mppx 0.5.12 → 0.5.14

package/src/tempo/server/Charge.test.ts

@@ -15,7 +15,7 @@ import { Abis, Account, Actions, Addresses, Secp256k1, Tick, Transaction } from
 import { beforeAll, describe, expect, test } from 'vp/test'
 import * as Http from '~test/Http.js'
 import { closeChannelOnChain, deployEscrow, openChannel } from '~test/tempo/session.js'
-import { accounts, asset, chain, client, fundAccount } from '~test/tempo/viem.js'
+import { accounts, asset, chain, client, fundAccount, http } from '~test/tempo/viem.js'
 
 import * as Store from '../../Store.js'
 import * as Attribution from '../Attribution.js'
@@ -124,6 +124,166 @@ describe('tempo', () => {
       httpServer.close()
     })
 
+    test('behavior: client rejects unsupported explicit push mode', async () => {
+      const mppx = Mppx_client.create({
+        polyfill: false,
+        methods: [
+          tempo_client({
+            account: accounts[1],
+            mode: 'push',
+            getClient: () => client,
+          }),
+        ],
+      })
+
+      const httpServer = await Http.createServer(async (req, res) => {
+        const result = await Mppx_server.toNodeListener(
+          server.charge({ amount: '1', decimals: 6, supportedModes: ['pull'] }),
+        )(req, res)
+        if (result.status === 402) return
+        res.end('OK')
+      })
+
+      const response = await fetch(httpServer.url)
+      expect(response.status).toBe(402)
+
+      await expect(mppx.createCredential(response)).rejects.toThrow(
+        'Challenge does not support push mode.',
+      )
+
+      httpServer.close()
+    })
+
+    test('behavior: falls back to pull when push is not advertised', async () => {
+      const jsonRpcClient = createClient({
+        account: accounts[0].address,
+        chain,
+        transport: http(),
+      })
+
+      const mppx = Mppx_client.create({
+        polyfill: false,
+        methods: [
+          tempo_client({
+            getClient: () => jsonRpcClient,
+          }),
+        ],
+      })
+
+      const httpServer = await Http.createServer(async (req, res) => {
+        const result = await Mppx_server.toNodeListener(
+          server.charge({
+            amount: '1',
+            decimals: 6,
+            recipient: accounts[2].address,
+            supportedModes: ['pull'],
+          }),
+        )(req, res)
+        if (result.status === 402) return
+        res.end('OK')
+      })
+
+      const response = await fetch(httpServer.url)
+      expect(response.status).toBe(402)
+
+      const credential = Credential.deserialize<{ type: 'hash' | 'proof' | 'transaction' }>(
+        await mppx.createCredential(response),
+      )
+      expect(credential.payload.type).toBe('transaction')
+
+      const authResponse = await fetch(httpServer.url, {
+        headers: { Authorization: Credential.serialize(credential) },
+      })
+      expect(authResponse.status).toBe(200)
+
+      httpServer.close()
+    })
+
+    test('behavior: rejects hash credential when challenge supports only pull', async () => {
+      const httpServer = await Http.createServer(async (req, res) => {
+        const result = await Mppx_server.toNodeListener(
+          server.charge({ amount: '1', decimals: 6, supportedModes: ['pull'] }),
+        )(req, res)
+        if (result.status === 402) return
+        res.end('OK')
+      })
+
+      const response = await fetch(httpServer.url)
+      expect(response.status).toBe(402)
+
+      const challenge = Challenge.fromResponse(response, {
+        methods: [tempo_client.charge()],
+      })
+
+      const { receipt } = await Actions.token.transferSync(client, {
+        account: accounts[1],
+        amount: BigInt(challenge.request.amount),
+        to: challenge.request.recipient as Hex.Hex,
+        token: challenge.request.currency as Hex.Hex,
+      })
+
+      const credential = Credential.from({
+        challenge,
+        payload: { hash: receipt.transactionHash, type: 'hash' as const },
+      })
+
+      const rejected = await fetch(httpServer.url, {
+        headers: { Authorization: Credential.serialize(credential) },
+      })
+      expect(rejected.status).toBe(402)
+
+      const body = (await rejected.json()) as { detail: string }
+      expect(body.detail).toContain('Hash credentials are not supported for this challenge.')
+
+      httpServer.close()
+    })
+
+    test('behavior: rejects transaction credential when challenge supports only push', async () => {
+      const httpServer = await Http.createServer(async (req, res) => {
+        const result = await Mppx_server.toNodeListener(
+          server.charge({ amount: '1', decimals: 6, supportedModes: ['push'] }),
+        )(req, res)
+        if (result.status === 402) return
+        res.end('OK')
+      })
+
+      const response = await fetch(httpServer.url)
+      expect(response.status).toBe(402)
+
+      const challenge = Challenge.fromResponse(response, {
+        methods: [tempo_client.charge()],
+      })
+
+      const prepared = await prepareTransactionRequest(client, {
+        account: accounts[1]!,
+        calls: [
+          Actions.token.transfer.call({
+            amount: BigInt(challenge.request.amount),
+            to: challenge.request.recipient as Hex.Hex,
+            token: challenge.request.currency as Hex.Hex,
+          }),
+        ],
+        nonceKey: 'expiring',
+      } as never)
+      prepared.gas = prepared.gas! + 5_000n
+      const signature = await signTransaction(client, prepared as never)
+
+      const credential = Credential.from({
+        challenge,
+        payload: { signature, type: 'transaction' as const },
+      })
+
+      const rejected = await fetch(httpServer.url, {
+        headers: { Authorization: Credential.serialize(credential) },
+      })
+      expect(rejected.status).toBe(402)
+
+      const body = (await rejected.json()) as { detail: string }
+      expect(body.detail).toContain('Transaction credentials are not supported for this challenge.')
+
+      httpServer.close()
+    })
+
     test('behavior: rejects replayed transaction hash', async () => {
       const dedupServer = Mppx_server.create({
         methods: [
@@ -1344,6 +1504,79 @@ describe('tempo', () => {
       httpServer.close()
     })
 
+    test('behavior: fee payer simulates before broadcasting in confirmation mode', async () => {
+      const rpcMethods: string[] = []
+      const interceptingClient = createClient({
+        account: accounts[0],
+        chain: client.chain,
+        transport: custom({
+          async request(args: any) {
+            rpcMethods.push(args.method)
+            return client.transport.request(args)
+          },
+        }),
+      })
+
+      const serverWithRpcTrace = Mppx_server.create({
+        methods: [
+          tempo_server.charge({
+            getClient() {
+              return interceptingClient
+            },
+            currency: asset,
+            account: accounts[0],
+          }),
+        ],
+        realm,
+        secretKey,
+      })
+
+      const mppx = Mppx_client.create({
+        polyfill: false,
+        methods: [
+          tempo_client({
+            account: accounts[1],
+            getClient() {
+              return client
+            },
+          }),
+        ],
+      })
+
+      const httpServer = await Http.createServer(async (req, res) => {
+        const result = await Mppx_server.toNodeListener(
+          serverWithRpcTrace.charge({
+            feePayer: accounts[0],
+            amount: '1',
+            currency: asset,
+            recipient: accounts[0].address,
+          }),
+        )(req, res)
+        if (result.status === 402) return
+        res.end('OK')
+      })
+
+      const challengeResponse = await fetch(httpServer.url)
+      expect(challengeResponse.status).toBe(402)
+
+      const credential = await mppx.createCredential(challengeResponse)
+      rpcMethods.length = 0
+
+      const authResponse = await fetch(httpServer.url, {
+        headers: { Authorization: credential },
+      })
+      expect(authResponse.status).toBe(200)
+
+      const broadcastIndex = rpcMethods.indexOf('eth_sendRawTransactionSync')
+      const simulationIndex = rpcMethods.indexOf('eth_call')
+
+      expect(broadcastIndex).toBeGreaterThan(-1)
+      expect(simulationIndex).toBeGreaterThan(-1)
+      expect(simulationIndex).toBeLessThan(broadcastIndex)
+
+      httpServer.close()
+    })
+
     test('behavior: fee payer with splits', async () => {
       const mppx = Mppx_client.create({
         polyfill: false,
@@ -3116,6 +3349,31 @@ describe('tempo', () => {
       })
       expect(challenge.request.currency).toBe(asset)
     })
+
+    test('challenge contains supportedModes when configured', async () => {
+      const handler = Mppx_server.create({
+        methods: [
+          tempo_server.charge({
+            getClient: () => client,
+            account: accounts[0].address,
+            currency: asset,
+          }),
+        ],
+        realm,
+        secretKey,
+      })
+
+      const result = await handler.charge({ amount: '1', supportedModes: ['pull'] })(
+        new Request('https://example.com'),
+      )
+      expect(result.status).toBe(402)
+      if (result.status !== 402) throw new Error()
+
+      const challenge = Challenge.fromResponse(result.challenge, {
+        methods: [tempo_client.charge()],
+      })
+      expect(challenge.request.methodDetails?.supportedModes).toEqual(['pull'])
+    })
   })
 
   describe('attribution memo', () => {

package/src/tempo/server/Charge.ts

@@ -60,6 +60,7 @@ export function charge<const parameters extends charge.Parameters>(
     decimals = defaults.decimals,
     description,
     externalId,
+    feePayerPolicy,
     html,
     memo,
     waitForConfirmation = true,
@@ -162,6 +163,9 @@ export function charge<const parameters extends charge.Parameters>(
 
       const { amount, methodDetails } = resolvedRequest
       const expires = challenge.expires
+      const supportedModes = methodDetails?.supportedModes as
+        | readonly Methods.ChargeMode[]
+        | undefined
 
       const currency = resolvedRequest.currency as `0x${string}`
       const recipient = resolvedRequest.recipient as `0x${string}`
@@ -178,6 +182,9 @@ export function charge<const parameters extends charge.Parameters>(
 
       switch (payload.type) {
         case 'hash': {
+          if (supportedModes && !supportedModes.includes('push'))
+            throw new MismatchError('Hash credentials are not supported for this challenge.', {})
+
           const hash = payload.hash as `0x${string}`
           if (!(await markHashUsed(store, hash))) {
             throw new VerificationFailedError({ reason: 'Transaction hash has already been used' })
@@ -258,6 +265,12 @@ export function charge<const parameters extends charge.Parameters>(
         }
 
         case 'transaction': {
+          if (supportedModes && !supportedModes.includes('pull'))
+            throw new MismatchError(
+              'Transaction credentials are not supported for this challenge.',
+              {},
+            )
+
           const serializedTransaction = payload.signature as Transaction.TransactionSerializedTempo
 
           // Pre-broadcast dedup: catch exact byte-for-byte replays early.
@@ -301,6 +314,7 @@ export function charge<const parameters extends charge.Parameters>(
                   chainId: chainId ?? client.chain!.id,
                   details: { amount, currency, recipient },
                   expectedFeeToken,
+                  policy: feePayerPolicy,
                   transaction: {
                     ...transaction,
                     ...(resolvedFeeToken ? { feeToken: resolvedFeeToken } : {}),
@@ -312,6 +326,12 @@ export function charge<const parameters extends charge.Parameters>(
             })()
 
             if (waitForConfirmation) {
+              await viem_call(client, {
+                ...transaction,
+                account: transaction.from,
+                feeToken: resolvedFeeToken,
+                calls: transaction.calls,
+              } as never)
               const receipt = await sendRawTransactionSync(client, {
                 serializedTransaction: serializedTransaction_final,
               })
@@ -385,6 +405,15 @@ export declare namespace charge {
   type Parameters = {
     /** Render payment page when Accept header is text/html (e.g. in browsers) */
     html?: boolean | Html.Config | undefined
+    /**
+     * Override the fee-sponsor policy used when co-signing Tempo charge
+     * transactions. Defaults resolve per chain, including a higher
+     * priority-fee ceiling on Moderato.
+     *
+     * If you increase `maxGas` or `maxFeePerGas`, you may also need to raise
+     * `maxTotalFee` so the combined fee budget remains valid.
+     */
+    feePayerPolicy?: FeePayerPolicy | undefined
     /** Testnet mode. */
     testnet?: boolean | undefined
     /**
@@ -424,6 +453,8 @@ export declare namespace charge {
   > & {
     decimals: number
   }
+
+  type FeePayerPolicy = Partial<FeePayer.Policy>
 }
 
 type ExpectedTransfer = {

package/src/tempo/server/Session.test.ts

@@ -149,6 +149,40 @@ describe.runIf(isLocalnet)('session', () => {
       expect(ch!.highestVoucherAmount).toBe(1000000n)
     })
 
+    test('fee-payer policy override is enforced for sponsored open', async () => {
+      const salt = nextSalt()
+      const { channelId, serializedTransaction } = await signOpenChannel({
+        escrow: escrowContract,
+        payer,
+        payee: recipient,
+        token: currency,
+        deposit: 10000000n,
+        salt,
+        feePayer: true,
+      })
+      const server = createServer({
+        feePayer: recipientAccount,
+        feePayerPolicy: { maxGas: 1n },
+      })
+
+      await expect(
+        server.verify({
+          credential: {
+            challenge: makeChallenge({ channelId }),
+            payload: {
+              action: 'open' as const,
+              type: 'transaction' as const,
+              channelId,
+              transaction: serializedTransaction,
+              cumulativeAmount: '1000000',
+              signature: await signTestVoucher(channelId, 1000000n),
+            },
+          },
+          request: makeRequest({ feePayer: true }),
+        }),
+      ).rejects.toThrow('gas exceeds sponsor policy')
+    })
+
     test('rejects open when payee mismatch', async () => {
       const wrongPayee = accounts[3].address
       const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n, {
@@ -299,6 +333,66 @@ describe.runIf(isLocalnet)('session', () => {
       expect(ch!.highestVoucherAmount).toBe(1000000n)
     })
 
+    test('reopen with a case-variant channelId does not reset available balance', async () => {
+      let open:
+        | {
+            channelId: Hex
+            serializedTransaction: Hex
+          }
+        | undefined
+      for (let i = 0; i < 10; i++) {
+        const candidate = await createSignedOpenTransaction(10000000n)
+        if (/[a-f]/.test(candidate.channelId)) {
+          open = candidate
+          break
+        }
+      }
+      if (!open) throw new Error('failed to generate channelId with alphabetic hex characters')
+
+      const { channelId, serializedTransaction } = open
+      const caseVariantChannelId = channelId.replace(/[a-f]/, (character) =>
+        character.toUpperCase(),
+      ) as Hex
+      const server = createServer()
+
+      await server.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'open-1', channelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId,
+            transaction: serializedTransaction,
+            cumulativeAmount: '5000000',
+            signature: await signTestVoucher(channelId, 5000000n),
+          },
+        },
+        request: makeRequest(),
+      })
+
+      await charge(store, channelId, 4000000n)
+
+      const reopenReceipt = (await server.verify({
+        credential: {
+          challenge: makeChallenge({ id: 'open-2', channelId: caseVariantChannelId }),
+          payload: {
+            action: 'open' as const,
+            type: 'transaction' as const,
+            channelId: caseVariantChannelId,
+            transaction: serializedTransaction,
+            cumulativeAmount: '5000000',
+            signature: await signTestVoucher(caseVariantChannelId, 5000000n),
+          },
+        },
+        request: makeRequest(),
+      })) as SessionReceipt
+
+      expect(reopenReceipt.spent).toBe('4000000')
+      await expect(charge(store, caseVariantChannelId, 2000000n)).rejects.toThrow(
+        'requested 2000000, available 1000000',
+      )
+    })
+
     test('rejects voucher below settledOnChain', async () => {
       const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
       const server = createServer()
@@ -1036,6 +1130,40 @@ describe.runIf(isLocalnet)('session', () => {
       expect(ch!.deposit).toBe(20000000n)
     })
 
+    test('fee-payer policy override is enforced for sponsored topUp', async () => {
+      const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
+      const server = createServer({
+        feePayer: recipientAccount,
+        feePayerPolicy: { maxGas: 1n },
+      })
+      await openServerChannel(server, channelId, serializedTransaction)
+
+      const { serializedTransaction: topUpTx } = await signTopUpChannel({
+        escrow: escrowContract,
+        payer,
+        channelId,
+        token: currency,
+        amount: 10000000n,
+        feePayer: true,
+      })
+
+      await expect(
+        server.verify({
+          credential: {
+            challenge: makeChallenge({ id: 'challenge-topup-policy', channelId }),
+            payload: {
+              action: 'topUp' as const,
+              type: 'transaction' as const,
+              channelId,
+              transaction: topUpTx,
+              additionalDeposit: '10000000',
+            },
+          },
+          request: makeRequest({ feePayer: true }),
+        }),
+      ).rejects.toThrow('gas exceeds sponsor policy')
+    })
+
     test('topUp receipt preserves spent and units from prior charges', async () => {
       const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
       const server = createServer()
@@ -4514,7 +4642,7 @@ function makeChallenge(opts: { id?: string; channelId: Hex }) {
   } as Challenge.Challenge<z.output<typeof Methods.session.schema.request>, 'session', 'tempo'>
 }
 
-function makeRequest() {
+function makeRequest(overrides: Partial<Record<string, unknown>> = {}) {
   return {
     amount: '1000000',
     unitType: 'token',
@@ -4523,6 +4651,7 @@ function makeRequest() {
     recipient: recipient as string,
     escrowContract: escrowContract as string,
     chainId: chain.id,
+    ...overrides,
   }
 }