nsekit 0.3.2 → 0.3.3

package/dist/index.js

@@ -19407,6 +19407,14 @@ class InstrumentMaster {
     const key = this.makeKey(exchange, tradingSymbol);
     return this.instruments.get(key);
   }
+  getIndices() {
+    const indices = [];
+    for (const inst of this.instruments.values()) {
+      if (inst.instrumentType === "IDX")
+        indices.push(inst);
+    }
+    return indices;
+  }
   getByToken(brokerToken, brokerId) {
     const tokenKey = `${brokerId}:${brokerToken}`;
     const entry = this.tokenIndex.get(tokenKey);
@@ -19596,6 +19604,11 @@ class InstrumentMaster {
         securityId: entry.brokerToken,
         sid: entry.brokerSymbol
       };
+    } else if (brokerId === "fivepaisa") {
+      instrument.brokerTokens.fivepaisa = {
+        scripCode: entry.brokerToken,
+        exchangeType: entry.raw?.["ExchType"] ?? "C"
+      };
     }
     if (entry.expiry && !instrument.expiry)
       instrument.expiry = entry.expiry;
@@ -19627,7 +19640,9 @@ class InstrumentMaster {
         delete instrument.brokerTokens.finvasia;
       else if (brokerId === "dhan")
         delete instrument.brokerTokens.dhan;
-      const hasAnyBroker = instrument.brokerTokens.zerodha !== undefined || instrument.brokerTokens.finvasia !== undefined || instrument.brokerTokens.dhan !== undefined;
+      else if (brokerId === "fivepaisa")
+        delete instrument.brokerTokens.fivepaisa;
+      const hasAnyBroker = instrument.brokerTokens.zerodha !== undefined || instrument.brokerTokens.finvasia !== undefined || instrument.brokerTokens.dhan !== undefined || instrument.brokerTokens.fivepaisa !== undefined;
       if (!hasAnyBroker) {
         this.instruments.delete(key);
       }
@@ -20593,8 +20608,9 @@ class ZerodhaInstruments {
     const lotSizeRaw = fields["lot_size"] ?? fields[COL.LOT_SIZE] ?? "1";
     const tickSizeRaw = fields["tick_size"] ?? fields[COL.TICK_SIZE] ?? "0.05";
     const instTypeRaw = fields["instrument_type"] ?? fields[COL.INSTRUMENT_TYPE] ?? "EQ";
+    const segmentRaw = fields["segment"] ?? fields[COL.SEGMENT] ?? "";
     const exchange = EXCHANGE_MAP[exchangeRaw] ?? "NSE";
-    const instrumentType = mapInstrumentType(instTypeRaw);
+    const instrumentType = segmentRaw.toUpperCase() === "INDICES" ? "IDX" : mapInstrumentType(instTypeRaw);
     return {
       tradingSymbol,
       exchange,
@@ -20655,6 +20671,9 @@ class ZerodhaBroker {
       return null;
     return new Date(this.session.expiresAt);
   }
+  getSession() {
+    return this.session;
+  }
   async sync(force) {
     return this._iMaster.syncBroker(this.id, this.instruments, force);
   }
@@ -20840,6 +20859,25 @@ class ZerodhaBroker {
       return Err(err instanceof Error ? err : new Error(String(err)));
     }
   }
+  toBrokerToken(instrument, format = "ws") {
+    if (format === "rest") {
+      const kiteExch = EXCHANGE_TO_KITE[instrument.exchange] ?? instrument.exchange;
+      return `${kiteExch}:${instrument.tradingSymbol}`;
+    }
+    const it = instrument.brokerTokens.zerodha?.instrument_token;
+    if (it == null)
+      return null;
+    return String(it);
+  }
+  getIndexTokens(format = "ws") {
+    const result = new Map;
+    for (const inst of this._iMaster.getIndices()) {
+      const token = this.toBrokerToken(inst, format);
+      if (token)
+        result.set(inst.underlying.toUpperCase(), token);
+    }
+    return result;
+  }
   subscribeTicks(tokens, cb) {
     this.ensureSocket();
     return this.socket.subscribe(tokens, cb);
@@ -21012,8 +21050,9 @@ var VALIDITY_FROM_SHOONYA = {
   DAY: "DAY",
   IOC: "IOC"
 };
-var SHOONYA_API_BASE = "https://api.shoonya.com/NorenWClientTP";
+var SHOONYA_API_BASE = "https://api.shoonya.com/NorenWClientAPI";
 var SHOONYA_WS_URL = "wss://api.shoonya.com/NorenWSTP/";
+var SHOONYA_WS_OAUTH_URL = "wss://api.shoonya.com/NorenWSAPI/";
 var SHOONYA_INSTRUMENTS_BASE = "https://api.shoonya.com/";
 var SHOONYA_INSTRUMENT_FILES = {
   NSE: "NSE_symbols.txt.zip",
@@ -21033,6 +21072,7 @@ var CANDLE_INTERVAL_TO_SHOONYA = {
 
 // src/brokers/finvasia/finvasia-auth.ts
 import crypto2 from "crypto";
+var SHOONYA_OAUTH_BASE = "https://trade.shoonya.com/OAuthlogin/authorize/oauth";
 function generateTOTP(secret) {
   const base32Chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567";
   const decoded = [];
@@ -21057,7 +21097,7 @@ function generateTOTP(secret) {
   return String(code % 1e6).padStart(6, "0");
 }
 async function authenticate2(creds) {
-  const { userId, password, totpSecret, apiKey } = creds;
+  const { userId, password, totpSecret, apiKey, vendorCode } = creds;
   if (!userId)
     return Err(new Error("Missing userId in credentials"));
   if (!password)
@@ -21069,28 +21109,42 @@ async function authenticate2(creds) {
   try {
     const totp = generateTOTP(totpSecret);
     const passwordHash = crypto2.createHash("sha256").update(password).digest("hex");
-    const appKey = crypto2.createHash("sha256").update(`${userId}|${apiKey}`).digest("hex");
+    const vc = vendorCode || "NOREN_API";
+    const appKey = crypto2.createHash("sha256").update(`${userId}|S3cur3!d`).digest("hex");
     const jData = JSON.stringify({
       source: "API",
-      apkversion: "1.0.0",
+      apkversion: "1",
       uid: userId,
       pwd: passwordHash,
       factor2: totp,
-      vc: creds.vendorCode ?? apiKey,
+      vc,
       appkey: appKey,
       imei: "nsekit"
     });
-    const response = await fetch(`${SHOONYA_API_BASE}/QuickAuth`, {
-      method: "POST",
-      headers: { "Content-Type": "application/x-www-form-urlencoded" },
-      body: `jData=${jData}`
-    });
-    const text = await response.text();
-    let json;
-    try {
-      json = JSON.parse(text);
-    } catch {
-      return Err(new Error(`Shoonya auth: invalid response (${response.status}): ${text.slice(0, 200)}`));
+    const AUTH_HOSTS = [
+      SHOONYA_API_BASE,
+      "https://trade.shoonya.com/NorenWClientAPI"
+    ];
+    let text = "";
+    let json = null;
+    for (const host of AUTH_HOSTS) {
+      const response = await fetch(`${host}/QuickAuth`, {
+        method: "POST",
+        headers: { "Content-Type": "application/x-www-form-urlencoded" },
+        body: `jData=${jData}`
+      });
+      text = await response.text();
+      try {
+        json = JSON.parse(text);
+        break;
+      } catch {
+        if (response.status >= 500)
+          continue;
+        return Err(new Error(`Shoonya auth: invalid response (${response.status}): ${text.slice(0, 200)}`));
+      }
+    }
+    if (!json) {
+      return Err(new Error(`Shoonya auth: all hosts returned errors. Last: ${text.slice(0, 200)}`));
     }
     if (json.stat !== "Ok" || !json.susertoken) {
       return Err(new Error(`Shoonya login failed: ${json.emsg ?? "Unknown error"}`));
@@ -21112,6 +21166,87 @@ async function authenticate2(creds) {
 async function refreshSession2(_session) {
   return Err(new Error("Finvasia/Shoonya does not support session refresh. Re-authenticate with TOTP."));
 }
+function getOAuthURL(clientId) {
+  return `${SHOONYA_OAUTH_BASE}?client_id=${encodeURIComponent(clientId)}`;
+}
+async function exchangeAuthCode(authCode, secretCode, clientId, uid) {
+  if (!authCode)
+    return Err(new Error("Missing authCode"));
+  if (!secretCode)
+    return Err(new Error("Missing secretCode"));
+  if (!clientId)
+    return Err(new Error("Missing clientId"));
+  if (!uid)
+    return Err(new Error("Missing uid"));
+  try {
+    const checksum = crypto2.createHash("sha256").update(clientId + secretCode + authCode).digest("hex");
+    const jData = JSON.stringify({
+      code: authCode,
+      checksum,
+      uid
+    });
+    const response = await fetch(`${SHOONYA_API_BASE}/GenAcsTok`, {
+      method: "POST",
+      headers: { "Content-Type": "application/x-www-form-urlencoded" },
+      body: `jData=${jData}`
+    });
+    const text = await response.text();
+    let json;
+    try {
+      json = JSON.parse(text);
+    } catch {
+      return Err(new Error(`Shoonya GenAcsTok: invalid response (${response.status}): ${text.slice(0, 200)}`));
+    }
+    if (json.stat !== "Ok" || !json.access_token) {
+      const rawEmsg = String(json.emsg ?? "");
+      const lower = rawEmsg.toLowerCase();
+      let friendly;
+      if (/(:\s*5\b|no data|invalid code|code expired|invalid authcode)/i.test(rawEmsg)) {
+        friendly = "Invalid or expired auth code. Auth codes are single-use and expire within a few minutes \u2014 please log in to Shoonya again and copy a fresh code.";
+      } else if (lower.includes("checksum") || lower.includes("invalid signature")) {
+        friendly = "Invalid checksum. Verify that Client ID and Secret Code are correct in the broker settings.";
+      } else if (lower.includes("invalid uid") || lower.includes("invalid user")) {
+        friendly = "Invalid User ID. Check the User ID in the broker settings.";
+      } else if (lower.includes("client_id") || lower.includes("clientid")) {
+        friendly = "Invalid Client ID. It should typically be in the format <UID>_U (e.g. FN116677_U).";
+      } else if (rawEmsg) {
+        friendly = `Shoonya OAuth token exchange failed: ${rawEmsg}`;
+      } else {
+        friendly = "Shoonya OAuth token exchange failed with an unknown error.";
+      }
+      return Err(new Error(friendly));
+    }
+    const session = {
+      accessToken: String(json.access_token),
+      refreshToken: json.refresh_token ? String(json.refresh_token) : undefined,
+      expiresAt: getEndOfDay2(),
+      ttlSeconds: secondsUntilEndOfDay2(),
+      brokerId: "finvasia",
+      userId: String(json.USERID ?? json.uid ?? uid),
+      metadata: {
+        actid: json.actid,
+        uname: json.uname,
+        brkname: json.brkname,
+        lastAccess: json.lastaccesstime,
+        authMethod: "oauth"
+      }
+    };
+    return Ok(session);
+  } catch (err) {
+    return Err(err instanceof Error ? err : new Error(String(err)));
+  }
+}
+function buildSessionFromToken(accessToken, uid, refreshToken) {
+  return {
+    accessToken,
+    refreshToken,
+    expiresAt: getEndOfDay2(),
+    ttlSeconds: secondsUntilEndOfDay2(),
+    brokerId: "finvasia",
+    userId: uid,
+    metadata: { authMethod: "oauth" }
+  };
+}
 function isSessionValid2(session) {
   if (!session)
     return false;
@@ -21339,28 +21474,37 @@ class FinvasiaSocket {
   subscribedTokens = new Set;
   userId;
   accessToken;
+  authMethod;
   reconnectAttempts = 0;
   maxReconnects = 5;
   reconnectTimer = null;
   onAuthFailed;
-  constructor(userId, accessToken, onAuthFailed) {
+  constructor(userId, accessToken, onAuthFailed, authMethod = "totp") {
     this.userId = userId;
     this.accessToken = accessToken;
+    this.authMethod = authMethod;
     this.onAuthFailed = onAuthFailed;
   }
   connect() {
     if (this.state === "CONNECTED" || this.state === "CONNECTING")
       return;
     this.state = "CONNECTING";
+    const wsUrl = this.authMethod === "oauth" ? SHOONYA_WS_OAUTH_URL : SHOONYA_WS_URL;
     try {
-      this.ws = new WS(SHOONYA_WS_URL);
+      this.ws = new WS(wsUrl);
     } catch {
       this.state = "DISCONNECTED";
       return;
     }
     this.ws.on("open", () => {
-      console.log(`[FinvasiaSocket] WS open, sending auth for uid=${this.userId}`);
-      const authMsg = JSON.stringify({
+      console.log(`[FinvasiaSocket] WS open, sending auth for uid=${this.userId} (method=${this.authMethod})`);
+      const authMsg = this.authMethod === "oauth" ? JSON.stringify({
+        t: "a",
+        uid: this.userId,
+        actid: this.userId,
+        accesstoken: this.accessToken,
+        source: "API"
+      }) : JSON.stringify({
         t: "c",
         uid: this.userId,
         actid: this.userId,
@@ -21463,7 +21607,13 @@ class FinvasiaSocket {
   }
   handleMessage(data) {
     const type = data["t"];
-    if (type === "ck") {
+    if (type === "h") {
+      if (this.ws && this.ws.readyState === WS.OPEN) {
+        this.ws.send(JSON.stringify({ t: "h" }));
+      }
+      return;
+    }
+    if (type === "ck" || type === "ak") {
       if (data["s"] === "OK") {
         this.state = "CONNECTED";
         this.reconnectAttempts = 0;
@@ -21471,7 +21621,7 @@ class FinvasiaSocket {
           this.sendSubscribe(Array.from(this.subscribedTokens));
         }
       } else {
-        console.error(`[FinvasiaSocket] Auth rejected (ck NOT_OK) \u2014 token invalid, stopping reconnect`);
+        console.error(`[FinvasiaSocket] Auth rejected (${type} NOT_OK) \u2014 token invalid, stopping reconnect`);
         this.reconnectAttempts = this.maxReconnects;
         this.state = "DISCONNECTED";
         this.onAuthFailed?.();
@@ -21600,7 +21750,9 @@ function mapInstrumentType2(instType, optionType) {
   if (upper === "PE")
     return "PE";
   const it = instType?.toUpperCase();
-  if (it === "EQ" || it === "EQUITY" || it === "INDEX")
+  if (it === "INDEX")
+    return "IDX";
+  if (it === "EQ" || it === "EQUITY")
     return "EQ";
   if (it?.startsWith("FUT") || it?.includes("FUT"))
     return "FUT";
@@ -21618,10 +21770,23 @@ function parseStrike2(raw) {
   const n = parseFloat(raw);
   return isNaN(n) || n === 0 ? undefined : n;
 }
+var UNDERLYING_ALIASES = {
+  BSXOPT: "SENSEX",
+  BSXFUT: "SENSEX",
+  NFIDX: "NIFTY",
+  BKIDX: "BANKNIFTY",
+  "Nifty 50": "NIFTY50",
+  "Nifty Bank": "BANKNIFTY",
+  "Nifty Fin Services": "FINNIFTY",
+  "NIFTY MID SELECT": "MIDCPNIFTY",
+  "Nifty Next 50": "NIFTYNEXT50",
+  INDIAVIX: "INDIAVIX"
+};
 function deriveUnderlying2(symbol, tradingSymbol, instType) {
   if (instType === "EQ")
     return symbol || tradingSymbol;
-  return symbol || tradingSymbol.replace(/\d.*/g, "");
+  const raw = symbol || tradingSymbol.replace(/\d.*/g, "");
+  return UNDERLYING_ALIASES[raw] ?? raw;
 }
 
 class FinvasiaInstruments {
@@ -21780,6 +21945,25 @@ class FinvasiaBroker {
     this._iMaster = new InstrumentMaster(options);
   }
   async authenticate(creds) {
+    if (creds.accessToken && creds.userId) {
+      const session = buildSessionFromToken(creds.accessToken, creds.userId, creds.refreshToken);
+      this.credentials = creds;
+      this.session = session;
+      this.instrumentsImpl.setCredentials(session.userId, session.accessToken);
+      return Ok(session);
+    }
+    if (creds.authCode) {
+      if (!creds.clientId || !creds.secretCode || !creds.userId) {
+        return Err(new Error("Finvasia OAuth: authCode requires clientId, secretCode, and userId"));
+      }
+      const result2 = await exchangeAuthCode(creds.authCode, creds.secretCode, creds.clientId, creds.userId);
+      if (!result2.ok)
+        return result2;
+      this.credentials = creds;
+      this.session = result2.value;
+      this.instrumentsImpl.setCredentials(this.session.userId, this.session.accessToken);
+      return result2;
+    }
     const result = await authenticate2(creds);
     if (!result.ok)
       return result;
@@ -21788,6 +21972,9 @@ class FinvasiaBroker {
     this.instrumentsImpl.setCredentials(this.session.userId, this.session.accessToken);
     return result;
   }
+  getOAuthURL(clientId) {
+    return getOAuthURL(clientId);
+  }
   async refreshSession(session) {
     return refreshSession2(session);
   }
@@ -21799,6 +21986,19 @@ class FinvasiaBroker {
       return null;
     return new Date(this.session.expiresAt);
   }
+  getSession() {
+    return this.session;
+  }
+  async disconnect() {
+    if (this.socket) {
+      try {
+        this.socket.disconnect();
+      } catch {}
+      this.socket = null;
+    }
+    this.session = null;
+    this.credentials = null;
+  }
   async sync(force) {
     return this._iMaster.syncBroker(this.id, this.instruments, force);
   }
@@ -21904,6 +22104,10 @@ class FinvasiaBroker {
       const uid = this.session?.userId ?? "";
       const raw = await this.post("OrderBook", { uid });
       if (!Array.isArray(raw)) {
+        const obj = raw;
+        if (obj.stat === "Not_Ok" && obj.emsg) {
+          return Err(new Error(`OrderBook failed: ${obj.emsg}`));
+        }
         return Ok([]);
       }
       return Ok(raw.map(fromOrder2));
@@ -21936,8 +22140,13 @@ class FinvasiaBroker {
     try {
       const uid = this.session?.userId ?? "";
       const raw = await this.post("PositionBook", { uid, actid: uid });
-      if (!Array.isArray(raw))
+      if (!Array.isArray(raw)) {
+        const obj = raw;
+        if (obj.stat === "Not_Ok" && obj.emsg) {
+          return Err(new Error(`PositionBook failed: ${obj.emsg}`));
+        }
         return Ok([]);
+      }
       return Ok(raw.map(fromPosition2));
     } catch (err) {
       return Err(err instanceof Error ? err : new Error(String(err)));
@@ -21951,8 +22160,13 @@ class FinvasiaBroker {
         actid: uid,
         prd: "C"
       });
-      if (!Array.isArray(raw))
+      if (!Array.isArray(raw)) {
+        const obj = raw;
+        if (obj.stat === "Not_Ok" && obj.emsg) {
+          return Err(new Error(`Holdings failed: ${obj.emsg}`));
+        }
         return Ok([]);
+      }
       return Ok(raw.map(fromHolding2));
     } catch (err) {
       return Err(err instanceof Error ? err : new Error(String(err)));
@@ -22076,6 +22290,22 @@ class FinvasiaBroker {
       return Err(err instanceof Error ? err : new Error(String(err)));
     }
   }
+  toBrokerToken(instrument, format = "ws") {
+    const token = instrument.brokerTokens.finvasia?.token;
+    if (!token)
+      return null;
+    const sep = format === "rest" ? ":" : "|";
+    return `${instrument.exchange}${sep}${token}`;
+  }
+  getIndexTokens(format = "ws") {
+    const result = new Map;
+    for (const inst of this._iMaster.getIndices()) {
+      const token = this.toBrokerToken(inst, format);
+      if (token)
+        result.set(inst.underlying.toUpperCase(), token);
+    }
+    return result;
+  }
   subscribeTicks(tokens, cb) {
     this.ensureSocket();
     return this.socket.subscribe(tokens, cb);
@@ -22100,18 +22330,25 @@ class FinvasiaBroker {
         actid: uid
       });
       if (raw.stat !== "Ok") {
-        return Err(new Error("Failed to fetch margins"));
+        return Err(new Error(`Margins failed: ${raw.emsg ?? "Unknown error"}`));
       }
       const cash = parseFloat(raw["cash"] ?? "0");
-      const marginUsed = parseFloat(raw["marginused"] ?? "0");
+      const marginUsed = parseFloat(raw["marginused"] ?? raw["peak_mar"] ?? "0");
+      const blockedAmt = parseFloat(raw["blk_amt"] ?? "0");
       const collateral = parseFloat(raw["collateral"] ?? "0");
+      const eqAvailable = parseFloat(raw["mr_der_a"] ?? "0");
+      const comAvailable = parseFloat(raw["mr_com_a"] ?? "0");
+      const available = cash;
+      const used = marginUsed + blockedAmt;
+      const total = available + used;
       return Ok({
-        available: cash - marginUsed,
-        used: marginUsed,
-        total: cash,
+        available,
+        used,
+        total,
         collateral,
         segments: {
-          equity: { available: cash - marginUsed, used: marginUsed }
+          equity: { available: eqAvailable, used: 0 },
+          commodity: { available: comAvailable, used: 0 }
         }
       });
     } catch (err) {
@@ -22123,9 +22360,11 @@ class FinvasiaBroker {
       const margins = await this.getMargins();
       if (!margins.ok)
         return margins;
+      const eq = margins.value.segments["equity"]?.available ?? 0;
+      const com = margins.value.segments["commodity"]?.available ?? 0;
       return Ok({
-        equity: margins.value.available,
-        commodity: 0,
+        equity: eq,
+        commodity: com,
         total: margins.value.available
       });
     } catch (err) {
@@ -22172,10 +22411,18 @@ class FinvasiaBroker {
     if (!this.session)
       throw new Error("Not authenticated");
     const jData = JSON.stringify(payload);
+    const isOAuth = this.session.metadata?.authMethod === "oauth";
+    const headers = isOAuth ? {
+      "Content-Type": "application/x-www-form-urlencoded",
+      Authorization: `Bearer ${this.session.accessToken}`
+    } : {
+      "Content-Type": "application/x-www-form-urlencoded"
+    };
+    const body = isOAuth ? `jData=${jData}` : `jData=${jData}&jKey=${this.session.accessToken}`;
     const response = await fetch(`${SHOONYA_API_BASE}/${endpoint}`, {
       method: "POST",
-      headers: { "Content-Type": "application/x-www-form-urlencoded" },
-      body: `jData=${jData}&jKey=${this.session.accessToken}`
+      headers,
+      body
     });
     const text = await response.text();
     let parsed;
@@ -22184,36 +22431,32 @@ class FinvasiaBroker {
     } catch {
       throw new Error(`Shoonya ${endpoint} failed (${response.status}): ${text.slice(0, 200)}`);
     }
+    const obj = parsed;
+    if (obj && obj["stat"] === "Not_Ok" && obj["emsg"]) {
+      const emsg = String(obj["emsg"]).toLowerCase();
+      if (emsg.includes("session") || emsg.includes("invalid") || emsg.includes("not logged")) {
+        console.error(`[FinvasiaBroker] SESSION ERROR on ${endpoint}: ${obj["emsg"]} (token: ...${this.session.accessToken.slice(-8)})`);
+      }
+    }
     return parsed;
   }
   ensureSocket() {
-    if (this.socket)
-      return;
     if (!this.session)
       throw new Error("Cannot create socket without an active session");
+    if (this.socket) {
+      if (this.socket.getConnectionState() === "DISCONNECTED") {
+        this.socket.reconnect(this.session.accessToken);
+      }
+      return;
+    }
+    const authMethod = this.session.metadata?.authMethod === "oauth" ? "oauth" : "totp";
     this.socket = new FinvasiaSocket(this.session.userId, this.session.accessToken, () => {
       this.handleSocketAuthFailed();
-    });
+    }, authMethod);
     this.socket.connect();
   }
   handleSocketAuthFailed() {
-    if (!this.credentials) {
-      console.error("[FinvasiaBroker] Socket auth failed but no credentials stored \u2014 cannot re-authenticate");
-      return;
-    }
-    console.log("[FinvasiaBroker] Socket auth failed, re-authenticating...");
-    authenticate2(this.credentials).then((result) => {
-      if (!result.ok) {
-        console.error("[FinvasiaBroker] Re-authentication failed:", result.error instanceof Error ? result.error.message : result.error);
-        return;
-      }
-      this.session = result.value;
-      this.instrumentsImpl.setCredentials(this.session.userId, this.session.accessToken);
-      console.log("[FinvasiaBroker] Re-authenticated successfully, reconnecting socket");
-      this.socket?.reconnect(this.session.accessToken);
-    }).catch((err) => {
-      console.error("[FinvasiaBroker] Re-authentication exception:", err instanceof Error ? err.message : err);
-    });
+    console.warn("[FinvasiaBroker] Socket auth rejected (ck NOT_OK) \u2014 waiting for user-bot to re-authenticate");
   }
 }
 // src/brokers/dhan/dhan-constants.ts
@@ -22315,12 +22558,12 @@ async function authenticate3(creds) {
       return Err(new Error(`Dhan auth validation failed (${response.status}): ${body}`));
     }
     const profile = await response.json();
-    const thirtyDaysMs = 30 * 24 * 60 * 60 * 1000;
+    const twentyFourHoursMs = 24 * 60 * 60 * 1000;
     const session = {
       accessToken,
       refreshToken: undefined,
-      expiresAt: Date.now() + thirtyDaysMs,
-      ttlSeconds: 30 * 24 * 60 * 60,
+      expiresAt: Date.now() + twentyFourHoursMs,
+      ttlSeconds: 24 * 60 * 60,
       brokerId: "dhan",
       userId: profile.clientId ?? clientId,
       metadata: { name: profile.name, email: profile.email }
@@ -22385,15 +22628,16 @@ async function consumeConsent(creds, tokenId) {
       return Err(new Error(`Dhan consumeApp-consent failed (${response.status}): ${body}`));
     }
     const data = await response.json();
-    if (!data.accessToken) {
-      return Err(new Error(data.message ?? "Failed to get access token \u2014 no accessToken returned"));
+    const newToken = data.accessToken ?? data.token;
+    if (!newToken) {
+      return Err(new Error(data.message ?? "Failed to get access token \u2014 no token in response"));
     }
-    const thirtyDaysMs = 30 * 24 * 60 * 60 * 1000;
+    const twentyFourHoursMs = 24 * 60 * 60 * 1000;
     const session = {
-      accessToken: data.accessToken,
+      accessToken: newToken,
       refreshToken: undefined,
-      expiresAt: Date.now() + thirtyDaysMs,
-      ttlSeconds: 30 * 24 * 60 * 60,
+      expiresAt: Date.now() + twentyFourHoursMs,
+      ttlSeconds: 24 * 60 * 60,
       brokerId: "dhan",
       userId: clientId ?? "",
       metadata: { authMode: "oauth" }
@@ -22403,8 +22647,42 @@ async function consumeConsent(creds, tokenId) {
     return Err(err instanceof Error ? err : new Error(String(err)));
   }
 }
-async function refreshSession3(_session) {
-  return Err(new Error("Dhan does not support token refresh. Generate a new access token from the Dhan developer portal."));
+async function refreshSession3(session) {
+  const { accessToken, userId: clientId } = session;
+  if (!accessToken)
+    return Err(new Error("Missing accessToken in session"));
+  if (!clientId)
+    return Err(new Error("Missing userId (client_id) in session"));
+  try {
+    const response = await fetch(`${DHAN_API_BASE}/RenewToken`, {
+      method: "GET",
+      headers: {
+        "Content-Type": "application/json",
+        "access-token": accessToken,
+        dhanClientId: clientId
+      }
+    });
+    if (!response.ok) {
+      const body = await response.text();
+      return Err(new Error(`Dhan token renewal failed (${response.status}): ${body}`));
+    }
+    const data = await response.json();
+    const newToken = data.accessToken ?? data.token;
+    if (!newToken) {
+      return Err(new Error(data.message ?? `Token renewal failed \u2014 no token in response: ${JSON.stringify(data)}`));
+    }
+    const twentyFourHoursMs = 24 * 60 * 60 * 1000;
+    const expiresAt = data.expiryTime ? new Date(data.expiryTime).getTime() : Date.now() + twentyFourHoursMs;
+    const renewed = {
+      ...session,
+      accessToken: newToken,
+      expiresAt,
+      ttlSeconds: Math.floor((expiresAt - Date.now()) / 1000)
+    };
+    return Ok(renewed);
+  } catch (err) {
+    return Err(err instanceof Error ? err : new Error(String(err)));
+  }
 }
 function isSessionValid3(session) {
   if (!session)
@@ -22639,6 +22917,7 @@ class DhanSocket {
       return;
     }
     this.ws.on("open", () => {
+      console.log(`[DhanSocket] WS connected for clientId=${this.clientId}`);
       this.state = "CONNECTED";
       this.reconnectAttempts = 0;
       this.startHeartbeat();
@@ -22648,6 +22927,11 @@ class DhanSocket {
     });
     this.ws.on("message", (raw, isBinary) => {
       try {
+        if (!isBinary) {
+          console.log(`[DhanSocket] WS JSON msg: ${raw.toString().slice(0, 200)}`);
+        } else {
+          console.log(`[DhanSocket] WS binary msg: ${Buffer.isBuffer(raw) ? raw.length : "?"} bytes`);
+        }
         if (isBinary) {
           const buf = raw instanceof ArrayBuffer ? Buffer.from(raw) : Buffer.isBuffer(raw) ? raw : Array.isArray(raw) ? Buffer.concat(raw) : Buffer.from(raw);
           this.handleBinaryMessage(buf);
@@ -22657,12 +22941,20 @@ class DhanSocket {
         }
       } catch {}
     });
-    this.ws.on("close", () => {
+    this.ws.on("close", (code, reason) => {
+      console.warn(`[DhanSocket] WS closed: code=${code}, reason=${reason.toString()}`);
       this.state = "DISCONNECTED";
       this.stopHeartbeat();
       this.attemptReconnect();
     });
-    this.ws.on("error", () => {});
+    this.ws.on("error", (err) => {
+      console.error(`[DhanSocket] WS error: ${err.message}`, {
+        code: err.code,
+        type: err.type,
+        stack: err.stack?.split(`
+`).slice(0, 3).join(" | ")
+      });
+    });
   }
   disconnect() {
     this.clearReconnectTimer();
@@ -22727,7 +23019,7 @@ class DhanSocket {
     const exchSegByte = data.readUInt8(3);
     const securityId = data.readInt32LE(4);
     const exchangeSegment = EXCH_SEG_FROM_BYTE[exchSegByte] ?? "NSE_EQ";
-    const fullKey = `${exchangeSegment}:${securityId}`;
+    const fullKey = `${exchangeSegment}|${securityId}`;
     if (responseCode === 1 && data.length >= 32) {
       const ltp = data.readFloatLE(8);
       const ltt = data.readInt32LE(12);
@@ -22832,7 +23124,9 @@ class DhanSocket {
       InstrumentCount: instruments.length,
       InstrumentList: instruments
     };
-    this.ws.send(JSON.stringify(request));
+    const msg = JSON.stringify(request);
+    console.log(`[DhanSocket] Sending subscribe: ${msg}`);
+    this.ws.send(msg);
   }
   sendUnsubscribe(tokens) {
     if (!this.ws || this.state !== "CONNECTED")
@@ -22923,7 +23217,9 @@ function mapInstrumentType3(instName, optionType) {
   if (opt === "PE")
     return "PE";
   const inst = instName?.toUpperCase();
-  if (inst?.includes("EQUITY") || inst === "INDEX" || inst === "EQ")
+  if (inst === "INDEX")
+    return "IDX";
+  if (inst?.includes("EQUITY") || inst === "EQ")
     return "EQ";
   if (inst?.includes("FUT"))
     return "FUT";
@@ -23141,7 +23437,14 @@ class DhanBroker {
     return result;
   }
   async refreshSession(session) {
-    return refreshSession3(session);
+    const result = await refreshSession3(session);
+    if (result.ok) {
+      this.session = result.value;
+      if (!this.clientId && result.value.userId)
+        this.clientId = result.value.userId;
+      this.instrumentsImpl.setCredentials(this.clientId, result.value.accessToken);
+    }
+    return result;
   }
   isSessionValid() {
     return isSessionValid3(this.session);
@@ -23151,6 +23454,9 @@ class DhanBroker {
       return null;
     return new Date(this.session.expiresAt);
   }
+  getSession() {
+    return this.session;
+  }
   async generateConsent(creds) {
     this.oauthCreds = creds;
     this.clientId = creds.userId ?? "";
@@ -23429,6 +23735,23 @@ class DhanBroker {
       return Err(err instanceof Error ? err : new Error(String(err)));
     }
   }
+  toBrokerToken(instrument, format = "ws") {
+    const sid = instrument.brokerTokens.dhan?.securityId;
+    if (!sid)
+      return null;
+    const seg = instrument.instrumentType === "IDX" ? "IDX_I" : EXCHANGE_TO_DHAN[instrument.exchange] ?? "NSE_EQ";
+    const sep = format === "rest" ? ":" : "|";
+    return `${seg}${sep}${sid}`;
+  }
+  getIndexTokens(format = "ws") {
+    const result = new Map;
+    for (const inst of this._iMaster.getIndices()) {
+      const token = this.toBrokerToken(inst, format);
+      if (token)
+        result.set(inst.underlying.toUpperCase(), token);
+    }
+    return result;
+  }
   subscribeTicks(tokens, cb) {
     this.ensureSocket();
     return this.socket.subscribe(tokens, cb);
@@ -23448,7 +23771,8 @@ class DhanBroker {
   async getMargins() {
     try {
       const raw = await this.request("GET", "/fundlimit");
-      const available = Number(raw["availableBalance"] ?? raw["sodLimit"] ?? 0);
+      console.log("Dhan getMargins - raw response:", raw);
+      const available = Number(raw["availabelBalance"] ?? raw["availabelBalance"] ?? 0);
       const used = Number(raw["utilizedAmount"] ?? raw["blockedMargin"] ?? 0);
       const collateral = Number(raw["collateralAmount"] ?? 0);
       return Ok({
@@ -23467,6 +23791,7 @@ class DhanBroker {
   async getFunds() {
     try {
       const margins = await this.getMargins();
+      console.log("Dhan getFunds - margins:", margins);
       if (!margins.ok)
         return margins;
       return Ok({
@@ -23928,6 +24253,9 @@ class PaperBroker {
       return null;
     return new Date(this.session.expiresAt);
   }
+  getSession() {
+    return this.session;
+  }
   async placeOrder(params) {
     try {
       if (params.side === "BUY") {
@@ -24059,6 +24387,12 @@ class PaperBroker {
     }
     return Err(new Error("Paper broker requires a data source for candles. Call setDataSource()."));
   }
+  toBrokerToken(_instrument, _format = "ws") {
+    return null;
+  }
+  getIndexTokens(_format = "ws") {
+    return new Map;
+  }
   subscribeTicks(tokens, cb) {
     this.subIdCounter += 1;
     const subId = `paper_sub_${this.subIdCounter}`;
@@ -24250,8 +24584,1298 @@ class PaperBroker {
     };
   }
 }
+// src/brokers/fivepaisa/fivepaisa-auth.ts
+import crypto3 from "crypto";
+
+// src/brokers/fivepaisa/fivepaisa-constants.ts
+var FIVEPAISA_API_BASE = "https://Openapi.5paisa.com/VendorsAPI/Service1.svc";
+var FIVEPAISA_HISTORICAL_BASE = "https://openapi.5paisa.com/V2/historical";
+var FIVEPAISA_SCRIP_MASTER_BASE = "https://openapi.5paisa.com/VendorsAPI/Service1.svc/ScripMaster/segment";
+var ROUTES = {
+  TOTP_LOGIN: `${FIVEPAISA_API_BASE}/TOTPLogin`,
+  ACCESS_TOKEN: `${FIVEPAISA_API_BASE}/GetAccessToken`,
+  MARGIN: `${FIVEPAISA_API_BASE}/V4/Margin`,
+  ORDER_BOOK: `${FIVEPAISA_API_BASE}/V3/OrderBook`,
+  HOLDINGS: `${FIVEPAISA_API_BASE}/V3/Holding`,
+  POSITIONS: `${FIVEPAISA_API_BASE}/V1/NetPositionNetWise`,
+  PLACE_ORDER: `${FIVEPAISA_API_BASE}/V1/PlaceOrderRequest`,
+  MODIFY_ORDER: `${FIVEPAISA_API_BASE}/V1/ModifyOrderRequest`,
+  CANCEL_ORDER: `${FIVEPAISA_API_BASE}/V1/CancelOrderRequest`,
+  ORDER_STATUS: `${FIVEPAISA_API_BASE}/V2/OrderStatus`,
+  TRADE_BOOK: `${FIVEPAISA_API_BASE}/V1/TradeBook`,
+  TRADE_INFO: `${FIVEPAISA_API_BASE}/V1/TradeInformation`,
+  MARKET_FEED: `${FIVEPAISA_API_BASE}/MarketFeed`,
+  MARKET_FEED_V1: `${FIVEPAISA_API_BASE}/V1/MarketFeed`,
+  MARKET_DEPTH: `${FIVEPAISA_API_BASE}/MarketDepth`
+};
+var REQUEST_CODES = {
+  MARGIN: "5PMarginV3",
+  ORDER_BOOK: "5POrdBkV2",
+  HOLDINGS: "5PHoldingV2",
+  POSITIONS: "5PNPNWV1",
+  PLACE_ORDER: "5PPlaceOrdReq",
+  MODIFY_ORDER: "5PModifyOrdReq",
+  CANCEL_ORDER: "5PCancelOrdReq",
+  ORDER_STATUS: "5POrdStatus",
+  TRADE_BOOK: "5PTrdBkV1",
+  TRADE_INFO: "5PTrdInfo",
+  MARKET_FEED: "5PMF",
+  MARKET_DEPTH: "5PMD"
+};
+var EXCHANGE_TO_5P = {
+  NSE: "N",
+  BSE: "B",
+  NFO: "N",
+  BFO: "B",
+  MCX: "M",
+  CDS: "N"
+};
+var EXCHANGE_FROM_5P = {
+  N: "NSE",
+  B: "BSE",
+  M: "MCX"
+};
+var EXCHANGE_TYPE_MAP = {
+  NSE: "C",
+  BSE: "C",
+  NFO: "D",
+  BFO: "D",
+  MCX: "D",
+  CDS: "U"
+};
+var PRODUCT_TO_5P = {
+  INTRADAY: true,
+  DELIVERY: false,
+  NORMAL: false
+};
+var PRODUCT_FROM_5P = (isIntraday) => isIntraday ? "INTRADAY" : "DELIVERY";
+var ORDER_TYPE_FROM_5P = (isStopLoss, price) => {
+  if (isStopLoss)
+    return "SL";
+  if (price === 0)
+    return "MARKET";
+  return "LIMIT";
+};
+var STATUS_FROM_5P = {
+  Pending: "PENDING",
+  "Fully Executed": "FILLED",
+  Cancelled: "CANCELLED",
+  Rejected: "REJECTED",
+  Modified: "OPEN",
+  "After Market Order Req Received": "PENDING",
+  Traded: "FILLED",
+  Open: "OPEN",
+  "Partially Executed": "OPEN",
+  pending: "PENDING",
+  "fully executed": "FILLED",
+  cancelled: "CANCELLED",
+  rejected: "REJECTED",
+  Reject: "REJECTED",
+  traded: "FILLED",
+  open: "OPEN",
+  "partially executed": "OPEN",
+  Expired: "CANCELLED",
+  expired: "CANCELLED"
+};
+var VALIDITY_TO_5P = {
+  DAY: false,
+  IOC: true
+};
+var CANDLE_INTERVAL_TO_5P = {
+  "1m": "1m",
+  "5m": "5m",
+  "15m": "15m",
+  "1h": "60m",
+  "1d": "1d"
+};
+
+// src/brokers/fivepaisa/fivepaisa-auth.ts
+function generateTOTP2(secret) {
+  const base32Chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567";
+  let bits = "";
+  for (const ch of secret.toUpperCase().replace(/[^A-Z2-7]/g, "")) {
+    const idx = base32Chars.indexOf(ch);
+    if (idx >= 0)
+      bits += idx.toString(2).padStart(5, "0");
+  }
+  const decoded = [];
+  for (let i = 0;i + 8 <= bits.length; i += 8) {
+    decoded.push(parseInt(bits.slice(i, i + 8), 2));
+  }
+  const key = Buffer.from(decoded);
+  const timeStep = Math.floor(Date.now() / 1000 / 30);
+  const timeBuffer = Buffer.alloc(8);
+  timeBuffer.writeUInt32BE(0, 0);
+  timeBuffer.writeUInt32BE(timeStep, 4);
+  const hmac = crypto3.createHmac("sha1", key).update(timeBuffer).digest();
+  const offset = hmac[hmac.length - 1] & 15;
+  const code = (hmac[offset] & 127) << 24 | (hmac[offset + 1] & 255) << 16 | (hmac[offset + 2] & 255) << 8 | hmac[offset + 3] & 255;
+  return String(code % 1e6).padStart(6, "0");
+}
+async function authenticate4(creds) {
+  const userKey = creds.userKey ?? creds.apiKey;
+  const clientCode = creds.clientCode;
+  const encryptionKey = creds.encryptionKey;
+  const userId = creds.userId ?? "";
+  const pin = creds.pin;
+  if (!userKey)
+    return Err(new Error("Missing userKey/apiKey in credentials"));
+  if (!clientCode)
+    return Err(new Error("Missing clientCode in credentials"));
+  if (!pin)
+    return Err(new Error("Missing pin in credentials"));
+  if (!encryptionKey)
+    return Err(new Error("Missing encryptionKey in credentials"));
+  const totpSecret = creds.totpSecret;
+  const totpCode = totpSecret ? generateTOTP2(totpSecret) : creds.totp;
+  if (!totpCode) {
+    return Err(new Error("Missing totpSecret or totp (6-digit code) in credentials"));
+  }
+  try {
+    const totpPayload = {
+      head: { Key: userKey },
+      body: { Email_ID: clientCode, TOTP: totpCode, PIN: pin }
+    };
+    console.log("[5paisa] Step 1: TOTPLogin...");
+    const totpRes = await fetch(ROUTES.TOTP_LOGIN, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify(totpPayload)
+    });
+    let totpJson = await totpRes.json();
+    if (!totpJson.body?.RequestToken && totpSecret && totpJson.body?.Message?.toLowerCase().includes("used in past")) {
+      const secondsIntoStep = Math.floor(Date.now() / 1000) % 30;
+      const waitMs = (30 - secondsIntoStep + 1) * 1000;
+      console.log(`[5paisa] TOTP already used \u2014 waiting ${Math.ceil(waitMs / 1000)}s for next window...`);
+      await new Promise((r) => setTimeout(r, waitMs));
+      const freshTotp = generateTOTP2(totpSecret);
+      const retryRes = await fetch(ROUTES.TOTP_LOGIN, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ head: { Key: userKey }, body: { Email_ID: clientCode, TOTP: freshTotp, PIN: pin } })
+      });
+      totpJson = await retryRes.json();
+    }
+    if (!totpJson.body?.RequestToken) {
+      return Err(new Error(`5paisa TOTP login failed: ${totpJson.body?.Message ?? "No RequestToken returned"}`));
+    }
+    console.log("[5paisa] Step 1 OK: got RequestToken");
+    return exchangeRequestToken(totpJson.body.RequestToken, userKey, encryptionKey, userId, clientCode);
+  } catch (err) {
+    return Err(err instanceof Error ? err : new Error(String(err)));
+  }
+}
+async function exchangeRequestToken(requestToken, userKey, encryptionKey, userId, clientCode) {
+  try {
+    const accessPayload = {
+      head: { Key: userKey },
+      body: {
+        RequestToken: requestToken,
+        EncryKey: encryptionKey,
+        UserId: userId
+      }
+    };
+    console.log("[5paisa] Step 2: GetAccessToken...");
+    const accessRes = await fetch(ROUTES.ACCESS_TOKEN, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify(accessPayload)
+    });
+    const accessJson = await accessRes.json();
+    if (!accessJson.body?.AccessToken) {
+      return Err(new Error(`5paisa access token failed: ${accessJson.body?.Message ?? "No AccessToken returned"}`));
+    }
+    const resolvedClientCode = accessJson.body.ClientCode || clientCode;
+    console.log(`[5paisa] Step 2 OK: authenticated as ${resolvedClientCode}`);
+    const session = {
+      accessToken: accessJson.body.AccessToken,
+      refreshToken: undefined,
+      expiresAt: getEndOfDay3(),
+      ttlSeconds: secondsUntilEndOfDay3(),
+      brokerId: "fivepaisa",
+      userId: resolvedClientCode,
+      metadata: { userKey, requestToken }
+    };
+    return Ok(session);
+  } catch (err) {
+    return Err(err instanceof Error ? err : new Error(String(err)));
+  }
+}
+async function authenticateWithToken(creds) {
+  const accessToken = creds.accessToken;
+  const clientCode = creds.clientCode ?? creds.userId ?? "";
+  if (!accessToken)
+    return Err(new Error("Missing accessToken in credentials"));
+  return Ok({
+    accessToken,
+    refreshToken: undefined,
+    expiresAt: getEndOfDay3(),
+    ttlSeconds: secondsUntilEndOfDay3(),
+    brokerId: "fivepaisa",
+    userId: clientCode,
+    metadata: { userKey: creds.userKey ?? creds.apiKey }
+  });
+}
+async function refreshSession4(_session) {
+  return Err(new Error("5paisa does not support session refresh. Re-authenticate with TOTP."));
+}
+function isSessionValid4(session) {
+  if (!session)
+    return false;
+  return Date.now() < session.expiresAt;
+}
+function getEndOfDay3() {
+  const now = new Date;
+  const eod = new Date(now);
+  eod.setHours(23, 59, 59, 999);
+  return eod.getTime();
+}
+function secondsUntilEndOfDay3() {
+  return Math.max(0, Math.floor((getEndOfDay3() - Date.now()) / 1000));
+}
+
+// src/brokers/fivepaisa/fivepaisa-mapper.ts
+function num2(val, fallback = 0) {
+  if (val === undefined || val === null || val === "")
+    return fallback;
+  const n = Number(val);
+  return isNaN(n) ? fallback : n;
+}
+function safeExchange4(exch, exchType) {
+  if (exchType === "D") {
+    return exch === "B" ? "BFO" : "NFO";
+  }
+  if (exchType === "U")
+    return "CDS";
+  return EXCHANGE_FROM_5P[exch] ?? "NSE";
+}
+function inferInstrumentType4(exchType, symbol) {
+  if (exchType === "C")
+    return "EQ";
+  if (symbol.endsWith("CE"))
+    return "CE";
+  if (symbol.endsWith("PE"))
+    return "PE";
+  return "FUT";
+}
+function inferSide4(qty) {
+  if (qty > 0)
+    return "LONG";
+  if (qty < 0)
+    return "SHORT";
+  return "FLAT";
+}
+function parse5pDate(dateStr) {
+  if (!dateStr)
+    return 0;
+  const match = dateStr.match(/\/Date\((\d+)/);
+  if (match)
+    return parseInt(match[1], 10);
+  const ts = new Date(dateStr).getTime();
+  if (ts && !isNaN(ts))
+    return ts;
+  const cleaned = dateStr.replace(/-/g, " ").replace(/\s+/g, " ").trim();
+  const ts2 = new Date(cleaned).getTime();
+  if (ts2 && !isNaN(ts2))
+    return ts2;
+  console.warn(`[5paisa] Unparseable date: "${dateStr}"`);
+  return 0;
+}
+function normalize5pSymbol(scripName) {
+  if (!scripName)
+    return "";
+  const optMatch = scripName.match(/^(.+?)\s+(\d{1,2})\s+(\w{3})\s+(\d{4})\s+(CE|PE)\s+([\d.]+)$/i);
+  if (optMatch) {
+    const [, underlying, day, mon, year, optType, strike] = optMatch;
+    const strikeClean = strike.replace(/\.00$/, "");
+    const yy = year.slice(2);
+    const monUpper = mon.toUpperCase();
+    return `${underlying.trim()}-${strikeClean}-${optType.toUpperCase()}-${day.padStart(2, "0")}${monUpper}${yy}`;
+  }
+  const futMatch = scripName.match(/^(.+?)\s+(\d{1,2})\s+(\w{3})\s+(\d{4})\s+FUT$/i);
+  if (futMatch) {
+    const [, underlying, day, mon, year] = futMatch;
+    const yy = year.slice(2);
+    return `${underlying.trim()}-FUT-${day.padStart(2, "0")}${mon.toUpperCase()}${yy}`;
+  }
+  return scripName;
+}
+function safeStatus4(raw) {
+  const direct = STATUS_FROM_5P[raw];
+  if (direct)
+    return direct;
+  const lower = STATUS_FROM_5P[raw.toLowerCase()];
+  if (lower)
+    return lower;
+  const lc = raw.toLowerCase();
+  if (lc.includes("reject"))
+    return "REJECTED";
+  if (lc.includes("cancel") || lc.includes("expired"))
+    return "CANCELLED";
+  if (lc.includes("traded") || lc.includes("executed") || lc.includes("filled"))
+    return "FILLED";
+  if (lc.includes("open") || lc.includes("partial"))
+    return "OPEN";
+  console.warn(`[5paisa] Unmapped order status: "${raw}" \u2014 defaulting to PENDING`);
+  return "PENDING";
+}
+function toOrderPayload(params, clientCode, appSource) {
+  const isStopLoss = params.type === "SL" || params.type === "SL_M";
+  const isMarket = params.type === "MARKET" || params.type === "SL_M";
+  const date = new Date;
+  date.setDate(date.getDate() + 1);
+  return {
+    ClientCode: clientCode,
+    Exchange: EXCHANGE_TO_5P[params.exchange],
+    ExchangeType: EXCHANGE_TYPE_MAP[params.exchange],
+    Price: isMarket ? 0 : params.price ?? 0,
+    OrderID: 0,
+    OrderType: params.side,
+    Qty: params.quantity,
+    UniqueOrderID: "1",
+    DisQty: params.disclosedQty ?? params.quantity,
+    IsStopLossOrder: isStopLoss,
+    StopLossPrice: params.triggerPrice ?? 0,
+    IsIOCOrder: VALIDITY_TO_5P[params.validity],
+    IsIntraday: PRODUCT_TO_5P[params.product],
+    IsAHOrder: "N",
+    ValidTillDate: `/Date(${date.getTime()})/`,
+    AppSource: appSource,
+    ScripCode: 0,
+    ScripData: "",
+    RemoteOrderID: params.tag ?? ""
+  };
+}
+function fromOrder4(order) {
+  const qty = num2(order.Qty);
+  const filled = num2(order.TradedQty);
+  const exchType = String(order.ExchType ?? "C");
+  return {
+    orderId: String(order.ExchOrderID || order.BrokerOrderId),
+    brokerOrderId: String(order.BrokerOrderId),
+    broker: "fivepaisa",
+    tradingSymbol: normalize5pSymbol(order.ScripName ?? ""),
+    exchange: safeExchange4(String(order.Exch), exchType),
+    side: order.BuySell === "B" ? "BUY" : "SELL",
+    type: ORDER_TYPE_FROM_5P(order.WithSL === "Y", num2(order.Rate)),
+    product: PRODUCT_FROM_5P(order.DelvIntra === "I"),
+    quantity: qty,
+    filledQty: filled,
+    pendingQty: num2(order.PendingQty),
+    price: num2(order.Rate),
+    triggerPrice: num2(order.SLTriggerRate) || undefined,
+    averagePrice: filled > 0 ? num2(order.TradedPrice ?? order.Rate) : 0,
+    status: safeStatus4(order.OrderStatus),
+    validity: num2(order.OrderValidity) === 3 ? "IOC" : "DAY",
+    tag: order.RemoteOrderID || undefined,
+    placedAt: parse5pDate(String(order.BrokerOrderTime ?? order.OrderDateTime ?? "")),
+    updatedAt: parse5pDate(String(order.ExchOrderTime ?? order.BrokerOrderTime ?? ""))
+  };
+}
+function fromPosition4(pos) {
+  const netQty = num2(pos.NetQty);
+  const buyQty = num2(pos.BuyQty);
+  const sellQty = num2(pos.SellQty);
+  const ltp = num2(pos.LTP);
+  const bookedPnl = num2(pos.BookedPL);
+  const mtom = num2(pos.MTOM);
+  const buyAvg = num2(pos.BuyAvgRate);
+  const sellAvg = num2(pos.SellAvgRate);
+  const avgPrice = netQty > 0 ? buyAvg : netQty < 0 ? sellAvg : 0;
+  const exchType = String(pos.ExchType ?? "C");
+  return {
+    broker: "fivepaisa",
+    tradingSymbol: normalize5pSymbol(pos.ScripName ?? pos.Symbol ?? ""),
+    exchange: safeExchange4(String(pos.Exch), exchType),
+    side: inferSide4(netQty),
+    quantity: Math.abs(netQty),
+    buyQty,
+    sellQty,
+    avgPrice,
+    ltp,
+    pnl: bookedPnl + mtom,
+    realizedPnl: bookedPnl,
+    unrealizedPnl: mtom,
+    product: PRODUCT_FROM_5P(true),
+    instrumentType: inferInstrumentType4(exchType, pos.ScripName ?? "")
+  };
+}
+function fromHolding4(holding) {
+  const qty = num2(holding.Quantity);
+  const ltp = num2(holding.CurrentPrice);
+  return {
+    broker: "fivepaisa",
+    tradingSymbol: holding.Symbol ?? holding.FullName ?? "",
+    exchange: num2(holding.NseCode) > 0 ? "NSE" : "BSE",
+    isin: "",
+    quantity: qty,
+    avgPrice: 0,
+    ltp,
+    pnl: 0,
+    dayChange: 0,
+    dayChangePercent: 0
+  };
+}
+function fromMarketFeed(item) {
+  const ltp = num2(item.LastRate);
+  const close = num2(item.PClose);
+  const change = ltp - close;
+  const changePct = close !== 0 ? change / close * 100 : 0;
+  const exchType = String(item.ExchType ?? "C");
+  return {
+    tradingSymbol: String(item.ScripData ?? item.Token ?? item.ScripCode),
+    exchange: safeExchange4(String(item.Exch), exchType),
+    ltp,
+    open: num2(item.OpenRate),
+    high: num2(item.High),
+    low: num2(item.Low),
+    close,
+    volume: num2(item.TotalQty),
+    oi: item.OpenInterest ? num2(item.OpenInterest) : undefined,
+    bid: num2(item.BidRate),
+    ask: num2(item.OffRate),
+    bidQty: num2(item.BidQty),
+    askQty: num2(item.OffQty),
+    upperCircuit: 0,
+    lowerCircuit: 0,
+    change,
+    changePercent: changePct,
+    timestamp: parse5pDate(String(item.TickDt ?? ""))
+  };
+}
+function fromTradeBookEntry(t) {
+  const exchType = String(t.ExchType ?? "C");
+  return {
+    tradeId: t.TradeNo ?? "",
+    orderId: String(t.ExchOrderID || t.BrokerOrderId),
+    tradingSymbol: normalize5pSymbol(t.ScripName ?? ""),
+    exchange: safeExchange4(String(t.Exch), exchType),
+    side: t.BuySell === "B" ? "BUY" : "SELL",
+    quantity: num2(t.Qty),
+    price: num2(t.Rate),
+    product: PRODUCT_FROM_5P(t.DelvIntra === "I"),
+    timestamp: parse5pDate(String(t.TradeTime ?? ""))
+  };
+}
+
+// src/brokers/fivepaisa/fivepaisa-socket.ts
+import WS3 from "ws";
+var WS_URLS = {
+  A: "wss://aopenfeed.5paisa.com/feeds/api/chat?Value1=",
+  B: "wss://bopenfeed.5paisa.com/feeds/api/chat?Value1=",
+  C: "wss://openfeed.5paisa.com/feeds/api/chat?Value1="
+};
+var DEFAULT_WS_URL = "wss://openfeed.5paisa.com/feeds/api/chat?Value1=";
+function decodeJwtPayload(token) {
+  try {
+    const parts = token.split(".");
+    if (parts.length < 2)
+      return {};
+    const payload = parts[1].replace(/-/g, "+").replace(/_/g, "/");
+    const json = Buffer.from(payload, "base64").toString("utf-8");
+    return JSON.parse(json);
+  } catch {
+    return {};
+  }
+}
+function getWsUrl(accessToken) {
+  const payload = decodeJwtPayload(accessToken);
+  const server = String(payload["RedirectServer"] ?? "C");
+  return WS_URLS[server] ?? DEFAULT_WS_URL;
+}
+var subIdCounter5 = 0;
+function nextSubId5() {
+  return `5p_sub_${++subIdCounter5}`;
+}
+
+class FivePaisaSocket {
+  ws = null;
+  state = "DISCONNECTED";
+  subscriptions = new Map;
+  subscribedTokens = new Set;
+  tokenToSymbol = new Map;
+  clientCode;
+  accessToken;
+  reconnectAttempts = 0;
+  maxReconnects = 5;
+  reconnectTimer = null;
+  constructor(clientCode, accessToken) {
+    this.clientCode = clientCode;
+    this.accessToken = accessToken;
+  }
+  connect() {
+    if (this.state === "CONNECTED" || this.state === "CONNECTING")
+      return;
+    this.state = "CONNECTING";
+    const baseUrl = getWsUrl(this.accessToken);
+    const url = `${baseUrl}${this.accessToken}|${this.clientCode}`;
+    this.ws = new WS3(url);
+    this.ws.on("open", () => {
+      this.state = "CONNECTED";
+      this.reconnectAttempts = 0;
+      if (this.subscribedTokens.size > 0) {
+        this.sendSubscription("Subscribe", Array.from(this.subscribedTokens));
+      }
+    });
+    this.ws.on("message", (data) => {
+      this.handleMessage(data);
+    });
+    this.ws.on("close", () => {
+      this.state = "DISCONNECTED";
+      this.scheduleReconnect();
+    });
+    this.ws.on("error", (err) => {
+      console.warn("[FivePaisaSocket] WS error:", err.message);
+    });
+  }
+  disconnect() {
+    this.state = "DISCONNECTED";
+    this.reconnectAttempts = this.maxReconnects;
+    if (this.reconnectTimer) {
+      clearTimeout(this.reconnectTimer);
+      this.reconnectTimer = null;
+    }
+    if (this.ws) {
+      this.ws.close();
+      this.ws = null;
+    }
+  }
+  reconnect(newToken) {
+    if (newToken)
+      this.accessToken = newToken;
+    this.reconnectAttempts = 0;
+    if (this.ws) {
+      this.ws.close();
+      this.ws = null;
+    }
+    this.connect();
+  }
+  subscribe(tokens, callback) {
+    const id = nextSubId5();
+    const sub = { id, tokens, callback };
+    this.subscriptions.set(id, sub);
+    const newTokens = [];
+    for (const t of tokens) {
+      if (!this.subscribedTokens.has(t)) {
+        this.subscribedTokens.add(t);
+        newTokens.push(t);
+      }
+    }
+    if (this.state === "DISCONNECTED") {
+      this.connect();
+    } else if (newTokens.length > 0 && this.state === "CONNECTED") {
+      this.sendSubscription("Subscribe", newTokens);
+    }
+    return sub;
+  }
+  unsubscribe(sub) {
+    this.subscriptions.delete(sub.id);
+    const stillNeeded = new Set;
+    for (const [, s] of this.subscriptions) {
+      for (const t of s.tokens)
+        stillNeeded.add(t);
+    }
+    const toRemove = sub.tokens.filter((t) => !stillNeeded.has(t));
+    for (const t of toRemove)
+      this.subscribedTokens.delete(t);
+    if (toRemove.length > 0 && this.state === "CONNECTED") {
+      this.sendSubscription("Unsubscribe", toRemove);
+    }
+    if (this.subscriptions.size === 0) {
+      this.disconnect();
+    }
+  }
+  setSymbolMap(map) {
+    for (const [k, v] of map) {
+      this.tokenToSymbol.set(k, v);
+    }
+  }
+  getConnectionState() {
+    return this.state;
+  }
+  sendSubscription(operation, tokens) {
+    if (!this.ws || this.ws.readyState !== WS3.OPEN)
+      return;
+    const feedData = tokens.map((token) => {
+      const parts = token.split(":");
+      if (parts.length === 3) {
+        return { Exch: parts[0], ExchType: parts[1], ScripCode: parseInt(parts[2], 10) };
+      }
+      if (parts.length === 2) {
+        return { Exch: parts[0], ExchType: "C", ScripCode: parseInt(parts[1], 10) };
+      }
+      return { Exch: "N", ExchType: "C", ScripCode: parseInt(parts[0], 10) };
+    });
+    const payload = {
+      Method: "MarketFeedV3",
+      Operation: operation,
+      ClientCode: this.clientCode,
+      MarketFeedData: feedData
+    };
+    this.ws.send(JSON.stringify(payload));
+  }
+  handleMessage(data) {
+    try {
+      const raw = typeof data === "string" ? data : data.toString("utf-8");
+      const parsed = JSON.parse(raw);
+      const items = Array.isArray(parsed) ? parsed : [parsed];
+      for (const item of items) {
+        if (item.ReqType)
+          continue;
+        if (item.OpenInterest !== undefined && item.LastRate === undefined)
+          continue;
+        if (!item.Token && !item.LastRate)
+          continue;
+        const token = String(item.Token ?? "");
+        const symbolLookup = this.tokenToSymbol.get(token);
+        const tick = {
+          broker: "fivepaisa",
+          token,
+          tradingSymbol: symbolLookup ?? item.Symbol ?? token,
+          ltp: num3(item.LastRate),
+          open: num3(item.OpenRate),
+          high: num3(item.High),
+          low: num3(item.Low),
+          close: num3(item.PClose),
+          volume: num3(item.TotalQty),
+          oi: item.OpenInterest ? num3(item.OpenInterest) : undefined,
+          bid: num3(item.BidRate),
+          ask: num3(item.OffRate),
+          bidQty: num3(item.BidQty),
+          askQty: num3(item.OffQty),
+          timestamp: Date.now()
+        };
+        this.dispatch(tick);
+      }
+    } catch {}
+  }
+  dispatch(tick) {
+    for (const [, sub] of this.subscriptions) {
+      if (sub.tokens.some((t) => t === tick.token || t.endsWith(`:${tick.token}`))) {
+        sub.callback(tick);
+      }
+    }
+  }
+  scheduleReconnect() {
+    if (this.reconnectAttempts >= this.maxReconnects)
+      return;
+    if (this.subscriptions.size === 0)
+      return;
+    this.reconnectAttempts++;
+    this.state = "RECONNECTING";
+    const delay = Math.min(1000 * Math.pow(2, this.reconnectAttempts - 1), 30000);
+    this.reconnectTimer = setTimeout(() => {
+      this.reconnectTimer = null;
+      this.connect();
+    }, delay);
+  }
+}
+function num3(val) {
+  if (val === undefined || val === null || val === "")
+    return 0;
+  const n = Number(val);
+  return isNaN(n) ? 0 : n;
+}
+
+// src/brokers/fivepaisa/fivepaisa-instruments.ts
+var SEGMENTS = ["nse_eq", "nse_fo", "bse_eq", "bse_fo", "mcx_fo", "nse_currency"];
+function mapExchange(exch, exchType) {
+  if (exch === "M")
+    return "MCX";
+  if (exchType === "D")
+    return exch === "B" ? "BFO" : "NFO";
+  if (exchType === "U")
+    return "CDS";
+  if (exch === "B")
+    return "BSE";
+  return "NSE";
+}
+function mapInstrumentType4(scripType, expiry) {
+  const upper = (scripType ?? "").toUpperCase();
+  if (upper === "CE")
+    return "CE";
+  if (upper === "PE")
+    return "PE";
+  if (upper === "XX")
+    return expiry ? "FUT" : "EQ";
+  if (upper === "EQ" || upper === "")
+    return "EQ";
+  return "FUT";
+}
+function parseExpiry4(raw) {
+  if (!raw || raw === "")
+    return;
+  const d = new Date(raw);
+  return isNaN(d.getTime()) ? undefined : d;
+}
+function parseStrike4(raw) {
+  const n = parseFloat(raw);
+  return isNaN(n) || n === 0 ? undefined : n;
+}
+
+class FivePaisaInstruments {
+  capabilities = {
+    bulkDump: true,
+    searchAPI: false,
+    rawFileCache: true,
+    rawFilePath: "data/instruments/fivepaisa-instruments.csv"
+  };
+  accessToken = "";
+  clientCode = "";
+  setCredentials(clientCode, accessToken) {
+    this.clientCode = clientCode;
+    this.accessToken = accessToken;
+  }
+  async* streamDump() {
+    for (const segment of SEGMENTS) {
+      const url = `${FIVEPAISA_SCRIP_MASTER_BASE}/${segment}`;
+      try {
+        const response = await fetch(url);
+        if (!response.ok)
+          continue;
+        const text = await response.text();
+        const lines = text.split(`
+`);
+        let headers = null;
+        for (const line of lines) {
+          const trimmed = line.trim();
+          if (!trimmed)
+            continue;
+          const fields = trimmed.split(",");
+          if (!headers) {
+            headers = fields.map((h) => h.trim());
+            continue;
+          }
+          const row = { _segment: segment };
+          for (let i = 0;i < headers.length && i < fields.length; i++) {
+            row[headers[i]] = fields[i]?.trim() ?? "";
+          }
+          yield row;
+        }
+      } catch {
+        continue;
+      }
+    }
+  }
+  normalize(raw) {
+    const f = raw;
+    const exch = f["Exch"] ?? "N";
+    const exchType = f["ExchType"] ?? "C";
+    const scripCode = f["ScripCode"] ?? "";
+    const scripData = f["ScripData"] ?? "";
+    const name = f["Name"] ?? "";
+    const fullName = f["FullName"] ?? "";
+    const scripType = f["ScripType"] ?? "";
+    const strikeRate = f["StrikeRate"] ?? "";
+    const expiry = f["Expiry"] ?? "";
+    const isin = f["ISIN"] ?? "";
+    const lotSize = parseInt(f["LotSize"] ?? "1", 10) || 1;
+    const tickSize = parseFloat(f["TickSize"] ?? "0.05") || 0.05;
+    const symbolRoot = f["SymbolRoot"] ?? "";
+    const exchange = mapExchange(exch, exchType);
+    const isIndex = scripCode.startsWith("9999");
+    const instrumentType = isIndex ? "IDX" : mapInstrumentType4(scripType, expiry);
+    const tradingSymbol = scripData || name || fullName;
+    const underlying = instrumentType === "EQ" ? name || symbolRoot || tradingSymbol : symbolRoot || name || tradingSymbol.replace(/\d.*/g, "").trim();
+    return {
+      tradingSymbol,
+      exchange,
+      instrumentType,
+      underlying,
+      expiry: parseExpiry4(expiry),
+      strike: parseStrike4(strikeRate),
+      lotSize,
+      tickSize,
+      brokerToken: scripCode,
+      brokerSymbol: scripData,
+      raw
+    };
+  }
+}
+
+// src/brokers/fivepaisa/FivePaisaBroker.ts
+class FivePaisaBroker {
+  id = "fivepaisa";
+  name = "5paisa";
+  instruments;
+  has = {
+    bulkDump: true,
+    searchAPI: false,
+    optionChain: false,
+    historicalCandles: true,
+    websocket: true,
+    pnlReport: false
+  };
+  session = null;
+  socket = null;
+  credentials = null;
+  instrumentsImpl;
+  _iMaster;
+  constructor(options) {
+    this.instrumentsImpl = new FivePaisaInstruments;
+    this.instruments = this.instrumentsImpl;
+    this._iMaster = new InstrumentMaster(options);
+  }
+  async authenticate(creds) {
+    const result = creds.accessToken ? await authenticateWithToken(creds) : await authenticate4(creds);
+    if (!result.ok)
+      return result;
+    this.credentials = creds;
+    this.session = result.value;
+    this.instrumentsImpl.setCredentials(this.session.userId, this.session.accessToken);
+    return result;
+  }
+  async refreshSession(session) {
+    return refreshSession4(session);
+  }
+  isSessionValid() {
+    return isSessionValid4(this.session);
+  }
+  getSessionExpiry() {
+    if (!this.session)
+      return null;
+    return new Date(this.session.expiresAt);
+  }
+  getSession() {
+    return this.session;
+  }
+  async sync(force) {
+    return this._iMaster.syncBroker(this.id, this.instruments, force);
+  }
+  resolve(input) {
+    return this._iMaster.resolve(input);
+  }
+  search(query, exchange, instrumentType, limit) {
+    return this._iMaster.search(query, exchange, instrumentType, limit);
+  }
+  async placeOrder(params) {
+    try {
+      const exchange = params.exchange ?? "NSE";
+      const clientCode = this.session?.userId ?? "";
+      const appSource = parseInt(this.credentials?.appSource ?? "0", 10) || 0;
+      let scripCode = 0;
+      const resolveKey = `${exchange}:${params.tradingSymbol}`;
+      const resolved = this.resolve(resolveKey);
+      if (resolved.ok && resolved.value.brokerTokens.fivepaisa?.scripCode) {
+        scripCode = parseInt(resolved.value.brokerTokens.fivepaisa.scripCode, 10);
+      }
+      if (scripCode === 0) {
+        const results = this.search(params.tradingSymbol, exchange, undefined, 5);
+        for (const r of results) {
+          if (r.brokerTokens.fivepaisa?.scripCode) {
+            scripCode = parseInt(r.brokerTokens.fivepaisa.scripCode, 10);
+            break;
+          }
+        }
+      }
+      if (scripCode === 0) {
+        return Err(new Error(`Cannot resolve ScripCode for ${params.tradingSymbol} on ${exchange}`));
+      }
+      const body = toOrderPayload({ ...params, exchange }, clientCode, appSource);
+      body.ScripCode = scripCode;
+      const payload = {
+        head: { ...this.buildHead(), requestCode: REQUEST_CODES.PLACE_ORDER },
+        body
+      };
+      const res = await this.post(ROUTES.PLACE_ORDER, payload);
+      console.log("[5paisa] PlaceOrder response:", JSON.stringify(res));
+      const brokerOid = res.BrokerOrderID ?? 0;
+      const isRejected = (res.Status ?? 0) !== 0 || (res.RMSResponseCode ?? 0) < 0 || (res.Message ?? "").toLowerCase().includes("rejected");
+      if (isRejected) {
+        return Err(new Error(res.Message ?? `Order rejected (Status=${res.Status}, RMS=${res.RMSResponseCode})`));
+      }
+      if (brokerOid === 0) {
+        return Err(new Error(`Order placement failed: ${res.Message ?? "No BrokerOrderID returned"}`));
+      }
+      return Ok({
+        orderId: String(brokerOid),
+        brokerOrderId: String(brokerOid),
+        status: "PENDING",
+        timestamp: Date.now()
+      });
+    } catch (err) {
+      return Err(err instanceof Error ? err : new Error(String(err)));
+    }
+  }
+  async modifyOrder(orderId, params) {
+    try {
+      const body = {
+        ExchOrderID: orderId,
+        Qty: params.quantity,
+        Price: params.price
+      };
+      const payload = {
+        head: { ...this.buildHead(), requestCode: REQUEST_CODES.MODIFY_ORDER },
+        body: { ...this.buildBody(), ...body }
+      };
+      const res = await this.post(ROUTES.MODIFY_ORDER, payload);
+      return Ok({
+        orderId: String(res.ExchOrderID ?? orderId),
+        brokerOrderId: String(res.BrokerOrderID ?? ""),
+        status: "OPEN",
+        timestamp: Date.now()
+      });
+    } catch (err) {
+      return Err(err instanceof Error ? err : new Error(String(err)));
+    }
+  }
+  async cancelOrder(orderId) {
+    try {
+      const payload = {
+        head: { ...this.buildHead(), requestCode: REQUEST_CODES.CANCEL_ORDER },
+        body: { ...this.buildBody(), ExchOrderID: orderId }
+      };
+      await this.post(ROUTES.CANCEL_ORDER, payload);
+      return Ok({
+        orderId,
+        status: "CANCELLED",
+        timestamp: Date.now()
+      });
+    } catch (err) {
+      return Err(err instanceof Error ? err : new Error(String(err)));
+    }
+  }
+  async getOrders() {
+    try {
+      const payload = {
+        head: { ...this.buildHead(), requestCode: REQUEST_CODES.ORDER_BOOK },
+        body: this.buildBody()
+      };
+      const res = await this.post(ROUTES.ORDER_BOOK, payload);
+      if (!res.OrderBookDetail || res.OrderBookDetail.length === 0) {
+        return Ok([]);
+      }
+      return Ok(res.OrderBookDetail.map(fromOrder4));
+    } catch (err) {
+      return Err(err instanceof Error ? err : new Error(String(err)));
+    }
+  }
+  async getOrderHistory(orderId) {
+    try {
+      const ordersResult = await this.getOrders();
+      if (!ordersResult.ok)
+        return Err(ordersResult.error);
+      const matching = ordersResult.value.filter((o) => o.brokerOrderId === orderId || o.orderId === orderId);
+      if (matching.length === 0)
+        return Ok([]);
+      const order = matching[0];
+      let avgPrice = order.averagePrice ?? 0;
+      if (order.status === "FILLED" && avgPrice === 0) {
+        try {
+          const tradePayload = {
+            head: { ...this.buildHead(), requestCode: REQUEST_CODES.TRADE_BOOK },
+            body: this.buildBody()
+          };
+          const tradeRes = await this.post(ROUTES.TRADE_BOOK, tradePayload);
+          const trades = tradeRes.TradeBookDetail?.filter((t) => String(t.BrokerOrderId) === orderId) ?? [];
+          if (trades.length > 0) {
+            const totalQty = trades.reduce((s, t) => s + (t.Qty ?? 0), 0);
+            const totalVal = trades.reduce((s, t) => s + (t.Rate ?? 0) * (t.Qty ?? 0), 0);
+            avgPrice = totalQty > 0 ? totalVal / totalQty : 0;
+          }
+        } catch {}
+      }
+      const updates = matching.map((o) => ({
+        orderId: o.brokerOrderId || o.orderId,
+        status: o.status,
+        filledQty: o.filledQty ?? 0,
+        averagePrice: o === order ? avgPrice : o.averagePrice ?? 0,
+        timestamp: Date.now(),
+        message: ""
+      }));
+      return Ok(updates);
+    } catch (err) {
+      return Err(err instanceof Error ? err : new Error(String(err)));
+    }
+  }
+  async getPositions() {
+    try {
+      const payload = {
+        head: { ...this.buildHead(), requestCode: REQUEST_CODES.POSITIONS },
+        body: this.buildBody()
+      };
+      const res = await this.post(ROUTES.POSITIONS, payload);
+      if (!res.NetPositionDetail || res.NetPositionDetail.length === 0) {
+        return Ok([]);
+      }
+      return Ok(res.NetPositionDetail.map(fromPosition4));
+    } catch (err) {
+      return Err(err instanceof Error ? err : new Error(String(err)));
+    }
+  }
+  async getHoldings() {
+    try {
+      const payload = {
+        head: { ...this.buildHead(), requestCode: REQUEST_CODES.HOLDINGS },
+        body: this.buildBody()
+      };
+      const res = await this.post(ROUTES.HOLDINGS, payload);
+      if (!res.Data || res.Data.length === 0) {
+        return Ok([]);
+      }
+      return Ok(res.Data.map(fromHolding4));
+    } catch (err) {
+      return Err(err instanceof Error ? err : new Error(String(err)));
+    }
+  }
+  async getLTP(symbols) {
+    try {
+      const result = new Map;
+      const feedData = this.parseSymbolsToFeedData(symbols);
+      const payload = {
+        head: { key: this.credentials?.userKey ?? this.credentials?.apiKey ?? "" },
+        body: {
+          MarketFeedData: feedData,
+          LastRequestTime: "/Date(0)/",
+          RefreshRate: "H"
+        }
+      };
+      const res = await this.post(ROUTES.MARKET_FEED_V1, payload);
+      if (res.Data && Array.isArray(res.Data)) {
+        for (let i = 0;i < res.Data.length; i++) {
+          result.set(symbols[i], res.Data[i].LastRate ?? 0);
+        }
+      }
+      return Ok(result);
+    } catch (err) {
+      return Err(err instanceof Error ? err : new Error(String(err)));
+    }
+  }
+  async getQuote(symbols) {
+    try {
+      const result = new Map;
+      const feedData = this.parseSymbolsToFeedData(symbols);
+      const payload = {
+        head: { key: this.credentials?.userKey ?? this.credentials?.apiKey ?? "" },
+        body: {
+          MarketFeedData: feedData,
+          LastRequestTime: "/Date(0)/",
+          RefreshRate: "H"
+        }
+      };
+      const res = await this.post(ROUTES.MARKET_FEED_V1, payload);
+      if (res.Data && Array.isArray(res.Data)) {
+        for (let i = 0;i < res.Data.length; i++) {
+          result.set(symbols[i], fromMarketFeed(res.Data[i]));
+        }
+      }
+      return Ok(result);
+    } catch (err) {
+      return Err(err instanceof Error ? err : new Error(String(err)));
+    }
+  }
+  async getOptionChain(_underlying, _expiry) {
+    return Err(new Error("5paisa does not expose a direct option chain API via OpenAPI."));
+  }
+  async getCandles(symbol, interval, from, to) {
+    try {
+      const token = this.session?.accessToken ?? "";
+      const parts = symbol.split(":");
+      let exch = "N";
+      let exchType = "C";
+      let scripCode = "";
+      if (parts.length === 3) {
+        exch = parts[0];
+        exchType = parts[1];
+        scripCode = parts[2];
+      } else if (parts.length === 2) {
+        exch = parts[0];
+        scripCode = parts[1];
+      } else {
+        scripCode = parts[0];
+      }
+      const timeframe = CANDLE_INTERVAL_TO_5P[interval] ?? "1d";
+      const fromStr = from.toISOString().slice(0, 10);
+      const toStr = to.toISOString().slice(0, 10);
+      const url = `${FIVEPAISA_HISTORICAL_BASE}/${exch}/${exchType}/${scripCode}/${timeframe}?from=${fromStr}&end=${toStr}`;
+      const res = await fetch(url, {
+        headers: {
+          "Content-Type": "application/json",
+          Authorization: `bearer ${token}`
+        }
+      });
+      const text = await res.text();
+      let json;
+      try {
+        json = JSON.parse(text);
+      } catch {
+        return Err(new Error(`Historical API returned non-JSON (${res.status}): ${text.slice(0, 200)}`));
+      }
+      if (json.status !== "success" && json.message) {
+        return Err(new Error(`Historical API error: ${json.message}`));
+      }
+      const rawCandles = json.data?.candles;
+      if (!Array.isArray(rawCandles))
+        return Ok([]);
+      const candles = rawCandles.map((c) => ({
+        timestamp: new Date(String(c[0])).getTime(),
+        open: Number(c[1]) || 0,
+        high: Number(c[2]) || 0,
+        low: Number(c[3]) || 0,
+        close: Number(c[4]) || 0,
+        volume: Number(c[5]) || 0
+      }));
+      return Ok(candles);
+    } catch (err) {
+      return Err(err instanceof Error ? err : new Error(String(err)));
+    }
+  }
+  toBrokerToken(instrument, _format = "ws") {
+    const fp = instrument.brokerTokens.fivepaisa;
+    if (!fp?.scripCode)
+      return null;
+    const exch = EXCHANGE_TO_5P[instrument.exchange] ?? "N";
+    const exchType = fp.exchangeType ?? EXCHANGE_TYPE_MAP[instrument.exchange] ?? "C";
+    return `${exch}:${exchType}:${fp.scripCode}`;
+  }
+  getIndexTokens(format = "ws") {
+    const result = new Map;
+    for (const inst of this._iMaster.getIndices()) {
+      const token = this.toBrokerToken(inst, format);
+      if (token)
+        result.set(inst.underlying.toUpperCase(), token);
+    }
+    return result;
+  }
+  subscribeTicks(tokens, cb) {
+    this.ensureSocket();
+    return this.socket.subscribe(tokens, cb);
+  }
+  unsubscribeTicks(sub) {
+    if (this.socket) {
+      this.socket.unsubscribe(sub);
+    }
+  }
+  getConnectionState() {
+    return this.socket?.getConnectionState() ?? "DISCONNECTED";
+  }
+  async getMargins() {
+    try {
+      const payload = {
+        head: { ...this.buildHead(), requestCode: REQUEST_CODES.MARGIN },
+        body: this.buildBody()
+      };
+      const res = await this.post(ROUTES.MARGIN, payload);
+      if (!res.EquityMargin || res.EquityMargin.length === 0) {
+        return Err(new Error(`Failed to fetch margins: ${res.Message ?? "no EquityMargin in response"}`));
+      }
+      const m = res.EquityMargin[0];
+      const available = Number(m.AvailableMargin ?? m.NetAvailableMargin ?? 0);
+      const used = Number(m.MarginUsed ?? 0);
+      const collateral = Number(m.Collateral ?? 0);
+      const total = available + used;
+      return Ok({
+        available,
+        used,
+        total,
+        collateral,
+        segments: {
+          equity: { available, used }
+        }
+      });
+    } catch (err) {
+      return Err(err instanceof Error ? err : new Error(String(err)));
+    }
+  }
+  async getFunds() {
+    try {
+      const margins = await this.getMargins();
+      if (!margins.ok)
+        return margins;
+      return Ok({
+        equity: margins.value.available,
+        commodity: 0,
+        total: margins.value.available
+      });
+    } catch (err) {
+      return Err(err instanceof Error ? err : new Error(String(err)));
+    }
+  }
+  async getTradeHistory(_from, _to) {
+    try {
+      const payload = {
+        head: { ...this.buildHead(), requestCode: REQUEST_CODES.TRADE_BOOK },
+        body: this.buildBody()
+      };
+      const res = await this.post(ROUTES.TRADE_BOOK, payload);
+      if (!res.TradeBookDetail || res.TradeBookDetail.length === 0) {
+        return Ok([]);
+      }
+      return Ok(res.TradeBookDetail.map(fromTradeBookEntry));
+    } catch (err) {
+      return Err(err instanceof Error ? err : new Error(String(err)));
+    }
+  }
+  async getPnLReport(_from, _to) {
+    return Err(new Error("5paisa does not expose a direct PnL report API."));
+  }
+  parseSymbolsToFeedData(symbols) {
+    return symbols.map((sym) => {
+      const parts = sym.split(":");
+      if (parts.length === 3) {
+        return { Exch: parts[0], ExchType: parts[1], ScripCode: parseInt(parts[2], 10) };
+      }
+      if (parts.length === 2) {
+        return { Exch: parts[0], ExchType: "C", ScripCode: parseInt(parts[1], 10) };
+      }
+      return { Exch: "N", ExchType: "C", ScripCode: parseInt(parts[0], 10) };
+    });
+  }
+  buildHead() {
+    return {
+      appName: this.credentials?.appName ?? "",
+      appVer: "1.0",
+      key: this.credentials?.userKey ?? this.credentials?.apiKey ?? "",
+      osName: "WEB",
+      requestCode: "",
+      userId: this.credentials?.userId ?? "",
+      password: this.credentials?.password ?? ""
+    };
+  }
+  buildBody() {
+    return {
+      ClientCode: this.session?.userId ?? ""
+    };
+  }
+  async post(url, payload) {
+    if (!this.session)
+      throw new Error("Not authenticated");
+    console.log(`[5paisa] POST ${url}`);
+    console.log(`[5paisa] Payload:`, JSON.stringify(payload).slice(0, 500));
+    const response = await fetch(url, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        Authorization: `Bearer ${this.session.accessToken}`
+      },
+      body: JSON.stringify(payload)
+    });
+    const text = await response.text();
+    let json;
+    try {
+      json = JSON.parse(text);
+    } catch {
+      throw new Error(`5paisa API error (${response.status}): non-JSON response: ${text.slice(0, 200)}`);
+    }
+    if (!json.body) {
+      throw new Error(`5paisa API error (${response.status}): no body in response`);
+    }
+    return json.body;
+  }
+  ensureSocket() {
+    if (!this.session)
+      throw new Error("Cannot create socket without an active session");
+    if (this.socket) {
+      if (this.socket.getConnectionState() === "DISCONNECTED") {
+        this.socket.reconnect(this.session.accessToken);
+      }
+      return;
+    }
+    this.socket = new FivePaisaSocket(this.session.userId, this.session.accessToken);
+    this.socket.connect();
+  }
+}
 // src/index.ts
-var VERSION = "0.3.0";
 function createBroker(brokerId, options) {
   switch (brokerId) {
     case "zerodha":
@@ -24260,6 +25884,8 @@ function createBroker(brokerId, options) {
       return new FinvasiaBroker(options);
     case "dhan":
       return new DhanBroker(options);
+    case "fivepaisa":
+      return new FivePaisaBroker(options);
     case "paper":
       return new PaperBroker(options);
     default: {
@@ -24275,7 +25901,6 @@ export {
   createBroker,
   ZerodhaBroker,
   WSManager,
-  VERSION,
   SessionManager,
   SessionExpiredError,
   RateLimitError,
@@ -24285,6 +25910,7 @@ export {
   NsekitError,
   InstrumentNotFoundError,
   InstrumentMaster,
+  FivePaisaBroker,
   FinvasiaBroker,
   Err,
   DhanBroker,