payid 0.6.0 → 1.0.0

package/dist/issuer/index.d.ts

@@ -1,3 +1,4 @@
-export { a as issueEnvContext, b as issueOracleContext, c as issueRiskContext, d as issueStateContext, s as signAttestation } from '../index-2JCvey4-.js';
-import 'payid-types';
+export { a as issueEnvContext, b as issueOracleContext, c as issueRiskContext, d as issueStateContext, e as issueTokenPriceContext, s as signAttestation } from '../index-CDnE3SGM.js';
+import '../context.v2-DIzPotmW.js';
+import '../context.v1-C1m-tz0o.js';
 import 'ethers';

package/dist/issuer/index.js

@@ -1,4 +1,6 @@
-import "../chunk-SSO66YQI.js";
+import {
+  issueTokenPriceContext
+} from "../chunk-E6VQETBC.js";
 import {
   issueEnvContext,
   issueOracleContext,
@@ -12,5 +14,6 @@ export {
   issueOracleContext,
   issueRiskContext,
   issueStateContext,
+  issueTokenPriceContext,
   signAttestation
 };

package/dist/rule/index.d.ts

@@ -1,2 +1,2 @@
-export { a as canonicalizeRuleSet, c as combineRules, h as hashRuleSet } from '../index-Dj9IEios.js';
-import 'payid-types';
+export { c as canonicalizeRuleSet, a as combineRules, h as hashRuleSet } from '../index-CubM9whW.js';
+import '../rule-a_5ed-93.js';

package/dist/rule/index.js

@@ -1,12 +1,13 @@
-import {
-  hashRuleSet
-} from "../chunk-QC24X74O.js";
+import "../chunk-FZNMDGVK.js";
 import {
   combineRules
 } from "../chunk-GG34PNTF.js";
 import {
   canonicalizeRuleSet
 } from "../chunk-6VPSJFO4.js";
+import {
+  hashRuleSet
+} from "../chunk-X7NYQ47Y.js";
 import "../chunk-MLKGABMK.js";
 export {
   canonicalizeRuleSet,

package/dist/rule-a_5ed-93.d.ts

@@ -0,0 +1,39 @@
+interface RuleCondition {
+    field: string;
+    op: string;
+    /** Literal value OR cross-field reference prefixed with "$" (e.g. "$state.dailyLimit") */
+    value: any;
+}
+interface SimpleRule {
+    id: string;
+    if: RuleCondition;
+    message?: string;
+}
+interface MultiConditionRule {
+    id: string;
+    logic: "AND" | "OR";
+    conditions: RuleCondition[];
+    message?: string;
+}
+interface NestedRule {
+    id: string;
+    logic: "AND" | "OR";
+    rules: AnyRule[];
+    message?: string;
+}
+type AnyRule = SimpleRule | MultiConditionRule | NestedRule;
+declare function isSimpleRule(rule: AnyRule): rule is SimpleRule;
+declare function isMultiConditionRule(rule: AnyRule): rule is MultiConditionRule;
+declare function isNestedRule(rule: AnyRule): rule is NestedRule;
+interface RuleConfig {
+    version?: string;
+    logic: "AND" | "OR";
+    rules: AnyRule[];
+    /** Optional list of required context namespaces (e.g. ["oracle", "risk"]) */
+    requires?: string[];
+    message?: string;
+}
+/** @deprecated Use AnyRule instead */
+type Rule = AnyRule;
+
+export { type AnyRule as A, type MultiConditionRule as M, type NestedRule as N, type Rule as R, type SimpleRule as S, type RuleCondition as a, type RuleConfig as b, isNestedRule as c, isSimpleRule as d, isMultiConditionRule as i };

package/dist/sessionPolicy/index.d.ts

@@ -1,4 +1,4 @@
-export { S as SESSION_POLICY_V2_TYPES, b as buildSessionPolicyV2Domain, c as createSessionPolicyPayload, a as createSessionPolicyV2, d as decodeSessionPolicy, e as decodeSessionPolicyV2, g as decodeSessionPolicyV2QR, f as encodeSessionPolicyV2QR } from '../index-DSHZvYii.js';
-export { P as PayIDSessionPolicyPayloadV1, S as SessionPolicyV2 } from '../types-CpXiPRYs.js';
+export { S as SESSION_POLICY_V2_TYPES, b as buildSessionPolicyV2Domain, c as createSessionPolicyPayload, a as createSessionPolicyV2, d as decodeSessionPolicy, e as decodeSessionPolicyV2, f as decodeSessionPolicyV2QR, g as encodeSessionPolicyV2QR } from '../index-G_1SiZJo.js';
+export { P as PayIDSessionPolicyPayloadV1, S as SessionPolicyV2 } from '../types-D2o6XS7a.js';
 import 'ethers';
-import 'payid-types';
+import '../rule-a_5ed-93.js';

package/dist/sessionPolicy/index.js

@@ -1,4 +1,4 @@
-import "../chunk-Q4UZCGU4.js";
+import "../chunk-XMUHMJRD.js";
 import {
   SESSION_POLICY_V2_TYPES,
   buildSessionPolicyV2Domain,
@@ -8,7 +8,7 @@ import {
   decodeSessionPolicyV2,
   decodeSessionPolicyV2QR,
   encodeSessionPolicyV2QR
-} from "../chunk-BLIRABV7.js";
+} from "../chunk-AUW7WDAB.js";
 import "../chunk-6VPSJFO4.js";
 import "../chunk-KDC67LIN.js";
 import "../chunk-MLKGABMK.js";

package/dist/{types-CpXiPRYs.d.ts → types-D2o6XS7a.d.ts}

@@ -1,4 +1,4 @@
-import { RuleConfig } from 'payid-types';
+import { b as RuleConfig } from './rule-a_5ed-93.js';
 
 /**
  * SessionPolicy V1 — off-chain only, rule injected inline.

package/dist/types-i4eTkhWa.d.ts

@@ -0,0 +1,50 @@
+interface RuleResult {
+    decision: "ALLOW" | "REJECT";
+    code: string;
+    reason?: string;
+}
+interface RuleTraceEntry {
+    ruleId: string;
+    field: string;
+    op: string;
+    expected: any;
+    actual: any;
+    result: "PASS" | "FAIL";
+}
+interface RuleDecisionDebug {
+    trace: RuleTraceEntry[];
+}
+interface RuleResultDebug extends RuleResult {
+    debug?: RuleDecisionDebug;
+}
+
+interface DecisionPayload {
+    version: string;
+    payId: string;
+    payer: string;
+    receiver: string;
+    asset: string;
+    amount: bigint;
+    contextHash: string;
+    ruleSetHash: string;
+    ruleAuthority: string;
+    issuedAt: bigint;
+    expiresAt: bigint;
+    nonce: string;
+    requiresAttestation: boolean;
+    attestationUIDsHash: string;
+}
+interface DecisionProof {
+    payload: DecisionPayload;
+    signature: string;
+}
+
+interface RuleSource {
+    uri: string;
+    hash?: string;
+}
+interface ResolverOptions {
+    zgIndexerUrl?: string;
+}
+
+export type { DecisionPayload as D, ResolverOptions as R, DecisionProof as a, RuleDecisionDebug as b, RuleResult as c, RuleResultDebug as d, RuleSource as e, RuleTraceEntry as f };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "payid",
-  "version": "0.6.0",
+  "version": "1.0.0",
   "private": false,
   "type": "module",
   "main": "./dist/index.js",
@@ -36,31 +36,44 @@
     }
   },
   "files": [
-    "dist"
+    "dist",
+    "src/rule/engine/rule_engine.wasm"
   ],
+  "scripts": {
+    "build": "tsup",
+    "type-check": "tsc --noEmit",
+    "test": "echo 'No unit tests — add test files to run with bun test'",
+    "prepublishOnly": "bun run type-check && bun run test && bun run build",
+    "release": "release-it",
+    "release:dry": "release-it --dry-run",
+    "release:patch": "release-it patch --no-git.requireCleanWorkingDir",
+    "release:minor": "release-it minor --no-git.requireCleanWorkingDir",
+    "release:major": "release-it major --no-git.requireCleanWorkingDir"
+  },
   "dependencies": {
+    "@0gfoundation/0g-storage-ts-sdk": "^1.2.9",
     "ethers": "^6.16.0",
-    "payid-rule-engine": "^0.3.4",
-    "payid-types": "^0.2.2"
+    "wasi": "^0.0.6"
   },
   "peerDependencies": {
     "typescript": "^5.9.3"
   },
-  "scripts": {
-    "build": "tsup"
-  },
   "devDependencies": {
     "@types/bun": "latest",
+    "release-it": "^20.0.1",
     "tsup": "^8.5.1"
   },
-  "description": "pay-policy",
+  "description": "PAY.ID policy engine — evaluate payment rules and generate EIP-712 Decision Proofs",
   "repository": {
     "type": "git",
     "url": "git+https://github.com/Mad1Duck/payid.git"
   },
   "keywords": [
     "payment",
-    "policy"
+    "policy",
+    "eip-712",
+    "web3",
+    "evm"
   ],
   "author": "rahvanna",
   "license": "ISC",

package/dist/chunk-DZ6GVRER.js

@@ -1,309 +0,0 @@
-import {
-  randomHex
-} from "./chunk-KDC67LIN.js";
-
-// src/evaluate.ts
-import { executeRule, preprocessContextV2 } from "payid-rule-engine";
-
-// src/normalize.ts
-function normalizeContext(ctx) {
-  return {
-    ...ctx,
-    tx: {
-      ...ctx.tx,
-      sender: ctx.tx.sender,
-      receiver: ctx.tx.receiver,
-      asset: ctx.tx.asset
-    }
-  };
-}
-
-// src/core/dicisionTrace.ts
-function toBigIntSafe(v) {
-  try {
-    if (typeof v === "bigint") return v;
-    if (typeof v === "number" && Number.isFinite(v)) return BigInt(Math.trunc(v));
-    if (typeof v === "string" && v !== "") return BigInt(v);
-    return null;
-  } catch {
-    return null;
-  }
-}
-function resolveField(obj, fieldExpr) {
-  const [path, ...transforms] = fieldExpr.split("|");
-  let value = path?.split(".").reduce((o, k) => o?.[k], obj);
-  for (const t of transforms) {
-    if (value === void 0 || value === null) break;
-    if (t.startsWith("div:")) {
-      const n = Number(t.slice(4));
-      value = Number(value) / n;
-    } else if (t.startsWith("mod:")) {
-      const n = BigInt(t.slice(4));
-      value = BigInt(value) % n;
-    } else if (t === "abs") {
-      value = Math.abs(Number(value));
-    } else if (t === "hour") {
-      value = new Date(Number(value) * 1e3).getUTCHours();
-    } else if (t === "day") {
-      value = new Date(Number(value) * 1e3).getUTCDay();
-    } else if (t === "date") {
-      value = new Date(Number(value) * 1e3).getUTCDate();
-    } else if (t === "month") {
-      value = new Date(Number(value) * 1e3).getUTCMonth() + 1;
-    } else if (t === "len") {
-      value = String(value).length;
-    } else if (t === "lower") {
-      value = String(value).toLowerCase();
-    } else if (t === "upper") {
-      value = String(value).toUpperCase();
-    }
-  }
-  return value;
-}
-function resolveValue(context, value) {
-  if (typeof value === "string" && value.startsWith("$")) {
-    return resolveField(context, value.slice(1));
-  }
-  return value;
-}
-function evaluateCondition(actual, op, expected) {
-  switch (op) {
-    case ">=":
-    case "<=":
-    case ">":
-    case "<": {
-      const a = toBigIntSafe(actual);
-      const b = toBigIntSafe(expected);
-      if (a === null || b === null) return false;
-      if (op === ">=") return a >= b;
-      if (op === "<=") return a <= b;
-      if (op === ">") return a > b;
-      if (op === "<") return a < b;
-      return false;
-    }
-    case "==":
-      return actual == expected;
-    case "!=":
-      return actual != expected;
-    case "in":
-      return Array.isArray(expected) && expected.includes(actual);
-    case "not_in":
-      return Array.isArray(expected) && !expected.includes(actual);
-    case "between":
-      return Array.isArray(expected) && actual >= expected[0] && actual <= expected[1];
-    case "not_between":
-      return Array.isArray(expected) && !(actual >= expected[0] && actual <= expected[1]);
-    case "exists":
-      return actual !== void 0 && actual !== null;
-    case "not_exists":
-      return actual === void 0 || actual === null;
-    default:
-      return false;
-  }
-}
-function traceCondition(context, ruleId, cond) {
-  const actual = resolveField(context, cond.field);
-  const expected = resolveValue(context, cond.value);
-  const pass = evaluateCondition(actual, cond.op, expected);
-  return {
-    ruleId,
-    field: cond.field,
-    op: cond.op,
-    expected: cond.value,
-    actual,
-    result: actual === void 0 ? "FAIL" : pass ? "PASS" : "FAIL"
-  };
-}
-function traceRule(context, rule) {
-  if ("if" in rule) {
-    return [traceCondition(context, rule.id, rule.if)];
-  }
-  if ("conditions" in rule) {
-    return rule.conditions.map((cond) => traceCondition(context, rule.id, cond));
-  }
-  if ("rules" in rule) {
-    return rule.rules.flatMap((child) => traceRule(context, child));
-  }
-  return [];
-}
-function buildDecisionTrace(context, ruleConfig) {
-  return ruleConfig.rules.flatMap((rule) => traceRule(context, rule));
-}
-
-// src/evaluate.ts
-async function evaluate(context, ruleConfig, options, wasmBinary) {
-  if (!context || typeof context !== "object") {
-    throw new Error("evaluate(): context is required");
-  }
-  if (!context.tx) {
-    throw new Error("evaluate(): context.tx is required");
-  }
-  if (!ruleConfig || typeof ruleConfig !== "object") {
-    throw new Error("evaluate(): ruleConfig is required");
-  }
-  let result;
-  try {
-    const preparedContext = options?.trustedIssuers ? preprocessContextV2(context, ruleConfig, options.trustedIssuers) : context;
-    const normalized = normalizeContext(preparedContext);
-    result = await executeRule(normalized, ruleConfig, wasmBinary);
-  } catch (err) {
-    return {
-      decision: "REJECT",
-      code: "CONTEXT_OR_ENGINE_ERROR",
-      reason: err?.message ?? "rule evaluation failed"
-    };
-  }
-  if (result.decision !== "ALLOW" && result.decision !== "REJECT") {
-    return {
-      decision: "REJECT",
-      code: "INVALID_ENGINE_OUTPUT",
-      reason: "invalid decision value"
-    };
-  }
-  const baseResult = {
-    decision: result.decision,
-    code: result.code || "UNKNOWN",
-    reason: result.reason
-  };
-  if (options?.debug) {
-    return {
-      ...baseResult,
-      debug: {
-        trace: buildDecisionTrace(context, ruleConfig)
-      }
-    };
-  }
-  return baseResult;
-}
-
-// src/utils/subtle.ts
-var subtleCrypto = globalThis.crypto.subtle;
-
-// src/utils/fetchJson.ts
-async function fetchJsonWithHashCheck(url, expectedHash) {
-  const res = await fetch(url);
-  if (!res.ok) {
-    throw new Error("RULE_FETCH_FAILED");
-  }
-  const buffer = await res.arrayBuffer();
-  if (expectedHash) {
-    const digest = await subtleCrypto.digest(
-      "SHA-256",
-      buffer
-    );
-    const actualHash = bufferToHex(digest);
-    if (actualHash !== expectedHash) {
-      throw new Error("RULE_HASH_MISMATCH");
-    }
-  }
-  return JSON.parse(new TextDecoder().decode(buffer));
-}
-function bufferToHex(buffer) {
-  return [...new Uint8Array(buffer)].map((b) => b.toString(16).padStart(2, "0")).join("");
-}
-
-// src/resolver/resolver.ts
-async function resolveRule(source) {
-  const { uri, hash: hash2 } = source;
-  if (uri.startsWith("inline://")) {
-    const encoded = uri.replace("inline://", "");
-    const json = JSON.parse(atob(encoded));
-    return { config: json, source };
-  }
-  if (uri.startsWith("ipfs://")) {
-    const cid = uri.replace("ipfs://", "");
-    const url = `https://ipfs.io/ipfs/${cid}`;
-    const config = await fetchJsonWithHashCheck(url, hash2);
-    return { config, source };
-  }
-  if (uri.startsWith("http://") || uri.startsWith("https://")) {
-    const config = await fetchJsonWithHashCheck(uri, hash2);
-    return { config, source };
-  }
-  throw new Error("UNSUPPORTED_RULE_URI");
-}
-
-// src/decision-proof/hash.ts
-import { keccak256 } from "ethers";
-function stableStringify(obj) {
-  if (Array.isArray(obj)) {
-    return `[${obj.map(stableStringify).join(",")}]`;
-  }
-  if (obj && typeof obj === "object") {
-    return `{${Object.keys(obj).sort().map(
-      (k) => `"${k}":${stableStringify(obj[k])}`
-    ).join(",")}}`;
-  }
-  return JSON.stringify(obj);
-}
-function toUtf8Bytes(str) {
-  return new TextEncoder().encode(str);
-}
-function hashContext(context) {
-  return keccak256(toUtf8Bytes(stableStringify(context)));
-}
-function hashRuleSet(ruleConfig) {
-  return keccak256(toUtf8Bytes(stableStringify(ruleConfig)));
-}
-
-// src/decision-proof/generate.ts
-import { ethers, ZeroAddress } from "ethers";
-var hash = (v) => ethers.keccak256(ethers.toUtf8Bytes(v));
-async function generateDecisionProof(params) {
-  const now = params.blockTimestamp ?? Math.floor(Date.now() / 1e3);
-  const issuedAt = now - 30;
-  const expiresAt = now + (params.ttlSeconds ?? 300);
-  const chainId = params.chainId ?? Number((await params.signer.provider.getNetwork()).chainId);
-  const requiresAttestation = Array.isArray(params.ruleConfig?.requires) && params.ruleConfig.requires.length > 0;
-  const payload = {
-    version: hash("2"),
-    payId: hash(params.payId),
-    payer: params.payer,
-    receiver: params.receiver,
-    asset: params.asset,
-    amount: params.amount,
-    contextHash: hashContext(params.context),
-    ruleSetHash: params.ruleSetHashOverride ?? hashRuleSet(params.ruleConfig),
-    ruleAuthority: params.ruleAuthority ?? ZeroAddress,
-    issuedAt: BigInt(issuedAt),
-    expiresAt: BigInt(expiresAt),
-    nonce: randomHex(32),
-    requiresAttestation
-  };
-  const domain = {
-    name: "PAY.ID Decision",
-    version: "2",
-    chainId,
-    verifyingContract: params.verifyingContract
-  };
-  const types = {
-    Decision: [
-      { name: "version", type: "bytes32" },
-      { name: "payId", type: "bytes32" },
-      { name: "payer", type: "address" },
-      { name: "receiver", type: "address" },
-      { name: "asset", type: "address" },
-      { name: "amount", type: "uint256" },
-      { name: "contextHash", type: "bytes32" },
-      { name: "ruleSetHash", type: "bytes32" },
-      { name: "ruleAuthority", type: "address" },
-      { name: "issuedAt", type: "uint64" },
-      { name: "expiresAt", type: "uint64" },
-      { name: "nonce", type: "bytes32" },
-      { name: "requiresAttestation", type: "bool" }
-    ]
-  };
-  const signature = await params.signer.signTypedData(domain, types, payload);
-  const recovered = ethers.verifyTypedData(domain, types, payload, signature);
-  const signerAddress = await params.signer.getAddress();
-  if (recovered.toLowerCase() !== signerAddress.toLowerCase()) {
-    throw new Error("SIGNATURE_MISMATCH");
-  }
-  return { payload, signature };
-}
-
-export {
-  evaluate,
-  resolveRule,
-  generateDecisionProof
-};

package/dist/chunk-QC24X74O.js

@@ -1,41 +0,0 @@
-import {
-  combineRules
-} from "./chunk-GG34PNTF.js";
-import {
-  canonicalizeRuleSet
-} from "./chunk-6VPSJFO4.js";
-import {
-  __export
-} from "./chunk-MLKGABMK.js";
-
-// src/rule/index.ts
-var rule_exports = {};
-__export(rule_exports, {
-  canonicalizeRuleSet: () => canonicalizeRuleSet,
-  combineRules: () => combineRules,
-  hashRuleSet: () => hashRuleSet
-});
-
-// src/rule/hash.ts
-import { keccak256, toUtf8Bytes } from "ethers";
-function stableStringify(obj) {
-  if (Array.isArray(obj)) {
-    return `[${obj.map(stableStringify).join(",")}]`;
-  }
-  if (obj && typeof obj === "object") {
-    return `{${Object.keys(obj).sort().map(
-      (k) => `"${k}":${stableStringify(obj[k])}`
-    ).join(",")}}`;
-  }
-  return JSON.stringify(obj);
-}
-function hashRuleSet(ruleSet) {
-  return keccak256(
-    toUtf8Bytes(stableStringify(ruleSet))
-  );
-}
-
-export {
-  hashRuleSet,
-  rule_exports
-};

package/dist/index-CtdogR8X.d.ts

@@ -1,82 +0,0 @@
-import { RuleContext, RuleConfig, RuleResult } from 'payid-types';
-import { ethers } from 'ethers';
-import { R as RuleSource, D as DecisionProof } from './types-B8pJQdMQ.js';
-import { P as PayIDSessionPolicyPayloadV1, S as SessionPolicyV2 } from './types-CpXiPRYs.js';
-
-declare class PayIDClient {
-    private readonly debugTrace?;
-    private readonly wasm?;
-    private readonly _ready;
-    constructor(debugTrace?: boolean | undefined, wasm?: Uint8Array | undefined);
-    ready(): Promise<void>;
-    evaluate(context: RuleContext, rule: RuleConfig | RuleSource): Promise<RuleResult>;
-    evaluateAndProve(params: {
-        context: RuleContext;
-        authorityRule: RuleConfig | RuleSource;
-        evaluationRule?: RuleConfig;
-        sessionPolicy?: PayIDSessionPolicyPayloadV1;
-        sessionPolicyV2?: SessionPolicyV2;
-        payId: string;
-        payer: string;
-        receiver: string;
-        asset: string;
-        amount: bigint;
-        signer: ethers.Signer;
-        verifyingContract: string;
-        ruleAuthority: string;
-        ruleSetHashOverride?: string;
-        ttlSeconds?: number;
-        chainId: number;
-        blockTimestamp: number;
-    }): Promise<{
-        result: RuleResult;
-        proof: DecisionProof | null;
-    }>;
-}
-
-/**
- * Create a PayID policy engine instance backed by a WASM rule evaluator.
- *
- * ## Responsibility
- *
- * - Holds the WASM binary used for rule execution
- * - Defines the trust boundary for context attestation verification
- * - Acts as the primary entry point for PayID rule evaluation
- *
- * ## Trust model
- *
- * - If `trustedIssuers` is provided, Context V2 attestation
- *   verification is ENFORCED.
- * - If `trustedIssuers` is omitted, the engine runs in
- *   legacy (Context V1) mode without cryptographic verification.
- *
- * ## Environment
- *
- * This class is safe to instantiate in:
- * - Browsers
- * - Mobile apps
- * - Edge runtimes
- * - Backend services
- *
- * @param wasm
- *   Compiled PayID WASM rule engine binary.
- *
- * @param debugTrace
- *   Optional flag to enable decision trace generation for debugging.
- *   @example
- *   ```ts
- *
- *   const payid = new PayID(wasmBinary, debugTrace);
- *   ```
- */
-declare function createPayID(params: {
-    wasm?: Uint8Array;
-    debugTrace?: boolean;
-}): PayIDClient;
-
-declare const index_createPayID: typeof createPayID;
-declare namespace index {
-  export { index_createPayID as createPayID };
-}
-
-export { createPayID as c, index as i };

package/dist/types-B8pJQdMQ.d.ts

@@ -1,26 +0,0 @@
-interface RuleSource {
-    uri: string;
-    hash?: string;
-}
-
-interface DecisionPayload {
-    version: string;
-    payId: string;
-    payer: string;
-    receiver: string;
-    asset: string;
-    amount: bigint;
-    contextHash: string;
-    ruleSetHash: string;
-    ruleAuthority: string;
-    issuedAt: bigint;
-    expiresAt: bigint;
-    nonce: string;
-    requiresAttestation: boolean;
-}
-interface DecisionProof {
-    payload: DecisionPayload;
-    signature: string;
-}
-
-export type { DecisionProof as D, RuleSource as R };