npm - mppx - Versions diffs - 0.7.0 → 0.8.1 - Mend

mppx 0.7.0 → 0.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (290) hide show

package/CHANGELOG.md +41 -0
package/README.md +20 -11
package/dist/Challenge.d.ts.map +1 -1
package/dist/Challenge.js +18 -6
package/dist/Challenge.js.map +1 -1
package/dist/Mcp.d.ts +3 -0
package/dist/Mcp.d.ts.map +1 -1
package/dist/Mcp.js +2 -0
package/dist/Mcp.js.map +1 -1
package/dist/PaymentRequest.d.ts +10 -10
package/dist/PaymentRequest.js +8 -8
package/dist/cli/internal.d.ts +1 -0
package/dist/cli/internal.d.ts.map +1 -1
package/dist/cli/internal.js +1 -15
package/dist/cli/internal.js.map +1 -1
package/dist/client/Mppx.js +2 -2
package/dist/client/Mppx.js.map +1 -1
package/dist/client/Transport.d.ts +11 -16
package/dist/client/Transport.d.ts.map +1 -1
package/dist/client/Transport.js +55 -75
package/dist/client/Transport.js.map +1 -1
package/dist/client/index.d.ts +3 -0
package/dist/client/index.d.ts.map +1 -1
package/dist/client/index.js +1 -0
package/dist/client/index.js.map +1 -1
package/dist/client/internal/Fetch.d.ts.map +1 -1
package/dist/client/internal/Fetch.js +46 -7
package/dist/client/internal/Fetch.js.map +1 -1
package/dist/client/internal/protocols/Mcp.d.ts +7 -0
package/dist/client/internal/protocols/Mcp.d.ts.map +1 -0
package/dist/client/internal/protocols/Mcp.js +159 -0
package/dist/client/internal/protocols/Mcp.js.map +1 -0
package/dist/client/internal/protocols/Mpp.d.ts +4 -0
package/dist/client/internal/protocols/Mpp.d.ts.map +1 -0
package/dist/client/internal/protocols/Mpp.js +18 -0
package/dist/client/internal/protocols/Mpp.js.map +1 -0
package/dist/client/internal/protocols/Protocol.d.ts +10 -0
package/dist/client/internal/protocols/Protocol.d.ts.map +1 -0
package/dist/client/internal/protocols/Protocol.js +2 -0
package/dist/client/internal/protocols/Protocol.js.map +1 -0
package/dist/client/internal/protocols/Shared.d.ts +5 -0
package/dist/client/internal/protocols/Shared.d.ts.map +1 -0
package/dist/client/internal/protocols/Shared.js +20 -0
package/dist/client/internal/protocols/Shared.js.map +1 -0
package/dist/client/internal/protocols/X402.d.ts +8 -0
package/dist/client/internal/protocols/X402.d.ts.map +1 -0
package/dist/client/internal/protocols/X402.js +39 -0
package/dist/client/internal/protocols/X402.js.map +1 -0
package/dist/evm/client/index.d.ts +1 -0
package/dist/evm/client/index.d.ts.map +1 -1
package/dist/evm/client/index.js +1 -0
package/dist/evm/client/index.js.map +1 -1
package/dist/evm/index.d.ts +2 -0
package/dist/evm/index.d.ts.map +1 -1
package/dist/evm/index.js +2 -0
package/dist/evm/index.js.map +1 -1
package/dist/evm/server/index.d.ts +1 -0
package/dist/evm/server/index.d.ts.map +1 -1
package/dist/evm/server/index.js +1 -0
package/dist/evm/server/index.js.map +1 -1
package/dist/mcp/client/McpClient.d.ts +101 -0
package/dist/mcp/client/McpClient.d.ts.map +1 -0
package/dist/mcp/client/McpClient.js +162 -0
package/dist/mcp/client/McpClient.js.map +1 -0
package/dist/mcp/client/index.d.ts.map +1 -0
package/dist/mcp/client/index.js.map +1 -0
package/dist/mcp/server/Transport.d.ts.map +1 -0
package/dist/mcp/server/Transport.js.map +1 -0
package/dist/mcp/server/index.d.ts.map +1 -0
package/dist/mcp/server/index.js.map +1 -0
package/dist/server/Mppx.d.ts +1 -1
package/dist/server/Mppx.d.ts.map +1 -1
package/dist/server/Mppx.js +9 -0
package/dist/server/Mppx.js.map +1 -1
package/dist/server/Transport.d.ts +1 -1
package/dist/server/Transport.d.ts.map +1 -1
package/dist/server/Transport.js +1 -1
package/dist/server/Transport.js.map +1 -1
package/dist/stripe/server/internal/html.gen.d.ts +1 -1
package/dist/stripe/server/internal/html.gen.d.ts.map +1 -1
package/dist/stripe/server/internal/html.gen.js +1 -1
package/dist/stripe/server/internal/html.gen.js.map +1 -1
package/dist/tempo/Proof.d.ts +85 -1
package/dist/tempo/Proof.d.ts.map +1 -1
package/dist/tempo/Proof.js +35 -0
package/dist/tempo/Proof.js.map +1 -1
package/dist/tempo/client/Charge.d.ts +13 -1
package/dist/tempo/client/Charge.d.ts.map +1 -1
package/dist/tempo/client/Charge.js +38 -25
package/dist/tempo/client/Charge.js.map +1 -1
package/dist/tempo/client/Methods.d.ts +5 -3
package/dist/tempo/client/Methods.d.ts.map +1 -1
package/dist/tempo/client/Methods.js +4 -2
package/dist/tempo/client/Methods.js.map +1 -1
package/dist/tempo/client/ResolveAccount.d.ts +40 -0
package/dist/tempo/client/ResolveAccount.d.ts.map +1 -0
package/dist/tempo/client/ResolveAccount.js +2 -0
package/dist/tempo/client/ResolveAccount.js.map +1 -0
package/dist/tempo/internal/fee-payer.d.ts +26 -1
package/dist/tempo/internal/fee-payer.d.ts.map +1 -1
package/dist/tempo/internal/fee-payer.js +83 -30
package/dist/tempo/internal/fee-payer.js.map +1 -1
package/dist/tempo/internal/proof.d.ts +71 -5
package/dist/tempo/internal/proof.d.ts.map +1 -1
package/dist/tempo/internal/proof.js +42 -6
package/dist/tempo/internal/proof.js.map +1 -1
package/dist/tempo/legacy/client/SessionManager.d.ts.map +1 -1
package/dist/tempo/legacy/client/SessionManager.js +10 -3
package/dist/tempo/legacy/client/SessionManager.js.map +1 -1
package/dist/tempo/server/Charge.d.ts.map +1 -1
package/dist/tempo/server/Charge.js +46 -18
package/dist/tempo/server/Charge.js.map +1 -1
package/dist/tempo/server/Methods.d.ts +4 -2
package/dist/tempo/server/Methods.d.ts.map +1 -1
package/dist/tempo/server/Methods.js +4 -2
package/dist/tempo/server/Methods.js.map +1 -1
package/dist/tempo/server/Subscription.d.ts +10 -0
package/dist/tempo/server/Subscription.d.ts.map +1 -1
package/dist/tempo/server/Subscription.js +135 -23
package/dist/tempo/server/Subscription.js.map +1 -1
package/dist/tempo/server/internal/html.gen.d.ts +1 -1
package/dist/tempo/server/internal/html.gen.d.ts.map +1 -1
package/dist/tempo/server/internal/html.gen.js +1 -1
package/dist/tempo/server/internal/html.gen.js.map +1 -1
package/dist/tempo/session/client/ChannelOps.d.ts +2 -3
package/dist/tempo/session/client/ChannelOps.d.ts.map +1 -1
package/dist/tempo/session/client/ChannelOps.js +7 -10
package/dist/tempo/session/client/ChannelOps.js.map +1 -1
package/dist/tempo/session/client/ChannelStore.d.ts +51 -0
package/dist/tempo/session/client/ChannelStore.d.ts.map +1 -0
package/dist/tempo/session/client/ChannelStore.js +63 -0
package/dist/tempo/session/client/ChannelStore.js.map +1 -0
package/dist/tempo/session/client/CredentialState.d.ts +7 -24
package/dist/tempo/session/client/CredentialState.d.ts.map +1 -1
package/dist/tempo/session/client/CredentialState.js +51 -49
package/dist/tempo/session/client/CredentialState.js.map +1 -1
package/dist/tempo/session/client/Session.d.ts +8 -2
package/dist/tempo/session/client/Session.d.ts.map +1 -1
package/dist/tempo/session/client/Session.js +22 -8
package/dist/tempo/session/client/Session.js.map +1 -1
package/dist/tempo/session/client/SessionManager.d.ts +4 -40
package/dist/tempo/session/client/SessionManager.d.ts.map +1 -1
package/dist/tempo/session/client/SessionManager.js +124 -174
package/dist/tempo/session/client/SessionManager.js.map +1 -1
package/dist/tempo/session/client/index.d.ts +3 -4
package/dist/tempo/session/client/index.d.ts.map +1 -1
package/dist/tempo/session/client/index.js +1 -0
package/dist/tempo/session/client/index.js.map +1 -1
package/dist/tempo/session/precompile/Voucher.d.ts +3 -3
package/dist/tempo/session/precompile/Voucher.d.ts.map +1 -1
package/dist/tempo/session/precompile/Voucher.js +24 -25
package/dist/tempo/session/precompile/Voucher.js.map +1 -1
package/dist/tempo/session/server/CredentialVerification.d.ts +6 -0
package/dist/tempo/session/server/CredentialVerification.d.ts.map +1 -1
package/dist/tempo/session/server/CredentialVerification.js +13 -0
package/dist/tempo/session/server/CredentialVerification.js.map +1 -1
package/dist/tempo/session/server/Settlement.d.ts.map +1 -1
package/dist/tempo/session/server/Settlement.js +4 -2
package/dist/tempo/session/server/Settlement.js.map +1 -1
package/dist/tempo/session/server/Sse.d.ts.map +1 -1
package/dist/tempo/session/server/Sse.js.map +1 -1
package/dist/tempo/session/server/Ws.d.ts.map +1 -1
package/dist/tempo/session/server/Ws.js.map +1 -1
package/dist/tempo/subscription/KeyAuthorization.d.ts +712 -1
package/dist/tempo/subscription/KeyAuthorization.d.ts.map +1 -1
package/dist/tempo/subscription/Store.d.ts +2 -0
package/dist/tempo/subscription/Store.d.ts.map +1 -1
package/dist/tempo/subscription/Store.js +16 -1
package/dist/tempo/subscription/Store.js.map +1 -1
package/dist/x402/index.d.ts +1 -0
package/dist/x402/index.d.ts.map +1 -1
package/dist/x402/index.js +1 -0
package/dist/x402/index.js.map +1 -1
package/package.json +21 -10
package/src/Challenge.test.ts +40 -0
package/src/Challenge.ts +19 -6
package/src/Mcp.ts +4 -0
package/src/PaymentRequest.ts +10 -10
package/src/cli/cli.test.ts +15 -15
package/src/cli/config.test.ts +13 -7
package/src/cli/internal.ts +1 -16
package/src/client/Mppx.test-d.ts +21 -1
package/src/client/Mppx.test.ts +1 -1
package/src/client/Mppx.ts +2 -2
package/src/client/Transport.test.ts +225 -178
package/src/client/Transport.ts +77 -83
package/src/client/index.ts +14 -0
package/src/client/internal/Fetch.test.ts +207 -2
package/src/client/internal/Fetch.ts +52 -6
package/src/client/internal/protocols/Mcp.test.ts +220 -0
package/src/client/internal/protocols/Mcp.ts +162 -0
package/src/client/internal/protocols/Mpp.ts +21 -0
package/src/client/internal/protocols/Protocol.ts +10 -0
package/src/client/internal/protocols/Shared.ts +25 -0
package/src/client/internal/protocols/X402.ts +42 -0
package/src/discovery/OpenApi.test.ts +1 -1
package/src/evm/PublicInterface.test-d.ts +1 -1
package/src/evm/client/index.ts +1 -0
package/src/evm/index.ts +2 -0
package/src/evm/server/Charge.test.ts +1 -1
package/src/evm/server/index.ts +1 -0
package/src/{mcp-sdk → mcp}/client/McpClient.integration.test.ts +10 -4
package/src/{mcp-sdk → mcp}/client/McpClient.test-d.ts +45 -18
package/src/{mcp-sdk → mcp}/client/McpClient.test.ts +211 -5
package/src/mcp/client/McpClient.ts +307 -0
package/src/{mcp-sdk → mcp}/client/McpClient.unit.test.ts +9 -5
package/src/middlewares/elysia.test.ts +1 -1
package/src/middlewares/express.test.ts +1 -1
package/src/middlewares/hono.test.ts +1 -1
package/src/middlewares/internal/mppx.test.ts +1 -1
package/src/middlewares/nextjs.test.ts +1 -1
package/src/proxy/Proxy.test.ts +1 -1
package/src/proxy/services/anthropic.test.ts +1 -1
package/src/proxy/services/openai.test.ts +1 -1
package/src/proxy/services/stripe.test.ts +1 -1
package/src/server/Mppx.authorize.test.ts +1 -1
package/src/server/Mppx.test-d.ts +1 -1
package/src/server/Mppx.test.ts +20 -2
package/src/server/Mppx.ts +14 -1
package/src/server/Transport.test.ts +6 -6
package/src/server/Transport.ts +1 -1
package/src/stripe/Charge.integration.test.ts +1 -1
package/src/stripe/client/Charge.test.ts +1 -1
package/src/stripe/server/Charge.test.ts +1 -1
package/src/stripe/server/internal/html/package.json +1 -1
package/src/stripe/server/internal/html.gen.ts +1 -1
package/src/tempo/Proof.conformance.test.ts +146 -0
package/src/tempo/Proof.test-d.ts +15 -0
package/src/tempo/Proof.ts +52 -1
package/src/tempo/Subscription.integration.test.ts +1 -1
package/src/tempo/client/Charge.test.ts +173 -0
package/src/tempo/client/Charge.ts +65 -36
package/src/tempo/client/Methods.ts +4 -2
package/src/tempo/client/ResolveAccount.ts +46 -0
package/src/tempo/internal/fee-payer.test.ts +89 -10
package/src/tempo/internal/fee-payer.ts +128 -41
package/src/tempo/internal/proof.test.ts +12 -4
package/src/tempo/internal/proof.ts +55 -6
package/src/tempo/legacy/client/SessionManager.ts +11 -3
package/src/tempo/legacy/server/Session.test.ts +91 -26
package/src/tempo/server/Charge.test.ts +388 -17
package/src/tempo/server/Charge.ts +50 -24
package/src/tempo/server/Methods.ts +4 -2
package/src/tempo/server/Subscription.test.ts +465 -3
package/src/tempo/server/Subscription.ts +174 -19
package/src/tempo/server/internal/html/package.json +2 -2
package/src/tempo/server/internal/html.gen.ts +1 -1
package/src/tempo/session/client/ChannelOps.ts +5 -19
package/src/tempo/session/client/ChannelStore.ts +111 -0
package/src/tempo/session/client/CredentialState.test.ts +206 -62
package/src/tempo/session/client/CredentialState.ts +58 -73
package/src/tempo/session/client/Session.test.ts +41 -1
package/src/tempo/session/client/Session.ts +36 -10
package/src/tempo/session/client/SessionManager.test.ts +154 -65
package/src/tempo/session/client/SessionManager.ts +141 -235
package/src/tempo/session/client/index.ts +8 -5
package/src/tempo/session/precompile/Voucher.test.ts +45 -7
package/src/tempo/session/precompile/Voucher.ts +27 -25
package/src/tempo/session/server/CredentialVerification.test.ts +36 -0
package/src/tempo/session/server/CredentialVerification.ts +18 -0
package/src/tempo/session/server/Session.test.ts +4 -4
package/src/tempo/session/server/Settlement.test.ts +88 -1
package/src/tempo/session/server/Settlement.ts +2 -1
package/src/tempo/session/server/Sse.ts +0 -2
package/src/tempo/session/server/Ws.ts +0 -4
package/src/tempo/subscription/Store.ts +27 -9
package/src/x402/Exact.e2e.test.ts +1 -1
package/src/x402/PublicInterface.test-d.ts +1 -1
package/src/x402/index.ts +1 -0
package/dist/mcp-sdk/client/McpClient.d.ts +0 -85
package/dist/mcp-sdk/client/McpClient.d.ts.map +0 -1
package/dist/mcp-sdk/client/McpClient.js +0 -118
package/dist/mcp-sdk/client/McpClient.js.map +0 -1
package/dist/mcp-sdk/client/index.d.ts.map +0 -1
package/dist/mcp-sdk/client/index.js.map +0 -1
package/dist/mcp-sdk/server/Transport.d.ts.map +0 -1
package/dist/mcp-sdk/server/Transport.js.map +0 -1
package/dist/mcp-sdk/server/index.d.ts.map +0 -1
package/dist/mcp-sdk/server/index.js.map +0 -1
package/src/mcp-sdk/client/McpClient.ts +0 -228
/package/dist/{mcp-sdk → mcp}/client/index.d.ts +0 -0
/package/dist/{mcp-sdk → mcp}/client/index.js +0 -0
/package/dist/{mcp-sdk → mcp}/server/Transport.d.ts +0 -0
/package/dist/{mcp-sdk → mcp}/server/Transport.js +0 -0
/package/dist/{mcp-sdk → mcp}/server/index.d.ts +0 -0
/package/dist/{mcp-sdk → mcp}/server/index.js +0 -0
/package/src/{mcp-sdk → mcp}/client/index.ts +0 -0
/package/src/{mcp-sdk → mcp}/server/Transport.test.ts +0 -0
/package/src/{mcp-sdk → mcp}/server/Transport.ts +0 -0
/package/src/{mcp-sdk → mcp}/server/index.ts +0 -0

package/src/tempo/session/client/SessionManager.ts CHANGED Viewed

@@ -8,9 +8,9 @@ import type * as Account from '../../../viem/Account.js'
 import type * as Client from '../../../viem/Client.js'
 import { charge as chargePlugin } from '../../client/Charge.js'
 import type { ChannelEntry } from '../client/ChannelOps.js'
+import { createChannelStore, entryKey, type ChannelStore } from '../client/ChannelStore.js'
 import type { SessionContext } from '../client/CredentialState.js'
 import { session as sessionPlugin } from '../client/Session.js'
-import type { ChannelDescriptor } from '../precompile/Protocol.js'
 import { deserializeSessionReceipt } from '../precompile/Protocol.js'
 import { readSessionChallengeAmount, type SessionReceipt } from '../precompile/Protocol.js'
 import {
@@ -34,7 +34,6 @@ import {
 import { closeSocketSession } from './Runtime.js'
 import {
   closeHttpSession,
-  getSessionSnapshot,
   isTempoSessionChallenge,
   managementInput,
   postTopUp,
@@ -98,36 +97,6 @@ export type PaymentResponse = Response & {
   cumulative: bigint
 }
-/** Serializable client-side channel snapshot stored between manager instances. */
-export type StoredSessionChannel = {
-  /** Latest known channel ID. Used as the next request's channel hint. */
-  channelId: Hex.Hex
-  /** Latest local cumulative voucher authorization in raw token units. */
-  cumulativeAmount: string
-  /** Latest known deposit in raw token units. */
-  deposit: string
-  /** TIP-1034 channel descriptor, used as a fallback when the server cannot snapshot. */
-  descriptor: ChannelDescriptor
-  /** Escrow address used to derive the channel ID. */
-  escrow: Address
-  /** Chain ID used to derive the channel ID. */
-  chainId: number
-  /** Whether the channel was open when stored. Closed channels are not used as hints. */
-  opened: boolean
-  /** Client timestamp for debugging or app-level eviction. */
-  updatedAt: number
-}
-/** Optional per-manager store for channel hints and restart recovery. */
-export type SessionStore = {
-  /** Reads the latest stored channel snapshot for this manager scope. */
-  get(): Promise<StoredSessionChannel | null | undefined> | StoredSessionChannel | null | undefined
-  /** Persists the latest channel snapshot. */
-  set(channel: StoredSessionChannel): Promise<void> | void
-  /** Deletes the stored snapshot when a channel is closed, when supported. */
-  delete?(): Promise<void> | void
-}
 /** Normalized runtime dependencies derived from `sessionManager()` parameters. */
 type SessionManagerConfig = {
   /** Decimal precision used when parsing human-readable manager amounts. */
@@ -156,65 +125,16 @@ function isZeroAmountChargeChallenge(challenge: Challenge.Challenge) {
   }
 }
-function storedChannelFromEntry(entry: ChannelEntry): StoredSessionChannel {
-  return {
-    channelId: entry.channelId,
-    cumulativeAmount: entry.cumulativeAmount.toString(),
-    deposit: entry.deposit.toString(),
-    descriptor: entry.descriptor,
-    escrow: entry.escrow,
-    chainId: entry.chainId,
-    opened: entry.opened,
-    updatedAt: Date.now(),
-  }
-}
-function storedChannelContext(channel: StoredSessionChannel): SessionContext {
-  return {
-    channelId: channel.channelId,
-    cumulativeAmountRaw: channel.cumulativeAmount,
-    descriptor: channel.descriptor,
-  }
-}
-function storedChannelFromSnapshot(
-  snapshot: ReturnType<typeof deserializeSessionSnapshot>,
-): StoredSessionChannel {
+/** Builds a reusable channel entry from a server session snapshot header. */
+function entryFromSnapshot(snapshot: ReturnType<typeof deserializeSessionSnapshot>): ChannelEntry {
   return {
     channelId: snapshot.channelId,
-    cumulativeAmount: snapshot.acceptedCumulative,
-    deposit: snapshot.deposit,
+    cumulativeAmount: BigInt(snapshot.acceptedCumulative),
+    deposit: BigInt(snapshot.deposit),
     descriptor: snapshot.descriptor,
     escrow: snapshot.escrow,
     chainId: snapshot.chainId,
     opened: true,
-    updatedAt: Date.now(),
-  }
-}
-type CredentialContextResolution = {
-  context: SessionContext
-  usedStoredChannel: boolean
-}
-function resolveCredentialContext(parameters: {
-  channel: ChannelEntry | null
-  challenge: TempoSessionChallenge
-  context: SessionContext
-  storedChannel: StoredSessionChannel | null
-}): CredentialContextResolution {
-  const { channel, challenge, context, storedChannel } = parameters
-  if (
-    context.action ||
-    channel?.opened ||
-    !storedChannel?.opened ||
-    getSessionSnapshot(challenge)
-  ) {
-    return { context, usedStoredChannel: false }
-  }
-  return {
-    context: { ...context, ...storedChannelContext(storedChannel) },
-    usedStoredChannel: true,
   }
 }
@@ -267,40 +187,71 @@ function resolveSessionManagerConfig(parameters: sessionManager.Parameters): Ses
  * channel state management and credential creation, and to `Fetch.from`
  * for the 402 challenge/retry flow.
  *
- * ## Session resumption
- *
- * The manager only keeps active client transport state in memory. Channel
- * descriptors and cumulative voucher state are hydrated from server snapshots
- * when challenges include them; otherwise the next request opens a fresh
- * TIP-1034 channel. `maxDeposit` remains the local cap for all automatic
- * voucher and top-up decisions.
+ * `channelStore` can persist reusable channels between manager instances.
  */
 export function sessionManager(parameters: sessionManager.Parameters): SessionManager {
   const config = resolveSessionManagerConfig(parameters)
-  const sessionStore = parameters.sessionStore
-  let storedChannel: StoredSessionChannel | null = null
-  let bootstrapChannelId: Hex.Hex | null = null
-  const ignoredStoredChannelIds = new Set<Hex.Hex>()
   const runtime = createSessionManagerRuntime()
   const receipts = createSessionReceiptCoordinator({
     getSocketSession: () => runtime.socketSession,
   })
+  const backing = parameters.channelStore ?? createChannelStore()
+  const ignoredChannelIds = new Set<Hex.Hex>()
+  // Tracks one fetch's channel reuse so stale stored entries can be evicted once.
+  type ChannelUse = {
+    seenExisting: Set<string>
+    createdKeys: Set<string>
+    resumed: ChannelEntry | undefined
+  }
+  let channelUse: ChannelUse | undefined
+  /** Returns the backing entry for `key` only when it is open and not ignored. */
+  async function getReusable(key: string): Promise<ChannelEntry | undefined> {
+    const entry = await backing.get(key)
+    if (entry?.opened && !ignoredChannelIds.has(entry.channelId)) return entry
+    return undefined
+  }
+  const store: ChannelStore = {
+    async get(key) {
+      const entry = await getReusable(key)
+      if (entry && channelUse) {
+        channelUse.seenExisting.add(key)
+        if (!channelUse.createdKeys.has(key)) channelUse.resumed ??= entry
+      }
+      return entry
+    },
+    async set(entry) {
+      const key = entryKey(entry)
+      if (entry.opened) ignoredChannelIds.delete(entry.channelId)
+      if (channelUse && !channelUse.seenExisting.has(key)) channelUse.createdKeys.add(key)
+      await backing.set(entry)
+    },
+    delete: (key) => backing.delete(key),
+  }
+  /** Removes a failed channel from candidacy for the rest of this manager's life. */
+  async function ignoreChannel(entry: ChannelEntry) {
+    ignoredChannelIds.add(entry.channelId)
+    await Promise.resolve(backing.delete(entryKey(entry))).catch(() => undefined)
+  }
   function dispatch(event: Parameters<typeof dispatchSessionEvent>[1]) {
     return dispatchSessionEvent(runtime, event)
   }
   const method = sessionPlugin({
     account: parameters.account,
-    authorizedSigner: parameters.authorizedSigner,
     getClient: parameters.client ? () => parameters.client! : parameters.getClient,
     escrow: parameters.escrow,
     decimals: config.decimals,
     maxDeposit: parameters.maxDeposit,
+    channelStore: store,
     onChannelUpdate(entry) {
       if (entry.channelId !== runtime.channel?.channelId) runtime.spent = 0n
       runtime.channel = entry
-      persistStoredChannel(entry)
       if (runtime.lastChallenge) {
         dispatch({
           type: 'activated',
@@ -335,28 +286,12 @@ export function sessionManager(parameters: sessionManager.Parameters): SessionMa
           requiredCumulative,
         })
       }
-      const resolved = resolveCredentialContext({
-        challenge,
-        channel: runtime.channel,
-        context: {},
-        storedChannel,
-      })
-      if (resolved.usedStoredChannel) return _helpers.createCredential(resolved.context)
       return undefined
     },
   })
   function createSessionCredential(challenge: TempoSessionChallenge, context: SessionContext) {
-    const resolved = resolveCredentialContext({
-      challenge,
-      channel: runtime.channel,
-      context,
-      storedChannel,
-    })
-    return method.createCredential({
-      challenge,
-      context: resolved.context,
-    })
+    return method.createCredential({ challenge, context })
   }
   function updateSpentFromReceipt(receipt: SessionReceipt | null | undefined) {
@@ -386,50 +321,21 @@ export function sessionManager(parameters: sessionManager.Parameters): SessionMa
     })
   }
-  async function getStoredChannel() {
-    if (!sessionStore) return null
-    if (storedChannel) return storedChannel
-    const channel = await sessionStore.get()
-    storedChannel =
-      channel?.opened && !ignoredStoredChannelIds.has(channel.channelId) ? channel : null
-    return storedChannel
-  }
-  async function clearStoredChannel() {
-    if (!sessionStore) {
-      storedChannel = null
-      bootstrapChannelId = null
-      return
-    }
-    const channel = storedChannel
-    if (channel) ignoredStoredChannelIds.add(channel.channelId)
-    storedChannel = null
-    bootstrapChannelId = null
-    if (sessionStore.delete) {
-      await Promise.resolve(sessionStore.delete()).catch(() => undefined)
-      return
-    }
-    if (channel) {
-      await Promise.resolve(
-        sessionStore.set({ ...channel, opened: false, updatedAt: Date.now() }),
-      ).catch(() => undefined)
-    }
-  }
-  async function storeSnapshotHeader(response: Response) {
+  /** Persists a server snapshot into the channel store and returns the entry. */
+  async function storeSnapshotHeader(response: Response): Promise<ChannelEntry | undefined> {
     const header = response.headers.get(Constants.Headers.paymentSessionSnapshot)
-    if (!header) return
-    const snapshot = deserializeSessionSnapshot(header)
-    bootstrapChannelId = snapshot.channelId
-    const channel = storedChannelFromSnapshot(snapshot)
-    storedChannel = channel
-    if (sessionStore) await Promise.resolve(sessionStore.set(channel)).catch(() => undefined)
+    if (!header) return undefined
+    const entry = entryFromSnapshot(deserializeSessionSnapshot(header))
+    await Promise.resolve(store.set(entry)).catch(() => undefined)
+    return entry
   }
-  async function bootstrapSession(input: RequestInfo | URL, init?: RequestInit | undefined) {
-    if (!parameters.bootstrap) return
-    if (runtime.channel?.opened) return
-    if (await getStoredChannel()) return
+  async function bootstrapSession(
+    input: RequestInfo | URL,
+    init?: RequestInit | undefined,
+  ): Promise<ChannelEntry | undefined> {
+    if (!parameters.bootstrap) return undefined
+    if (runtime.channel?.opened) return undefined
     const requestHeaders = input instanceof Request ? input.headers : undefined
     const { body: _body, method: _method, ...bootstrapInit } = init ?? {}
@@ -446,13 +352,10 @@ export function sessionManager(parameters: sessionManager.Parameters): SessionMa
     try {
       const challengeResponse = await config.fetch(bootstrapInput, headInit)
-      if (challengeResponse.status !== 402) {
-        await storeSnapshotHeader(challengeResponse)
-        return
-      }
+      if (challengeResponse.status !== 402) return await storeSnapshotHeader(challengeResponse)
       const challenge = Challenge.fromResponseList(challengeResponse).find(isTempoChargeChallenge)
-      if (!challenge) return
-      if (!isZeroAmountChargeChallenge(challenge)) return
+      if (!challenge) return undefined
+      if (!isZeroAmountChargeChallenge(challenge)) return undefined
       const credential = await chargeMethod.createCredential({
         challenge: challenge as never,
         context: {},
@@ -464,22 +367,13 @@ export function sessionManager(parameters: sessionManager.Parameters): SessionMa
           [Constants.Headers.authorization]: credential,
         },
       })
-      if (response.ok) await storeSnapshotHeader(response)
+      if (response.ok) return await storeSnapshotHeader(response)
+      return undefined
     } catch {
-      return
+      return undefined
     }
   }
-  function persistStoredChannel(entry: ChannelEntry) {
-    if (!sessionStore) return
-    const channel = storedChannelFromEntry(entry)
-    ignoredStoredChannelIds.delete(channel.channelId)
-    const operation =
-      entry.opened || !sessionStore.delete ? sessionStore.set(channel) : sessionStore.delete()
-    void Promise.resolve(operation).catch(() => undefined)
-    storedChannel = entry.opened ? channel : null
-  }
   function getFallbackCloseAmount(challenge: TempoSessionChallenge, channelId: Hex.Hex): bigint {
     const currentSocket = runtime.socketSession
     return computeFallbackCloseAmount({
@@ -597,68 +491,83 @@ export function sessionManager(parameters: sessionManager.Parameters): SessionMa
   }
   async function doFetch(input: RequestInfo | URL, init?: RequestInit): Promise<PaymentResponse> {
+    // The manager drives one shared `runtime` state machine, so requests are
+    // single-flight. Reject overlap loudly instead of letting concurrent calls
+    // corrupt each other's runtime and channel tracking.
+    if (channelUse)
+      throw new Error(
+        'SessionManager: a request is already in flight; concurrent requests on one manager are not supported',
+      )
+    const use: ChannelUse = { seenExisting: new Set(), createdKeys: new Set(), resumed: undefined }
+    channelUse = use
     runtime.lastUrl = input
-    const stored = await getStoredChannel()
-    await bootstrapSession(input, init)
-    const hintedInit = requestInitWithSessionHint(
-      input,
-      init,
-      (await getStoredChannel())?.channelId ?? bootstrapChannelId ?? stored?.channelId,
-    )
     const previous = captureRuntimeStateSnapshot({
       channel: runtime.channel,
       spent: runtime.spent,
       state: runtime.state,
     })
-    let effectiveInit = hintedInit
-    let canRetryWithoutStoredHint = Boolean(stored?.opened && !previous.channel?.opened)
-    for (;;) {
-      let response: Response
-      try {
-        response = await wrappedFetch(input, effectiveInit)
-      } catch (error) {
-        restoreRuntime(previous)
-        if (!canRetryWithoutStoredHint) throw error
-        canRetryWithoutStoredHint = false
-        await clearStoredChannel()
-        await bootstrapSession(input, init)
-        effectiveInit = requestInitWithSessionHint(input, init, bootstrapChannelId ?? undefined)
-        continue
+    // Cold starts resume from `channelStore` after the 402 reveals the scope.
+    const liveHint = runtime.channel?.opened ? runtime.channel.channelId : undefined
+    try {
+      await bootstrapSession(input, init)
+      let effectiveInit = requestInitWithSessionHint(input, init, liveHint)
+      // Stored channels may be stale, so retry once after evicting the resumed entry.
+      let canRetryResumed = !previous.channel?.opened
+      async function retryWithoutResumed(): Promise<boolean> {
+        const resumed = use.resumed
+        if (!canRetryResumed || !resumed) return false
+        canRetryResumed = false
+        await ignoreChannel(resumed)
+        effectiveInit = requestInitWithSessionHint(input, init, undefined)
+        return true
       }
-      let paymentResponse = toPaymentResponse(response)
-      let attemptedHttpManagement = false
-      if (paymentResponse.status === 402) {
-        const retry = await retryHttpPaymentRequired({
-          input,
-          init: effectiveInit,
-          response: paymentResponse,
-          createSessionCredential,
-          fetch: config.fetch,
-          getChannel: () => runtime.channel,
-          restoreCumulative,
-          setChallenge(challenge) {
-            runtime.lastChallenge = challenge
-          },
-          topUpIfNeeded,
-        })
-        if (retry) {
-          attemptedHttpManagement = true
-          paymentResponse = toPaymentResponse(retry)
+      for (;;) {
+        let response: Response
+        try {
+          response = await wrappedFetch(input, effectiveInit)
+        } catch (error) {
+          restoreRuntime(previous)
+          if (await retryWithoutResumed()) continue
+          throw error
         }
+        let paymentResponse = toPaymentResponse(response)
+        let attemptedHttpManagement = false
+        if (paymentResponse.status === 402) {
+          const retry = await retryHttpPaymentRequired({
+            input,
+            init: effectiveInit,
+            response: paymentResponse,
+            createSessionCredential,
+            fetch: config.fetch,
+            getChannel: () => runtime.channel,
+            restoreCumulative,
+            setChallenge(challenge) {
+              runtime.lastChallenge = challenge
+            },
+            topUpIfNeeded,
+          })
+          if (retry) {
+            attemptedHttpManagement = true
+            paymentResponse = toPaymentResponse(retry)
+          }
+        }
+        if (!attemptedHttpManagement && !paymentResponse.ok && !paymentResponse.receipt) {
+          restoreRuntime(previous)
+          if (await retryWithoutResumed()) continue
+          return paymentResponse
+        }
+        return paymentResponse
       }
-      if (!attemptedHttpManagement && !paymentResponse.ok && !paymentResponse.receipt) {
-        restoreRuntime(previous)
-        if (!canRetryWithoutStoredHint) return paymentResponse
-        canRetryWithoutStoredHint = false
-        await clearStoredChannel()
-        await bootstrapSession(input, init)
-        effectiveInit = requestInitWithSessionHint(input, init, bootstrapChannelId ?? undefined)
-        continue
-      }
-      return paymentResponse
+    } finally {
+      channelUse = undefined
     }
   }
@@ -741,7 +650,10 @@ export function sessionManager(parameters: sessionManager.Parameters): SessionMa
         )
       }
       const probeUrl = webSocketProbeUrl(input)
-      await bootstrapSession(probeUrl, init?.signal ? { signal: init.signal } : undefined)
+      const signalInit = init?.signal ? { signal: init.signal } : undefined
+      await bootstrapSession(probeUrl, signalInit)
+      // Cold starts resume from `channelStore` after the probe's 402.
+      const liveHint = runtime.channel?.opened ? runtime.channel.channelId : undefined
       const prepared = await prepareWebSocketSession({
         createSessionCredential,
@@ -750,11 +662,7 @@ export function sessionManager(parameters: sessionManager.Parameters): SessionMa
         onProbeUrl(httpUrl) {
           runtime.lastUrl = httpUrl.toString()
         },
-        probeInit: requestInitWithSessionHint(
-          probeUrl,
-          init?.signal ? { signal: init.signal } : undefined,
-          (await getStoredChannel())?.channelId ?? bootstrapChannelId ?? undefined,
-        ),
+        probeInit: requestInitWithSessionHint(probeUrl, signalInit, liveHint),
         signal: init?.signal,
       })
       const { challenge, credential, httpUrl, wsUrl } = prepared
@@ -823,8 +731,6 @@ export namespace sessionManager {
   export type Parameters = Account.getResolver.Parameters &
     Client.getResolver.Parameters & {
-      /** Address authorized to sign vouchers. Defaults to the account access key address when available, otherwise the account address. */
-      authorizedSigner?: Address | undefined
       /** Enables same-route HEAD bootstrap from a server session snapshot before opening a new channel. */
       bootstrap?: boolean | undefined
       /** Viem client instance. Shorthand for `getClient: () => client`. */
@@ -837,8 +743,8 @@ export namespace sessionManager {
       fetch?: typeof globalThis.fetch | undefined
       /** Maximum deposit in human-readable units (e.g. `'10'` for 10 tokens). Converted to raw units via `decimals`. */
       maxDeposit?: string | undefined
-      /** Optional per-manager store for persisted channel hints and restart recovery. */
-      sessionStore?: SessionStore | undefined
+      /** Store for reusable session channels. Defaults to in-memory. */
+      channelStore?: ChannelStore | undefined
       /** Optional websocket constructor for runtimes without a global WebSocket. */
       webSocket?: WebSocketConstructor | undefined
     }

package/src/tempo/session/client/index.ts CHANGED Viewed

@@ -2,18 +2,20 @@ export { session } from './Session.js'
 export { sessionManager } from './SessionManager.js'
 export * as Machine from './Runtime.js'
 export { deserializeSnapshot, serializeSnapshot } from '../Snapshot.js'
-/** Public client session manager types. */
+export {
+  createChannelStore,
+  createJsonChannelStore,
+  entryKey,
+  type ChannelStore,
+  type JsonChannelKv,
+} from './ChannelStore.js'
 export type {
   PaymentResponse,
-  SessionStore,
   SessionManager,
   SessionManagerSseOptions,
   SessionManagerWebSocketOptions,
-  StoredSessionChannel,
 } from './SessionManager.js'
-/** Public managed WebSocket facade returned by `sessionManager().ws()`. */
 export type { SessionManagedWebSocket } from './Transports.js'
-/** Public pure state-machine types. */
 export type {
   ActiveSessionState,
   ChallengedSessionState,
@@ -35,3 +37,4 @@ export type {
   WithdrawableSessionState,
 } from './Runtime.js'
 export type { SessionSnapshot } from '../Snapshot.js'
+export type { ResolveAccount, ResolveAccountInfo } from '../../client/ResolveAccount.js'

package/src/tempo/session/precompile/Voucher.test.ts CHANGED Viewed

@@ -271,7 +271,7 @@ describe('Precompile Voucher', () => {
     ).toBe(false)
   })
-  test('sign rejects p256 keychain access-key voucher delegation explicitly', async () => {
+  test('signs and verifies p256 access-key vouchers as primitives', async () => {
     const rootAccount = TempoAccount.fromSecp256k1(Secp256k1.randomPrivateKey())
     const accessKey = TempoAccount.fromP256(P256.randomPrivateKey(), {
       access: rootAccount,
@@ -281,16 +281,54 @@ describe('Precompile Voucher', () => {
       transport: http('http://127.0.0.1'),
     })
-    await expect(
-      signVoucher(
-        accessKeyClient,
-        accessKey,
-        { channelId, cumulativeAmount },
+    const signature = await signVoucher(
+      accessKeyClient,
+      accessKey,
+      { channelId, cumulativeAmount },
+      escrowContract,
+      chainId,
+    )
+    const envelope = SignatureEnvelope.from(signature as SignatureEnvelope.Serialized)
+    expect(envelope.type).toBe('p256')
+    expect(
+      verifyVoucher(
         escrowContract,
         chainId,
+        { channelId, cumulativeAmount, signature },
         accessKey.accessKeyAddress,
       ),
-    ).rejects.toThrow('TIP-1034 voucher signing only supports secp256k1 voucher signatures.')
+    ).toBe(true)
+  })
+  test('signs and verifies webAuthn root vouchers as primitives', async () => {
+    const webAuthnAccount = TempoAccount.fromHeadlessWebAuthn(P256.randomPrivateKey(), {
+      origin: 'https://example.com',
+      rpId: 'example.com',
+    })
+    const webAuthnClient = createClient({
+      account: webAuthnAccount,
+      transport: http('http://127.0.0.1'),
+    })
+    const signature = await signVoucher(
+      webAuthnClient,
+      webAuthnAccount,
+      { channelId, cumulativeAmount },
+      escrowContract,
+      chainId,
+    )
+    const envelope = SignatureEnvelope.from(signature as SignatureEnvelope.Serialized)
+    expect(envelope.type).toBe('webAuthn')
+    expect(
+      verifyVoucher(
+        escrowContract,
+        chainId,
+        { channelId, cumulativeAmount, signature },
+        webAuthnAccount.address,
+      ),
+    ).toBe(true)
   })
   test('domain and type match TIP-1034', () => {