payid 0.2.7 → 0.2.9

package/dist/decision-proof/generate.d.ts

@@ -0,0 +1,13 @@
+import type { DecisionProof } from "./types";
+import { ethers } from "ethers";
+export declare function generateDecisionProof(params: {
+    payId: string;
+    owner: string;
+    decision: "ALLOW" | "REJECT";
+    context: any;
+    ruleConfig: any;
+    signer: ethers.Signer;
+    chainId: number;
+    verifyingContract: string;
+    ttlSeconds?: number;
+}): Promise<DecisionProof>;

package/dist/decision-proof/generate.js

@@ -0,0 +1,20 @@
+import { randomBytes } from "crypto";
+import { hashContext, hashRuleSet } from "./hash";
+import { signDecision } from "./sign";
+export async function generateDecisionProof(params) {
+    const issuedAt = Math.floor(Date.now() / 1000);
+    const expiresAt = issuedAt + (params.ttlSeconds ?? 60);
+    const payload = {
+        version: "payid.decision.v1",
+        payId: params.payId,
+        owner: params.owner,
+        decision: params.decision === "ALLOW" ? 1 : 0,
+        contextHash: hashContext(params.context),
+        ruleSetHash: hashRuleSet(params.ruleConfig),
+        issuedAt,
+        expiresAt,
+        nonce: `0x${randomBytes(32).toString("hex")}`
+    };
+    const signature = await signDecision(params.signer, params.chainId, params.verifyingContract, payload);
+    return { payload, signature };
+}

package/dist/decision-proof/hash.d.ts

@@ -0,0 +1,2 @@
+export declare function hashContext(context: any): string;
+export declare function hashRuleSet(ruleConfig: any): string;

package/dist/decision-proof/hash.js

@@ -0,0 +1,21 @@
+import { keccak256 } from "ethers";
+/**
+ * NOTE:
+ * Untuk v1, JSON stringify yang sudah distabilkan
+ * (keys sorted). WAJIB untuk golden tests.
+ */
+function stableStringify(obj) {
+    if (Array.isArray(obj)) {
+        return `[${obj.map(stableStringify).join(",")}]`;
+    }
+    if (obj && typeof obj === "object") {
+        return `{${Object.keys(obj).sort().map(k => `"${k}":${stableStringify(obj[k])}`).join(",")}}`;
+    }
+    return JSON.stringify(obj);
+}
+export function hashContext(context) {
+    return keccak256(Buffer.from(stableStringify(context)));
+}
+export function hashRuleSet(ruleConfig) {
+    return keccak256(Buffer.from(stableStringify(ruleConfig)));
+}

package/dist/decision-proof/sign.d.ts

@@ -0,0 +1,3 @@
+import { ethers } from "ethers";
+import type { DecisionPayload } from "./types";
+export declare function signDecision(signer: ethers.Signer, chainId: number, verifyingContract: string, payload: DecisionPayload): Promise<string>;

package/dist/decision-proof/sign.js

@@ -0,0 +1,28 @@
+export async function signDecision(signer, chainId, verifyingContract, payload) {
+    const domain = {
+        name: "PAY.ID Decision",
+        version: "1",
+        chainId,
+        verifyingContract
+    };
+    const types = {
+        Decision: [
+            { name: "version", type: "string" },
+            { name: "payId", type: "string" },
+            { name: "owner", type: "address" },
+            { name: "decision", type: "uint8" },
+            { name: "contextHash", type: "bytes32" },
+            { name: "ruleSetHash", type: "bytes32" },
+            { name: "issuedAt", type: "uint64" },
+            { name: "expiresAt", type: "uint64" },
+            { name: "nonce", type: "bytes32" }
+        ]
+    };
+    if (typeof signer.signTypedData === "function") {
+        return await signer.signTypedData(domain, types, payload);
+    }
+    if (typeof signer._signTypedData === "function") {
+        return await signer._signTypedData(domain, types, payload);
+    }
+    throw new Error("Signer does not support EIP-712 signing (signTypedData)");
+}

package/dist/decision-proof/types.d.ts

@@ -0,0 +1,16 @@
+export type DecisionValue = 0 | 1;
+export interface DecisionPayload {
+    version: "payid.decision.v1";
+    payId: string;
+    owner: string;
+    decision: DecisionValue;
+    contextHash: string;
+    ruleSetHash: string;
+    issuedAt: number;
+    expiresAt: number;
+    nonce: string;
+}
+export interface DecisionProof {
+    payload: DecisionPayload;
+    signature: string;
+}

package/dist/decision-proof/types.js

@@ -0,0 +1 @@
+export {};

package/dist/erc4337/build.d.ts

@@ -0,0 +1,2 @@
+import type { DecisionProof } from "../decision-proof/types";
+export declare function buildPayCallData(contractAddress: string, proof: DecisionProof): string;

package/dist/erc4337/build.js

@@ -0,0 +1,10 @@
+import { ethers } from "ethers";
+export function buildPayCallData(contractAddress, proof) {
+    const iface = new ethers.Interface([
+        "function pay(bytes payload, bytes signature)"
+    ]);
+    return iface.encodeFunctionData("pay", [
+        ethers.toUtf8Bytes(JSON.stringify(proof.payload)),
+        proof.signature
+    ]);
+}

package/dist/erc4337/types.d.ts

@@ -0,0 +1,13 @@
+export interface UserOperation {
+    sender: string;
+    nonce: string;
+    initCode: string;
+    callData: string;
+    callGasLimit: string;
+    verificationGasLimit: string;
+    preVerificationGas: string;
+    maxFeePerGas: string;
+    maxPriorityFeePerGas: string;
+    paymasterAndData: string;
+    signature: string;
+}

package/dist/erc4337/types.js

@@ -0,0 +1 @@
+export {};

package/dist/erc4337/userop.d.ts

@@ -0,0 +1,15 @@
+import type { UserOperation } from "./types";
+export declare function buildUserOperation(params: {
+    sender: string;
+    callData: string;
+    nonce: string;
+    gas: {
+        callGasLimit: string;
+        verificationGasLimit: string;
+        preVerificationGas: string;
+        maxFeePerGas: string;
+        maxPriorityFeePerGas: string;
+    };
+    initCode?: string;
+    paymasterAndData?: string;
+}): UserOperation;

package/dist/erc4337/userop.js

@@ -0,0 +1,15 @@
+export function buildUserOperation(params) {
+    return {
+        sender: params.sender,
+        nonce: params.nonce,
+        initCode: params.initCode ?? "0x",
+        callData: params.callData,
+        callGasLimit: params.gas.callGasLimit,
+        verificationGasLimit: params.gas.verificationGasLimit,
+        preVerificationGas: params.gas.preVerificationGas,
+        maxFeePerGas: params.gas.maxFeePerGas,
+        maxPriorityFeePerGas: params.gas.maxPriorityFeePerGas,
+        paymasterAndData: params.paymasterAndData ?? "0x",
+        signature: "0x" // signed later by smart account
+    };
+}

package/dist/evaluate.d.ts

@@ -0,0 +1,4 @@
+import type { RuleContext, RuleResult, RuleConfig } from "payid-types";
+export declare function evaluate(wasmBinary: Buffer, context: RuleContext, ruleConfig: RuleConfig, options?: {
+    trustedIssuers?: Set<string>;
+}): Promise<RuleResult>;

package/dist/evaluate.js

@@ -0,0 +1,46 @@
+import { executeRule } from "payid-rule-engine";
+import { normalizeContext } from "./normalize";
+import { preprocessContextV2 } from "payid-rule-engine";
+export async function evaluate(wasmBinary, context, ruleConfig, options) {
+    // ---- basic validation (v1 behavior) ----
+    if (!context || typeof context !== "object") {
+        throw new Error("evaluate(): context is required");
+    }
+    if (!context.tx) {
+        throw new Error("evaluate(): context.tx is required");
+    }
+    if (!ruleConfig || typeof ruleConfig !== "object") {
+        throw new Error("evaluate(): ruleConfig is required");
+    }
+    let result;
+    try {
+        // ---- NEW: preprocess v2 context if enabled ----
+        const preparedContext = options?.trustedIssuers
+            ? preprocessContextV2(context, ruleConfig, options.trustedIssuers)
+            : context;
+        // ---- existing normalization ----
+        const normalized = normalizeContext(preparedContext);
+        // ---- execute WASM rule engine ----
+        result = await executeRule(wasmBinary, normalized, ruleConfig);
+    }
+    catch (err) {
+        return {
+            decision: "REJECT",
+            code: "CONTEXT_OR_ENGINE_ERROR",
+            reason: err?.message ?? "rule evaluation failed"
+        };
+    }
+    // ---- output validation ----
+    if (result.decision !== "ALLOW" && result.decision !== "REJECT") {
+        return {
+            decision: "REJECT",
+            code: "INVALID_ENGINE_OUTPUT",
+            reason: "invalid decision value"
+        };
+    }
+    return {
+        decision: result.decision,
+        code: result.code || "UNKNOWN",
+        reason: result.reason
+    };
+}

package/{src/index.ts → dist/index.d.ts}

@@ -1 +1 @@
-export { PayID } from "./payid";
+export { PayID } from "./payid";

package/dist/index.js

@@ -0,0 +1 @@
+export { PayID } from "./payid";

package/dist/normalize.d.ts

@@ -0,0 +1,2 @@
+import type { RuleContext } from "payid-types";
+export declare function normalizeContext(ctx: RuleContext): RuleContext;

package/dist/normalize.js

@@ -0,0 +1,11 @@
+export function normalizeContext(ctx) {
+    return {
+        ...ctx,
+        tx: {
+            ...ctx.tx,
+            sender: ctx.tx.sender?.toLowerCase(),
+            receiver: ctx.tx.receiver?.toLowerCase(),
+            asset: ctx.tx.asset.toUpperCase()
+        }
+    };
+}

package/dist/payid.d.ts

@@ -0,0 +1,70 @@
+import type { RuleContext, RuleResult, RuleConfig } from "payid-types";
+import type { RuleSource } from "./resolver/types";
+import { ethers } from "ethers";
+import type { UserOperation } from "./erc4337/types";
+export declare class PayID {
+    private wasm;
+    constructor(wasmPath: string);
+    evaluate(context: RuleContext, ruleConfig: RuleConfig): Promise<RuleResult>;
+    evaluateAndProve(params: {
+        context: RuleContext;
+        ruleConfig: RuleConfig;
+        payId: string;
+        owner: string;
+        signer: ethers.Signer;
+        chainId: number;
+        verifyingContract: string;
+        ttlSeconds?: number;
+    }): Promise<{
+        result: RuleResult;
+        proof: import("./decision-proof/types").DecisionProof;
+    }>;
+    evaluateWithRuleSource(context: RuleContext, ruleSource: RuleSource): Promise<RuleResult>;
+    evaluateAndProveFromSource(params: {
+        context: RuleContext;
+        ruleSource: RuleSource;
+        payId: string;
+        owner: string;
+        signer: ethers.Signer;
+        chainId: number;
+        verifyingContract: string;
+        ttlSeconds?: number;
+    }): Promise<{
+        result: RuleResult;
+        proof: import("./decision-proof/types").DecisionProof;
+    } | {
+        result: {
+            decision: string;
+            code: string;
+            reason: any;
+        };
+        proof: null;
+    }>;
+    evaluateProveAndBuildUserOp(params: {
+        context: RuleContext;
+        ruleSource: {
+            uri: string;
+            hash?: string;
+        };
+        payId: string;
+        owner: string;
+        signer: ethers.Signer;
+        smartAccount: string;
+        targetContract: string;
+        nonce: string;
+        gas: {
+            callGasLimit: string;
+            verificationGasLimit: string;
+            preVerificationGas: string;
+            maxFeePerGas: string;
+            maxPriorityFeePerGas: string;
+        };
+        paymasterAndData?: string;
+        chainId: number;
+        verifyingContract: string;
+    }): Promise<{
+        result: RuleResult;
+        userOp: UserOperation | null;
+        proof: any;
+    }>;
+}

package/dist/payid.js

@@ -0,0 +1,93 @@
+import { evaluate as evaluatePolicy } from "./evaluate";
+import { generateDecisionProof } from "./decision-proof/generate";
+import { resolveRule } from "./resolver/resolver";
+import * as fs from "fs";
+import { buildPayCallData } from "./erc4337/build";
+import { buildUserOperation } from "./erc4337/userop";
+export class PayID {
+    constructor(wasmPath) {
+        this.wasm = fs.readFileSync(wasmPath);
+    }
+    async evaluate(context, ruleConfig) {
+        return evaluatePolicy(this.wasm, context, ruleConfig);
+    }
+    async evaluateAndProve(params) {
+        const result = await this.evaluate(params.context, params.ruleConfig);
+        const proof = await generateDecisionProof({
+            payId: params.payId,
+            owner: params.owner,
+            decision: result.decision,
+            context: params.context,
+            ruleConfig: params.ruleConfig,
+            signer: params.signer,
+            chainId: params.chainId,
+            verifyingContract: params.verifyingContract,
+            ttlSeconds: params.ttlSeconds
+        });
+        return { result, proof };
+    }
+    async evaluateWithRuleSource(context, ruleSource) {
+        try {
+            const { config } = await resolveRule(ruleSource);
+            return await this.evaluate(context, config);
+        }
+        catch (err) {
+            return {
+                decision: "REJECT",
+                code: "RULE_RESOLVE_ERROR",
+                reason: err?.message ?? "failed to resolve rule"
+            };
+        }
+    }
+    async evaluateAndProveFromSource(params) {
+        try {
+            const { config } = await resolveRule(params.ruleSource);
+            const result = await this.evaluate(params.context, config);
+            const proof = await generateDecisionProof({
+                payId: params.payId,
+                owner: params.owner,
+                decision: result.decision,
+                context: params.context,
+                ruleConfig: config,
+                signer: params.signer,
+                chainId: params.chainId,
+                verifyingContract: params.verifyingContract,
+                ttlSeconds: params.ttlSeconds
+            });
+            return { result, proof };
+        }
+        catch (err) {
+            return {
+                result: {
+                    decision: "REJECT",
+                    code: "RULE_RESOLVE_ERROR",
+                    reason: err?.message ?? "rule resolve failed"
+                },
+                proof: null
+            };
+        }
+    }
+    async evaluateProveAndBuildUserOp(params) {
+        const { result, proof } = await this.evaluateAndProveFromSource({
+            context: params.context,
+            ruleSource: params.ruleSource,
+            payId: params.payId,
+            owner: params.owner,
+            signer: params.signer,
+            chainId: params.chainId,
+            verifyingContract: params.verifyingContract
+        });
+        if (result.decision !== "ALLOW" || !proof) {
+            return { result: result, userOp: null, proof };
+        }
+        const callData = buildPayCallData(params.targetContract, proof);
+        const userOp = buildUserOperation({
+            sender: params.smartAccount,
+            nonce: params.nonce,
+            callData,
+            gas: params.gas,
+            paymasterAndData: params.paymasterAndData
+        });
+        return { result, userOp, proof };
+    }
+}

package/dist/resolver/http.d.ts

@@ -0,0 +1 @@
+export declare function resolveHttpRule(uri: string, expectedHash?: string): Promise<any>;

package/dist/resolver/http.js

@@ -0,0 +1,10 @@
+import { verifyHash } from "./utils";
+export async function resolveHttpRule(uri, expectedHash) {
+    const res = await fetch(uri);
+    if (!res.ok) {
+        throw new Error(`HTTP_RULE_FETCH_FAILED: ${res.status}`);
+    }
+    const text = await res.text();
+    verifyHash(text, expectedHash);
+    return JSON.parse(text);
+}

package/dist/resolver/ipfs.d.ts

@@ -0,0 +1 @@
+export declare function resolveIpfsRule(uri: string, expectedHash?: string, gateway?: string): Promise<any>;

package/dist/resolver/ipfs.js

@@ -0,0 +1,13 @@
+import { verifyHash } from "./utils";
+const DEFAULT_GATEWAY = "https://ipfs.io/ipfs/";
+export async function resolveIpfsRule(uri, expectedHash, gateway = DEFAULT_GATEWAY) {
+    const cid = uri.replace("ipfs://", "");
+    const url = `${gateway}${cid}`;
+    const res = await fetch(url);
+    if (!res.ok) {
+        throw new Error(`IPFS_RULE_FETCH_FAILED: ${res.status}`);
+    }
+    const text = await res.text();
+    verifyHash(text, expectedHash);
+    return JSON.parse(text);
+}

package/dist/resolver/resolver.d.ts

@@ -0,0 +1,2 @@
+import type { RuleSource, ResolvedRule } from "./types";
+export declare function resolveRule(source: RuleSource): Promise<ResolvedRule>;

package/dist/resolver/resolver.js

@@ -0,0 +1,19 @@
+import { resolveHttpRule } from "./http";
+import { resolveIpfsRule } from "./ipfs";
+export async function resolveRule(source) {
+    const { uri, hash } = source;
+    let config;
+    if (uri.startsWith("ipfs://")) {
+        config = await resolveIpfsRule(uri, hash);
+    }
+    else if (uri.startsWith("http://") || uri.startsWith("https://")) {
+        config = await resolveHttpRule(uri, hash);
+    }
+    else {
+        throw new Error("UNSUPPORTED_RULE_URI");
+    }
+    return {
+        config,
+        source
+    };
+}

package/dist/resolver/types.d.ts

@@ -0,0 +1,8 @@
+export interface RuleSource {
+    uri: string;
+    hash?: string;
+}
+export interface ResolvedRule {
+    config: any;
+    source: RuleSource;
+}

package/dist/resolver/types.js

@@ -0,0 +1 @@
+export {};

package/dist/resolver/utils.d.ts

@@ -0,0 +1 @@
+export declare function verifyHash(content: string, expectedHash?: string): void;

package/dist/resolver/utils.js

@@ -0,0 +1,9 @@
+import { keccak256 } from "ethers";
+export function verifyHash(content, expectedHash) {
+    if (!expectedHash)
+        return;
+    const actual = keccak256(Buffer.from(content));
+    if (actual !== expectedHash) {
+        throw new Error("RULE_HASH_MISMATCH");
+    }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "payid",
-  "version": "0.2.7",
+  "version": "0.2.9",
   "private": false,
   "type": "module",
   "main": "./dist/index.js",
@@ -10,9 +10,13 @@
     "payid-rule-engine": "^0.1.1",
     "payid-types": "^0.1.1"
   },
+  "files": [
+    "dist"
+  ],
   "scripts": {
     "build:js": "bun build src/index.ts --outdir dist --target node",
-    "build": "bun run build:js"
+    "build:build": "tsc -p tsconfig.build.json",
+    "build": "bun run build:js && bun run build:build"
   },
   "devDependencies": {
     "@types/bun": "latest"

package/index.ts

@@ -1 +0,0 @@
-export * from "./src";

package/src/decision-proof/generate.ts

@@ -1,41 +0,0 @@
-import { randomBytes } from "crypto";
-import type { DecisionPayload, DecisionProof } from "./types";
-import { hashContext, hashRuleSet } from "./hash";
-import { signDecision } from "./sign";
-import { ethers } from "ethers";
-
-export async function generateDecisionProof(params: {
-  payId: string;
-  owner: string;
-  decision: "ALLOW" | "REJECT";
-  context: any;
-  ruleConfig: any;
-  signer: ethers.Signer;
-  chainId: number;
-  verifyingContract: string;
-  ttlSeconds?: number;
-}): Promise<DecisionProof> {
-  const issuedAt = Math.floor(Date.now() / 1000);
-  const expiresAt = issuedAt + (params.ttlSeconds ?? 60);
-
-  const payload: DecisionPayload = {
-    version: "payid.decision.v1",
-    payId: params.payId,
-    owner: params.owner,
-    decision: params.decision === "ALLOW" ? 1 : 0,
-    contextHash: hashContext(params.context),
-    ruleSetHash: hashRuleSet(params.ruleConfig),
-    issuedAt,
-    expiresAt,
-    nonce: `0x${randomBytes(32).toString("hex")}`
-  };
-
-  const signature = await signDecision(
-    params.signer,
-    params.chainId,
-    params.verifyingContract,
-    payload
-  );
-
-  return { payload, signature };
-}

package/src/decision-proof/hash.ts

@@ -1,26 +0,0 @@
-import { keccak256 } from "ethers";
-
-/**
- * NOTE:
- * Untuk v1, JSON stringify yang sudah distabilkan
- * (keys sorted). WAJIB untuk golden tests.
- */
-function stableStringify(obj: any): string {
-  if (Array.isArray(obj)) {
-    return `[${obj.map(stableStringify).join(",")}]`;
-  }
-  if (obj && typeof obj === "object") {
-    return `{${Object.keys(obj).sort().map(
-      k => `"${k}":${stableStringify(obj[k])}`
-    ).join(",")}}`;
-  }
-  return JSON.stringify(obj);
-}
-
-export function hashContext(context: any): string {
-  return keccak256(Buffer.from(stableStringify(context)));
-}
-
-export function hashRuleSet(ruleConfig: any): string {
-  return keccak256(Buffer.from(stableStringify(ruleConfig)));
-}

package/src/decision-proof/sign.ts

@@ -1,42 +0,0 @@
-import { ethers } from "ethers";
-import type { DecisionPayload } from "./types";
-
-export async function signDecision(
-  signer: ethers.Signer,
-  chainId: number,
-  verifyingContract: string,
-  payload: DecisionPayload
-): Promise<string> {
-  const domain = {
-    name: "PAY.ID Decision",
-    version: "1",
-    chainId,
-    verifyingContract
-  };
-
-  const types = {
-    Decision: [
-      { name: "version", type: "string" },
-      { name: "payId", type: "string" },
-      { name: "owner", type: "address" },
-      { name: "decision", type: "uint8" },
-      { name: "contextHash", type: "bytes32" },
-      { name: "ruleSetHash", type: "bytes32" },
-      { name: "issuedAt", type: "uint64" },
-      { name: "expiresAt", type: "uint64" },
-      { name: "nonce", type: "bytes32" }
-    ]
-  };
-
-  if (typeof (signer as any).signTypedData === "function") {
-    return await (signer as any).signTypedData(domain, types, payload);
-  }
-
-  if (typeof (signer as any)._signTypedData === "function") {
-    return await (signer as any)._signTypedData(domain, types, payload);
-  }
-
-  throw new Error(
-    "Signer does not support EIP-712 signing (signTypedData)"
-  );
-}

package/src/decision-proof/types.ts

@@ -1,18 +0,0 @@
-export type DecisionValue = 0 | 1; // 1=ALLOW, 0=REJECT
-
-export interface DecisionPayload {
-  version: "payid.decision.v1";
-  payId: string;
-  owner: string;              // authority address
-  decision: DecisionValue;
-  contextHash: string;        // bytes32
-  ruleSetHash: string;        // bytes32
-  issuedAt: number;           // uint64
-  expiresAt: number;          // uint64
-  nonce: string;              // bytes32
-}
-
-export interface DecisionProof {
-  payload: DecisionPayload;
-  signature: string;          // EIP-712 signature
-}

package/src/erc4337/build.ts

@@ -1,16 +0,0 @@
-import { ethers } from "ethers";
-import type { DecisionProof } from "../decision-proof/types";
-
-export function buildPayCallData(
-  contractAddress: string,
-  proof: DecisionProof
-): string {
-  const iface = new ethers.Interface([
-    "function pay(bytes payload, bytes signature)"
-  ]);
-
-  return iface.encodeFunctionData("pay", [
-    ethers.toUtf8Bytes(JSON.stringify(proof.payload)),
-    proof.signature
-  ]);
-}

package/src/erc4337/types.ts

@@ -1,13 +0,0 @@
-export interface UserOperation {
-  sender: string;
-  nonce: string;
-  initCode: string;
-  callData: string;
-  callGasLimit: string;
-  verificationGasLimit: string;
-  preVerificationGas: string;
-  maxFeePerGas: string;
-  maxPriorityFeePerGas: string;
-  paymasterAndData: string;
-  signature: string;
-}

package/src/erc4337/userop.ts

@@ -1,30 +0,0 @@
-import type { UserOperation } from "./types";
-
-export function buildUserOperation(params: {
-  sender: string;
-  callData: string;
-  nonce: string;
-  gas: {
-    callGasLimit: string;
-    verificationGasLimit: string;
-    preVerificationGas: string;
-    maxFeePerGas: string;
-    maxPriorityFeePerGas: string;
-  };
-  initCode?: string;
-  paymasterAndData?: string;
-}): UserOperation {
-  return {
-    sender: params.sender,
-    nonce: params.nonce,
-    initCode: params.initCode ?? "0x",
-    callData: params.callData,
-    callGasLimit: params.gas.callGasLimit,
-    verificationGasLimit: params.gas.verificationGasLimit,
-    preVerificationGas: params.gas.preVerificationGas,
-    maxFeePerGas: params.gas.maxFeePerGas,
-    maxPriorityFeePerGas: params.gas.maxPriorityFeePerGas,
-    paymasterAndData: params.paymasterAndData ?? "0x",
-    signature: "0x" // signed later by smart account
-  };
-}

package/src/evaluate.ts

@@ -1,63 +0,0 @@
-import type { RuleContext, RuleResult, RuleConfig } from "payid-types";
-import { executeRule } from "payid-rule-engine";
-import { normalizeContext } from "./normalize";
-import { preprocessContextV2 } from "payid-rule-engine";
-
-export async function evaluate(
-  wasmBinary: Buffer,
-  context: RuleContext,
-  ruleConfig: RuleConfig,
-  options?: {
-    trustedIssuers?: Set<string>;
-  }
-): Promise<RuleResult> {
-  // ---- basic validation (v1 behavior) ----
-  if (!context || typeof context !== "object") {
-    throw new Error("evaluate(): context is required");
-  }
-
-  if (!context.tx) {
-    throw new Error("evaluate(): context.tx is required");
-  }
-
-  if (!ruleConfig || typeof ruleConfig !== "object") {
-    throw new Error("evaluate(): ruleConfig is required");
-  }
-
-  let result: RuleResult;
-
-  try {
-    // ---- NEW: preprocess v2 context if enabled ----
-    const preparedContext =
-      options?.trustedIssuers
-        ? preprocessContextV2(context, ruleConfig, options.trustedIssuers)
-        : context;
-
-    // ---- existing normalization ----
-    const normalized = normalizeContext(preparedContext);
-
-    // ---- execute WASM rule engine ----
-    result = await executeRule(wasmBinary, normalized, ruleConfig);
-  } catch (err: any) {
-    return {
-      decision: "REJECT",
-      code: "CONTEXT_OR_ENGINE_ERROR",
-      reason: err?.message ?? "rule evaluation failed"
-    };
-  }
-
-  // ---- output validation ----
-  if (result.decision !== "ALLOW" && result.decision !== "REJECT") {
-    return {
-      decision: "REJECT",
-      code: "INVALID_ENGINE_OUTPUT",
-      reason: "invalid decision value"
-    };
-  }
-
-  return {
-    decision: result.decision,
-    code: result.code || "UNKNOWN",
-    reason: result.reason
-  };
-}

package/src/normalize.ts

@@ -1,13 +0,0 @@
-import type { RuleContext } from "payid-types";
-
-export function normalizeContext(ctx: RuleContext): RuleContext {
-  return {
-    ...ctx,
-    tx: {
-      ...ctx.tx,
-      sender: ctx.tx.sender?.toLowerCase(),
-      receiver: ctx.tx.receiver?.toLowerCase(),
-      asset: ctx.tx.asset.toUpperCase()
-    }
-  };
-}

package/src/payid.ts

@@ -1,167 +0,0 @@
-import type { RuleContext, RuleResult, RuleConfig } from "payid-types";
-import { evaluate as evaluatePolicy } from "./evaluate";
-import { generateDecisionProof } from "./decision-proof/generate";
-import { resolveRule } from "./resolver/resolver";
-import type { RuleSource } from "./resolver/types";
-import { ethers } from "ethers";
-import fs from "fs";
-import type { UserOperation } from "./erc4337/types";
-import { buildPayCallData } from "./erc4337/build";
-import { buildUserOperation } from "./erc4337/userop";
-
-export class PayID {
-  private wasm: Buffer;
-
-  constructor(wasmPath: string) {
-    this.wasm = fs.readFileSync(wasmPath);
-  }
-
-  async evaluate(
-    context: RuleContext,
-    ruleConfig: RuleConfig
-  ): Promise<RuleResult> {
-    return evaluatePolicy(this.wasm, context, ruleConfig);
-  }
-
-
-  async evaluateAndProve(params: {
-    context: RuleContext;
-    ruleConfig: RuleConfig;
-    payId: string;
-    owner: string;
-    signer: ethers.Signer;
-    chainId: number;
-    verifyingContract: string;
-    ttlSeconds?: number;
-  }) {
-    const result = await this.evaluate(params.context, params.ruleConfig);
-
-    const proof = await generateDecisionProof({
-      payId: params.payId,
-      owner: params.owner,
-      decision: result.decision,
-      context: params.context,
-      ruleConfig: params.ruleConfig,
-      signer: params.signer,
-      chainId: params.chainId,
-      verifyingContract: params.verifyingContract,
-      ttlSeconds: params.ttlSeconds
-    });
-
-    return { result, proof };
-  }
-
-  async evaluateWithRuleSource(
-    context: RuleContext,
-    ruleSource: RuleSource
-  ): Promise<RuleResult> {
-    try {
-      const { config } = await resolveRule(ruleSource);
-      return await this.evaluate(context, config);
-    } catch (err: any) {
-      return {
-        decision: "REJECT",
-        code: "RULE_RESOLVE_ERROR",
-        reason: err?.message ?? "failed to resolve rule"
-      };
-    }
-  }
-
-  async evaluateAndProveFromSource(params: {
-    context: RuleContext;
-    ruleSource: RuleSource;
-    payId: string;
-    owner: string;
-    signer: ethers.Signer;
-    chainId: number;
-    verifyingContract: string;
-    ttlSeconds?: number;
-  }) {
-    try {
-      const { config } = await resolveRule(params.ruleSource);
-
-      const result = await this.evaluate(params.context, config);
-
-      const proof = await generateDecisionProof({
-        payId: params.payId,
-        owner: params.owner,
-        decision: result.decision,
-        context: params.context,
-        ruleConfig: config,
-        signer: params.signer,
-        chainId: params.chainId,
-        verifyingContract: params.verifyingContract,
-        ttlSeconds: params.ttlSeconds
-      });
-
-      return { result, proof };
-    } catch (err: any) {
-      return {
-        result: {
-          decision: "REJECT",
-          code: "RULE_RESOLVE_ERROR",
-          reason: err?.message ?? "rule resolve failed"
-        },
-        proof: null
-      };
-    }
-  }
-
-  async evaluateProveAndBuildUserOp(params: {
-    context: RuleContext;
-    ruleSource: { uri: string; hash?: string; };
-    payId: string;
-    owner: string;
-    signer: ethers.Signer;
-
-    // ERC-4337 specific
-    smartAccount: string;
-    targetContract: string;
-    nonce: string;
-    gas: {
-      callGasLimit: string;
-      verificationGasLimit: string;
-      preVerificationGas: string;
-      maxFeePerGas: string;
-      maxPriorityFeePerGas: string;
-    };
-    paymasterAndData?: string;
-
-    chainId: number;
-    verifyingContract: string;
-  }): Promise<{
-    result: RuleResult;
-    userOp: UserOperation | null;
-    proof: any;
-  }> {
-    const { result, proof } =
-      await this.evaluateAndProveFromSource({
-        context: params.context,
-        ruleSource: params.ruleSource,
-        payId: params.payId,
-        owner: params.owner,
-        signer: params.signer,
-        chainId: params.chainId,
-        verifyingContract: params.verifyingContract
-      });
-
-    if (result.decision !== "ALLOW" || !proof) {
-      return { result: (result as any), userOp: null, proof };
-    }
-
-    const callData = buildPayCallData(
-      params.targetContract,
-      proof
-    );
-
-    const userOp = buildUserOperation({
-      sender: params.smartAccount,
-      nonce: params.nonce,
-      callData,
-      gas: params.gas,
-      paymasterAndData: params.paymasterAndData
-    });
-
-    return { result, userOp, proof };
-  }
-}

package/src/resolver/http.ts

@@ -1,16 +0,0 @@
-import { verifyHash } from "./utils";
-
-export async function resolveHttpRule(
-  uri: string,
-  expectedHash?: string
-): Promise<any> {
-  const res = await fetch(uri);
-  if (!res.ok) {
-    throw new Error(`HTTP_RULE_FETCH_FAILED: ${res.status}`);
-  }
-
-  const text = await res.text();
-  verifyHash(text, expectedHash);
-
-  return JSON.parse(text);
-}

package/src/resolver/ipfs.ts

@@ -1,22 +0,0 @@
-import { verifyHash } from "./utils";
-
-const DEFAULT_GATEWAY = "https://ipfs.io/ipfs/";
-
-export async function resolveIpfsRule(
-  uri: string,
-  expectedHash?: string,
-  gateway = DEFAULT_GATEWAY
-): Promise<any> {
-  const cid = uri.replace("ipfs://", "");
-  const url = `${gateway}${cid}`;
-
-  const res = await fetch(url);
-  if (!res.ok) {
-    throw new Error(`IPFS_RULE_FETCH_FAILED: ${res.status}`);
-  }
-
-  const text = await res.text();
-  verifyHash(text, expectedHash);
-
-  return JSON.parse(text);
-}

package/src/resolver/resolver.ts

@@ -1,24 +0,0 @@
-import type { RuleSource, ResolvedRule } from "./types";
-import { resolveHttpRule } from "./http";
-import { resolveIpfsRule } from "./ipfs";
-
-export async function resolveRule(
-  source: RuleSource
-): Promise<ResolvedRule> {
-  const { uri, hash } = source;
-
-  let config: any;
-
-  if (uri.startsWith("ipfs://")) {
-    config = await resolveIpfsRule(uri, hash);
-  } else if (uri.startsWith("http://") || uri.startsWith("https://")) {
-    config = await resolveHttpRule(uri, hash);
-  } else {
-    throw new Error("UNSUPPORTED_RULE_URI");
-  }
-
-  return {
-    config,
-    source
-  };
-}

package/src/resolver/types.ts

@@ -1,9 +0,0 @@
-export interface RuleSource {
-  uri: string;          // ipfs://... | https://...
-  hash?: string;        // optional keccak256 hash
-}
-
-export interface ResolvedRule {
-  config: any;
-  source: RuleSource;
-}

package/src/resolver/utils.ts

@@ -1,13 +0,0 @@
-import { keccak256 } from "ethers";
-
-export function verifyHash(
-  content: string,
-  expectedHash?: string
-) {
-  if (!expectedHash) return;
-
-  const actual = keccak256(Buffer.from(content));
-  if (actual !== expectedHash) {
-    throw new Error("RULE_HASH_MISMATCH");
-  }
-}

package/tsconfig.json

@@ -1,29 +0,0 @@
-{
-  "compilerOptions": {
-    // Environment setup & latest features
-    "lib": ["ESNext"],
-    "target": "ESNext",
-    "module": "Preserve",
-    "moduleDetection": "force",
-    "jsx": "react-jsx",
-    "allowJs": true,
-
-    // Bundler mode
-    "moduleResolution": "bundler",
-    "allowImportingTsExtensions": true,
-    "verbatimModuleSyntax": true,
-    "noEmit": true,
-
-    // Best practices
-    "strict": true,
-    "skipLibCheck": true,
-    "noFallthroughCasesInSwitch": true,
-    "noUncheckedIndexedAccess": true,
-    "noImplicitOverride": true,
-
-    // Some stricter flags (disabled by default)
-    "noUnusedLocals": false,
-    "noUnusedParameters": false,
-    "noPropertyAccessFromIndexSignature": false
-  }
-}