npm - mppx - Versions diffs - 0.6.27 → 0.6.29 - Mend

mppx 0.6.27 → 0.6.29

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (295) hide show

package/CHANGELOG.md +25 -0
package/dist/Challenge.d.ts.map +1 -1
package/dist/Challenge.js +16 -10
package/dist/Challenge.js.map +1 -1
package/dist/Method.d.ts +1 -1
package/dist/Method.d.ts.map +1 -1
package/dist/Store.d.ts +32 -9
package/dist/Store.d.ts.map +1 -1
package/dist/Store.js +42 -10
package/dist/Store.js.map +1 -1
package/dist/client/Methods.d.ts +1 -0
package/dist/client/Methods.d.ts.map +1 -1
package/dist/client/Methods.js +1 -0
package/dist/client/Methods.js.map +1 -1
package/dist/client/Mppx.d.ts +3 -3
package/dist/client/Mppx.d.ts.map +1 -1
package/dist/client/Mppx.js +1 -0
package/dist/client/Mppx.js.map +1 -1
package/dist/client/Transport.d.ts +10 -3
package/dist/client/Transport.d.ts.map +1 -1
package/dist/client/Transport.js +60 -7
package/dist/client/Transport.js.map +1 -1
package/dist/client/index.d.ts +1 -1
package/dist/client/index.d.ts.map +1 -1
package/dist/client/index.js +1 -1
package/dist/client/index.js.map +1 -1
package/dist/client/internal/Fetch.d.ts +3 -0
package/dist/client/internal/Fetch.d.ts.map +1 -1
package/dist/client/internal/Fetch.js +12 -20
package/dist/client/internal/Fetch.js.map +1 -1
package/dist/evm/Assets.d.ts +2 -0
package/dist/evm/Assets.d.ts.map +1 -0
package/dist/evm/Assets.js +2 -0
package/dist/evm/Assets.js.map +1 -0
package/dist/evm/Chains.d.ts +5 -0
package/dist/evm/Chains.d.ts.map +1 -0
package/dist/evm/Chains.js +5 -0
package/dist/evm/Chains.js.map +1 -0
package/dist/evm/Methods.d.ts +68 -0
package/dist/evm/Methods.d.ts.map +1 -0
package/dist/evm/Methods.js +28 -0
package/dist/evm/Methods.js.map +1 -0
package/dist/evm/Types.d.ts +143 -0
package/dist/evm/Types.d.ts.map +1 -0
package/dist/evm/Types.js +102 -0
package/dist/evm/Types.js.map +1 -0
package/dist/evm/client/Charge.d.ts +102 -0
package/dist/evm/client/Charge.d.ts.map +1 -0
package/dist/evm/client/Charge.js +141 -0
package/dist/evm/client/Charge.js.map +1 -0
package/dist/evm/client/Methods.d.ts +81 -0
package/dist/evm/client/Methods.d.ts.map +1 -0
package/dist/evm/client/Methods.js +16 -0
package/dist/evm/client/Methods.js.map +1 -0
package/dist/evm/client/index.d.ts +6 -0
package/dist/evm/client/index.d.ts.map +1 -0
package/dist/evm/client/index.js +6 -0
package/dist/evm/client/index.js.map +1 -0
package/dist/evm/index.d.ts +9 -0
package/dist/evm/index.d.ts.map +1 -0
package/dist/evm/index.js +8 -0
package/dist/evm/index.js.map +1 -0
package/dist/evm/server/Charge.d.ts +62 -0
package/dist/evm/server/Charge.d.ts.map +1 -0
package/dist/evm/server/Charge.js +172 -0
package/dist/evm/server/Charge.js.map +1 -0
package/dist/evm/server/Methods.d.ts +80 -0
package/dist/evm/server/Methods.d.ts.map +1 -0
package/dist/evm/server/Methods.js +16 -0
package/dist/evm/server/Methods.js.map +1 -0
package/dist/evm/server/index.d.ts +6 -0
package/dist/evm/server/index.d.ts.map +1 -0
package/dist/evm/server/index.js +6 -0
package/dist/evm/server/index.js.map +1 -0
package/dist/index.d.ts +2 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +2 -0
package/dist/index.js.map +1 -1
package/dist/internal/HeaderCodec.d.ts +18 -0
package/dist/internal/HeaderCodec.d.ts.map +1 -0
package/dist/internal/HeaderCodec.js +31 -0
package/dist/internal/HeaderCodec.js.map +1 -0
package/dist/middlewares/elysia.d.ts.map +1 -1
package/dist/middlewares/elysia.js +2 -3
package/dist/middlewares/elysia.js.map +1 -1
package/dist/middlewares/express.js +2 -1
package/dist/middlewares/express.js.map +1 -1
package/dist/proxy/internal/Headers.d.ts +13 -1
package/dist/proxy/internal/Headers.d.ts.map +1 -1
package/dist/proxy/internal/Headers.js +25 -2
package/dist/proxy/internal/Headers.js.map +1 -1
package/dist/proxy/services/openai.d.ts.map +1 -1
package/dist/proxy/services/openai.js +2 -0
package/dist/proxy/services/openai.js.map +1 -1
package/dist/server/Methods.d.ts +1 -0
package/dist/server/Methods.d.ts.map +1 -1
package/dist/server/Methods.js +1 -0
package/dist/server/Methods.js.map +1 -1
package/dist/server/Mppx.d.ts.map +1 -1
package/dist/server/Mppx.js +90 -12
package/dist/server/Mppx.js.map +1 -1
package/dist/server/Transport.d.ts +10 -0
package/dist/server/Transport.d.ts.map +1 -1
package/dist/server/Transport.js +9 -0
package/dist/server/Transport.js.map +1 -1
package/dist/server/index.d.ts +1 -1
package/dist/server/index.d.ts.map +1 -1
package/dist/server/index.js +1 -1
package/dist/server/index.js.map +1 -1
package/dist/stripe/server/Charge.d.ts +31 -1
package/dist/stripe/server/Charge.d.ts.map +1 -1
package/dist/stripe/server/Charge.js +88 -11
package/dist/stripe/server/Charge.js.map +1 -1
package/dist/stripe/server/internal/html.gen.d.ts +1 -1
package/dist/stripe/server/internal/html.gen.d.ts.map +1 -1
package/dist/stripe/server/internal/html.gen.js +1 -1
package/dist/stripe/server/internal/html.gen.js.map +1 -1
package/dist/tempo/client/ChannelOps.d.ts +3 -3
package/dist/tempo/client/ChannelOps.d.ts.map +1 -1
package/dist/tempo/client/ChannelOps.js +13 -6
package/dist/tempo/client/ChannelOps.js.map +1 -1
package/dist/tempo/client/Charge.d.ts.map +1 -1
package/dist/tempo/client/Charge.js +8 -5
package/dist/tempo/client/Charge.js.map +1 -1
package/dist/tempo/client/Methods.d.ts +0 -1
package/dist/tempo/client/Methods.d.ts.map +1 -1
package/dist/tempo/client/Session.d.ts +2 -4
package/dist/tempo/client/Session.d.ts.map +1 -1
package/dist/tempo/client/Session.js +10 -12
package/dist/tempo/client/Session.js.map +1 -1
package/dist/tempo/client/SessionManager.d.ts +3 -3
package/dist/tempo/client/SessionManager.d.ts.map +1 -1
package/dist/tempo/client/SessionManager.js +1 -1
package/dist/tempo/client/SessionManager.js.map +1 -1
package/dist/tempo/internal/account.d.ts +5 -0
package/dist/tempo/internal/account.d.ts.map +1 -1
package/dist/tempo/internal/account.js +8 -0
package/dist/tempo/internal/account.js.map +1 -1
package/dist/tempo/internal/fee-payer.d.ts.map +1 -1
package/dist/tempo/internal/fee-payer.js +5 -2
package/dist/tempo/internal/fee-payer.js.map +1 -1
package/dist/tempo/server/Charge.d.ts +6 -0
package/dist/tempo/server/Charge.d.ts.map +1 -1
package/dist/tempo/server/Charge.js +30 -3
package/dist/tempo/server/Charge.js.map +1 -1
package/dist/tempo/server/Session.d.ts +6 -0
package/dist/tempo/server/Session.d.ts.map +1 -1
package/dist/tempo/server/Session.js +14 -13
package/dist/tempo/server/Session.js.map +1 -1
package/dist/tempo/server/Subscription.d.ts +6 -0
package/dist/tempo/server/Subscription.d.ts.map +1 -1
package/dist/tempo/server/Subscription.js +1 -1
package/dist/tempo/server/Subscription.js.map +1 -1
package/dist/tempo/server/internal/html.gen.d.ts +1 -1
package/dist/tempo/server/internal/html.gen.d.ts.map +1 -1
package/dist/tempo/server/internal/html.gen.js +1 -1
package/dist/tempo/server/internal/html.gen.js.map +1 -1
package/dist/tempo/session/Chain.d.ts +2 -0
package/dist/tempo/session/Chain.d.ts.map +1 -1
package/dist/tempo/session/Chain.js +8 -8
package/dist/tempo/session/Chain.js.map +1 -1
package/dist/tempo/session/Voucher.d.ts +4 -3
package/dist/tempo/session/Voucher.d.ts.map +1 -1
package/dist/tempo/session/Voucher.js +71 -44
package/dist/tempo/session/Voucher.js.map +1 -1
package/dist/tempo/session/Ws.d.ts.map +1 -1
package/dist/tempo/session/Ws.js +15 -0
package/dist/tempo/session/Ws.js.map +1 -1
package/dist/tempo/subscription/KeyAuthorization.d.ts +2 -2
package/dist/x402/Assets.d.ts +29 -0
package/dist/x402/Assets.d.ts.map +1 -0
package/dist/x402/Assets.js +46 -0
package/dist/x402/Assets.js.map +1 -0
package/dist/x402/Header.d.ts +14 -0
package/dist/x402/Header.d.ts.map +1 -0
package/dist/x402/Header.js +18 -0
package/dist/x402/Header.js.map +1 -0
package/dist/x402/Types.d.ts +289 -0
package/dist/x402/Types.d.ts.map +1 -0
package/dist/x402/Types.js +139 -0
package/dist/x402/Types.js.map +1 -0
package/dist/x402/client/Exact.d.ts +38 -0
package/dist/x402/client/Exact.d.ts.map +1 -0
package/dist/x402/client/Exact.js +141 -0
package/dist/x402/client/Exact.js.map +1 -0
package/dist/x402/index.d.ts +6 -0
package/dist/x402/index.d.ts.map +1 -0
package/dist/x402/index.js +6 -0
package/dist/x402/index.js.map +1 -0
package/dist/x402/internal/ChallengeBrand.d.ts +5 -0
package/dist/x402/internal/ChallengeBrand.d.ts.map +1 -0
package/dist/x402/internal/ChallengeBrand.js +13 -0
package/dist/x402/internal/ChallengeBrand.js.map +1 -0
package/dist/x402/internal/RouteBinding.d.ts +8 -0
package/dist/x402/internal/RouteBinding.d.ts.map +1 -0
package/dist/x402/internal/RouteBinding.js +12 -0
package/dist/x402/internal/RouteBinding.js.map +1 -0
package/dist/x402/server/EvmCharge.d.ts +50 -0
package/dist/x402/server/EvmCharge.d.ts.map +1 -0
package/dist/x402/server/EvmCharge.js +301 -0
package/dist/x402/server/EvmCharge.js.map +1 -0
package/dist/x402/server/Facilitator.d.ts +12 -0
package/dist/x402/server/Facilitator.d.ts.map +1 -0
package/dist/x402/server/Facilitator.js +42 -0
package/dist/x402/server/Facilitator.js.map +1 -0
package/package.json +41 -21
package/src/Challenge.test.ts +28 -0
package/src/Challenge.ts +17 -10
package/src/Method.ts +1 -1
package/src/Store.test-d.ts +58 -0
package/src/Store.test.ts +77 -0
package/src/Store.ts +155 -74
package/src/client/Methods.ts +1 -0
package/src/client/Mppx.ts +4 -3
package/src/client/Transport.test.ts +165 -30
package/src/client/Transport.ts +76 -8
package/src/client/index.ts +1 -1
package/src/client/internal/Fetch.test.ts +31 -2
package/src/client/internal/Fetch.ts +26 -19
package/src/evm/Assets.ts +1 -0
package/src/evm/Chains.ts +5 -0
package/src/evm/Methods.ts +44 -0
package/src/evm/PublicInterface.test-d.ts +109 -0
package/src/evm/Types.ts +140 -0
package/src/evm/client/Charge.test.ts +99 -0
package/src/evm/client/Charge.ts +198 -0
package/src/evm/client/Methods.ts +19 -0
package/src/evm/client/index.ts +5 -0
package/src/evm/index.ts +13 -0
package/src/evm/server/Charge.test.ts +199 -0
package/src/evm/server/Charge.ts +283 -0
package/src/evm/server/Methods.ts +22 -0
package/src/evm/server/index.ts +5 -0
package/src/index.ts +2 -0
package/src/internal/HeaderCodec.ts +36 -0
package/src/middlewares/elysia.test.ts +25 -0
package/src/middlewares/elysia.ts +1 -2
package/src/middlewares/express.test.ts +28 -0
package/src/middlewares/express.ts +1 -1
package/src/middlewares/hono.test.ts +138 -2
package/src/middlewares/nextjs.test.ts +22 -0
package/src/proxy/internal/Headers.test.ts +38 -0
package/src/proxy/internal/Headers.ts +26 -2
package/src/proxy/services/openai.test.ts +57 -1
package/src/proxy/services/openai.ts +2 -0
package/src/server/Methods.ts +1 -0
package/src/server/Mppx.test.ts +244 -1
package/src/server/Mppx.ts +124 -11
package/src/server/NodeListener.test.ts +28 -1
package/src/server/Transport.test.ts +19 -0
package/src/server/Transport.ts +20 -0
package/src/server/index.ts +1 -1
package/src/stripe/server/Charge.test.ts +215 -1
package/src/stripe/server/Charge.ts +150 -20
package/src/stripe/server/internal/html.gen.ts +1 -1
package/src/tempo/AccessKeyAuthorization.test.ts +231 -0
package/src/tempo/client/ChannelOps.test.ts +61 -7
package/src/tempo/client/ChannelOps.ts +18 -7
package/src/tempo/client/Charge.test.ts +126 -0
package/src/tempo/client/Charge.ts +10 -6
package/src/tempo/client/Session.test.ts +130 -1
package/src/tempo/client/Session.ts +12 -19
package/src/tempo/client/SessionManager.test.ts +69 -2
package/src/tempo/client/SessionManager.ts +4 -4
package/src/tempo/internal/account.ts +13 -0
package/src/tempo/internal/fee-payer.test.ts +32 -2
package/src/tempo/internal/fee-payer.ts +6 -2
package/src/tempo/server/Charge.test.ts +91 -1
package/src/tempo/server/Charge.ts +48 -2
package/src/tempo/server/Session.test.ts +30 -0
package/src/tempo/server/Session.ts +24 -17
package/src/tempo/server/Subscription.ts +7 -1
package/src/tempo/server/internal/html.gen.ts +1 -1
package/src/tempo/session/Chain.test.ts +4 -4
package/src/tempo/session/Chain.ts +10 -6
package/src/tempo/session/ChannelStore.test.ts +21 -0
package/src/tempo/session/Voucher.test.ts +230 -1
package/src/tempo/session/Voucher.ts +96 -48
package/src/tempo/session/Ws.test.ts +71 -0
package/src/tempo/session/Ws.ts +13 -0
package/src/tempo/subscription/Store.test.ts +55 -0
package/src/x402/Assets.ts +65 -0
package/src/x402/Exact.e2e.test.ts +448 -0
package/src/x402/Header.test.ts +73 -0
package/src/x402/Header.ts +34 -0
package/src/x402/PublicInterface.test-d.ts +39 -0
package/src/x402/Types.ts +248 -0
package/src/x402/client/Exact.test.ts +180 -0
package/src/x402/client/Exact.ts +198 -0
package/src/x402/index.ts +5 -0
package/src/x402/internal/ChallengeBrand.ts +14 -0
package/src/x402/internal/RouteBinding.ts +18 -0
package/src/x402/server/EvmCharge.ts +394 -0
package/src/x402/server/Facilitator.test.ts +111 -0
package/src/x402/server/Facilitator.ts +56 -0

package/src/tempo/client/SessionManager.test.ts CHANGED Viewed

@@ -1,9 +1,16 @@
-import type { Hex } from 'viem'
+import { createClient, type Hex, http } from 'viem'
+import { privateKeyToAccount } from 'viem/accounts'
+import { Account as TempoAccount } from 'viem/tempo'
 import { describe, expect, test, vi } from 'vp/test'
 import * as Challenge from '../../Challenge.js'
+import * as PaymentCredential from '../../Credential.js'
 import { formatNeedVoucherEvent, parseEvent } from '../session/Sse.js'
-import type { NeedVoucherEvent, SessionReceipt } from '../session/Types.js'
+import type {
+  NeedVoucherEvent,
+  SessionCredentialPayload,
+  SessionReceipt,
+} from '../session/Types.js'
 import { sessionManager } from './SessionManager.js'
 const channelId = '0x0000000000000000000000000000000000000000000000000000000000000001' as Hex
@@ -82,6 +89,66 @@ describe('Session', () => {
       expect(s.cumulative).toBe(0n)
       expect(s.opened).toBe(false)
     })
+    test('uses voucherSigner for managed open credentials', async () => {
+      vi.resetModules()
+      vi.doMock('viem/actions', () => ({
+        prepareTransactionRequest: vi.fn(async () => ({})),
+        sendCallsSync: vi.fn(),
+        signTransaction: vi.fn(async () => '0xdeadbeef'),
+        signTypedData: vi.fn(),
+      }))
+      try {
+        const { sessionManager: sessionManagerWithMocks } = await import('./SessionManager.js')
+        const account = privateKeyToAccount(
+          '0x0000000000000000000000000000000000000000000000000000000000000001',
+        )
+        const voucherSigner = TempoAccount.fromSecp256k1(
+          '0x0000000000000000000000000000000000000000000000000000000000000002',
+          { access: account },
+        )
+        const client = createClient({
+          account,
+          transport: http('http://127.0.0.1'),
+        })
+        const challenge = makeChallenge({
+          recipient: '0x742d35cc6634c0532925a3b844bc9e7595f8fe00',
+          methodDetails: {
+            escrowContract: '0x9d136eea063ede5418a6bc7beaff009bbb6cfa70',
+            chainId: 4217,
+          },
+        })
+        const mockFetch = vi
+          .fn()
+          .mockResolvedValueOnce(make402Response(challenge))
+          .mockResolvedValueOnce(makeOkResponse())
+        const manager = sessionManagerWithMocks({
+          account,
+          client,
+          fetch: mockFetch as typeof globalThis.fetch,
+          maxDeposit: '10',
+          voucherSigner,
+        })
+        const response = await manager.fetch('https://api.example.com/data')
+        const authorization = new Headers((mockFetch.mock.calls[1]![1] as RequestInit).headers).get(
+          'Authorization',
+        )
+        expect(response.status).toBe(200)
+        expect(authorization).toBeDefined()
+        if (!authorization) throw new Error('missing authorization header')
+        const credential = PaymentCredential.deserialize<SessionCredentialPayload>(authorization)
+        expect(credential.payload.action).toBe('open')
+        if (credential.payload.action !== 'open') throw new Error('unexpected action')
+        expect(credential.payload.authorizedSigner).toBe(voucherSigner.accessKeyAddress)
+      } finally {
+        vi.doUnmock('viem/actions')
+        vi.resetModules()
+      }
+    })
   })
   describe('.fetch()', () => {

package/src/tempo/client/SessionManager.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import type { Hex } from 'ox'
-import { parseUnits, type Address } from 'viem'
+import { parseUnits, type Account as viem_Account, type Address } from 'viem'
 import * as Challenge from '../../Challenge.js'
 import * as Fetch from '../../client/internal/Fetch.js'
@@ -124,7 +124,7 @@ export function sessionManager(parameters: sessionManager.Parameters): SessionMa
   const method = sessionPlugin({
     account: parameters.account,
-    authorizedSigner: parameters.authorizedSigner,
+    voucherSigner: parameters.voucherSigner,
     getClient: parameters.client ? () => parameters.client! : parameters.getClient,
     escrowContract: parameters.escrowContract,
     decimals: parameters.decimals,
@@ -853,8 +853,8 @@ export function sessionManager(parameters: sessionManager.Parameters): SessionMa
 export declare namespace sessionManager {
   type Parameters = Account.getResolver.Parameters &
     Client.getResolver.Parameters & {
-      /** Address authorized to sign vouchers. Defaults to the account address. */
-      authorizedSigner?: Address | undefined
+      /** Account that signs voucher digests. Defaults to `account`; access-key accounts sign raw vouchers as their access-key address. */
+      voucherSigner?: viem_Account | undefined
       /** Viem client instance. Shorthand for `getClient: () => client`. */
       client?: import('viem').Client | undefined
       /** Token decimals used to convert `maxDeposit` to raw units. Defaults to `6`. */

package/src/tempo/internal/account.ts CHANGED Viewed

@@ -1,4 +1,17 @@
 import type { Account, Address } from 'viem'
+import type { Account as TempoAccount } from 'viem/tempo'
+/** Returns whether an account is a Tempo access-key account. */
+export function isAccessKeyAccount(
+  account: Account,
+): account is Account & TempoAccount.AccessKeyAccount {
+  return 'accessKeyAddress' in account
+}
+/** Returns the address that should authorize direct account signatures. */
+export function getAccountSignerAddress(account: Account): Address {
+  return isAccessKeyAccount(account) ? account.accessKeyAddress : account.address
+}
 /**
  * Resolves a recipient address and optional fee payer from flexible input parameters.

package/src/tempo/internal/fee-payer.test.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { encodeFunctionData } from 'viem'
+import { encodeFunctionData, maxUint256 } from 'viem'
 import { Abis, Addresses } from 'viem/tempo'
 import { describe, expect, test } from 'vp/test'
@@ -443,7 +443,7 @@ describe('prepareSponsoredTransaction', () => {
     maxFeePerGas: 1_000_000_000n,
     maxPriorityFeePerGas: 1_000_000_000n,
     nonce: 1n,
-    nonceKey: 1n,
+    nonceKey: 'expiring',
     signature: { r: 1n, s: 1n, yParity: 0 } as any,
     validBefore: Math.floor(Date.now() / 1_000) + 300,
   } as const
@@ -460,6 +460,36 @@ describe('prepareSponsoredTransaction', () => {
     ).not.toThrow()
   })
+  test('accepts serialized expiring nonce key', () => {
+    expect(() =>
+      prepareSponsoredTransaction({
+        account: sponsor,
+        chainId: 42431,
+        details,
+        expectedFeeToken: bogus,
+        transaction: {
+          ...baseTransaction,
+          nonceKey: maxUint256,
+        } as any,
+      }),
+    ).not.toThrow()
+  })
+  test('error: rejects non-expiring nonce keys', () => {
+    expect(() =>
+      prepareSponsoredTransaction({
+        account: sponsor,
+        chainId: 42431,
+        details,
+        expectedFeeToken: bogus,
+        transaction: {
+          ...baseTransaction,
+          nonceKey: 1n,
+        } as any,
+      }),
+    ).toThrow('must use an expiring nonce')
+  })
   test('accepts higher Moderato priority fees by default', () => {
     expect(() =>
       prepareSponsoredTransaction({

package/src/tempo/internal/fee-payer.ts CHANGED Viewed

@@ -2,7 +2,7 @@ import type { TempoAddress } from 'ox/tempo'
 import { TxEnvelopeTempo } from 'ox/tempo'
 import type { Hex } from 'viem'
 import type { Account } from 'viem'
-import { decodeFunctionData } from 'viem'
+import { decodeFunctionData, maxUint256 } from 'viem'
 import { Abis, Addresses, Transaction } from 'viem/tempo'
 import * as TempoAddress_internal from './address.js'
@@ -126,6 +126,10 @@ function getPolicy(chainId: number, overrides: Partial<Policy> | undefined): Pol
   }
 }
+function isExpiringNonceKey(nonceKey: SponsoredTransaction['nonceKey']): boolean {
+  return nonceKey === 'expiring' || nonceKey === maxUint256
+}
 /** Validates that a set of transaction calls matches an allowed fee-payer pattern. */
 export function validateCalls(
   calls: readonly { data?: `0x${string}` | undefined; to?: TempoAddress.Address | undefined }[],
@@ -358,7 +362,7 @@ export function prepareSponsoredTransaction(parameters: {
       maxPriorityFeePerGas: maxPriorityFeePerGas.toString(),
     })
-  if (nonceKey === undefined) fail('fee-sponsored transaction must use an expiring nonce')
+  if (!isExpiringNonceKey(nonceKey)) fail('fee-sponsored transaction must use an expiring nonce')
   if (validBefore === undefined)
     fail('fee-sponsored transaction must declare validBefore for the expiring nonce')
   const validBeforeValue = validBefore

package/src/tempo/server/Charge.test.ts CHANGED Viewed

@@ -286,6 +286,7 @@ describe('tempo', () => {
     })
     test('behavior: rejects replayed transaction hash', async () => {
+      const dedupStore = Store.memory()
       const dedupServer = Mppx_server.create({
         methods: [
           tempo_server.charge({
@@ -294,7 +295,8 @@ describe('tempo', () => {
             },
             currency: asset,
             account: accounts[0],
-            store: Store.memory(),
+            store: dedupStore,
+            storeKeyPrefix: 'tenant:',
           }),
         ],
         realm,
@@ -336,6 +338,8 @@ describe('tempo', () => {
         })
         expect(response.status).toBe(200)
       }
+      expect(await dedupStore.get(`tenant:mppx:charge:${receipt.transactionHash}`)).not.toBeNull()
+      expect(await dedupStore.get(`mppx:charge:${receipt.transactionHash}`)).toBeNull()
       const response2 = await fetch(httpServer.url)
       expect(response2.status).toBe(402)
@@ -1616,6 +1620,7 @@ describe('tempo', () => {
             currency: asset,
             account: accounts[0],
             store: sponsoredStore,
+            storeKeyPrefix: 'tenant:',
           }),
         ],
         realm,
@@ -1661,6 +1666,16 @@ describe('tempo', () => {
       const first = fetch(httpServer.url, { headers: { Authorization: credential1 } })
       await simulationStarted
+      expect(
+        await sponsoredStore.get(
+          `tenant:mppx:charge:sponsor:${chain.id}:${accounts[1].address.toLowerCase()}`,
+        ),
+      ).not.toBeNull()
+      expect(
+        await sponsoredStore.get(
+          `mppx:charge:sponsor:${chain.id}:${accounts[1].address.toLowerCase()}`,
+        ),
+      ).toBeNull()
       const second = fetch(httpServer.url, { headers: { Authorization: credential2 } })
       try {
@@ -2870,6 +2885,7 @@ describe('tempo', () => {
     test('behavior: store keys proof replay protection by challenge ID', async () => {
       const replayStore = Store.memory()
+      const storeKeyPrefix = 'tenant:'
       const server_ = Mppx_server.create({
         methods: [
           tempo_server.charge({
@@ -2879,6 +2895,7 @@ describe('tempo', () => {
             currency: asset,
             account: accounts[0],
             store: replayStore,
+            storeKeyPrefix,
           }),
         ],
         realm,
@@ -2918,6 +2935,10 @@ describe('tempo', () => {
         headers: { Authorization: Credential.serialize(credential1) },
       })
       expect(response2.status).toBe(200)
+      expect(
+        await replayStore.get(`${storeKeyPrefix}mppx:charge:proof:${challenge1.id}`),
+      ).not.toBeNull()
+      expect(await replayStore.get(`mppx:charge:proof:${challenge1.id}`)).toBeNull()
       const response3 = await fetch(httpServer.url)
       expect(response3.status).toBe(402)
@@ -3633,6 +3654,75 @@ describe('tempo', () => {
       })
       expect(challenge.request.methodDetails?.supportedModes).toEqual(['pull'])
     })
+    test('challenge contains supportedModes from method defaults', async () => {
+      const handler = Mppx_server.create({
+        methods: [
+          tempo_server.charge({
+            getClient: () => client,
+            account: accounts[0].address,
+            currency: asset,
+            supportedModes: ['pull'],
+          }),
+        ],
+        realm,
+        secretKey,
+      })
+      const result = await handler.charge({ amount: '1' })(new Request('https://example.com'))
+      expect(result.status).toBe(402)
+      if (result.status !== 402) throw new Error()
+      const challenge = Challenge.fromResponse(result.challenge, {
+        methods: [tempo_client.charge()],
+      })
+      expect(challenge.request.methodDetails?.supportedModes).toEqual(['pull'])
+    })
+    test('stable binding contains supportedModes', () => {
+      const method = tempo_server.charge({
+        getClient: () => client,
+        account: accounts[0].address,
+        currency: asset,
+      })
+      const request = method.schema.request.parse({
+        amount: '1',
+        currency: asset,
+        decimals: 6,
+        supportedModes: ['pull'],
+      })
+      expect(method.stableBinding?.(request)).toMatchObject({
+        supportedModes: ['pull'],
+      })
+    })
+    test('challenge contains splits from method defaults', async () => {
+      const split = { amount: '0.2', recipient: accounts[2].address }
+      const handler = Mppx_server.create({
+        methods: [
+          tempo_server.charge({
+            getClient: () => client,
+            account: accounts[0].address,
+            currency: asset,
+            splits: [split],
+          }),
+        ],
+        realm,
+        secretKey,
+      })
+      const result = await handler.charge({ amount: '1' })(new Request('https://example.com'))
+      expect(result.status).toBe(402)
+      if (result.status !== 402) throw new Error()
+      const challenge = Challenge.fromResponse(result.challenge, {
+        methods: [tempo_client.charge()],
+      })
+      expect(challenge.request.methodDetails?.splits).toEqual([
+        { amount: '200000', recipient: split.recipient },
+      ])
+    })
   })
   describe('attribution memo', () => {

package/src/tempo/server/Charge.ts CHANGED Viewed

@@ -63,11 +63,21 @@ export function charge<const parameters extends charge.Parameters>(
     feePayerPolicy,
     html,
     memo,
+    splits,
+    supportedModes,
     validateSender,
     waitForConfirmation = true,
   } = parameters
-  const store = (parameters.store ?? Store.memory()) as Store.AtomicStore<charge.StoreItemMap>
-  const proofStore = parameters.store as Store.AtomicStore<charge.StoreItemMap> | undefined
+  const storeKeyPrefix = parameters.storeKeyPrefix ?? ''
+  const store = Store.from(
+    (parameters.store ?? Store.memory()) as Store.AtomicStore<charge.StoreItemMap>,
+    { keyPrefix: storeKeyPrefix },
+  )
+  const proofStore = parameters.store
+    ? Store.from(parameters.store as Store.AtomicStore<charge.StoreItemMap>, {
+        keyPrefix: storeKeyPrefix,
+      })
+    : undefined
   const { recipient, feePayer, feePayerUrl } = Account.resolve(parameters)
@@ -88,8 +98,12 @@ export function charge<const parameters extends charge.Parameters>(
       externalId,
       memo,
       recipient,
+      splits,
+      supportedModes,
     } as unknown as Defaults,
+    stableBinding: chargeBinding,
     html: html
       ? {
           config: {},
@@ -539,6 +553,12 @@ export declare namespace charge {
      * memo binding, transaction success, and replay protection.
      */
     validateSender?: ValidateSender | undefined
+    /**
+     * Prefix prepended to charge replay-protection store keys.
+     *
+     * By default, no prefix is applied.
+     */
+    storeKeyPrefix?: string | undefined
     /**
      * Whether to wait for the charge transaction to confirm on-chain before
      * responding. @default true
@@ -565,6 +585,32 @@ export declare namespace charge {
   type FeePayerPolicy = Partial<FeePayer.Policy>
 }
+type ChargeRequest = z.output<typeof Methods.charge.schema.request>
+function chargeBinding(request: ChargeRequest) {
+  // Exhaustively destructure so new charge request fields require an explicit binding decision.
+  const { amount, currency, description, externalId, methodDetails, recipient, ...requestRest } =
+    request
+  requestRest satisfies Record<string, never>
+  const { chainId, feePayer, memo, splits, supportedModes, ...methodDetailsRest } =
+    methodDetails ?? {}
+  methodDetailsRest satisfies Record<string, never>
+  void feePayer
+  return {
+    amount,
+    chainId,
+    currency,
+    description,
+    externalId,
+    memo,
+    recipient,
+    splits,
+    supportedModes,
+  }
+}
 type ExpectedTransfer = {
   amount: string
   allowAnyMemo?: boolean | undefined

package/src/tempo/server/Session.test.ts CHANGED Viewed

@@ -668,6 +668,36 @@ describe.runIf(isLocalnet)('session', () => {
       expect(ch!.highestVoucherAmount).toBe(2000000n)
     })
+    test('rejects voucher signed for route escrow instead of stored channel escrow', async () => {
+      const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
+      const server = createServer()
+      await openServerChannel(server, channelId, serializedTransaction)
+      const routeEscrow = '0x0000000000000000000000000000000000000999' as Address
+      const signature = await signVoucher(
+        client,
+        payer,
+        { channelId, cumulativeAmount: 2000000n },
+        routeEscrow,
+        chain.id,
+      )
+      await expect(
+        server.verify({
+          credential: {
+            challenge: makeChallenge({ id: 'route-escrow-replay', channelId }),
+            payload: {
+              action: 'voucher' as const,
+              channelId,
+              cumulativeAmount: '2000000',
+              signature,
+            },
+          },
+          request: makeRequest({ escrowContract: routeEscrow }),
+        }),
+      ).rejects.toThrow(InvalidSignatureError)
+    })
     test('rejects non-increasing voucher replay', async () => {
       const { channelId, serializedTransaction } = await createSignedOpenTransaction(10000000n)
       const server = createServer()

package/src/tempo/server/Session.ts CHANGED Viewed

@@ -104,7 +104,9 @@ export function session<const parameters extends session.Parameters>(
   const lastOnChainVerified = new Map<Hex, number>()
-  const store = ChannelStore.fromStore(rawStore)
+  const store = ChannelStore.fromStore(
+    Store.from(rawStore, { keyPrefix: parameters.storeKeyPrefix }),
+  )
   const { account, recipient, feePayer, feePayerUrl } = Account.resolve(parameters)
@@ -139,7 +141,7 @@ export function session<const parameters extends session.Parameters>(
       unitType,
     } as unknown as Defaults,
-    transport: transport as never,
+    transport,
     // TODO: dedupe `{charge,session}.request`
     async request({ credential, request }) {
@@ -224,6 +226,7 @@ export function session<const parameters extends session.Parameters>(
             payload,
             methodDetails,
             resolvedFeePayer,
+            methodDetails.feePayer === true,
             feePayerPolicy,
             waitForConfirmation,
           )
@@ -238,6 +241,7 @@ export function session<const parameters extends session.Parameters>(
             payload,
             methodDetails,
             resolvedFeePayer,
+            methodDetails.feePayer === true,
             feePayerPolicy,
           )
           lastOnChainVerified.set(sessionReceipt.channelId, Date.now())
@@ -357,6 +361,12 @@ export declare namespace session {
      * local single-process usage.
      */
     store?: Store.AtomicStore | undefined
+    /**
+     * Prefix prepended to channel state store keys.
+     *
+     * By default, no prefix is applied.
+     */
+    storeKeyPrefix?: string | undefined
     /**
      * Enable SSE streaming.
      *
@@ -522,10 +532,8 @@ async function verifyAndAcceptVoucher(parameters: {
   channelId: Hex
   voucher: SignedVoucher
   onChain: OnChainChannel
-  methodDetails: SessionMethodDetails
 }): Promise<SessionReceipt> {
-  const { store, minVoucherDelta, challenge, channel, channelId, voucher, onChain, methodDetails } =
-    parameters
+  const { store, minVoucherDelta, challenge, channel, channelId, voucher, onChain } = parameters
   if (onChain.finalized) {
     throw new ChannelClosedError({ reason: 'channel is finalized on-chain' })
@@ -560,8 +568,8 @@ async function verifyAndAcceptVoucher(parameters: {
   }
   const isValid = await verifyVoucher(
-    methodDetails.escrowContract,
-    methodDetails.chainId,
+    channel.escrowContract,
+    channel.chainId,
     voucher,
     channel.authorizedSigner,
   )
@@ -627,6 +635,7 @@ async function handleOpen(
   payload: SessionCredentialPayload & { action: 'open' },
   methodDetails: SessionMethodDetails,
   feePayer: viem_Account | undefined,
+  isSponsored: boolean,
   feePayerPolicy: session.FeePayerPolicy | undefined,
   waitForConfirmation: boolean,
 ): Promise<SessionReceipt> {
@@ -679,6 +688,7 @@ async function handleOpen(
     challengeExpires: challenge.expires,
     feePayerPolicy,
     feePayer,
+    isSponsored,
     beforeBroadcast: async (pendingOnChain) => {
       await validateOpenVoucher(pendingOnChain)
     },
@@ -764,6 +774,7 @@ async function handleTopUp(
   payload: SessionCredentialPayload & { action: 'topUp' },
   methodDetails: SessionMethodDetails,
   feePayer: viem_Account | undefined,
+  isSponsored: boolean,
   feePayerPolicy: session.FeePayerPolicy | undefined,
 ): Promise<SessionReceipt> {
   const channelId = ChannelStore.normalizeChannelId(payload.channelId)
@@ -785,6 +796,7 @@ async function handleTopUp(
     challengeExpires: challenge.expires,
     feePayerPolicy,
     feePayer,
+    isSponsored,
   })
   const updated = await store.updateChannel(channelId, (current) => {
@@ -840,11 +852,7 @@ async function handleVoucher(
   const onChain = await (async () => {
     if (isStale) {
-      const onChainChannel = await getOnChainChannel(
-        client,
-        methodDetails.escrowContract,
-        channelId,
-      )
+      const onChainChannel = await getOnChainChannel(client, channel.escrowContract, channelId)
       lastOnChainVerified.set(channelId, Date.now())
       // Persist closeRequestedAt so the cached path detects force-close
       // between re-queries.
@@ -875,7 +883,6 @@ async function handleVoucher(
     channelId,
     voucher,
     onChain,
-    methodDetails,
   })
 }
@@ -902,7 +909,7 @@ async function handleClose(
   const voucher = parseVoucherFromPayload(channelId, payload.cumulativeAmount, payload.signature)
-  const onChain = await getOnChainChannel(client, methodDetails.escrowContract, channelId)
+  const onChain = await getOnChainChannel(client, channel.escrowContract, channelId)
   if (onChain.finalized) {
     throw new ChannelClosedError({ reason: 'channel is finalized on-chain' })
@@ -928,8 +935,8 @@ async function handleClose(
   }
   const isValid = await verifyVoucher(
-    methodDetails.escrowContract,
-    methodDetails.chainId,
+    channel.escrowContract,
+    channel.chainId,
     voucher,
     channel.authorizedSigner,
   )
@@ -964,7 +971,7 @@ async function handleClose(
       sender: account?.address ?? client.account?.address,
     })
-    txHash = await closeOnChain(client, methodDetails.escrowContract, voucher, {
+    txHash = await closeOnChain(client, channel.escrowContract, voucher, {
       ...(feePayer && account ? { feePayer, account } : { account }),
       candidateFeeTokens: [channel.token],
     })

package/src/tempo/server/Subscription.ts CHANGED Viewed

@@ -72,7 +72,7 @@ export function subscription<const parameters extends subscription.Parameters>(
   const { recipient } = Account.resolve(parameters)
   const context = createContext(parameters, {
-    store: rawStore,
+    store: Store.from(rawStore, { keyPrefix: parameters.storeKeyPrefix }),
     options: {
       activationTimeoutMs: parameters.activationTimeoutMs,
       renewalTimeoutMs: parameters.renewalTimeoutMs,
@@ -1110,6 +1110,12 @@ export declare namespace subscription {
         subscription: SubscriptionRecord
       }) => Promise<RenewalResult>
       store?: Store.AtomicStore<Record<string, unknown>> | undefined
+      /**
+       * Prefix prepended to all subscription store keys.
+       *
+       * By default, no prefix is applied.
+       */
+      storeKeyPrefix?: string | undefined
       testnet?: boolean | undefined
       waitForConfirmation?: boolean | undefined
     } & Defaults