mppx 0.4.8 → 0.4.9

package/src/internal/types.ts

@@ -256,9 +256,7 @@ export type LastInUnion<U> =
 
 /** @internal */
 export type UnionToIntersection<union> = (
-  union extends unknown
-    ? (arg: union) => 0
-    : never
+  union extends unknown ? (arg: union) => 0 : never
 ) extends (arg: infer i) => 0
   ? i
   : never

package/src/mcp-sdk/client/McpClient.test-d.ts

@@ -2,6 +2,7 @@ import type { Client } from '@modelcontextprotocol/sdk/client/index.js'
 import { tempo } from 'mppx/client'
 import type { Account } from 'viem'
 import { describe, expectTypeOf, test } from 'vitest'
+
 import * as McpClient from './McpClient.js'
 
 describe('McpClient.wrap', () => {

package/src/mcp-sdk/client/McpClient.test.ts

@@ -8,6 +8,7 @@ import { Mppx as Mppx_server, tempo as tempo_server } from 'mppx/server'
 import { createClient } from 'viem'
 import { afterEach, beforeEach, describe, expect, test } from 'vitest'
 import { accounts, asset, chain, http, client as testClient } from '~test/tempo/viem.js'
+
 import * as McpServer_transport from '../server/Transport.js'
 import * as McpClient from './McpClient.js'
 

package/src/mcp-sdk/client/McpClient.ts

@@ -1,5 +1,6 @@
 import type { Client } from '@modelcontextprotocol/sdk/client/index.js'
 import type { McpError } from '@modelcontextprotocol/sdk/types.js'
+
 import type * as Challenge from '../../Challenge.js'
 import * as Credential from '../../Credential.js'
 import * as core_Mcp from '../../Mcp.js'
@@ -84,6 +85,7 @@ export function wrap<
           const installed = methods.map((m) => `${m.name}.${m.intent}`).join(', ')
           throw new Error(
             `No compatible payment method. Server offers: ${available}. Client has: ${installed}`,
+            { cause: error },
           )
         }
 

package/src/mcp-sdk/server/Transport.test.ts

@@ -1,4 +1,5 @@
 import { describe, expect, test } from 'vitest'
+
 import type { Challenge } from '../../Challenge.js'
 import type { Credential } from '../../Credential.js'
 import { VerificationFailedError } from '../../Errors.js'

package/src/mcp-sdk/server/Transport.ts

@@ -1,4 +1,5 @@
 import type { CallToolResult, McpError } from '@modelcontextprotocol/sdk/types.js'
+
 import type * as Credential from '../../Credential.js'
 import * as core_Mcp from '../../Mcp.js'
 import * as Transport from '../../server/Transport.js'

package/src/middlewares/elysia.test.ts

@@ -1,4 +1,5 @@
 import * as http from 'node:http'
+
 import { Elysia } from 'elysia'
 import { Receipt } from 'mppx'
 import { Mppx as Mppx_client, tempo as tempo_client } from 'mppx/client'

package/src/middlewares/elysia.ts

@@ -1,4 +1,5 @@
 import type { Context } from 'elysia'
+
 import * as Mppx_core from '../server/Mppx.js'
 import * as Mppx_internal from './internal/mppx.js'
 

package/src/middlewares/express.test.ts

@@ -1,8 +1,8 @@
 import express from 'express'
 import { Receipt } from 'mppx'
 import { Mppx as Mppx_client, session as sessionIntent, tempo as tempo_client } from 'mppx/client'
-import { Mppx } from 'mppx/express'
-import { tempo as tempo_server } from 'mppx/server'
+import { Mppx, payment } from 'mppx/express'
+import { Mppx as Mppx_server, tempo as tempo_server } from 'mppx/server'
 import type { Address } from 'viem'
 import { Addresses } from 'viem/tempo'
 import { beforeAll, describe, expect, test } from 'vitest'
@@ -158,3 +158,63 @@ describe('session', () => {
     server.close()
   })
 })
+
+describe('payment', () => {
+  const mppx = Mppx_server.create({
+    methods: [
+      tempo_server({
+        getClient: () => client,
+        currency: asset,
+        recipient: accounts[0].address,
+      }),
+    ],
+    secretKey,
+  })
+
+  const { fetch } = Mppx_client.create({
+    polyfill: false,
+    methods: [
+      tempo_client({
+        account: accounts[1],
+        getClient: () => client,
+      }),
+    ],
+  })
+
+  test('returns 402 when no credential', async () => {
+    const app = express()
+    app.get('/', payment(mppx.charge, { amount: '1' }), (_req, res) => {
+      res.json({ fortune: 'You will be rich' })
+    })
+
+    const server = await createServer(app)
+    const response = await globalThis.fetch(server.url)
+    expect(response.status).toBe(402)
+    expect(response.headers.get('WWW-Authenticate')).toContain('Payment')
+
+    server.close()
+  })
+
+  test('returns 200 with receipt on valid payment', async () => {
+    const app = express()
+    app.get('/', payment(mppx.charge, { amount: '1' }), (_req, res) => {
+      res.json({ fortune: 'You will be rich' })
+    })
+
+    const server = await createServer(app)
+    const response = await fetch(server.url)
+    expect(response.status).toBe(200)
+
+    const body = await response.json()
+    expect(body).toEqual({ fortune: 'You will be rich' })
+
+    const receiptHeader = response.headers.get('Payment-Receipt')
+    expect(receiptHeader).toBeTruthy()
+
+    const receipt = Receipt.fromResponse(response)
+    expect(receipt.status).toBe('success')
+    expect(receipt.method).toBe('tempo')
+
+    server.close()
+  })
+})

package/src/middlewares/express.ts

@@ -4,8 +4,8 @@ import type {
   NextFunction,
   RequestHandler,
 } from 'express'
+
 import * as Mppx_core from '../server/Mppx.js'
-import * as Request from '../server/Request.js'
 import * as Mppx_internal from './internal/mppx.js'
 
 export * from '../server/Methods.js'
@@ -60,7 +60,11 @@ export function payment<const intent extends Mppx_internal.AnyMethodFn>(
   options: intent extends (options: infer options) => any ? options : never,
 ): RequestHandler {
   return async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
-    const result = await intent(options)(Request.fromNodeListener(req, res))
+    const request = new Request(`${req.protocol}://${req.hostname}${req.originalUrl}`, {
+      method: req.method,
+      headers: req.headers as Record<string, string>,
+    })
+    const result = await intent(options)(request)
 
     if (result.status === 402) {
       const challenge = result.challenge as Response

package/src/middlewares/hono.ts

@@ -1,4 +1,5 @@
 import type { MiddlewareHandler } from 'hono'
+
 import * as Mppx_core from '../server/Mppx.js'
 import * as Mppx_internal from './internal/mppx.js'
 

package/src/middlewares/internal/mppx.test.ts

@@ -1,6 +1,7 @@
 import { Challenge, Credential, Method, z } from 'mppx'
 import { Mppx } from 'mppx/server'
 import { describe, expect, test } from 'vitest'
+
 import { wrap } from './mppx.js'
 
 const realm = 'api.example.com'

package/src/middlewares/nextjs.test.ts

@@ -1,4 +1,5 @@
 import * as http from 'node:http'
+
 import { Receipt } from 'mppx'
 import { Mppx as Mppx_client, session as sessionIntent, tempo as tempo_client } from 'mppx/client'
 import { Mppx } from 'mppx/nextjs'

package/src/proxy/Proxy.test.ts

@@ -4,6 +4,7 @@ import { Mppx as Mppx_server, tempo as tempo_server } from 'mppx/server'
 import { afterEach, describe, expect, test } from 'vitest'
 import * as Http from '~test/Http.js'
 import { accounts, asset, client } from '~test/tempo/viem.js'
+
 import * as ApiProxy from './Proxy.js'
 import * as Service from './Service.js'
 import { anthropic } from './services/anthropic.js'

package/src/proxy/Proxy.ts

@@ -1,5 +1,7 @@
 import type * as http from 'node:http'
+
 import { createFetchProxy } from '@remix-run/fetch-proxy'
+
 import * as Request from '../server/Request.js'
 import * as Headers from './internal/Headers.js'
 import * as Route from './internal/Route.js'

package/src/proxy/Service.test.ts

@@ -1,4 +1,5 @@
 import { describe, expect, test } from 'vitest'
+
 import * as Service from './Service.js'
 
 describe('from', () => {

package/src/proxy/Service.ts

@@ -267,8 +267,14 @@ function resolvePayment(endpoint: Endpoint): Record<string, unknown> | null {
   if (endpoint === true) return null
   const handler = typeof endpoint === 'function' ? endpoint : endpoint.pay
   if (!('_internal' in handler)) return {}
-  const { name, intent, defaults, schema, _canonicalRequest, ...rest } =
-    handler._internal as Record<string, unknown>
+  const {
+    name,
+    intent,
+    defaults: _,
+    schema: _s,
+    _canonicalRequest,
+    ...rest
+  } = handler._internal as Record<string, unknown>
   const amount = (() => {
     if (typeof rest.amount === 'string' && typeof rest.decimals === 'number')
       return String(Value.from(rest.amount, rest.decimals))

package/src/proxy/internal/Headers.test.ts

@@ -1,4 +1,5 @@
 import { describe, expect, test } from 'vitest'
+
 import * as Headers from './Headers.js'
 
 describe('scrub', () => {

package/src/proxy/services/openai.test.ts

@@ -4,6 +4,7 @@ import { Mppx as Mppx_server, tempo as tempo_server } from 'mppx/server'
 import { afterEach, describe, expect, test } from 'vitest'
 import * as Http from '~test/Http.js'
 import { accounts, asset, client } from '~test/tempo/viem.js'
+
 import * as ApiProxy from '../Proxy.js'
 import { openai } from './openai.js'
 

package/src/server/Mppx.test.ts

@@ -180,6 +180,198 @@ describe('request handler', () => {
     expect(body.detail).toContain('does not match')
   })
 
+  test('topUp credential bypasses cross-route amount validation', async () => {
+    // Use a session method whose schema defines action: 'topUp'
+    const sessionMethod = Method.from({
+      name: 'mock',
+      intent: 'session',
+      schema: {
+        credential: {
+          payload: z.discriminatedUnion('action', [
+            z.object({ action: z.literal('open'), token: z.string() }),
+            z.object({ action: z.literal('topUp'), token: z.string() }),
+          ]),
+        },
+        request: z.object({
+          amount: z.string(),
+          currency: z.string(),
+          recipient: z.string(),
+        }),
+      },
+    })
+    const sessionServerMethod = Method.toServer(sessionMethod, {
+      async verify() {
+        return {
+          status: 'settled',
+          method: 'mock',
+          timestamp: new Date().toISOString(),
+          reference: 'ref',
+        } as any
+      },
+    })
+    const handler = Mppx.create({ methods: [sessionServerMethod], realm, secretKey })
+
+    // Get a challenge from the "cheap" route (simulates HEAD-obtained challenge)
+    const cheapHandle = handler['mock/session']({
+      amount: '1',
+      currency: asset,
+      expires: new Date(Date.now() + 60_000).toISOString(),
+      recipient: accounts[0].address,
+    })
+    const cheapResult = await cheapHandle(new Request('https://example.com/cheap'))
+    expect(cheapResult.status).toBe(402)
+    if (cheapResult.status !== 402) throw new Error()
+
+    const cheapChallenge = Challenge.fromResponse(cheapResult.challenge)
+
+    // Build a topUp credential from the cheap challenge (echoed from HEAD)
+    const credential = Credential.from({
+      challenge: cheapChallenge,
+      payload: { action: 'topUp', token: 'valid' },
+    })
+
+    // Present it at the "expensive" route — topUp should bypass amount check
+    const expensiveHandle = handler['mock/session']({
+      amount: '1000000',
+      currency: asset,
+      expires: new Date(Date.now() + 60_000).toISOString(),
+      recipient: accounts[0].address,
+    })
+    const result = await expensiveHandle(
+      new Request('https://example.com/expensive', {
+        headers: { Authorization: Credential.serialize(credential) },
+      }),
+    )
+
+    // Should NOT get 402 for amount mismatch — topUp bypasses the check.
+    // It will fail at a later stage (payload validation), but not with
+    // "does not match this route's requirements".
+    if (result.status === 402) {
+      const body = (await result.challenge.json()) as { detail?: string }
+      expect(body.detail).not.toContain('does not match')
+    }
+  })
+
+  test('voucher credential bypasses cross-route amount validation', async () => {
+    const sessionMethod = Method.from({
+      name: 'mock',
+      intent: 'session',
+      schema: {
+        credential: {
+          payload: z.discriminatedUnion('action', [
+            z.object({ action: z.literal('open'), token: z.string() }),
+            z.object({
+              action: z.literal('voucher'),
+              cumulativeAmount: z.string(),
+              signature: z.string(),
+            }),
+          ]),
+        },
+        request: z.object({
+          amount: z.string(),
+          currency: z.string(),
+          recipient: z.string(),
+        }),
+      },
+    })
+    const sessionServerMethod = Method.toServer(sessionMethod, {
+      async verify() {
+        return {
+          status: 'settled',
+          method: 'mock',
+          timestamp: new Date().toISOString(),
+          reference: 'ref',
+        } as any
+      },
+    })
+    const handler = Mppx.create({ methods: [sessionServerMethod], realm, secretKey })
+
+    // Get a challenge from the "cheap" route (simulates initial SSE request)
+    const cheapHandle = handler['mock/session']({
+      amount: '1',
+      currency: asset,
+      expires: new Date(Date.now() + 60_000).toISOString(),
+      recipient: accounts[0].address,
+    })
+    const cheapResult = await cheapHandle(new Request('https://example.com/chat'))
+    expect(cheapResult.status).toBe(402)
+    if (cheapResult.status !== 402) throw new Error()
+
+    const cheapChallenge = Challenge.fromResponse(cheapResult.challenge)
+
+    // Build a voucher credential echoing the original challenge — mid-stream
+    // the server may re-price (dynamic pricing), so the route's amount differs
+    const credential = Credential.from({
+      challenge: cheapChallenge,
+      payload: { action: 'voucher', cumulativeAmount: '500', signature: '0xabc' },
+    })
+
+    // Present it at the same route but with a higher price — voucher should
+    // bypass the cross-route amount check just like topUp does
+    const expensiveHandle = handler['mock/session']({
+      amount: '1000000',
+      currency: asset,
+      expires: new Date(Date.now() + 60_000).toISOString(),
+      recipient: accounts[0].address,
+    })
+    const result = await expensiveHandle(
+      new Request('https://example.com/chat', {
+        headers: { Authorization: Credential.serialize(credential) },
+      }),
+    )
+
+    // Should NOT get 402 for amount mismatch — voucher bypasses the check.
+    if (result.status === 402) {
+      const body = (await result.challenge.json()) as { detail?: string }
+      expect(body.detail).not.toContain('does not match')
+    }
+  })
+
+  test('rejects charge credential with injected action: topUp (cross-route bypass attempt)', async () => {
+    const handler = Mppx.create({ methods: [method], realm, secretKey })
+
+    // Get a challenge from the "cheap" route
+    const cheapHandle = handler.charge({
+      amount: '1',
+      currency: asset,
+      expires: new Date(Date.now() + 60_000).toISOString(),
+      recipient: accounts[0].address,
+    })
+    const cheapResult = await cheapHandle(new Request('https://example.com/cheap'))
+    expect(cheapResult.status).toBe(402)
+    if (cheapResult.status !== 402) throw new Error()
+
+    const cheapChallenge = Challenge.fromResponse(cheapResult.challenge)
+
+    // Malicious client injects action: 'topUp' into a regular charge credential
+    // to try to bypass the cross-route amount check
+    const credential = Credential.from({
+      challenge: cheapChallenge,
+      payload: { action: 'topUp', signature: '0x123', type: 'transaction' },
+    })
+
+    // Present it at the "expensive" route — should still be rejected
+    const expensiveHandle = handler.charge({
+      amount: '1000000',
+      currency: asset,
+      expires: new Date(Date.now() + 60_000).toISOString(),
+      recipient: accounts[0].address,
+    })
+    const result = await expensiveHandle(
+      new Request('https://example.com/expensive', {
+        headers: { Authorization: Credential.serialize(credential) },
+      }),
+    )
+
+    // Injecting action: 'topUp' on a charge credential must not bypass
+    // the cross-route amount check. The credential should be rejected
+    // with "does not match" just like a normal charge credential would be.
+    expect(result.status).toBe(402)
+    if (result.status !== 402) throw new Error()
+    const body = (await result.challenge.json()) as { detail: string }
+    expect(body.detail).toContain('does not match')
+  })
+
   test('returns 402 when credential challenge is expired', async () => {
     const pastExpires = new Date(Date.now() - 60_000).toISOString()
 

package/src/server/Mppx.ts

@@ -1,4 +1,5 @@
 import type { IncomingMessage, ServerResponse } from 'node:http'
+
 import * as Challenge from '../Challenge.js'
 import * as Credential from '../Credential.js'
 import * as Errors from '../Errors.js'
@@ -335,6 +336,13 @@ function createMethodFn(parameters: createMethodFn.Parameters): createMethodFn.R
         // Note: we compare specific payment parameters rather than the full
         // request because the `request` hook may produce credential-dependent
         // output (e.g. `feePayer` differs between 402 and credential calls).
+        //
+        // Skip this check for topUp and voucher actions: the route's
+        // `request` hook may produce a different amount because these
+        // requests carry no application body (e.g. no model field for
+        // dynamic pricing). The credential echoes a challenge obtained
+        // from the original request which had the correct amount; the
+        // on-chain voucher signature is the real validation.
         {
           for (const field of ['method', 'intent', 'realm'] as const) {
             if (credential.challenge[field] !== challenge[field]) {
@@ -350,25 +358,36 @@ function createMethodFn(parameters: createMethodFn.Parameters): createMethodFn.R
             }
           }
 
-          const routeReq = challenge.request as Record<string, unknown>
-          const echoedReq = credential.challenge.request as Record<string, unknown>
-          const routeDetails = (routeReq.methodDetails ?? {}) as Record<string, unknown>
-          const echoedDetails = (echoedReq.methodDetails ?? {}) as Record<string, unknown>
-          for (const field of ['amount', 'currency', 'recipient'] as const) {
-            const routeVal = routeReq[field] ?? routeDetails[field]
-            if (
-              routeVal !== undefined &&
-              String(routeVal) !== String(echoedReq[field] ?? echoedDetails[field])
-            ) {
-              const response = await transport.respondChallenge({
-                challenge,
-                input,
-                error: new Errors.InvalidChallengeError({
-                  id: credential.challenge.id,
-                  reason: `credential ${field} does not match this route's requirements`,
-                }),
-              })
-              return { challenge: response, status: 402 }
+          // Use safeParse (not raw payload) so only methods whose schema
+          // defines `action` can trigger the skip. Without this, a client
+          // could inject `action: 'topUp'` on a charge credential to bypass
+          // the amount check. Zod strips unknown keys, so charge payloads
+          // (which don't define `action`) will have it removed.
+          const parsed = method.schema.credential.payload.safeParse(credential.payload)
+          const action = parsed.success
+            ? (parsed.data as Record<string, unknown>)?.action
+            : undefined
+          if (action !== 'topUp' && action !== 'voucher') {
+            const routeReq = challenge.request as Record<string, unknown>
+            const echoedReq = credential.challenge.request as Record<string, unknown>
+            const routeDetails = (routeReq.methodDetails ?? {}) as Record<string, unknown>
+            const echoedDetails = (echoedReq.methodDetails ?? {}) as Record<string, unknown>
+            for (const field of ['amount', 'currency', 'recipient'] as const) {
+              const routeVal = routeReq[field] ?? routeDetails[field]
+              if (
+                routeVal !== undefined &&
+                String(routeVal) !== String(echoedReq[field] ?? echoedDetails[field])
+              ) {
+                const response = await transport.respondChallenge({
+                  challenge,
+                  input,
+                  error: new Errors.InvalidChallengeError({
+                    id: credential.challenge.id,
+                    reason: `credential ${field} does not match this route's requirements`,
+                  }),
+                })
+                return { challenge: response, status: 402 }
+              }
             }
           }
         }

package/src/server/Request.test.ts

@@ -1,5 +1,6 @@
 import { EventEmitter } from 'node:events'
 import type { IncomingMessage, ServerResponse } from 'node:http'
+
 import { Request } from 'mppx/server'
 import { describe, expect, test } from 'vitest'
 

package/src/server/Request.ts

@@ -1,4 +1,5 @@
 import type { IncomingMessage, RequestListener, ServerResponse } from 'node:http'
+
 import * as FetchServer from '@remix-run/node-fetch-server'
 
 export type FetchHandler = (request: Request) => Promise<Response> | Response

package/src/server/Response.test.ts

@@ -1,6 +1,7 @@
 import { Challenge } from 'mppx'
 import { Response } from 'mppx/server'
 import { describe, expect, test } from 'vitest'
+
 import * as Errors from '../Errors.js'
 
 const challenge = Challenge.from({

package/src/server/Transport.test.ts

@@ -2,6 +2,7 @@ import { Challenge, Credential, Mcp, Receipt } from 'mppx'
 import { Transport } from 'mppx/server'
 import { Methods } from 'mppx/tempo'
 import { describe, expect, test } from 'vitest'
+
 import { BadRequestError, ChannelClosedError } from '../Errors.js'
 
 const realm = 'api.example.com'

package/src/stripe/Methods.ts

@@ -1,4 +1,5 @@
 import { parseUnits } from 'viem'
+
 import * as Method from '../Method.js'
 import * as z from '../zod.js'
 

package/src/stripe/client/Charge.test.ts

@@ -2,6 +2,7 @@ import { Challenge, Credential } from 'mppx'
 import { Mppx, stripe } from 'mppx/client'
 import { Mppx as Mppx_server, stripe as stripe_server } from 'mppx/server'
 import { describe, expect, test, vi } from 'vitest'
+
 import type { StripeJs } from '../internal/types.js'
 import { charge as clientCharge_ } from './Charge.js'
 

package/src/stripe/server/Charge.test.ts

@@ -2,6 +2,7 @@ import { Challenge, Credential } from 'mppx'
 import { Mppx, stripe } from 'mppx/server'
 import { afterEach, describe, expect, test, vi } from 'vitest'
 import * as Http from '~test/Http.js'
+
 import type { StripeClient } from '../internal/types.js'
 
 const realm = 'api.example.com'

package/src/tempo/Attribution.test.ts

@@ -1,5 +1,6 @@
 import { Bytes, Hash, Hex } from 'ox'
 import { describe, expect, test } from 'vitest'
+
 import * as Attribution from './Attribution.js'
 
 describe('Attribution', () => {

package/src/tempo/Methods.ts

@@ -1,5 +1,6 @@
 import type { Account } from 'viem'
 import { parseUnits } from 'viem'
+
 import * as Method from '../Method.js'
 import * as z from '../zod.js'
 

package/src/tempo/client/ChannelOps.test.ts

@@ -5,6 +5,7 @@ import { Addresses } from 'viem/tempo'
 import { beforeAll, describe, expect, test } from 'vitest'
 import { deployEscrow, openChannel } from '~test/tempo/session.js'
 import { accounts, asset, chain, client, fundAccount, http } from '~test/tempo/viem.js'
+
 import type { Challenge } from '../../Challenge.js'
 import * as Credential from '../../Credential.js'
 import {

package/src/tempo/client/ChannelOps.ts

@@ -15,6 +15,7 @@ import {
 } from 'viem'
 import { prepareTransactionRequest, signTransaction } from 'viem/actions'
 import { Abis } from 'viem/tempo'
+
 import type { Challenge } from '../../Challenge.js'
 import * as Credential from '../../Credential.js'
 import * as defaults from '../internal/defaults.js'

package/src/tempo/client/Charge.ts

@@ -3,6 +3,7 @@ import type { Address } from 'viem'
 import { prepareTransactionRequest, sendCallsSync, signTransaction } from 'viem/actions'
 import { tempo as tempo_chain } from 'viem/chains'
 import { Actions } from 'viem/tempo'
+
 import * as Credential from '../../Credential.js'
 import * as Method from '../../Method.js'
 import * as Account from '../../viem/Account.js'

package/src/tempo/client/Session.test.ts

@@ -4,6 +4,7 @@ import { Addresses } from 'viem/tempo'
 import { beforeAll, describe, expect, test } from 'vitest'
 import { deployEscrow, openChannel } from '~test/tempo/session.js'
 import { accounts, asset, chain, client, fundAccount } from '~test/tempo/viem.js'
+
 import * as Challenge from '../../Challenge.js'
 import * as Credential from '../../Credential.js'
 import { chainId, escrowContract as escrowContractDefaults } from '../internal/defaults.js'

package/src/tempo/client/Session.ts

@@ -1,6 +1,7 @@
 import type { Hex } from 'ox'
 import { type Address, parseUnits, type Account as viem_Account } from 'viem'
 import { tempo as tempo_chain } from 'viem/chains'
+
 import type * as Challenge from '../../Challenge.js'
 import * as Method from '../../Method.js'
 import * as Account from '../../viem/Account.js'