npm - mppx - Versions diffs - 0.6.31 → 0.8.0 - Mend

mppx 0.6.31 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (616) hide show

package/CHANGELOG.md +50 -0
package/README.md +20 -11
package/dist/Challenge.d.ts.map +1 -1
package/dist/Challenge.js +27 -13
package/dist/Challenge.js.map +1 -1
package/dist/Constants.d.ts +46 -0
package/dist/Constants.d.ts.map +1 -0
package/dist/Constants.js +46 -0
package/dist/Constants.js.map +1 -0
package/dist/Credential.d.ts.map +1 -1
package/dist/Credential.js +5 -4
package/dist/Credential.js.map +1 -1
package/dist/Mcp.d.ts +3 -0
package/dist/Mcp.d.ts.map +1 -1
package/dist/Mcp.js +2 -0
package/dist/Mcp.js.map +1 -1
package/dist/Method.d.ts +32 -4
package/dist/Method.d.ts.map +1 -1
package/dist/Method.js +5 -2
package/dist/Method.js.map +1 -1
package/dist/PaymentRequest.d.ts +10 -10
package/dist/PaymentRequest.js +8 -8
package/dist/Receipt.d.ts.map +1 -1
package/dist/Receipt.js +3 -2
package/dist/Receipt.js.map +1 -1
package/dist/cli/cli.d.ts.map +1 -1
package/dist/cli/cli.js +19 -11
package/dist/cli/cli.js.map +1 -1
package/dist/cli/plugins/tempo.d.ts.map +1 -1
package/dist/cli/plugins/tempo.js +17 -6
package/dist/cli/plugins/tempo.js.map +1 -1
package/dist/cli/utils.d.ts +5 -0
package/dist/cli/utils.d.ts.map +1 -1
package/dist/cli/utils.js +10 -0
package/dist/cli/utils.js.map +1 -1
package/dist/client/Methods.d.ts +5 -2
package/dist/client/Methods.d.ts.map +1 -1
package/dist/client/Methods.js +5 -2
package/dist/client/Methods.js.map +1 -1
package/dist/client/Mppx.js +2 -2
package/dist/client/Mppx.js.map +1 -1
package/dist/client/Transport.d.ts +11 -16
package/dist/client/Transport.d.ts.map +1 -1
package/dist/client/Transport.js +55 -76
package/dist/client/Transport.js.map +1 -1
package/dist/client/index.d.ts +5 -1
package/dist/client/index.d.ts.map +1 -1
package/dist/client/index.js +3 -1
package/dist/client/index.js.map +1 -1
package/dist/client/internal/Fetch.d.ts.map +1 -1
package/dist/client/internal/Fetch.js +60 -13
package/dist/client/internal/Fetch.js.map +1 -1
package/dist/client/internal/protocols/Mcp.d.ts +7 -0
package/dist/client/internal/protocols/Mcp.d.ts.map +1 -0
package/dist/client/internal/protocols/Mcp.js +159 -0
package/dist/client/internal/protocols/Mcp.js.map +1 -0
package/dist/client/internal/protocols/Mpp.d.ts +4 -0
package/dist/client/internal/protocols/Mpp.d.ts.map +1 -0
package/dist/client/internal/protocols/Mpp.js +18 -0
package/dist/client/internal/protocols/Mpp.js.map +1 -0
package/dist/client/internal/protocols/Protocol.d.ts +10 -0
package/dist/client/internal/protocols/Protocol.d.ts.map +1 -0
package/dist/client/internal/protocols/Protocol.js +2 -0
package/dist/client/internal/protocols/Protocol.js.map +1 -0
package/dist/client/internal/protocols/Shared.d.ts +5 -0
package/dist/client/internal/protocols/Shared.d.ts.map +1 -0
package/dist/client/internal/protocols/Shared.js +20 -0
package/dist/client/internal/protocols/Shared.js.map +1 -0
package/dist/client/internal/protocols/X402.d.ts +8 -0
package/dist/client/internal/protocols/X402.d.ts.map +1 -0
package/dist/client/internal/protocols/X402.js +39 -0
package/dist/client/internal/protocols/X402.js.map +1 -0
package/dist/evm/client/index.d.ts +1 -0
package/dist/evm/client/index.d.ts.map +1 -1
package/dist/evm/client/index.js +1 -0
package/dist/evm/client/index.js.map +1 -1
package/dist/evm/index.d.ts +2 -0
package/dist/evm/index.d.ts.map +1 -1
package/dist/evm/index.js +2 -0
package/dist/evm/index.js.map +1 -1
package/dist/evm/server/Methods.d.ts +1 -1
package/dist/evm/server/Methods.d.ts.map +1 -1
package/dist/evm/server/index.d.ts +1 -0
package/dist/evm/server/index.d.ts.map +1 -1
package/dist/evm/server/index.js +1 -0
package/dist/evm/server/index.js.map +1 -1
package/dist/index.d.ts +1 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +1 -0
package/dist/index.js.map +1 -1
package/dist/internal/AcceptPayment.d.ts +3 -0
package/dist/internal/AcceptPayment.d.ts.map +1 -1
package/dist/internal/AcceptPayment.js +15 -11
package/dist/internal/AcceptPayment.js.map +1 -1
package/dist/mcp/client/McpClient.d.ts +101 -0
package/dist/mcp/client/McpClient.d.ts.map +1 -0
package/dist/mcp/client/McpClient.js +162 -0
package/dist/mcp/client/McpClient.js.map +1 -0
package/dist/mcp/client/index.d.ts.map +1 -0
package/dist/mcp/client/index.js.map +1 -0
package/dist/mcp/server/Transport.d.ts.map +1 -0
package/dist/mcp/server/Transport.js.map +1 -0
package/dist/mcp/server/index.d.ts.map +1 -0
package/dist/mcp/server/index.js.map +1 -0
package/dist/server/Mppx.d.ts +12 -4
package/dist/server/Mppx.d.ts.map +1 -1
package/dist/server/Mppx.js +85 -27
package/dist/server/Mppx.js.map +1 -1
package/dist/server/Response.d.ts.map +1 -1
package/dist/server/Response.js +2 -1
package/dist/server/Response.js.map +1 -1
package/dist/server/Transport.d.ts +1 -1
package/dist/server/Transport.d.ts.map +1 -1
package/dist/server/Transport.js +5 -4
package/dist/server/Transport.js.map +1 -1
package/dist/server/index.d.ts +1 -0
package/dist/server/index.d.ts.map +1 -1
package/dist/server/index.js +1 -0
package/dist/server/index.js.map +1 -1
package/dist/stripe/client/Charge.d.ts +1 -1
package/dist/stripe/client/Charge.d.ts.map +1 -1
package/dist/stripe/client/Charge.js +3 -1
package/dist/stripe/client/Charge.js.map +1 -1
package/dist/stripe/server/Charge.d.ts +1 -1
package/dist/stripe/server/Charge.d.ts.map +1 -1
package/dist/stripe/server/Charge.js +9 -2
package/dist/stripe/server/Charge.js.map +1 -1
package/dist/stripe/server/Methods.d.ts +1 -1
package/dist/stripe/server/Methods.d.ts.map +1 -1
package/dist/stripe/server/internal/html.gen.d.ts +1 -1
package/dist/stripe/server/internal/html.gen.d.ts.map +1 -1
package/dist/stripe/server/internal/html.gen.js +1 -1
package/dist/stripe/server/internal/html.gen.js.map +1 -1
package/dist/tempo/Methods.d.ts +18 -0
package/dist/tempo/Methods.d.ts.map +1 -1
package/dist/tempo/Methods.js +16 -1
package/dist/tempo/Methods.js.map +1 -1
package/dist/tempo/Proof.d.ts +85 -1
package/dist/tempo/Proof.d.ts.map +1 -1
package/dist/tempo/Proof.js +35 -0
package/dist/tempo/Proof.js.map +1 -1
package/dist/tempo/client/Charge.d.ts +19 -1
package/dist/tempo/client/Charge.d.ts.map +1 -1
package/dist/tempo/client/Charge.js +47 -27
package/dist/tempo/client/Charge.js.map +1 -1
package/dist/tempo/client/Methods.d.ts +41 -10
package/dist/tempo/client/Methods.d.ts.map +1 -1
package/dist/tempo/client/Methods.js +16 -7
package/dist/tempo/client/Methods.js.map +1 -1
package/dist/tempo/client/ResolveAccount.d.ts +40 -0
package/dist/tempo/client/ResolveAccount.d.ts.map +1 -0
package/dist/tempo/client/ResolveAccount.js +2 -0
package/dist/tempo/client/ResolveAccount.js.map +1 -0
package/dist/tempo/client/index.d.ts +7 -4
package/dist/tempo/client/index.d.ts.map +1 -1
package/dist/tempo/client/index.js +5 -3
package/dist/tempo/client/index.js.map +1 -1
package/dist/tempo/index.d.ts +1 -0
package/dist/tempo/index.d.ts.map +1 -1
package/dist/tempo/index.js +1 -0
package/dist/tempo/index.js.map +1 -1
package/dist/tempo/internal/fee-payer.d.ts +29 -1
package/dist/tempo/internal/fee-payer.d.ts.map +1 -1
package/dist/tempo/internal/fee-payer.js +138 -4
package/dist/tempo/internal/fee-payer.js.map +1 -1
package/dist/tempo/internal/proof.d.ts +71 -5
package/dist/tempo/internal/proof.d.ts.map +1 -1
package/dist/tempo/internal/proof.js +42 -6
package/dist/tempo/internal/proof.js.map +1 -1
package/dist/tempo/{client → legacy/client}/ChannelOps.d.ts +19 -6
package/dist/tempo/legacy/client/ChannelOps.d.ts.map +1 -0
package/dist/tempo/{client → legacy/client}/ChannelOps.js +9 -3
package/dist/tempo/legacy/client/ChannelOps.js.map +1 -0
package/dist/tempo/{client → legacy/client}/Session.d.ts +23 -4
package/dist/tempo/legacy/client/Session.d.ts.map +1 -0
package/dist/tempo/{client → legacy/client}/Session.js +14 -7
package/dist/tempo/legacy/client/Session.js.map +1 -0
package/dist/tempo/{client → legacy/client}/SessionManager.d.ts +20 -5
package/dist/tempo/legacy/client/SessionManager.d.ts.map +1 -0
package/dist/tempo/{client → legacy/client}/SessionManager.js +30 -19
package/dist/tempo/legacy/client/SessionManager.js.map +1 -0
package/dist/tempo/legacy/client/index.d.ts +7 -0
package/dist/tempo/legacy/client/index.d.ts.map +1 -0
package/dist/tempo/legacy/client/index.js +5 -0
package/dist/tempo/legacy/client/index.js.map +1 -0
package/dist/tempo/legacy/index.d.ts +7 -0
package/dist/tempo/legacy/index.d.ts.map +1 -0
package/dist/tempo/legacy/index.js +7 -0
package/dist/tempo/legacy/index.js.map +1 -0
package/dist/tempo/{server → legacy/server}/Session.d.ts +28 -11
package/dist/tempo/legacy/server/Session.d.ts.map +1 -0
package/dist/tempo/{server → legacy/server}/Session.js +12 -10
package/dist/tempo/legacy/server/Session.js.map +1 -0
package/dist/tempo/legacy/server/index.d.ts +5 -0
package/dist/tempo/legacy/server/index.d.ts.map +1 -0
package/dist/tempo/legacy/server/index.js +5 -0
package/dist/tempo/legacy/server/index.js.map +1 -0
package/dist/tempo/{session → legacy/session}/Chain.d.ts +30 -23
package/dist/tempo/legacy/session/Chain.d.ts.map +1 -0
package/dist/tempo/{session → legacy/session}/Chain.js +12 -11
package/dist/tempo/legacy/session/Chain.js.map +1 -0
package/dist/tempo/{session → legacy/session}/Channel.d.ts +1 -0
package/dist/tempo/legacy/session/Channel.d.ts.map +1 -0
package/dist/tempo/legacy/session/Channel.js.map +1 -0
package/dist/tempo/legacy/session/ChannelStore.d.ts +22 -0
package/dist/tempo/legacy/session/ChannelStore.d.ts.map +1 -0
package/dist/tempo/legacy/session/ChannelStore.js +6 -0
package/dist/tempo/legacy/session/ChannelStore.js.map +1 -0
package/dist/tempo/legacy/session/Types.d.ts +73 -0
package/dist/tempo/legacy/session/Types.d.ts.map +1 -0
package/dist/tempo/legacy/session/Types.js.map +1 -0
package/dist/tempo/{session → legacy/session}/Voucher.d.ts +4 -4
package/dist/tempo/legacy/session/Voucher.d.ts.map +1 -0
package/dist/tempo/{session → legacy/session}/Voucher.js +1 -1
package/dist/tempo/legacy/session/Voucher.js.map +1 -0
package/dist/tempo/{session → legacy/session}/escrow.abi.d.ts +1 -0
package/dist/tempo/{session → legacy/session}/escrow.abi.d.ts.map +1 -1
package/dist/tempo/{session → legacy/session}/escrow.abi.js +1 -0
package/dist/tempo/legacy/session/escrow.abi.js.map +1 -0
package/dist/tempo/legacy/session/index.d.ts +9 -0
package/dist/tempo/legacy/session/index.d.ts.map +1 -0
package/dist/tempo/legacy/session/index.js +9 -0
package/dist/tempo/legacy/session/index.js.map +1 -0
package/dist/tempo/server/Charge.d.ts +1 -1
package/dist/tempo/server/Charge.d.ts.map +1 -1
package/dist/tempo/server/Charge.js +51 -30
package/dist/tempo/server/Charge.js.map +1 -1
package/dist/tempo/server/Methods.d.ts +67 -8
package/dist/tempo/server/Methods.d.ts.map +1 -1
package/dist/tempo/server/Methods.js +40 -10
package/dist/tempo/server/Methods.js.map +1 -1
package/dist/tempo/server/Subscription.d.ts +11 -1
package/dist/tempo/server/Subscription.d.ts.map +1 -1
package/dist/tempo/server/Subscription.js +135 -23
package/dist/tempo/server/Subscription.js.map +1 -1
package/dist/tempo/server/index.d.ts +6 -5
package/dist/tempo/server/index.d.ts.map +1 -1
package/dist/tempo/server/index.js +5 -5
package/dist/tempo/server/index.js.map +1 -1
package/dist/tempo/server/internal/html.gen.d.ts +1 -1
package/dist/tempo/server/internal/html.gen.d.ts.map +1 -1
package/dist/tempo/server/internal/html.gen.js +1 -1
package/dist/tempo/server/internal/html.gen.js.map +1 -1
package/dist/tempo/server/internal/request-body.d.ts +7 -2
package/dist/tempo/server/internal/request-body.d.ts.map +1 -1
package/dist/tempo/server/internal/request-body.js +20 -3
package/dist/tempo/server/internal/request-body.js.map +1 -1
package/dist/tempo/server/internal/transport.d.ts +8 -4
package/dist/tempo/server/internal/transport.d.ts.map +1 -1
package/dist/tempo/server/internal/transport.js +8 -7
package/dist/tempo/server/internal/transport.js.map +1 -1
package/dist/tempo/session/Snapshot.d.ts +32 -0
package/dist/tempo/session/Snapshot.d.ts.map +1 -0
package/dist/tempo/session/Snapshot.js +37 -0
package/dist/tempo/session/Snapshot.js.map +1 -0
package/dist/tempo/session/client/ChannelOps.d.ts +81 -0
package/dist/tempo/session/client/ChannelOps.d.ts.map +1 -0
package/dist/tempo/session/client/ChannelOps.js +201 -0
package/dist/tempo/session/client/ChannelOps.js.map +1 -0
package/dist/tempo/session/client/ChannelStore.d.ts +51 -0
package/dist/tempo/session/client/ChannelStore.d.ts.map +1 -0
package/dist/tempo/session/client/ChannelStore.js +63 -0
package/dist/tempo/session/client/ChannelStore.js.map +1 -0
package/dist/tempo/session/client/CredentialState.d.ts +245 -0
package/dist/tempo/session/client/CredentialState.d.ts.map +1 -0
package/dist/tempo/session/client/CredentialState.js +419 -0
package/dist/tempo/session/client/CredentialState.js.map +1 -0
package/dist/tempo/session/client/ReceiptCoordinator.d.ts +26 -0
package/dist/tempo/session/client/ReceiptCoordinator.d.ts.map +1 -0
package/dist/tempo/session/client/ReceiptCoordinator.js +61 -0
package/dist/tempo/session/client/ReceiptCoordinator.js.map +1 -0
package/dist/tempo/session/client/Runtime.d.ts +464 -0
package/dist/tempo/session/client/Runtime.d.ts.map +1 -0
package/dist/tempo/session/client/Runtime.js +499 -0
package/dist/tempo/session/client/Runtime.js.map +1 -0
package/dist/tempo/session/client/Session.d.ts +138 -0
package/dist/tempo/session/client/Session.d.ts.map +1 -0
package/dist/tempo/session/client/Session.js +69 -0
package/dist/tempo/session/client/Session.js.map +1 -0
package/dist/tempo/session/client/SessionManager.d.ts +84 -0
package/dist/tempo/session/client/SessionManager.d.ts.map +1 -0
package/dist/tempo/session/client/SessionManager.js +577 -0
package/dist/tempo/session/client/SessionManager.js.map +1 -0
package/dist/tempo/session/client/Transports.d.ts +449 -0
package/dist/tempo/session/client/Transports.d.ts.map +1 -0
package/dist/tempo/session/client/Transports.js +721 -0
package/dist/tempo/session/client/Transports.js.map +1 -0
package/dist/tempo/session/client/index.d.ts +11 -0
package/dist/tempo/session/client/index.d.ts.map +1 -0
package/dist/tempo/session/client/index.js +6 -0
package/dist/tempo/session/client/index.js.map +1 -0
package/dist/tempo/session/index.d.ts +7 -8
package/dist/tempo/session/index.d.ts.map +1 -1
package/dist/tempo/session/index.js +7 -8
package/dist/tempo/session/index.js.map +1 -1
package/dist/tempo/session/precompile/Chain.d.ts +319 -0
package/dist/tempo/session/precompile/Chain.d.ts.map +1 -0
package/dist/tempo/session/precompile/Chain.js +492 -0
package/dist/tempo/session/precompile/Chain.js.map +1 -0
package/dist/tempo/session/precompile/Channel.d.ts +46 -0
package/dist/tempo/session/precompile/Channel.d.ts.map +1 -0
package/dist/tempo/session/precompile/Channel.js +56 -0
package/dist/tempo/session/precompile/Channel.js.map +1 -0
package/dist/tempo/session/precompile/Protocol.d.ts +308 -0
package/dist/tempo/session/precompile/Protocol.d.ts.map +1 -0
package/dist/tempo/session/precompile/Protocol.js +264 -0
package/dist/tempo/session/precompile/Protocol.js.map +1 -0
package/dist/tempo/session/precompile/Voucher.d.ts +40 -0
package/dist/tempo/session/precompile/Voucher.d.ts.map +1 -0
package/dist/tempo/session/precompile/Voucher.js +125 -0
package/dist/tempo/session/precompile/Voucher.js.map +1 -0
package/dist/tempo/session/precompile/escrow.abi.d.ts +522 -0
package/dist/tempo/session/precompile/escrow.abi.d.ts.map +1 -0
package/dist/tempo/session/precompile/escrow.abi.js +224 -0
package/dist/tempo/session/precompile/escrow.abi.js.map +1 -0
package/dist/tempo/session/precompile/index.d.ts +24 -0
package/dist/tempo/session/precompile/index.d.ts.map +1 -0
package/dist/tempo/session/precompile/index.js +22 -0
package/dist/tempo/session/precompile/index.js.map +1 -0
package/dist/tempo/session/server/ChannelOps.d.ts +56 -0
package/dist/tempo/session/server/ChannelOps.d.ts.map +1 -0
package/dist/tempo/session/server/ChannelOps.js +91 -0
package/dist/tempo/session/server/ChannelOps.js.map +1 -0
package/dist/tempo/session/server/ChannelStore.d.ts +347 -0
package/dist/tempo/session/server/ChannelStore.d.ts.map +1 -0
package/dist/tempo/session/server/ChannelStore.js +404 -0
package/dist/tempo/session/server/ChannelStore.js.map +1 -0
package/dist/tempo/session/server/CredentialVerification.d.ts +85 -0
package/dist/tempo/session/server/CredentialVerification.d.ts.map +1 -0
package/dist/tempo/session/server/CredentialVerification.js +494 -0
package/dist/tempo/session/server/CredentialVerification.js.map +1 -0
package/dist/tempo/session/server/MeteredStream.d.ts +40 -0
package/dist/tempo/session/server/MeteredStream.d.ts.map +1 -0
package/dist/tempo/session/server/MeteredStream.js +42 -0
package/dist/tempo/session/server/MeteredStream.js.map +1 -0
package/dist/tempo/session/server/RequestState.d.ts +208 -0
package/dist/tempo/session/server/RequestState.d.ts.map +1 -0
package/dist/tempo/session/server/RequestState.js +252 -0
package/dist/tempo/session/server/RequestState.js.map +1 -0
package/dist/tempo/session/server/Session.d.ts +169 -0
package/dist/tempo/session/server/Session.d.ts.map +1 -0
package/dist/tempo/session/server/Session.js +351 -0
package/dist/tempo/session/server/Session.js.map +1 -0
package/dist/tempo/session/server/Settlement.d.ts +185 -0
package/dist/tempo/session/server/Settlement.d.ts.map +1 -0
package/dist/tempo/session/server/Settlement.js +252 -0
package/dist/tempo/session/server/Settlement.js.map +1 -0
package/dist/tempo/session/{Sse.d.ts → server/Sse.d.ts} +9 -56
package/dist/tempo/session/server/Sse.d.ts.map +1 -0
package/dist/tempo/session/server/Sse.js +184 -0
package/dist/tempo/session/server/Sse.js.map +1 -0
package/dist/tempo/session/server/Transports.d.ts +89 -0
package/dist/tempo/session/server/Transports.d.ts.map +1 -0
package/dist/tempo/session/server/Transports.js +149 -0
package/dist/tempo/session/server/Transports.js.map +1 -0
package/dist/tempo/session/server/Ws.d.ts +48 -0
package/dist/tempo/session/server/Ws.d.ts.map +1 -0
package/dist/tempo/session/server/Ws.js +244 -0
package/dist/tempo/session/server/Ws.js.map +1 -0
package/dist/tempo/session/server/index.d.ts +4 -0
package/dist/tempo/session/server/index.d.ts.map +1 -0
package/dist/tempo/session/server/index.js +2 -0
package/dist/tempo/session/server/index.js.map +1 -0
package/dist/tempo/subscription/KeyAuthorization.d.ts +712 -1
package/dist/tempo/subscription/KeyAuthorization.d.ts.map +1 -1
package/dist/tempo/subscription/Store.d.ts +2 -0
package/dist/tempo/subscription/Store.d.ts.map +1 -1
package/dist/tempo/subscription/Store.js +16 -1
package/dist/tempo/subscription/Store.js.map +1 -1
package/dist/x402/index.d.ts +1 -0
package/dist/x402/index.d.ts.map +1 -1
package/dist/x402/index.js +1 -0
package/dist/x402/index.js.map +1 -1
package/package.json +25 -9
package/src/Challenge.test.ts +40 -0
package/src/Challenge.ts +28 -13
package/src/Constants.ts +58 -0
package/src/Credential.ts +5 -4
package/src/Mcp.ts +4 -0
package/src/Method.ts +46 -5
package/src/PaymentRequest.ts +10 -10
package/src/Receipt.ts +3 -2
package/src/cli/cli.test.ts +38 -43
package/src/cli/cli.ts +23 -10
package/src/cli/mcp.test.ts +21 -7
package/src/cli/plugins/tempo.ts +21 -8
package/src/cli/utils.test.ts +25 -1
package/src/cli/utils.ts +10 -0
package/src/client/Methods.ts +5 -2
package/src/client/Mppx.test-d.ts +31 -1
package/src/client/Mppx.test.ts +76 -1
package/src/client/Mppx.ts +2 -2
package/src/client/Transport.test.ts +225 -178
package/src/client/Transport.ts +77 -84
package/src/client/index.ts +25 -1
package/src/client/internal/Fetch.test.ts +236 -6
package/src/client/internal/Fetch.ts +69 -11
package/src/client/internal/protocols/Mcp.test.ts +220 -0
package/src/client/internal/protocols/Mcp.ts +162 -0
package/src/client/internal/protocols/Mpp.ts +21 -0
package/src/client/internal/protocols/Protocol.ts +10 -0
package/src/client/internal/protocols/Shared.ts +25 -0
package/src/client/internal/protocols/X402.ts +42 -0
package/src/discovery/OpenApi.test.ts +1 -1
package/src/env.d.ts +1 -1
package/src/evm/PublicInterface.test-d.ts +1 -1
package/src/evm/client/index.ts +1 -0
package/src/evm/index.ts +2 -0
package/src/evm/server/Charge.test.ts +1 -1
package/src/evm/server/index.ts +1 -0
package/src/index.ts +1 -0
package/src/internal/AcceptPayment.test.ts +61 -0
package/src/internal/AcceptPayment.ts +21 -14
package/src/{mcp-sdk → mcp}/client/McpClient.integration.test.ts +18 -11
package/src/{mcp-sdk → mcp}/client/McpClient.test-d.ts +45 -11
package/src/{mcp-sdk → mcp}/client/McpClient.test.ts +211 -5
package/src/mcp/client/McpClient.ts +307 -0
package/src/mcp/client/McpClient.unit.test.ts +135 -0
package/src/middlewares/elysia.test.ts +9 -5
package/src/middlewares/express.test.ts +9 -5
package/src/middlewares/hono.test.ts +5 -5
package/src/middlewares/internal/mppx.test.ts +1 -1
package/src/middlewares/nextjs.test.ts +9 -5
package/src/proxy/Proxy.test.ts +9 -9
package/src/proxy/services/anthropic.test.ts +1 -1
package/src/proxy/services/openai.test.ts +1 -1
package/src/proxy/services/stripe.test.ts +1 -1
package/src/server/Mppx.authorize.test.ts +1 -1
package/src/server/Mppx.test-d.ts +55 -1
package/src/server/Mppx.test.ts +220 -9
package/src/server/Mppx.ts +501 -407
package/src/server/Response.ts +2 -1
package/src/server/Transport.test.ts +6 -6
package/src/server/Transport.ts +5 -4
package/src/server/index.ts +1 -0
package/src/stripe/Charge.integration.test.ts +1 -1
package/src/stripe/client/Charge.test.ts +21 -6
package/src/stripe/client/Charge.ts +6 -2
package/src/stripe/server/Charge.test.ts +115 -2
package/src/stripe/server/Charge.ts +13 -2
package/src/stripe/server/internal/html/package.json +1 -1
package/src/stripe/server/internal/html.gen.ts +1 -1
package/src/tempo/AccessKeyAuthorization.test.ts +4 -94
package/src/tempo/Methods.test.ts +45 -17
package/src/tempo/Methods.ts +22 -0
package/src/tempo/Proof.conformance.test.ts +146 -0
package/src/tempo/Proof.test-d.ts +15 -0
package/src/tempo/Proof.ts +52 -1
package/src/tempo/PublicExports.test-d.ts +105 -0
package/src/tempo/Subscription.integration.test.ts +1 -1
package/src/tempo/client/Charge.test.ts +258 -0
package/src/tempo/client/Charge.ts +84 -38
package/src/tempo/client/Methods.ts +22 -8
package/src/tempo/client/ResolveAccount.ts +46 -0
package/src/tempo/client/index.ts +15 -4
package/src/tempo/index.ts +1 -0
package/src/tempo/internal/fee-payer.test.ts +296 -17
package/src/tempo/internal/fee-payer.ts +186 -4
package/src/tempo/internal/fee-token.test.ts +14 -9
package/src/tempo/internal/proof.test.ts +12 -4
package/src/tempo/internal/proof.ts +55 -6
package/src/tempo/legacy/AccessKeyAuthorization.test.ts +162 -0
package/src/tempo/legacy/README.md +9 -0
package/src/tempo/{client → legacy/client}/ChannelOps.test.ts +6 -7
package/src/tempo/{client → legacy/client}/ChannelOps.ts +22 -9
package/src/tempo/{client → legacy/client}/Session.test.ts +51 -9
package/src/tempo/{client → legacy/client}/Session.ts +25 -11
package/src/tempo/{client → legacy/client}/SessionManager.test.ts +81 -9
package/src/tempo/{client → legacy/client}/SessionManager.ts +52 -23
package/src/tempo/legacy/client/index.ts +6 -0
package/src/tempo/legacy/index.ts +6 -0
package/src/tempo/{server → legacy/server}/Session.test.ts +136 -71
package/src/tempo/{server → legacy/server}/Session.ts +32 -23
package/src/tempo/legacy/server/index.ts +4 -0
package/src/tempo/{session → legacy/session}/Chain.test.ts +3 -4
package/src/tempo/{session → legacy/session}/Chain.ts +94 -63
package/src/tempo/{session → legacy/session}/Channel.ts +1 -0
package/src/tempo/legacy/session/ChannelStore.test.ts +58 -0
package/src/tempo/legacy/session/ChannelStore.ts +39 -0
package/src/tempo/legacy/session/Types.ts +91 -0
package/src/tempo/{session → legacy/session}/Voucher.ts +12 -8
package/src/tempo/{session → legacy/session}/escrow.abi.ts +1 -0
package/src/tempo/legacy/session/index.ts +8 -0
package/src/tempo/server/AtomicStore.test-d.ts +16 -11
package/src/tempo/server/Charge.test.ts +480 -31
package/src/tempo/server/Charge.ts +54 -30
package/src/tempo/server/Methods.ts +58 -10
package/src/tempo/server/Sse.test.ts +2 -2
package/src/tempo/server/Subscription.test.ts +465 -3
package/src/tempo/server/Subscription.ts +174 -19
package/src/tempo/server/index.ts +6 -5
package/src/tempo/server/internal/html/package.json +2 -2
package/src/tempo/server/internal/html.gen.ts +1 -1
package/src/tempo/server/internal/request-body.test.ts +37 -4
package/src/tempo/server/internal/request-body.ts +25 -6
package/src/tempo/server/internal/transport.test.ts +4 -4
package/src/tempo/server/internal/transport.ts +19 -10
package/src/tempo/session/Snapshot.test.ts +41 -0
package/src/tempo/session/Snapshot.ts +74 -0
package/src/tempo/session/client/ChannelOps.test.ts +163 -0
package/src/tempo/session/client/ChannelOps.ts +330 -0
package/src/tempo/session/client/ChannelStore.ts +111 -0
package/src/tempo/session/client/CredentialState.test.ts +789 -0
package/src/tempo/session/client/CredentialState.ts +799 -0
package/src/tempo/session/client/ReceiptCoordinator.ts +95 -0
package/src/tempo/session/client/Runtime.test.ts +1092 -0
package/src/tempo/session/client/Runtime.ts +986 -0
package/src/tempo/session/client/Session.test.ts +774 -0
package/src/tempo/session/client/Session.ts +123 -0
package/src/tempo/session/client/SessionManager.test.ts +1397 -0
package/src/tempo/session/client/SessionManager.ts +751 -0
package/src/tempo/session/client/Transports.test.ts +837 -0
package/src/tempo/session/client/Transports.ts +1292 -0
package/src/tempo/session/client/index.ts +40 -0
package/src/tempo/session/index.ts +7 -8
package/src/tempo/session/precompile/Chain.integration.test.ts +321 -0
package/src/tempo/session/precompile/Chain.test.ts +1258 -0
package/src/tempo/session/precompile/Chain.ts +979 -0
package/src/tempo/session/precompile/Channel.test.ts +138 -0
package/src/tempo/session/precompile/Channel.ts +103 -0
package/src/tempo/session/precompile/Protocol.test.ts +358 -0
package/src/tempo/session/precompile/Protocol.ts +520 -0
package/src/tempo/session/precompile/Voucher.test.ts +354 -0
package/src/tempo/session/precompile/Voucher.ts +162 -0
package/src/tempo/session/precompile/escrow.abi.ts +226 -0
package/src/tempo/session/precompile/index.ts +33 -0
package/src/tempo/session/server/ChannelOps.test.ts +129 -0
package/src/tempo/session/server/ChannelOps.ts +157 -0
package/src/tempo/session/{ChannelStore.test.ts → server/ChannelStore.test.ts} +536 -29
package/src/tempo/session/server/ChannelStore.ts +835 -0
package/src/tempo/session/server/CredentialVerification.test.ts +146 -0
package/src/tempo/session/server/CredentialVerification.ts +710 -0
package/src/tempo/session/server/MeteredStream.ts +88 -0
package/src/tempo/session/server/RequestState.test.ts +531 -0
package/src/tempo/session/server/RequestState.ts +499 -0
package/src/tempo/session/server/Session.integration.test.ts +444 -0
package/src/tempo/session/server/Session.test.ts +3253 -0
package/src/tempo/session/server/Session.ts +543 -0
package/src/tempo/session/server/Settlement.test.ts +329 -0
package/src/tempo/session/server/Settlement.ts +471 -0
package/src/tempo/session/{Sse.test.ts → server/Sse.test.ts} +37 -3
package/src/tempo/session/server/Sse.ts +254 -0
package/src/tempo/session/server/Transports.test.ts +346 -0
package/src/tempo/session/server/Transports.ts +255 -0
package/src/tempo/session/{Ws.test.ts → server/Ws.test.ts} +4 -4
package/src/tempo/session/server/Ws.ts +380 -0
package/src/tempo/session/server/index.ts +8 -0
package/src/tempo/subscription/Store.ts +27 -9
package/src/x402/Exact.e2e.test.ts +1 -1
package/src/x402/PublicInterface.test-d.ts +1 -1
package/src/x402/index.ts +1 -0
package/dist/mcp-sdk/client/McpClient.d.ts +0 -78
package/dist/mcp-sdk/client/McpClient.d.ts.map +0 -1
package/dist/mcp-sdk/client/McpClient.js +0 -105
package/dist/mcp-sdk/client/McpClient.js.map +0 -1
package/dist/mcp-sdk/client/index.d.ts.map +0 -1
package/dist/mcp-sdk/client/index.js.map +0 -1
package/dist/mcp-sdk/server/Transport.d.ts.map +0 -1
package/dist/mcp-sdk/server/Transport.js.map +0 -1
package/dist/mcp-sdk/server/index.d.ts.map +0 -1
package/dist/mcp-sdk/server/index.js.map +0 -1
package/dist/tempo/client/ChannelOps.d.ts.map +0 -1
package/dist/tempo/client/ChannelOps.js.map +0 -1
package/dist/tempo/client/Session.d.ts.map +0 -1
package/dist/tempo/client/Session.js.map +0 -1
package/dist/tempo/client/SessionManager.d.ts.map +0 -1
package/dist/tempo/client/SessionManager.js.map +0 -1
package/dist/tempo/server/Session.d.ts.map +0 -1
package/dist/tempo/server/Session.js.map +0 -1
package/dist/tempo/session/Chain.d.ts.map +0 -1
package/dist/tempo/session/Chain.js.map +0 -1
package/dist/tempo/session/Channel.d.ts.map +0 -1
package/dist/tempo/session/Channel.js.map +0 -1
package/dist/tempo/session/ChannelStore.d.ts +0 -117
package/dist/tempo/session/ChannelStore.d.ts.map +0 -1
package/dist/tempo/session/ChannelStore.js +0 -172
package/dist/tempo/session/ChannelStore.js.map +0 -1
package/dist/tempo/session/Receipt.d.ts +0 -22
package/dist/tempo/session/Receipt.d.ts.map +0 -1
package/dist/tempo/session/Receipt.js +0 -34
package/dist/tempo/session/Receipt.js.map +0 -1
package/dist/tempo/session/Sse.d.ts.map +0 -1
package/dist/tempo/session/Sse.js +0 -363
package/dist/tempo/session/Sse.js.map +0 -1
package/dist/tempo/session/Types.d.ts +0 -78
package/dist/tempo/session/Types.d.ts.map +0 -1
package/dist/tempo/session/Types.js.map +0 -1
package/dist/tempo/session/Voucher.d.ts.map +0 -1
package/dist/tempo/session/Voucher.js.map +0 -1
package/dist/tempo/session/Ws.d.ts +0 -87
package/dist/tempo/session/Ws.d.ts.map +0 -1
package/dist/tempo/session/Ws.js +0 -443
package/dist/tempo/session/Ws.js.map +0 -1
package/dist/tempo/session/escrow.abi.js.map +0 -1
package/src/mcp-sdk/client/McpClient.ts +0 -196
package/src/tempo/session/ChannelStore.ts +0 -308
package/src/tempo/session/Receipt.test.ts +0 -89
package/src/tempo/session/Receipt.ts +0 -46
package/src/tempo/session/Sse.ts +0 -462
package/src/tempo/session/Types.ts +0 -86
package/src/tempo/session/Ws.ts +0 -576
/package/dist/{mcp-sdk → mcp}/client/index.d.ts +0 -0
/package/dist/{mcp-sdk → mcp}/client/index.js +0 -0
/package/dist/{mcp-sdk → mcp}/server/Transport.d.ts +0 -0
/package/dist/{mcp-sdk → mcp}/server/Transport.js +0 -0
/package/dist/{mcp-sdk → mcp}/server/index.d.ts +0 -0
/package/dist/{mcp-sdk → mcp}/server/index.js +0 -0
/package/dist/tempo/{session → legacy/session}/Channel.js +0 -0
/package/dist/tempo/{session → legacy/session}/Types.js +0 -0
/package/src/{mcp-sdk → mcp}/client/index.ts +0 -0
/package/src/{mcp-sdk → mcp}/server/Transport.test.ts +0 -0
/package/src/{mcp-sdk → mcp}/server/Transport.ts +0 -0
/package/src/{mcp-sdk → mcp}/server/index.ts +0 -0
/package/src/tempo/{session → legacy/session}/Channel.test.ts +0 -0
/package/src/tempo/{session → legacy/session}/Voucher.test.ts +0 -0
/package/src/tempo/session/{Sse.fuzz.test.ts → server/Sse.fuzz.test.ts} +0 -0

package/src/client/Transport.test.ts CHANGED Viewed

@@ -4,6 +4,8 @@ import { Methods } from 'mppx/tempo'
 import { Header as x402_Header, Types as x402_Types, type PaymentRequired } from 'mppx/x402'
 import { describe, expect, test } from 'vp/test'
+import * as x402_ChallengeBrand from '../x402/internal/ChallengeBrand.js'
 const realm = 'api.example.com'
 const secretKey = 'test-secret-key'
@@ -138,13 +140,13 @@ describe('http', () => {
         }),
         name: 'Payment auth and x402 challenges when both are present',
       },
-    ])('returns $name', ({ expectedIds, expectedMethods, headers }) => {
+    ])('returns $name', async ({ expectedIds, expectedMethods, headers }) => {
       const transport = Transport.http()
       const response = new Response(null, {
         status: 402,
         headers: headers(),
       })
-      const challenges = transport.getChallenges?.(response) ?? []
+      const challenges = (await transport.getChallenges?.(response)) ?? []
       expect(challenges.map((entry) => entry.id)).toEqual(expectedIds)
       expect(challenges.map((entry) => entry.method)).toEqual(expectedMethods)
@@ -160,20 +162,6 @@ describe('http', () => {
         expectedValue: Credential.serialize(credential),
         name: 'Payment auth credential for Payment auth challenge',
       },
-      {
-        challenge: Transport.http().getChallenges!(
-          new Response(null, {
-            status: 402,
-            headers: {
-              'PAYMENT-REQUIRED': x402_Header.encodePaymentRequired(x402PaymentRequired),
-            },
-          }),
-        )[0],
-        credential: 'x402-signature',
-        expectedHeader: 'PAYMENT-SIGNATURE',
-        expectedValue: 'x402-signature',
-        name: 'raw x402 credential for x402 challenge',
-      },
       {
         challenge,
         credential: 'custom-credential',
@@ -197,6 +185,24 @@ describe('http', () => {
       expect(headers.get(expectedHeader)).toBe(expectedValue)
     })
+    test('writes x402 credentials for x402 challenges from the same transport', () => {
+      const transport = Transport.http()
+      const [x402Challenge] = transport.getChallenges!(
+        new Response(null, {
+          status: 402,
+          headers: {
+            'PAYMENT-REQUIRED': x402_Header.encodePaymentRequired(x402PaymentRequired),
+          },
+        }),
+      ) as Challenge.Challenge[]
+      const result = transport.setCredential({}, 'x402-signature', { challenge: x402Challenge })
+      const headers = result.headers as Headers
+      expect(headers.get('Authorization')).toBeNull()
+      expect(headers.get(x402_Types.paymentSignatureHeader)).toBe('x402-signature')
+    })
     test('does not treat unbranded Payment-auth challenges as x402', () => {
       const transport = Transport.http()
       const untrustedChallenge = Challenge.from({
@@ -216,16 +222,53 @@ describe('http', () => {
       expect(headers.get(x402_Types.paymentSignatureHeader)).toBeNull()
     })
-    test('removes stale credential headers before setting the retry credential', () => {
+    test('routes JSON-RPC requests with native 402 challenges through Authorization', () => {
+      const transport = Transport.http()
+      const jsonRpcRequest = {
+        method: 'POST',
+        body: JSON.stringify({ jsonrpc: '2.0', id: 1, method: 'tools/call', params: {} }),
+      } satisfies RequestInit
+      const [nativeChallenge] = transport.getChallenges!(
+        new Response(null, {
+          status: 402,
+          headers: { 'WWW-Authenticate': Challenge.serialize(challenge) },
+        }),
+        jsonRpcRequest,
+      ) as Challenge.Challenge[]
+      const result = transport.setCredential(jsonRpcRequest, 'credential', {
+        challenge: nativeChallenge,
+      })
+      const headers = new Headers(result.headers)
+      expect(headers.get('Authorization')).toBe('credential')
+      expect(result.body).toBe(jsonRpcRequest.body)
+    })
+    test('marks x402 challenges with the brand the evm charge client reads', async () => {
+      // Provenance guard: `evm/client/Charge.ts` recognizes x402 challenges via the same
+      // brand the x402 adapter stamps. If the marking site drifts, EVM x402 charges misroute.
+      const [x402Challenge] = await Transport.http().getChallenges!(
+        new Response(null, {
+          status: 402,
+          headers: {
+            'PAYMENT-REQUIRED': x402_Header.encodePaymentRequired(x402PaymentRequired),
+          },
+        }),
+      )
+      expect(x402_ChallengeBrand.is(x402Challenge)).toBe(true)
+    })
+    test('removes stale credential headers before setting the retry credential', async () => {
       const transport = Transport.http()
-      const x402Challenge = Transport.http().getChallenges!(
+      const [x402Challenge] = await transport.getChallenges!(
         new Response(null, {
           status: 402,
           headers: {
             'PAYMENT-REQUIRED': x402_Header.encodePaymentRequired(x402PaymentRequired),
           },
         }),
-      )[0]
+      )
       const result = transport.setCredential(
         {
@@ -258,191 +301,195 @@ describe('http', () => {
   })
 })
-describe('mcp', () => {
-  const mcpRequest: Mcp.Request = {
-    method: 'tools/call',
-    params: {
-      name: 'test-tool',
+describe('http (MCP-over-HTTP)', () => {
+  // An MCP-over-HTTP call: a JSON-RPC POST whose response carries the -32042 challenge.
+  const jsonRpcRequest = {
+    method: 'POST',
+    headers: { accept: 'application/json, text/event-stream' },
+    body: JSON.stringify({
+      jsonrpc: '2.0',
+      id: 1,
+      method: 'tools/call',
+      params: { name: 'premium' },
+    }),
+  } satisfies RequestInit
+  const errorMessage = {
+    jsonrpc: '2.0',
+    id: 1,
+    error: {
+      code: Mcp.paymentRequiredCode,
+      message: 'Payment Required',
+      data: { challenges: [challenge] },
     },
   }
-  describe('isPaymentRequired', () => {
-    test('returns true for payment required error', () => {
-      const transport = Transport.mcp()
-      const response: Mcp.Response = {
-        jsonrpc: '2.0',
-        id: 1,
-        error: {
-          code: Mcp.paymentRequiredCode,
-          message: 'Payment Required',
-          data: {
-            httpStatus: 402,
-            challenges: [challenge],
-          },
-        },
-      }
-      expect(transport.isPaymentRequired(response)).toBe(true)
+  const jsonBody = () =>
+    new Response(JSON.stringify(errorMessage), { headers: { 'content-type': 'application/json' } })
+  const sseBody = () =>
+    new Response(`event: message\ndata: ${JSON.stringify(errorMessage)}\n\n`, {
+      headers: { 'content-type': 'text/event-stream' },
     })
-    test('returns false for success response', () => {
-      const transport = Transport.mcp()
-      const response: Mcp.Response = {
-        jsonrpc: '2.0',
-        id: 1,
-        result: { content: [] },
-      }
-      expect(transport.isPaymentRequired(response)).toBe(false)
+  test('detects -32042 in a JSON body (JSON-RPC request)', async () => {
+    expect(await Transport.http().isPaymentRequired(jsonBody(), jsonRpcRequest)).toBe(true)
+  })
+  test('ignores a JSON-RPC response for a different request id', async () => {
+    const response = new Response(JSON.stringify({ ...errorMessage, id: 2 }), {
+      headers: { 'content-type': 'application/json' },
     })
-    test('returns false for other error codes', () => {
-      const transport = Transport.mcp()
-      const response: Mcp.Response = {
-        jsonrpc: '2.0',
-        id: 1,
-        error: {
-          code: -32600,
-          message: 'Invalid Request',
-        },
-      }
-      expect(transport.isPaymentRequired(response)).toBe(false)
-    })
+    expect(await Transport.http().isPaymentRequired(response, jsonRpcRequest)).toBe(false)
   })
-  describe('getChallenge', () => {
-    test('default', () => {
-      const transport = Transport.mcp()
-      const response: Mcp.Response = {
-        jsonrpc: '2.0',
-        id: 1,
-        error: {
-          code: Mcp.paymentRequiredCode,
-          message: 'Payment Required',
-          data: {
-            httpStatus: 402,
-            challenges: [challenge],
-          },
+  test('detects -32042 in an SSE body', async () => {
+    expect(await Transport.http().isPaymentRequired(sseBody(), jsonRpcRequest)).toBe(true)
+  })
+  test('does not scan past the first SSE data event', async () => {
+    const notification = { jsonrpc: '2.0', method: 'notifications/progress', params: {} }
+    const response = new Response(
+      `event: message\ndata: ${JSON.stringify(notification)}\n\n` +
+        `event: message\ndata: ${JSON.stringify(errorMessage)}\n\n`,
+      { headers: { 'content-type': 'text/event-stream' } },
+    )
+    expect(await Transport.http().isPaymentRequired(response, jsonRpcRequest)).toBe(false)
+  })
+  test('detects -32042 in an open SSE stream without waiting for stream close', async () => {
+    const encoder = new TextEncoder()
+    let timeout: ReturnType<typeof setTimeout> | undefined
+    const openSse = new Response(
+      new ReadableStream({
+        start(controller) {
+          controller.enqueue(
+            encoder.encode(`event: message\ndata: ${JSON.stringify(errorMessage)}\n\n`),
+          )
         },
-      }
+      }),
+      { headers: { 'content-type': 'text/event-stream' } },
+    )
+    try {
+      const result = await Promise.race([
+        Transport.http().isPaymentRequired(openSse, jsonRpcRequest),
+        new Promise<'timeout'>((resolve) => {
+          timeout = setTimeout(() => resolve('timeout'), 100)
+        }),
+      ])
-      expect(transport.getChallenge(response)).toMatchObject({
-        expires: '2025-01-01T00:00:00.000Z',
-        id: expect.any(String),
-        intent: 'charge',
-        method: 'tempo',
-        realm: 'api.example.com',
-        request: {
-          amount: '1000',
-          currency: '0x20c0000000000000000000000000000000000001',
-          recipient: '0x742d35Cc6634C0532925a3b844Bc9e7595f8fE00',
-        },
-      })
+      expect(result).toBe(true)
+    } finally {
+      if (timeout) clearTimeout(timeout)
+    }
+  })
+  test('does not read the body for a non-JSON-RPC request', async () => {
+    expect(
+      await Transport.http().isPaymentRequired(sseBody(), { method: 'POST', body: 'plain' }),
+    ).toBe(false)
+  })
+  test('does not treat generic JSON-RPC as MCP-over-HTTP', async () => {
+    const request = {
+      method: 'POST',
+      headers: { accept: 'application/json' },
+      body: JSON.stringify({ jsonrpc: '2.0', id: 1, method: 'eth_call', params: [] }),
+    } satisfies RequestInit
+    expect(await Transport.http().isPaymentRequired(sseBody(), request)).toBe(false)
+  })
+  test('ignores a 200 success', async () => {
+    const ok = new Response(JSON.stringify({ jsonrpc: '2.0', id: 1, result: {} }), {
+      headers: { 'content-type': 'application/json' },
     })
-    test('throws for success response', () => {
-      const transport = Transport.mcp()
-      const response: Mcp.Response = {
-        jsonrpc: '2.0',
-        id: 1,
-        result: { content: [] },
-      }
-      expect(() => transport.getChallenge(response)).toThrow('Response is not an error')
+    expect(await Transport.http().isPaymentRequired(ok, jsonRpcRequest)).toBe(false)
+  })
+  test('getChallenges extracts the MCP challenge (via the mcp protocol)', async () => {
+    const challenges = await Transport.http().getChallenges!(sseBody(), jsonRpcRequest)
+    expect(challenges.map((entry) => entry.id)).toEqual([challenge.id])
+  })
+  test('setCredential routes the MCP challenge into the JSON-RPC _meta', async () => {
+    const transport = Transport.http()
+    const [mcpChallenge] = await transport.getChallenges!(sseBody(), jsonRpcRequest)
+    const result = transport.setCredential(jsonRpcRequest, Credential.serialize(credential), {
+      challenge: mcpChallenge,
+    }) as RequestInit
+    const parsed = JSON.parse(result.body as string)
+    expect(parsed.params['_meta'][Mcp.credentialMetaKey]).toMatchObject({
+      payload: { type: 'transaction' },
     })
-    test('throws when no challenges in error', () => {
-      const transport = Transport.mcp()
-      const response: Mcp.Response = {
-        jsonrpc: '2.0',
-        id: 1,
-        error: {
-          code: Mcp.paymentRequiredCode,
-          message: 'Payment Required',
-          data: {
-            httpStatus: 402,
-            challenges: [],
-          },
-        },
-      }
-      expect(() => transport.getChallenge(response)).toThrow('No challenge in error response')
+  })
+  test('detects -32042 in a JSON body containing a "data:" substring', async () => {
+    const body = JSON.stringify({
+      jsonrpc: '2.0',
+      id: 1,
+      error: {
+        code: Mcp.paymentRequiredCode,
+        message: 'Payment Required',
+        data: { challenges: [{ ...challenge, realm: 'data:text/plain,x' }] },
+      },
     })
+    const response = new Response(body, { headers: { 'content-type': 'application/json' } })
+    expect(await Transport.http().isPaymentRequired(response, jsonRpcRequest)).toBe(true)
   })
-  describe('getChallenges', () => {
-    test('returns all MCP challenges', () => {
-      const transport = Transport.mcp()
-      const response: Mcp.Response = {
+  test('ignores malformed payment challenge data', async () => {
+    const response = new Response(
+      JSON.stringify({
         jsonrpc: '2.0',
         id: 1,
         error: {
           code: Mcp.paymentRequiredCode,
           message: 'Payment Required',
-          data: {
-            httpStatus: 402,
-            challenges: [challenge, { ...challenge, id: 'alternate', method: 'stripe' }],
-          },
+          data: { challenges: [{ ...challenge, realm: undefined }] },
         },
-      }
+      }),
+      { headers: { 'content-type': 'application/json' } },
+    )
-      expect(transport.getChallenges?.(response).map((entry) => entry.id)).toEqual([
-        challenge.id,
-        'alternate',
-      ])
-    })
+    expect(await Transport.http().isPaymentRequired(response, jsonRpcRequest)).toBe(false)
   })
+  test('detects -32042 for any JSON-RPC method (no method allowlist)', async () => {
+    const request = {
+      method: 'POST',
+      headers: { accept: 'application/json, text/event-stream' },
+      body: JSON.stringify({ jsonrpc: '2.0', id: 1, method: 'custom/paidMethod', params: {} }),
+    } satisfies RequestInit
+    expect(await Transport.http().isPaymentRequired(sseBody(), request)).toBe(true)
+  })
+})
-  describe('setCredential', () => {
-    test('default', () => {
-      const transport = Transport.mcp()
-      const serialized = Credential.serialize(credential)
+describe('mcp', () => {
+  const mcpRequest: Mcp.Request = {
+    method: 'tools/call',
+    params: {
+      name: 'test-tool',
+    },
+  }
-      expect(transport.setCredential(mcpRequest, serialized)).toMatchObject({
-        method: 'tools/call',
-        params: {
-          _meta: {
-            'org.paymentauth/credential': {
-              challenge: {
-                expires: '2025-01-01T00:00:00.000Z',
-                id: expect.any(String),
-                intent: 'charge',
-                method: 'tempo',
-                realm: 'api.example.com',
-                request: {
-                  amount: '1000',
-                  currency: '0x20c0000000000000000000000000000000000001',
-                  recipient: '0x742d35Cc6634C0532925a3b844Bc9e7595f8fE00',
-                },
-              },
-              payload: {
-                signature: '0xabc123',
-                type: 'transaction',
-              },
-            },
-          },
-          name: 'test-tool',
-        },
-      })
-    })
+  const mcpResponse: Mcp.Response = {
+    jsonrpc: '2.0',
+    id: 1,
+    error: {
+      code: Mcp.paymentRequiredCode,
+      message: 'Payment Required',
+      data: {
+        httpStatus: 402,
+        challenges: [challenge],
+      },
+    },
+  }
-    test('preserves existing _meta', () => {
-      const transport = Transport.mcp()
-      const serialized = Credential.serialize(credential)
-      const requestWithMeta: Mcp.Request = {
-        ...mcpRequest,
-        params: {
-          ...mcpRequest.params,
-          _meta: {
-            existingKey: 'existingValue',
-          },
-        },
-      }
+  test('extracts payment-required challenges from JSON-RPC errors', async () => {
+    const transport = Transport.mcp()
+    expect(await transport.isPaymentRequired(mcpResponse)).toBe(true)
+    expect((await transport.getChallenges?.(mcpResponse))?.map((entry) => entry.id)).toEqual([
+      challenge.id,
+    ])
+  })
-      const result = transport.setCredential(requestWithMeta, serialized)
+  test('sets credentials in JSON-RPC _meta', () => {
+    const result = Transport.mcp().setCredential(mcpRequest, Credential.serialize(credential))
-      expect(result.params?._meta?.existingKey).toBe('existingValue')
+    expect(result.params?.['_meta']?.[Mcp.credentialMetaKey]).toMatchObject({
+      payload: {
+        type: 'transaction',
+      },
     })
   })
 })