap = { [key: `mppx:charge:${string}`]: number }
+  const store = {} as Store.Store<ItemMap>
+
+  expectTypeOf(store.get).parameter(0).toEqualTypeOf<`mppx:charge:${string}`>()
+  expectTypeOf(store.put).parameter(0).toEqualTypeOf<`mppx:charge:${string}`>()
+  expectTypeOf(store.delete).parameter(0).toEqualTypeOf<`mppx:charge:${string}`>()
+})
+
+test('typed Store infers value from key', async () => {
+  type ItemMap = { [key: `mppx:charge:${string}`]: number }
+  const store = {} as Store.Store<ItemMap>
+
+  const value = await store.get('mppx:charge:0x123')
+  expectTypeOf(value).toEqualTypeOf<number | null>()
+})
+
+test('typed Store enforces value type on put', () => {
+  type ItemMap = { [key: `mppx:charge:${string}`]: number }
+  const store = {} as Store.Store<ItemMap>
+
+  // @ts-expect-error — value must be number, not string
+  store.put('mppx:charge:0x123', 'wrong')
+})
+
+test('cloudflare returns generic Store', () => {
+  const store = Store.cloudflare({
+    get: async () => null,
+    put: async () => {},
+    delete: async () => {},
+  })
+  expectTypeOf(store).toEqualTypeOf<Store.Store>()
+})
+
+test('upstash returns generic Store', () => {
+  const store = Store.upstash({
+    get: async () => null,
+    set: async () => null,
+    del: async () => null,
+  })
+  expectTypeOf(store).toEqualTypeOf<Store.Store>()
+})

package/src/Store.ts

@@ -6,10 +6,12 @@
  */
 import { Json } from 'ox'
 
-export type Store = {
-  get: <value = unknown>(key: string) => Promise<value | null>
-  put: (key: string, value: unknown) => Promise<void>
-  delete: (key: string) => Promise<void>
+export type StoreItemMap = Record<string, unknown>
+
+export type Store<itemMap extends StoreItemMap = StoreItemMap> = {
+  get: <key extends keyof itemMap & string>(key: key) => Promise<itemMap[key] | null>
+  put: <key extends keyof itemMap & string>(key: key, value: itemMap[key]) => Promise<void>
+  delete: <key extends keyof itemMap & string>(key: key) => Promise<void>
 }
 
 /** Creates a {@link Store} from an existing implementation. */

package/src/cli/cli.test.ts

@@ -10,11 +10,13 @@ import * as Http from '~test/Http.js'
 import { rpcUrl } from '~test/tempo/prool.js'
 import { deployEscrow } from '~test/tempo/session.js'
 import { accounts, asset, client, fundAccount } from '~test/tempo/viem.js'
+import * as Credential from '../Credential.js'
 import * as Store from '../Store.js'
 import * as Mppx_server from '../server/Mppx.js'
 import { toNodeListener } from '../server/Mppx.js'
 import { stripe as stripe_server } from '../stripe/server/Methods.js'
 import { tempo } from '../tempo/server/Methods.js'
+import type { SessionCredentialPayload } from '../tempo/session/Types.js'
 import cli from './cli.js'
 
 const testPrivateKey = generatePrivateKey()
@@ -192,6 +194,128 @@ describe('session multi-fetch (examples/session/multi-fetch)', () => {
     }
   })
 
+  test('bug: non-SSE open should not double-charge tick amount', { timeout: 120_000 }, async () => {
+    await fundAccount({ address: testAccount.address, token: Addresses.pathUsd })
+    await fundAccount({ address: testAccount.address, token: asset })
+
+    const escrow = await deployEscrow()
+    const store = Store.memory()
+    const tickAmount = '0.001'
+    const server = Mppx_server.create({
+      methods: [
+        tempo.session({
+          account: accounts[0],
+          store,
+          getClient: () => client,
+          currency: asset,
+          escrowContract: escrow,
+          chainId: client.chain.id,
+          feePayer: true,
+        }),
+      ],
+      realm: 'cli-test-double-charge',
+      secretKey: 'cli-test-secret',
+    })
+
+    // Track voucher cumulative amounts from credential payloads
+    const voucherAmounts: string[] = []
+
+    const httpServer = await Http.createServer(async (req, res) => {
+      const authHeader = req.headers.authorization
+      if (authHeader) {
+        try {
+          const cred = Credential.deserialize<SessionCredentialPayload>(authHeader)
+          if (cred.payload.action === 'voucher' && 'cumulativeAmount' in cred.payload) {
+            voucherAmounts.push(cred.payload.cumulativeAmount)
+          }
+        } catch {}
+      }
+
+      const result = await toNodeListener(
+        server.session({
+          amount: tickAmount,
+          recipient: accounts[0].address,
+          unitType: 'page',
+        }),
+      )(req, res)
+      if (result.status === 402) return
+      // Non-SSE: plain text response (not text/event-stream)
+      res.end('scraped-content')
+    })
+
+    try {
+      await serve([httpServer.url, '--rpc-url', rpcUrl, '-s', '-M', 'deposit=10'], {
+        env: { MPPX_PRIVATE_KEY: testPrivateKey },
+      })
+
+      // No follow-up voucher should be sent after a non-SSE open.
+      // The open credential already paid for this unit, so the CLI
+      // should NOT send a redundant voucher that would double-charge.
+      expect(voucherAmounts.length).toBe(0)
+    } finally {
+      httpServer.close()
+    }
+  })
+
+  test('bug: closeChannel sends action "close" not "voucher"', { timeout: 120_000 }, async () => {
+    await fundAccount({ address: testAccount.address, token: Addresses.pathUsd })
+    await fundAccount({ address: testAccount.address, token: asset })
+
+    const escrow = await deployEscrow()
+    const store = Store.memory()
+    const server = Mppx_server.create({
+      methods: [
+        tempo.session({
+          account: accounts[0],
+          store,
+          getClient: () => client,
+          currency: asset,
+          escrowContract: escrow,
+          chainId: client.chain.id,
+          feePayer: true,
+        }),
+      ],
+      realm: 'cli-test-close-action',
+      secretKey: 'cli-test-secret',
+    })
+
+    // Track the credential payload action from the close request
+    const credentialActions: string[] = []
+
+    const httpServer = await Http.createServer(async (req, res) => {
+      // Capture credential action from every request with Authorization header
+      const authHeader = req.headers.authorization
+      if (authHeader) {
+        try {
+          const cred = Credential.deserialize<SessionCredentialPayload>(authHeader)
+          credentialActions.push(cred.payload.action)
+        } catch {}
+      }
+
+      const result = await toNodeListener(
+        server.session({
+          amount: '0.001',
+          recipient: accounts[0].address,
+          unitType: 'page',
+        }),
+      )(req, res)
+      if (result.status === 402) return
+      res.end('scraped-content')
+    })
+
+    try {
+      await serve([httpServer.url, '--rpc-url', rpcUrl, '-s', '-M', 'deposit=10'], {
+        env: { MPPX_PRIVATE_KEY: testPrivateKey },
+      })
+
+      // The last credential sent should be the close request with action: 'close'
+      const lastAction = credentialActions[credentialActions.length - 1]
+      expect(lastAction).toBe('close')
+    } finally {
+      httpServer.close()
+    }
+  })
+
   test('error: --fail exits on server error', { timeout: 60_000 }, async () => {
     const httpServer = await Http.createServer(async (_req, res) => {
       res.writeHead(500)

package/src/cli/cli.ts

@@ -130,15 +130,27 @@ const cli = Cli.create('mppx', {
       return hasProtocol ? c.args.url : `${isLocal ? 'http' : 'https'}://${c.args.url}`
     })()
     const { hostname } = new URL(url)
-    if (
+    const insecure =
       c.options.insecure ||
       hostname === 'localhost' ||
       hostname.endsWith('.localhost') ||
       hostname.endsWith('.local')
-    ) {
-      process.removeAllListeners('warning')
-      process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'
-    }
+
+    // Scoped fetch that temporarily disables TLS verification only for
+    // the target connection when `insecure` is true, then restores
+    // the original value so other HTTPS connections are unaffected.
+    const targetFetch: typeof globalThis.fetch = insecure
+      ? async (input, init) => {
+          const orig = process.env.NODE_TLS_REJECT_UNAUTHORIZED
+          process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'
+          try {
+            return await globalThis.fetch(input, init)
+          } finally {
+            if (orig === undefined) delete process.env.NODE_TLS_REJECT_UNAUTHORIZED
+            else process.env.NODE_TLS_REJECT_UNAUTHORIZED = orig
+          }
+        }
+      : globalThis.fetch
 
     // Node.js doesn't resolve *.localhost subdomains to loopback (unlike
     // browsers per RFC 6761). Rewrite the URL to 127.0.0.1 and set the
@@ -170,7 +182,7 @@ const cli = Cli.create('mppx', {
       }
 
       if (c.options.verbose >= 2) printRequestHeaders(url, init, info)
-      const challengeResponse = await globalThis.fetch(fetchUrl, init)
+      const challengeResponse = await targetFetch(fetchUrl, init)
       if (challengeResponse.status !== 402) {
         if (c.options.fail && challengeResponse.status >= 400)
           return c.error({
@@ -307,7 +319,7 @@ const cli = Cli.create('mppx', {
 
       const credentialFetchInit = { ...init, headers: credentialHeaders }
       if (c.options.verbose >= 2) printRequestHeaders(url, credentialFetchInit, info)
-      const credentialResponse = await globalThis.fetch(fetchUrl, credentialFetchInit)
+      const credentialResponse = await targetFetch(fetchUrl, credentialFetchInit)
 
       if (c.options.fail && credentialResponse.status >= 400)
         return c.error({

package/src/cli/plugins/tempo.ts

@@ -34,6 +34,7 @@ export function tempo() {
           cumulativeAmount: bigint
           escrowContract: Address
           chainId: number
+          action?: 'voucher' | 'close'
         }): Promise<string>
         source: string
       }
@@ -183,11 +184,17 @@ export function tempo() {
 
       // Store session support for use in lifecycle hooks
       _session = {
-        async signVoucher({ channelId, cumulativeAmount, escrowContract, chainId }) {
+        async signVoucher({
+          channelId,
+          cumulativeAmount,
+          escrowContract,
+          chainId,
+          action = 'voucher',
+        }) {
           return Credential.serialize({
             challenge,
             payload: {
-              action: 'voucher',
+              action,
               channelId,
               cumulativeAmount: cumulativeAmount.toString(),
               signature: await signVoucher(
@@ -254,32 +261,17 @@ export function tempo() {
         }
       }
 
-      // Handle non-SSE session response (server returned non-streaming)
-      let credentialResponse = response
+      // Handle non-SSE session response (server returned non-streaming).
+      // The open credential already paid for this unit — no follow-up
+      // voucher is needed. Just record the cumulativeAmount so the
+      // channel close uses the correct value.
+      const credentialResponse = response
       if (
         credentialResponse.ok &&
         !credentialResponse.headers.get('Content-Type')?.includes('text/event-stream')
       ) {
         if (parsed.payload.action === 'open' && 'cumulativeAmount' in parsed.payload) {
-          const tickAmount = BigInt(challengeRequest.amount as string)
-          cumulativeAmount = BigInt(parsed.payload.cumulativeAmount) + tickAmount
-
-          if (escrowContract) {
-            const voucherCred = await _session.signVoucher({
-              channelId,
-              cumulativeAmount,
-              escrowContract,
-              chainId,
-            })
-            credentialResponse = await globalThis.fetch(fetchUrl, {
-              ...fetchInit,
-              headers: {
-                ...(fetchInit.headers as Record<string, string>),
-                Accept: 'text/event-stream',
-                Authorization: voucherCred,
-              },
-            })
-          }
+          cumulativeAmount = BigInt(parsed.payload.cumulativeAmount)
         }
       }
 
@@ -598,6 +590,7 @@ async function closeChannel(opts: {
       cumulativeAmount: bigint
       escrowContract: Address
       chainId: number
+      action?: 'voucher' | 'close'
     }): Promise<string>
   }
   info: (msg: string) => void
@@ -612,6 +605,7 @@ async function closeChannel(opts: {
     cumulativeAmount: opts.cumulativeAmount,
     escrowContract: opts.escrowContract,
     chainId: opts.chainId,
+    action: 'close',
   })
   const closeRes = await globalThis.fetch(opts.fetchUrl, {
     ...opts.fetchInit,

package/src/middlewares/elysia.test.ts

@@ -0,0 +1,89 @@
+import * as http from 'node:http'
+import { Elysia } from 'elysia'
+import { Receipt } from 'mppx'
+import { Mppx as Mppx_client, tempo as tempo_client } from 'mppx/client'
+import { Mppx } from 'mppx/elysia'
+import { tempo as tempo_server } from 'mppx/server'
+import { describe, expect, test } from 'vitest'
+import { accounts, asset, client } from '~test/tempo/viem.js'
+
+function createServer(app: Elysia<any, any, any, any, any, any, any>) {
+  return new Promise<{ url: string; close: () => void }>((resolve) => {
+    const server = http.createServer(async (req, res) => {
+      const url = `http://localhost${req.url}`
+      const headers = new Headers()
+      for (let i = 0; i < req.rawHeaders.length; i += 2)
+        headers.append(req.rawHeaders[i]!, req.rawHeaders[i + 1]!)
+      const request = new Request(url, { method: req.method!, headers })
+      const response = await app.fetch(request)
+      res.writeHead(response.status, Object.fromEntries(response.headers))
+      const body = await response.text()
+      if (body) res.write(body)
+      res.end()
+    })
+    server.listen(0, () => {
+      const { port } = server.address() as { port: number }
+      resolve({
+        url: `http://localhost:${port}`,
+        close: () => server.close(),
+      })
+    })
+  })
+}
+
+const secretKey = 'test-secret-key'
+
+describe('charge', () => {
+  const mppx = Mppx.create({
+    methods: [
+      tempo_server.charge({
+        getClient: () => client,
+        currency: asset,
+        recipient: accounts[0].address,
+      }),
+    ],
+    secretKey,
+  })
+
+  const { fetch } = Mppx_client.create({
+    polyfill: false,
+    methods: [
+      tempo_client.charge({
+        account: accounts[1],
+        getClient: () => client,
+      }),
+    ],
+  })
+
+  test('returns 402 when no credential', async () => {
+    const app = new Elysia().guard({ beforeHandle: mppx.charge({ amount: '1' }) }, (app) =>
+      app.get('/', () => ({ fortune: 'You will be rich' })),
+    )
+
+    const server = await createServer(app)
+    const response = await globalThis.fetch(server.url)
+    expect(response.status).toBe(402)
+    expect(response.headers.get('WWW-Authenticate')).toContain('Payment')
+
+    server.close()
+  })
+
+  test('returns 200 with receipt on valid payment', async () => {
+    const app = new Elysia().guard({ beforeHandle: mppx.charge({ amount: '1' }) }, (app) =>
+      app.get('/', () => ({ fortune: 'You will be rich' })),
+    )
+
+    const server = await createServer(app)
+    const response = await fetch(server.url)
+    expect(response.status).toBe(200)
+
+    const body = await response.json()
+    expect(body).toEqual({ fortune: 'You will be rich' })
+
+    const receipt = Receipt.fromResponse(response)
+    expect(receipt.status).toBe('success')
+    expect(receipt.method).toBe('tempo')
+
+    server.close()
+  })
+})

package/src/middlewares/elysia.ts

@@ -59,8 +59,11 @@ export function payment<const intent extends Mppx_internal.AnyMethodFn>(
   intent: intent,
   options: intent extends (options: infer options) => any ? options : never,
 ): ElysiaHook {
-  return async ({ request }) => {
+  return async ({ request, set }) => {
     const result = await intent(options)(request)
     if (result.status === 402) return result.challenge
+    const receipt = result.withReceipt(new Response())
+    const header = receipt.headers.get('Payment-Receipt')
+    if (header) set.headers['Payment-Receipt'] = header
   }
 }

package/src/proxy/Proxy.test.ts

@@ -630,6 +630,62 @@ describe('create', () => {
     })
   })
 
+  test('behavior: management POST falls back to paid route with different method', async () => {
+    upstream = await createUpstream(() => Response.json({ ok: true }))
+    const proxy = ApiProxy.create({
+      services: [
+        Service.from('api', {
+          baseUrl: upstream.url,
+          routes: {
+            // Registered as GET but management POSTs (e.g. session close)
+            // should still reach this paid endpoint via fallback.
+            'GET /v1/stream': mppx_server.charge({ amount: '1', decimals: 6 }),
+          },
+        }),
+      ],
+    })
+    proxyServer = await Http.createServer(proxy.listener)
+
+    const res = await fetch(`${proxyServer.url}/api/v1/stream`, {
+      method: 'POST',
+      headers: { Authorization: 'x' },
+    })
+    // Should hit the paid endpoint and get a 402 challenge, not 404
+    expect(res.status).toBe(402)
+  })
+
+  test('behavior: POST to unregistered method does not fall back to free GET route', async () => {
+    upstream = await createUpstream(() => Response.json({ ok: true }))
+    const proxy = ApiProxy.create({
+      services: [
+        Service.from('api', {
+          baseUrl: upstream.url,
+          routes: {
+            // GET is free, but there is no POST handler
+            'GET /v1beta/cachedContents': true,
+            'POST /v1beta/models/:model': mppx_server.charge({
+              amount: '1',
+              decimals: 6,
+            }),
+          },
+        }),
+      ],
+    })
+    proxyServer = await Http.createServer(proxy.listener)
+
+    // A POST with a bogus authorization header should NOT fall back
+    // to the free GET route — it must return 404.
+    const res = await fetch(`${proxyServer.url}/api/v1beta/cachedContents`, {
+      method: 'POST',
+      headers: {
+        Authorization: 'x',
+        'Content-Type': 'application/json',
+      },
+      body: JSON.stringify({ model: 'models/gemini-2.0-flash-001', contents: [] }),
+    })
+    expect(res.status).toBe(404)
+  })
+
   test('behavior: forwards query params to upstream', async () => {
     upstream = await createUpstream((req) => Response.json({ search: new URL(req.url).search }))
     const proxy = ApiProxy.create({

package/src/proxy/Proxy.ts

@@ -137,7 +137,12 @@ export function create(config: create.Config): Proxy {
       // is registered for a different HTTP method (e.g. GET). Fall back to
       // path-only matching so the payment handler can process the action.
       (request.method === 'POST' && request.headers.has('authorization')
-        ? Route.matchPath(service.routes, upstreamPath)
+        ? Route.matchPath(
+            service.routes,
+            upstreamPath,
+            // skip free routes (e.g. `'GET /foo/bar': true`)
+            (endpoint) => endpoint !== true,
+          )
         : null)
     if (!matched) return new Response('Not Found', { status: 404 })
 

package/src/proxy/internal/Route.test.ts

@@ -141,3 +141,60 @@ describe('match', () => {
     expect(Route.match(routes, 'GET', '/v1/chat/completions')).toBeNull()
   })
 })
+
+describe('matchPath', () => {
+  const paidOnly = (v: unknown) => v !== true
+
+  test('behavior: matches route by path without filter', () => {
+    const routes = { 'GET /v1/models': true }
+    expect(Route.matchPath(routes, '/v1/models')).toMatchObject({
+      key: 'GET /v1/models',
+    })
+  })
+
+  test('behavior: matches paid endpoint by path', () => {
+    const routes = { 'GET /v1/generate': { pay: () => {} } }
+    expect(Route.matchPath(routes, '/v1/generate', paidOnly)).toMatchObject({
+      key: 'GET /v1/generate',
+    })
+  })
+
+  test('behavior: skips free passthrough routes with filter', () => {
+    const routes = {
+      'GET /v1/models': true,
+      'POST /v1/generate': { pay: () => {} },
+    }
+    expect(Route.matchPath(routes, '/v1/models', paidOnly)).toBeNull()
+  })
+
+  test('behavior: matches paid route even with different method', () => {
+    const routes = {
+      'GET /v1/stream': { pay: () => {} },
+    }
+    expect(Route.matchPath(routes, '/v1/stream', paidOnly)).toMatchObject({
+      key: 'GET /v1/stream',
+    })
+  })
+
+  test('behavior: skips free and matches next paid route', () => {
+    const routes = {
+      'GET /v1/*': true,
+      'POST /v1/*': { pay: () => {} },
+    }
+    const result = Route.matchPath(routes, '/v1/cachedContents', paidOnly)
+    expect(result).toMatchObject({ key: 'POST /v1/*' })
+  })
+
+  test('error: returns null when all routes are free', () => {
+    const routes = {
+      'GET /v1/models': true,
+      'GET /v1/status': true,
+    }
+    expect(Route.matchPath(routes, '/v1/models', paidOnly)).toBeNull()
+  })
+
+  test('error: returns null when no path match', () => {
+    const routes = { 'POST /v1/generate': { pay: () => {} } }
+    expect(Route.matchPath(routes, '/v2/unknown', paidOnly)).toBeNull()
+  })
+})

package/src/proxy/internal/Route.ts

@@ -36,12 +36,14 @@ export function match(
   return null
 }
 
-/** Finds the first route matching just the path, ignoring the HTTP method. Used for management POST fallback. */
+/** Finds the first route matching the path, ignoring the HTTP method. Optional `filter` predicate can exclude routes. */
 export function matchPath(
   routes: Record<string, unknown>,
   path: string,
+  filter?: (value: unknown) => boolean,
 ): { key: string; value: unknown } | null {
   for (const [key, value] of Object.entries(routes)) {
+    if (filter && !filter(value)) continue
     const { pattern } = parseRouteKey(key)
     const urlPattern = new URLPattern({ pathname: pattern })
     if (urlPattern.test({ pathname: path })) return { key, value }