npm - mppx - Versions diffs - 0.5.11 → 0.5.12 - Mend

mppx 0.5.11 → 0.5.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (100) hide show

package/CHANGELOG.md +8 -0
package/dist/cli/cli.d.ts.map +1 -1
package/dist/cli/cli.js +41 -16
package/dist/cli/cli.js.map +1 -1
package/dist/cli/config.d.ts +6 -4
package/dist/cli/config.d.ts.map +1 -1
package/dist/cli/config.js.map +1 -1
package/dist/cli/internal.d.ts +8 -0
package/dist/cli/internal.d.ts.map +1 -1
package/dist/cli/internal.js +33 -3
package/dist/cli/internal.js.map +1 -1
package/dist/cli/plugins/plugin.d.ts +2 -0
package/dist/cli/plugins/plugin.d.ts.map +1 -1
package/dist/cli/plugins/stripe.d.ts.map +1 -1
package/dist/cli/plugins/stripe.js +3 -0
package/dist/cli/plugins/stripe.js.map +1 -1
package/dist/cli/plugins/tempo.d.ts.map +1 -1
package/dist/cli/plugins/tempo.js +3 -0
package/dist/cli/plugins/tempo.js.map +1 -1
package/dist/client/Mppx.d.ts +10 -1
package/dist/client/Mppx.d.ts.map +1 -1
package/dist/client/Mppx.js +17 -5
package/dist/client/Mppx.js.map +1 -1
package/dist/client/Transport.d.ts +2 -0
package/dist/client/Transport.d.ts.map +1 -1
package/dist/client/Transport.js +11 -0
package/dist/client/Transport.js.map +1 -1
package/dist/client/internal/Fetch.d.ts +3 -0
package/dist/client/internal/Fetch.d.ts.map +1 -1
package/dist/client/internal/Fetch.js +65 -19
package/dist/client/internal/Fetch.js.map +1 -1
package/dist/internal/AcceptPayment.d.ts +72 -0
package/dist/internal/AcceptPayment.d.ts.map +1 -0
package/dist/internal/AcceptPayment.js +185 -0
package/dist/internal/AcceptPayment.js.map +1 -0
package/dist/mcp-sdk/client/McpClient.d.ts.map +1 -1
package/dist/mcp-sdk/client/McpClient.js +8 -4
package/dist/mcp-sdk/client/McpClient.js.map +1 -1
package/dist/server/Mppx.d.ts +1 -1
package/dist/server/Mppx.d.ts.map +1 -1
package/dist/server/Mppx.js +33 -24
package/dist/server/Mppx.js.map +1 -1
package/dist/stripe/internal/constants.d.ts +8 -0
package/dist/stripe/internal/constants.d.ts.map +1 -0
package/dist/stripe/internal/constants.js +8 -0
package/dist/stripe/internal/constants.js.map +1 -0
package/dist/stripe/server/Charge.d.ts.map +1 -1
package/dist/stripe/server/Charge.js +23 -5
package/dist/stripe/server/Charge.js.map +1 -1
package/dist/tempo/Proof.d.ts +12 -0
package/dist/tempo/Proof.d.ts.map +1 -0
package/dist/tempo/Proof.js +10 -0
package/dist/tempo/Proof.js.map +1 -0
package/dist/tempo/index.d.ts +1 -0
package/dist/tempo/index.d.ts.map +1 -1
package/dist/tempo/index.js +1 -0
package/dist/tempo/index.js.map +1 -1
package/dist/tempo/internal/fee-payer.d.ts.map +1 -1
package/dist/tempo/internal/fee-payer.js +5 -1
package/dist/tempo/internal/fee-payer.js.map +1 -1
package/dist/tempo/server/Charge.d.ts.map +1 -1
package/dist/tempo/server/Charge.js +62 -3
package/dist/tempo/server/Charge.js.map +1 -1
package/dist/tempo/server/internal/html.gen.d.ts +1 -1
package/dist/tempo/server/internal/html.gen.d.ts.map +1 -1
package/dist/tempo/server/internal/html.gen.js +1 -1
package/dist/tempo/server/internal/html.gen.js.map +1 -1
package/package.json +2 -2
package/src/cli/cli.test.ts +278 -0
package/src/cli/cli.ts +47 -16
package/src/cli/config.ts +10 -4
package/src/cli/internal.ts +59 -3
package/src/cli/plugins/plugin.ts +3 -0
package/src/cli/plugins/stripe.ts +3 -0
package/src/cli/plugins/tempo.ts +3 -0
package/src/client/Mppx.test-d.ts +33 -0
package/src/client/Mppx.test.ts +130 -1
package/src/client/Mppx.ts +35 -5
package/src/client/Transport.test.ts +88 -55
package/src/client/Transport.ts +13 -0
package/src/client/internal/Fetch.browser.test.ts +16 -13
package/src/client/internal/Fetch.test.ts +307 -10
package/src/client/internal/Fetch.ts +85 -19
package/src/internal/AcceptPayment.test.ts +211 -0
package/src/internal/AcceptPayment.ts +304 -0
package/src/mcp-sdk/client/McpClient.ts +11 -5
package/src/server/Mppx.test.ts +141 -44
package/src/server/Mppx.ts +43 -23
package/src/stripe/internal/constants.ts +7 -0
package/src/stripe/server/Charge.ts +22 -4
package/src/tempo/Proof.test-d.ts +13 -0
package/src/tempo/Proof.test.ts +31 -0
package/src/tempo/Proof.ts +13 -0
package/src/tempo/client/SessionManager.test.ts +4 -7
package/src/tempo/index.ts +1 -0
package/src/tempo/internal/fee-payer.test.ts +1 -1
package/src/tempo/internal/fee-payer.ts +5 -1
package/src/tempo/server/Charge.test.ts +123 -0
package/src/tempo/server/Charge.ts +74 -1
package/src/tempo/server/internal/html.gen.ts +1 -1

package/src/tempo/server/Charge.ts CHANGED Viewed

@@ -1,6 +1,8 @@
+import * as SignatureEnvelope from 'ox/tempo/SignatureEnvelope'
 import {
   decodeFunctionData,
   formatUnits,
+  hashTypedData,
   keccak256,
   parseEventLogs,
   type TransactionReceipt,
@@ -227,7 +229,21 @@ export function charge<const parameters extends charge.Parameters>(
             message: Proof.message(challenge.id),
             signature: payload.signature as `0x${string}`,
           })
-          if (!valid) throw new MismatchError('Proof signature does not match source.', {})
+          if (!valid) {
+            const proofSigner = recoverAuthorizedProofSigner({
+              chainId: resolvedChainId,
+              challengeId: challenge.id,
+              signature: payload.signature as `0x${string}`,
+              sourceAddress: source.address,
+            })
+            const authorized = proofSigner
+              ? await isActiveAccessKey(client, {
+                  accessKey: proofSigner,
+                  account: source.address,
+                })
+              : false
+            if (!authorized) throw new MismatchError('Proof signature does not match source.', {})
+          }
           if (proofStore && !(await markProofUsed(proofStore, challenge.id))) {
             throw new VerificationFailedError({ reason: 'Proof credential has already been used' })
@@ -651,6 +667,63 @@ async function markProofUsed(
   })
 }
+function recoverAuthorizedProofSigner(parameters: {
+  chainId: number
+  challengeId: string
+  signature: `0x${string}`
+  sourceAddress: `0x${string}`
+}): `0x${string}` | null {
+  const { chainId, challengeId, signature, sourceAddress } = parameters
+  try {
+    const envelope = SignatureEnvelope.from(signature)
+    const proofHash = hashTypedData({
+      domain: Proof.domain(chainId),
+      types: Proof.types,
+      primaryType: 'Proof',
+      message: Proof.message(challengeId),
+    })
+    if (envelope.type === 'keychain') {
+      if (!TempoAddress.isEqual(envelope.userAddress, sourceAddress)) return null
+      const keychainPayload =
+        envelope.version === 'v2'
+          ? keccak256(`0x04${proofHash.slice(2)}${sourceAddress.slice(2)}` as `0x${string}`)
+          : proofHash
+      const signer = SignatureEnvelope.extractAddress({
+        payload: keychainPayload,
+        signature: envelope.inner,
+      })
+      const valid = SignatureEnvelope.verify(envelope.inner, {
+        address: signer,
+        payload: keychainPayload,
+      })
+      if (!valid) return null
+      return signer
+    }
+    return SignatureEnvelope.extractAddress({ payload: proofHash, signature: envelope })
+  } catch {
+    return null
+  }
+}
+async function isActiveAccessKey(
+  client: Awaited<ReturnType<ReturnType<typeof Client.getResolver>>>,
+  parameters: { account: `0x${string}`; accessKey: `0x${string}` },
+): Promise<boolean> {
+  try {
+    const metadata = await Actions.accessKey.getMetadata(client, parameters)
+    const nowSeconds = BigInt(Math.floor(Date.now() / 1000))
+    return !metadata.isRevoked && metadata.expiry > nowSeconds
+  } catch {
+    return false
+  }
+}
 /** @internal */
 function toReceipt(receipt: TransactionReceipt) {
   const { status, transactionHash } = receipt