mppx 0.4.7 → 0.4.9

package/src/tempo/server/Session.test.ts

@@ -2,20 +2,24 @@ import type { z } from 'mppx'
 import { Challenge } from 'mppx'
 import { Mppx as Mppx_server, tempo as tempo_server } from 'mppx/server'
 import { type Address, createClient, type Hex } from 'viem'
+import { waitForTransactionReceipt } from 'viem/actions'
 import { Addresses } from 'viem/tempo'
 import { beforeAll, beforeEach, describe, expect, test } from 'vitest'
 import {
   deployEscrow,
+  requestCloseChannel,
   signOpenChannel,
   signTopUpChannel,
   topUpChannel,
 } from '~test/tempo/session.js'
 import { accounts, asset, chain, client, fundAccount, http } from '~test/tempo/viem.js'
+
 import {
   ChannelClosedError,
   ChannelNotFoundError,
   InsufficientBalanceError,
   InvalidSignatureError,
+  VerificationFailedError,
 } from '../../Errors.js'
 import * as Store from '../../Store.js'
 import {
@@ -305,6 +309,110 @@ describe('session', () => {
 
       expect(receipt.status).toBe('success')
     })
+
+    test('open after store loss uses on-chain settled for settledOnChain and spent', async () => {
+      const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
+      const server = createServer()
+
+      // 1. Open channel and accept a voucher
+      await server.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'open-1', channelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: serializedTransaction,
+            cumulativeAmount: '5000000',
+            signature: await signTestVoucher(channelId, 5000000n),
+          },
+        },
+        request: makeRequest(),
+      })
+
+      // 2. Settle on-chain so settled becomes 5000000
+      const settleTxHash = await settle(store, client, channelId, { escrowContract })
+      await waitForTransactionReceipt(client, { hash: settleTxHash })
+      expect((await store.getChannel(channelId))!.settledOnChain).toBe(5000000n)
+
+      // 3. Simulate store loss (non-persistent storage restart)
+      await store.updateChannel(channelId, () => null)
+      expect(await store.getChannel(channelId)).toBeNull()
+
+      // 4. Re-open with a new voucher above the settled amount
+      const server2 = createServer()
+      const receipt = await server2.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'reopen', channelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: serializedTransaction,
+            cumulativeAmount: '7000000',
+            signature: await signTestVoucher(channelId, 7000000n),
+          },
+        },
+        request: makeRequest(),
+      })
+
+      expect(receipt.status).toBe('success')
+
+      const ch = await store.getChannel(channelId)
+      expect(ch).not.toBeNull()
+      // settledOnChain must reflect the on-chain value, not 0
+      expect(ch!.settledOnChain).toBe(5000000n)
+      // spent must equal settledOnChain so deductFromChannel only allows
+      // charging the unsettled portion (highestVoucher - spent = 7M - 5M = 2M)
+      expect(ch!.spent).toBe(5000000n)
+      expect(ch!.highestVoucherAmount).toBe(7000000n)
+    })
+
+    test('open after store loss reports correct spent in receipt', async () => {
+      const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
+      const server = createServer()
+
+      // Open, settle, wipe store
+      await server.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'open-1', channelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: serializedTransaction,
+            cumulativeAmount: '3000000',
+            signature: await signTestVoucher(channelId, 3000000n),
+          },
+        },
+        request: makeRequest(),
+      })
+
+      const settleTxHash = await settle(store, client, channelId, { escrowContract })
+      await waitForTransactionReceipt(client, { hash: settleTxHash })
+      await store.updateChannel(channelId, () => null)
+
+      // Re-open — receipt.spent must reflect unsettled portion
+      const server2 = createServer()
+      const receipt = (await server2.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'reopen', channelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: serializedTransaction,
+            cumulativeAmount: '8000000',
+            signature: await signTestVoucher(channelId, 8000000n),
+          },
+        },
+        request: makeRequest(),
+      })) as SessionReceipt
+
+      // spent reflects on-chain settled (3M) so only unsettled portion is available
+      expect(receipt.spent).toBe('3000000')
+      expect(receipt.acceptedCumulative).toBe('8000000')
+    })
   })
 
   describe('voucher', () => {
@@ -353,26 +461,52 @@ describe('session', () => {
       expect(ch!.highestVoucherAmount).toBe(2000000n)
     })
 
-    test('returns success for non-increasing voucher (idempotency)', async () => {
+    test('rejects non-increasing voucher replay', async () => {
       const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
       const server = createServer()
       await openServerChannel(server, channelId, serializedTransaction)
 
-      const receipt = await server.verify({
-        credential: {
-          challenge: makeChallenge({ id: 'challenge-2', channelId }),
-          payload: {
-            action: 'voucher' as const,
-            channelId,
-            cumulativeAmount: '500000',
-            signature: await signTestVoucher(channelId, 500000n),
+      await expect(
+        server.verify({
+          credential: {
+            challenge: makeChallenge({ id: 'challenge-2', channelId }),
+            payload: {
+              action: 'voucher' as const,
+              channelId,
+              cumulativeAmount: '500000',
+              signature: await signTestVoucher(channelId, 500000n),
+            },
           },
-        },
-        request: makeRequest(),
-      })
+          request: makeRequest(),
+        }),
+      ).rejects.toThrow(
+        'voucher cumulativeAmount must be strictly greater than highest accepted voucher',
+      )
+    })
 
-      expect(receipt.status).toBe('success')
-      expect((receipt as SessionReceipt).acceptedCumulative).toBe('1000000')
+    test('rejects replay of settled voucher', async () => {
+      const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
+      const server = createServer()
+      await openServerChannel(server, channelId, serializedTransaction)
+
+      const leakedAmount = 1000000n
+      const leakedSignature = await signTestVoucher(channelId, leakedAmount)
+      await settle(store, client, channelId, { escrowContract })
+
+      await expect(
+        server.verify({
+          credential: {
+            challenge: makeChallenge({ id: 'challenge-replay', channelId }),
+            payload: {
+              action: 'voucher' as const,
+              channelId,
+              cumulativeAmount: leakedAmount.toString(),
+              signature: leakedSignature,
+            },
+          },
+          request: makeRequest(),
+        }),
+      ).rejects.toThrow('voucher cumulativeAmount is below on-chain settled amount')
     })
 
     test('rejects voucher exceeding deposit', async () => {
@@ -436,142 +570,410 @@ describe('session', () => {
         }),
       ).rejects.toThrow(ChannelNotFoundError)
     })
-  })
 
-  describe('topUp', () => {
-    async function openServerChannel(
-      server: ReturnType<typeof createServer>,
-      channelId: Hex,
-      serializedTransaction: Hex,
-    ) {
-      await server.verify({
-        credential: {
-          challenge: makeChallenge({ id: 'open-challenge', channelId }),
-          payload: {
-            action: 'open' as const,
-            type: 'transaction' as const,
-            channelId,
-            transaction: serializedTransaction,
-            cumulativeAmount: '1000000',
-            signature: await signTestVoucher(channelId, 1000000n),
+    test('rejects stale voucher with invalid signature (hijack prevention)', async () => {
+      const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
+      const server = createServer()
+      await openServerChannel(server, channelId, serializedTransaction)
+
+      await expect(
+        server.verify({
+          credential: {
+            challenge: makeChallenge({ id: 'hijack-attempt', channelId }),
+            payload: {
+              action: 'voucher' as const,
+              channelId,
+              // Attacker submits cumulativeAmount=500000, which is <= highestVoucherAmount (1000000)
+              // but > settled (0). Rejected by non-increasing cumulative amount check before signature validation.
+              cumulativeAmount: '500000',
+              signature: `0x${'ab'.repeat(65)}` as Hex,
+            },
           },
-        },
-        request: makeRequest(),
-      })
-    }
+          request: makeRequest(),
+        }),
+      ).rejects.toThrow(
+        'voucher cumulativeAmount must be strictly greater than highest accepted voucher',
+      )
+    })
 
-    test('accepts topUp with increased deposit', async () => {
+    test('rejects forged voucher with valid amount but invalid signature', async () => {
       const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
       const server = createServer()
       await openServerChannel(server, channelId, serializedTransaction)
 
-      const { serializedTransaction: topUpTx } = await signTopUpChannel({
-        escrow: escrowContract,
-        payer,
+      await expect(
+        server.verify({
+          credential: {
+            challenge: makeChallenge({ id: 'forge-attempt', channelId }),
+            payload: {
+              action: 'voucher' as const,
+              channelId,
+              // Higher cumulativeAmount than the open voucher, but forged signature.
+              cumulativeAmount: '2000000',
+              signature: `0x${'cd'.repeat(65)}` as Hex,
+            },
+          },
+          request: makeRequest(),
+        }),
+      ).rejects.toThrow(InvalidSignatureError)
+    })
+
+    test('rejects exact replay of already-verified voucher (non-increasing)', async () => {
+      const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
+      const server = createServer()
+      await openServerChannel(server, channelId, serializedTransaction)
+
+      const payload = {
+        action: 'voucher' as const,
         channelId,
-        token: currency,
-        amount: 10000000n,
-      })
+        cumulativeAmount: '2000000',
+        signature: await signTestVoucher(channelId, 2000000n),
+      }
 
-      const receipt = await server.verify({
+      await server.verify({
         credential: {
           challenge: makeChallenge({ id: 'challenge-2', channelId }),
-          payload: {
-            action: 'topUp' as const,
-            type: 'transaction' as const,
-            channelId,
-            transaction: topUpTx,
-            additionalDeposit: '10000000',
-          },
+          payload,
         },
         request: makeRequest(),
       })
 
-      expect(receipt.status).toBe('success')
-
-      const ch = await store.getChannel(channelId)
-      expect(ch!.deposit).toBe(20000000n)
+      await expect(
+        server.verify({
+          credential: {
+            challenge: makeChallenge({ id: 'challenge-3', channelId }),
+            payload,
+          },
+          request: makeRequest(),
+        }),
+      ).rejects.toThrow(VerificationFailedError)
     })
 
-    test('topUp receipt preserves spent and units from prior charges', async () => {
+    test('rejects replayed voucher at settled amount after on-chain settlement', async () => {
       const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
       const server = createServer()
       await openServerChannel(server, channelId, serializedTransaction)
 
-      await charge(store, channelId, 500000n)
-      await charge(store, channelId, 300000n)
-
-      const chBefore = await store.getChannel(channelId)
-      expect(chBefore!.spent).toBe(800000n)
-      expect(chBefore!.units).toBe(2)
-
-      const { serializedTransaction: topUpTx } = await signTopUpChannel({
-        escrow: escrowContract,
-        payer,
-        channelId,
-        token: currency,
-        amount: 5000000n,
-      })
-
-      const receipt = (await server.verify({
+      // Server accepts a higher voucher and then settles on-chain.
+      // settle() broadcasts the highestVoucher, leaking it on-chain.
+      const voucherSig = await signTestVoucher(channelId, 5000000n)
+      await server.verify({
         credential: {
-          challenge: makeChallenge({ id: 'challenge-topup', channelId }),
+          challenge: makeChallenge({ id: 'challenge-2', channelId }),
           payload: {
-            action: 'topUp' as const,
-            type: 'transaction' as const,
+            action: 'voucher' as const,
             channelId,
-            transaction: topUpTx,
-            additionalDeposit: '5000000',
+            cumulativeAmount: '5000000',
+            signature: voucherSig,
           },
         },
         request: makeRequest(),
-      })) as SessionReceipt
-
-      expect(receipt.status).toBe('success')
-      expect(receipt.spent).toBe('800000')
-      expect(receipt.units).toBe(2)
-
-      const chAfter = await store.getChannel(channelId)
-      expect(chAfter!.spent).toBe(800000n)
-      expect(chAfter!.units).toBe(2)
-      expect(chAfter!.deposit).toBe(15000000n)
-    })
+      })
 
-    test('rejects topUp on unknown channel', async () => {
-      const { channelId } = await createSignedOpenTransaction(10000000n)
-      const server = createServer()
+      await settle(store, client, channelId, { escrowContract })
+      expect((await store.getChannel(channelId))!.settledOnChain).toBe(5000000n)
 
+      // Attacker replays the leaked voucher via the voucher action.
       await expect(
         server.verify({
           credential: {
-            challenge: makeChallenge({ channelId }),
+            challenge: makeChallenge({ id: 'replay-attempt', channelId }),
             payload: {
-              action: 'topUp' as const,
-              type: 'transaction' as const,
+              action: 'voucher' as const,
               channelId,
-              transaction: '0xabcdef' as Hex,
-              additionalDeposit: '5000000',
+              cumulativeAmount: '5000000',
+              signature: voucherSig,
             },
           },
           request: makeRequest(),
         }),
-      ).rejects.toThrow(ChannelNotFoundError)
+      ).rejects.toThrow('voucher cumulativeAmount is below on-chain settled amount')
     })
-  })
 
-  describe('close', () => {
-    async function openServerChannel(
-      server: ReturnType<typeof createServer>,
-      channelId: Hex,
-      serializedTransaction: Hex,
-    ) {
+    test('rejects leaked voucher used in open action with mismatched channel', async () => {
+      // 1. Legitimate channel: open, send voucher, settle on-chain.
+      const { channelId: victimChannelId, serializedTransaction: victimTx } =
+        await createSignedOpenTransaction(10000000n)
+      const server = createServer()
+      await openServerChannel(server, victimChannelId, victimTx)
+
+      const leakedSig = await signTestVoucher(victimChannelId, 5000000n)
       await server.verify({
         credential: {
-          challenge: makeChallenge({ id: 'open-challenge', channelId }),
+          challenge: makeChallenge({ id: 'c-victim', channelId: victimChannelId }),
           payload: {
-            action: 'open' as const,
-            type: 'transaction' as const,
-            channelId,
+            action: 'voucher' as const,
+            channelId: victimChannelId,
+            cumulativeAmount: '5000000',
+            signature: leakedSig,
+          },
+        },
+        request: makeRequest(),
+      })
+
+      await settle(store, client, victimChannelId, { escrowContract })
+
+      // 2. Attacker creates a different open transaction (nominal channel
+      //    from their own account) but claims channelId = victimChannelId.
+      //    The tx broadcasts fine (opens attacker's channel), then the
+      //    server fetches on-chain state for victimChannelId (the settled
+      //    channel) and accepts the leaked voucher.
+      const attacker = accounts[3]
+      await fundAccount({ address: attacker.address, token: currency })
+      const { serializedTransaction: attackerTx } = await signOpenChannel({
+        escrow: escrowContract,
+        payer: attacker,
+        payee: recipient,
+        token: currency,
+        deposit: 1n, // nominal deposit
+        salt: nextSalt(),
+      })
+
+      await expect(
+        server.verify({
+          credential: {
+            challenge: makeChallenge({ id: 'c-attack', channelId: victimChannelId }),
+            payload: {
+              action: 'open' as const,
+              type: 'transaction' as const,
+              channelId: victimChannelId,
+              transaction: attackerTx,
+              cumulativeAmount: '5000000',
+              signature: leakedSig,
+            },
+          },
+          request: makeRequest(),
+        }),
+      ).rejects.toThrow('open transaction does not match claimed channelId')
+    })
+
+    test('rejects voucher when payer initiated force-close during cache TTL window', async () => {
+      const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
+      // Use channelStateTtl: 0 to force on-chain reads on every voucher,
+      // ensuring the force-close is detected immediately.
+      const server = createServer({ channelStateTtl: 0 })
+      await openServerChannel(server, channelId, serializedTransaction)
+
+      // Accept a voucher to prime the cache (open already verified on-chain)
+      await server.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'challenge-2', channelId }),
+          payload: {
+            action: 'voucher' as const,
+            channelId,
+            cumulativeAmount: '2000000',
+            signature: await signTestVoucher(channelId, 2000000n),
+          },
+        },
+        request: makeRequest(),
+      })
+
+      // Payer initiates a force-close on-chain (sets closeRequestedAt != 0)
+      await requestCloseChannel({ escrow: escrowContract, payer, channelId })
+
+      // Server submits another voucher within the cache TTL window.
+      // The cached state hardcodes closeRequestedAt: 0n, so the check
+      // in verifyAndAcceptVoucher never fires. This should throw
+      // ChannelClosedError but currently doesn't due to the stale cache.
+      await expect(
+        server.verify({
+          credential: {
+            challenge: makeChallenge({ id: 'challenge-3', channelId }),
+            payload: {
+              action: 'voucher' as const,
+              channelId,
+              cumulativeAmount: '3000000',
+              signature: await signTestVoucher(channelId, 3000000n),
+            },
+          },
+          request: makeRequest(),
+        }),
+      ).rejects.toThrow(ChannelClosedError)
+    })
+
+    test('rejects voucher when payer initiated force-close with cached state', async () => {
+      const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
+      // Use channelStateTtl: 0 so every voucher triggers a stale re-query.
+      // This lets the first post-close voucher detect the force-close and
+      // persist closeRequestedAt to the store.
+      const server = createServer({ channelStateTtl: 0 })
+      await openServerChannel(server, channelId, serializedTransaction)
+
+      // Payer initiates a force-close on-chain
+      await requestCloseChannel({ escrow: escrowContract, payer, channelId })
+
+      // First voucher after close: stale re-query detects closeRequestedAt,
+      // persists it to the store, then throws ChannelClosedError.
+      await expect(
+        server.verify({
+          credential: {
+            challenge: makeChallenge({ id: 'challenge-2', channelId }),
+            payload: {
+              action: 'voucher' as const,
+              channelId,
+              cumulativeAmount: '2000000',
+              signature: await signTestVoucher(channelId, 2000000n),
+            },
+          },
+          request: makeRequest(),
+        }),
+      ).rejects.toThrow(ChannelClosedError)
+
+      // Now switch to a large TTL so subsequent vouchers use the cached path.
+      // The persisted closeRequestedAt should cause rejection without an
+      // on-chain re-query.
+      const server2 = createServer({ channelStateTtl: 60_000, store: rawStore })
+      await expect(
+        server2.verify({
+          credential: {
+            challenge: makeChallenge({ id: 'challenge-3', channelId }),
+            payload: {
+              action: 'voucher' as const,
+              channelId,
+              cumulativeAmount: '3000000',
+              signature: await signTestVoucher(channelId, 3000000n),
+            },
+          },
+          request: makeRequest(),
+        }),
+      ).rejects.toThrow(ChannelClosedError)
+    })
+  })
+
+  describe('topUp', () => {
+    async function openServerChannel(
+      server: ReturnType<typeof createServer>,
+      channelId: Hex,
+      serializedTransaction: Hex,
+    ) {
+      await server.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'open-challenge', channelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: serializedTransaction,
+            cumulativeAmount: '1000000',
+            signature: await signTestVoucher(channelId, 1000000n),
+          },
+        },
+        request: makeRequest(),
+      })
+    }
+
+    test('accepts topUp with increased deposit', async () => {
+      const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
+      const server = createServer()
+      await openServerChannel(server, channelId, serializedTransaction)
+
+      const { serializedTransaction: topUpTx } = await signTopUpChannel({
+        escrow: escrowContract,
+        payer,
+        channelId,
+        token: currency,
+        amount: 10000000n,
+      })
+
+      const receipt = await server.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'challenge-2', channelId }),
+          payload: {
+            action: 'topUp' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: topUpTx,
+            additionalDeposit: '10000000',
+          },
+        },
+        request: makeRequest(),
+      })
+
+      expect(receipt.status).toBe('success')
+
+      const ch = await store.getChannel(channelId)
+      expect(ch!.deposit).toBe(20000000n)
+    })
+
+    test('topUp receipt preserves spent and units from prior charges', async () => {
+      const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
+      const server = createServer()
+      await openServerChannel(server, channelId, serializedTransaction)
+
+      await charge(store, channelId, 500000n)
+      await charge(store, channelId, 300000n)
+
+      const chBefore = await store.getChannel(channelId)
+      expect(chBefore!.spent).toBe(800000n)
+      expect(chBefore!.units).toBe(2)
+
+      const { serializedTransaction: topUpTx } = await signTopUpChannel({
+        escrow: escrowContract,
+        payer,
+        channelId,
+        token: currency,
+        amount: 5000000n,
+      })
+
+      const receipt = (await server.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'challenge-topup', channelId }),
+          payload: {
+            action: 'topUp' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: topUpTx,
+            additionalDeposit: '5000000',
+          },
+        },
+        request: makeRequest(),
+      })) as SessionReceipt
+
+      expect(receipt.status).toBe('success')
+      expect(receipt.spent).toBe('800000')
+      expect(receipt.units).toBe(2)
+
+      const chAfter = await store.getChannel(channelId)
+      expect(chAfter!.spent).toBe(800000n)
+      expect(chAfter!.units).toBe(2)
+      expect(chAfter!.deposit).toBe(15000000n)
+    })
+
+    test('rejects topUp on unknown channel', async () => {
+      const { channelId } = await createSignedOpenTransaction(10000000n)
+      const server = createServer()
+
+      await expect(
+        server.verify({
+          credential: {
+            challenge: makeChallenge({ channelId }),
+            payload: {
+              action: 'topUp' as const,
+              type: 'transaction' as const,
+              channelId,
+              transaction: '0xabcdef' as Hex,
+              additionalDeposit: '5000000',
+            },
+          },
+          request: makeRequest(),
+        }),
+      ).rejects.toThrow(ChannelNotFoundError)
+    })
+  })
+
+  describe('close', () => {
+    async function openServerChannel(
+      server: ReturnType<typeof createServer>,
+      channelId: Hex,
+      serializedTransaction: Hex,
+    ) {
+      await server.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'open-challenge', channelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId,
             transaction: serializedTransaction,
             cumulativeAmount: '1000000',
             signature: await signTestVoucher(channelId, 1000000n),
@@ -979,6 +1381,392 @@ describe('session', () => {
     })
   })
 
+  describe('non-persistent storage recovery', () => {
+    test('open on existing on-chain channel initializes settledOnChain from chain', async () => {
+      const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
+      const server = createServer()
+
+      // Open channel and accept a voucher.
+      await server.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'c1', channelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: serializedTransaction,
+            cumulativeAmount: '5000000',
+            signature: await signTestVoucher(channelId, 5000000n),
+          },
+        },
+        request: makeRequest(),
+      })
+
+      // Settle on-chain so onChain.settled = 5000000.
+      const settleTxHash = await settle(store, client, channelId, { escrowContract })
+      await waitForTransactionReceipt(client, { hash: settleTxHash })
+      expect((await store.getChannel(channelId))!.settledOnChain).toBe(5000000n)
+
+      // Simulate server restart with non-persistent storage: wipe the store.
+      await store.updateChannel(channelId, () => null)
+      expect(await store.getChannel(channelId)).toBeNull()
+
+      // Re-open with a new (fresh) server instance using the same store.
+      const server2 = createServer()
+      const receipt = (await server2.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'c2', channelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: serializedTransaction,
+            cumulativeAmount: '7000000',
+            signature: await signTestVoucher(channelId, 7000000n),
+          },
+        },
+        request: makeRequest(),
+      })) as SessionReceipt
+
+      expect(receipt.status).toBe('success')
+
+      const ch = await store.getChannel(channelId)
+      expect(ch).not.toBeNull()
+      // settledOnChain should reflect the on-chain settled amount, not 0.
+      expect(ch!.settledOnChain).toBe(5000000n)
+      // spent must equal settledOnChain so only unsettled portion is chargeable.
+      expect(ch!.spent).toBe(5000000n)
+    })
+
+    test('recovery correctly limits available balance to unsettled portion', async () => {
+      const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
+      const server = createServer()
+
+      await server.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'c1', channelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: serializedTransaction,
+            cumulativeAmount: '5000000',
+            signature: await signTestVoucher(channelId, 5000000n),
+          },
+        },
+        request: makeRequest(),
+      })
+
+      const settleTxHash2 = await settle(store, client, channelId, { escrowContract })
+      await waitForTransactionReceipt(client, { hash: settleTxHash2 })
+
+      // Wipe store.
+      await store.updateChannel(channelId, () => null)
+
+      // Re-open with voucher = 6000000 on a channel with settled = 5000000.
+      const server2 = createServer()
+      await server2.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'c2', channelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: serializedTransaction,
+            cumulativeAmount: '6000000',
+            signature: await signTestVoucher(channelId, 6000000n),
+          },
+        },
+        request: makeRequest(),
+      })
+
+      // spent = settledOnChain = 5M, highestVoucherAmount = 6M.
+      // Available = 6M - 5M = 1M (only the unsettled portion).
+      const ch = await store.getChannel(channelId)
+      expect(ch!.highestVoucherAmount).toBe(6000000n)
+      expect(ch!.spent).toBe(5000000n)
+      expect(ch!.settledOnChain).toBe(5000000n)
+      await charge(store, channelId, 1000000n)
+      await expect(charge(store, channelId, 1n)).rejects.toThrow(InsufficientBalanceError)
+    })
+
+    test('reopen existing channel bumps stale settledOnChain from chain', async () => {
+      const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
+      const server = createServer()
+
+      await server.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'c1', channelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: serializedTransaction,
+            cumulativeAmount: '3000000',
+            signature: await signTestVoucher(channelId, 3000000n),
+          },
+        },
+        request: makeRequest(),
+      })
+
+      // Settle on-chain so onChain.settled = 3000000.
+      const settleTxHash = await settle(store, client, channelId, { escrowContract })
+      await waitForTransactionReceipt(client, { hash: settleTxHash })
+
+      // Store still has the old record — settledOnChain is correct after settle.
+      expect((await store.getChannel(channelId))!.settledOnChain).toBe(3000000n)
+
+      // Manually regress settledOnChain to simulate a stale stored value.
+      await store.updateChannel(channelId, (ch) => (ch ? { ...ch, settledOnChain: 0n } : null))
+      expect((await store.getChannel(channelId))!.settledOnChain).toBe(0n)
+
+      // Re-open with a higher voucher — should bump settledOnChain from chain.
+      const server2 = createServer()
+      await server2.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'c2', channelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: serializedTransaction,
+            cumulativeAmount: '5000000',
+            signature: await signTestVoucher(channelId, 5000000n),
+          },
+        },
+        request: makeRequest(),
+      })
+
+      const ch = await store.getChannel(channelId)
+      expect(ch!.settledOnChain).toBe(3000000n)
+      expect(ch!.highestVoucherAmount).toBe(5000000n)
+    })
+
+    test('reopen existing record bumps spent to settledOnChain to prevent over-service', async () => {
+      const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
+      const server = createServer()
+
+      // Open channel with voucher = 5M (spent stays 0).
+      await server.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'c1', channelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: serializedTransaction,
+            cumulativeAmount: '5000000',
+            signature: await signTestVoucher(channelId, 5000000n),
+          },
+        },
+        request: makeRequest(),
+      })
+
+      // Settle on-chain so onChain.settled = 5M.
+      const settleTxHash = await settle(store, client, channelId, { escrowContract })
+      await waitForTransactionReceipt(client, { hash: settleTxHash })
+
+      // Store record still exists (no store loss), but spent is 0.
+      const before = await store.getChannel(channelId)
+      expect(before!.spent).toBe(0n)
+      expect(before!.settledOnChain).toBe(5000000n)
+
+      // Re-open with higher voucher = 7M on existing record.
+      const server2 = createServer()
+      await server2.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'c2', channelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: serializedTransaction,
+            cumulativeAmount: '7000000',
+            signature: await signTestVoucher(channelId, 7000000n),
+          },
+        },
+        request: makeRequest(),
+      })
+
+      // spent must be bumped to at least settledOnChain (5M) so available
+      // is only the unsettled portion (7M - 5M = 2M), not the full 7M.
+      const ch = await store.getChannel(channelId)
+      expect(ch!.settledOnChain).toBe(5000000n)
+      expect(ch!.spent).toBe(5000000n)
+      expect(ch!.highestVoucherAmount).toBe(7000000n)
+
+      // Only 2M should be chargeable.
+      await charge(store, channelId, 2000000n)
+      await expect(charge(store, channelId, 1n)).rejects.toThrow(InsufficientBalanceError)
+    })
+
+    test('rejects voucher at settled amount after store loss', async () => {
+      const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
+      const server = createServer()
+
+      await server.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'c1', channelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: serializedTransaction,
+            cumulativeAmount: '5000000',
+            signature: await signTestVoucher(channelId, 5000000n),
+          },
+        },
+        request: makeRequest(),
+      })
+
+      const settleTxHash3 = await settle(store, client, channelId, { escrowContract })
+      await waitForTransactionReceipt(client, { hash: settleTxHash3 })
+      await store.updateChannel(channelId, () => null)
+
+      // Attempt to re-open with a voucher equal to the settled amount.
+      // This should be rejected because cumulativeAmount <= onChain.settled.
+      const server2 = createServer()
+      await expect(
+        server2.verify({
+          credential: {
+            challenge: makeChallenge({ id: 'c2', channelId }),
+            payload: {
+              action: 'open' as const,
+              type: 'transaction' as const,
+              channelId,
+              transaction: serializedTransaction,
+              cumulativeAmount: '5000000',
+              signature: await signTestVoucher(channelId, 5000000n),
+            },
+          },
+          request: makeRequest(),
+        }),
+      ).rejects.toThrow('voucher cumulativeAmount is below on-chain settled amount')
+    })
+
+    test('close after recovery respects on-chain settled as minimum', async () => {
+      const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
+      const server = createServer()
+
+      // Open, settle 4M, wipe store.
+      await server.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'c1', channelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: serializedTransaction,
+            cumulativeAmount: '4000000',
+            signature: await signTestVoucher(channelId, 4000000n),
+          },
+        },
+        request: makeRequest(),
+      })
+
+      const settleTxHash = await settle(store, client, channelId, { escrowContract })
+      await waitForTransactionReceipt(client, { hash: settleTxHash })
+      await store.updateChannel(channelId, () => null)
+
+      // Re-open with voucher = 8M.
+      const server2 = createServer()
+      await server2.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'c2', channelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: serializedTransaction,
+            cumulativeAmount: '8000000',
+            signature: await signTestVoucher(channelId, 8000000n),
+          },
+        },
+        request: makeRequest(),
+      })
+
+      // Charge 1M — spent goes from 4M (settled baseline) to 5M.
+      await charge(store, channelId, 1000000n)
+
+      // Close must succeed with voucher >= max(spent=5M, settled=4M) = 5M.
+      // Use 8M (the full authorization).
+      const receipt = await server2.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'close', channelId }),
+          payload: {
+            action: 'close' as const,
+            channelId,
+            cumulativeAmount: '8000000',
+            signature: await signTestVoucher(channelId, 8000000n),
+          },
+        },
+        request: makeRequest(),
+      })
+
+      expect(receipt.status).toBe('success')
+      const ch = await store.getChannel(channelId)
+      expect(ch!.finalized).toBe(true)
+    })
+
+    test('close after recovery rejects voucher below on-chain settled', async () => {
+      const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
+      const server = createServer()
+
+      // Open, settle 5M, wipe store.
+      await server.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'c1', channelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: serializedTransaction,
+            cumulativeAmount: '5000000',
+            signature: await signTestVoucher(channelId, 5000000n),
+          },
+        },
+        request: makeRequest(),
+      })
+
+      const settleTxHash = await settle(store, client, channelId, { escrowContract })
+      await waitForTransactionReceipt(client, { hash: settleTxHash })
+      await store.updateChannel(channelId, () => null)
+
+      // Re-open with voucher = 7M.
+      const server2 = createServer()
+      await server2.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'c2', channelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: serializedTransaction,
+            cumulativeAmount: '7000000',
+            signature: await signTestVoucher(channelId, 7000000n),
+          },
+        },
+        request: makeRequest(),
+      })
+
+      // Try to close with 3M — below settled (5M). Must be rejected.
+      await expect(
+        server2.verify({
+          credential: {
+            challenge: makeChallenge({ id: 'close', channelId }),
+            payload: {
+              action: 'close' as const,
+              channelId,
+              cumulativeAmount: '3000000',
+              signature: await signTestVoucher(channelId, 3000000n),
+            },
+          },
+          request: makeRequest(),
+        }),
+      ).rejects.toThrow('close voucher amount must be >=')
+    })
+  })
+
   describe('structured errors', () => {
     test('ChannelNotFoundError on unknown channel', async () => {
       const { channelId } = await createSignedOpenTransaction(10000000n)
@@ -1354,6 +2142,7 @@ describe('monotonicity and TOCTOU (unit tests)', () => {
       },
       spent: 0n,
       units: 0,
+      closeRequestedAt: 0n,
       finalized: false,
       createdAt: new Date().toISOString(),
       ...overrides,