payment-kit 1.27.2 → 1.29.0

package/api/src/routes/connect/pay.ts

@@ -6,6 +6,7 @@ import { encodeTransferItx } from '../../integrations/ethereum/token';
 import { executeEvmTransaction, waitForEvmTxConfirm } from '../../integrations/ethereum/tx';
 import { CallbackArgs, ethWallet } from '../../libs/auth';
 import logger from '../../libs/logger';
+import { parseChainError } from '../../libs/chain-error';
 import { getGasPayerExtra } from '../../libs/payment';
 import { createPaymentOutput } from '../../libs/session';
 import { getTxMetadata } from '../../libs/util';
@@ -130,6 +131,9 @@ export default {
         const client = paymentMethod.getOcapClient();
         const claim = claims.find((x) => x.type === 'prepareTx');
 
+        // Warm up chain context cache to avoid setTimeout(resolve,0) hang in workerd
+        await client.getContext();
+
         const tx: Partial<Transaction> = client.decodeTx(claim.finalTx);
         if (claim.delegator && claim.from) {
           tx.delegator = claim.delegator;
@@ -227,10 +231,15 @@ export default {
 
         return { hash: txHash };
       } catch (err) {
-        console.error(err);
-        logger.error('Failed to finalize paymentIntent on arcblock', { paymentIntent: paymentIntent.id, error: err });
+        const parsed = parseChainError(err);
+        logger.error('Failed to finalize paymentIntent on arcblock', {
+          paymentIntentId: paymentIntent.id,
+          code: parsed.code,
+          details: parsed.details,
+          raw: err,
+        });
         await paymentIntent.update({ status: 'requires_capture' });
-        throw err;
+        throw parsed;
       }
     }
 

package/api/src/routes/connect/setup.ts

@@ -101,6 +101,8 @@ export default {
             billingThreshold: Math.max(minStakeAmount, billingThreshold),
             items,
             slippageConfig: subscription?.slippage_config || undefined,
+            // Reuse DelegateState fetched above — avoids a duplicate chain RPC on CF cold isolates
+            delegateState: delegation.state,
           }),
         });
       }
@@ -217,7 +219,7 @@ export default {
 
       await checkoutSession.update({ status: 'complete', payment_status: 'paid' });
       if (invoice) {
-        invoiceQueue.pushAndWait({ id: invoice.id, job: { invoiceId: invoice.id, retryOnError: false } });
+        await invoiceQueue.pushAndWait({ id: invoice.id, job: { invoiceId: invoice.id, retryOnError: false } });
       }
       await addSubscriptionJob(subscription, 'cycle', false, subscription.trial_end);
       logger.info('CheckoutSession updated on setup done', {

package/api/src/routes/connect/shared.ts

@@ -1,12 +1,12 @@
 /* eslint-disable @typescript-eslint/indent */
 /* eslint-disable prettier/prettier */
 import { toTypeInfo } from '@arcblock/did';
-import { toDelegateAddress } from '@arcblock/did-util';
-import type { Transaction } from '@ocap/client';
+import { toDelegateAddress } from '@arcblock/did-util/cbor';
+import type { DelegateState as DelegateStateType, Transaction } from '@ocap/client';
 import { BN, fromTokenToUnit, toBase58 } from '@ocap/util';
 import { fromPublicKey } from '@ocap/wallet';
 import type { Request } from 'express';
-import { isEmpty } from 'lodash';
+import isEmpty from 'lodash/isEmpty';
 import dayjs from '../../libs/dayjs';
 import { estimateMaxGasForTx, hasStakedForGas } from '../../integrations/arcblock/stake';
 import { encodeApproveItx } from '../../integrations/ethereum/token';
@@ -31,6 +31,7 @@ import {
 } from '../../libs/subscription';
 import { getCustomerStakeAddress, OCAP_PAYMENT_TX_TYPE } from '../../libs/util';
 
+// eslint-disable-next-line import/no-cycle
 import { invoiceQueue } from '../../queues/invoice';
 import { AutoRechargeConfig, type TLineItemExpanded } from '../../store/models';
 import { CheckoutSession } from '../../store/models/checkout-session';
@@ -453,8 +454,6 @@ export async function ensureInvoiceForCheckout({
     }
   }
 
-  const currency = await PaymentCurrency.findByPk(checkoutSession.currency_id);
-
   const metadata = {
     ...(checkoutSession.invoice_creation?.invoice_data?.metadata || {}),
   };
@@ -467,7 +466,13 @@ export async function ensureInvoiceForCheckout({
   const trialInDays = Number(checkoutSession.subscription_data?.trial_period_days || 0);
   const trialEnd = Number(checkoutSession.subscription_data?.trial_end || 0);
   const now = dayjs().unix();
-  let invoiceItems = lineItems || (await Price.expand(checkoutSession.line_items, { product: true, upsell: true }));
+
+  // Parallel: fetch currency + expand line items (independent queries)
+  const [currency, expandedItems] = await Promise.all([
+    PaymentCurrency.findByPk(checkoutSession.currency_id),
+    lineItems ? Promise.resolve(lineItems) : Price.expand(checkoutSession.line_items, { product: true, upsell: true }),
+  ]);
+  let invoiceItems = expandedItems;
 
   // For items with quote_id, fetch full quote info and attach to line item metadata
   // This ensures invoice line items have complete quote info for display
@@ -610,33 +615,21 @@ export async function ensureInvoiceForCheckout({
     discountCount: discountInfo.appliedDiscounts.length,
   });
 
-  // only update invoice_id for single invoice
-  if (!isGroupInvoice) {
-    await checkoutSession.update({ invoice_id: invoice.id });
-  }
-  if (paymentIntent) {
-    await paymentIntent.update({ invoice_id: invoice.id });
-  }
-  if (subscription) {
-    await subscription.update({ latest_invoice_id: invoice.id });
-  }
-
-  // Update quotes with invoice_id for audit trail
-  // Find quote_ids from invoice items and update the quotes
+  // Update invoice_id references in parallel — these are independent writes
   const quoteIdsFromItems = items
     .map((item) => item.metadata?.quote_id)
     .filter((id): id is string => typeof id === 'string' && id.length > 0);
 
-  if (quoteIdsFromItems.length > 0) {
-    await PriceQuote.update(
-      { invoice_id: invoice.id },
-      { where: { id: quoteIdsFromItems } }
-    );
-    logger.info('Updated quotes with invoice_id', {
-      invoiceId: invoice.id,
-      quoteIds: quoteIdsFromItems,
-    });
-  }
+  await Promise.all([
+    !isGroupInvoice ? checkoutSession.update({ invoice_id: invoice.id }) : Promise.resolve(),
+    paymentIntent ? paymentIntent.update({ invoice_id: invoice.id }) : Promise.resolve(),
+    subscription ? subscription.update({ latest_invoice_id: invoice.id }) : Promise.resolve(),
+    quoteIdsFromItems.length > 0
+      ? PriceQuote.update({ invoice_id: invoice.id }, { where: { id: quoteIdsFromItems } }).then(() => {
+          logger.info('Updated quotes with invoice_id', { invoiceId: invoice.id, quoteIds: quoteIdsFromItems });
+        })
+      : Promise.resolve(),
+  ]);
 
   return { invoice, items };
 }
@@ -861,6 +854,7 @@ export async function getDelegationTxClaim({
   billingThreshold = 0,
   requiredStake = true,
   slippageConfig,
+  delegateState,
 }: {
   userDid: string;
   userPk: string;
@@ -880,6 +874,10 @@ export async function getDelegationTxClaim({
     min_acceptable_rate?: string;
     base_currency?: string;
   };
+  // Optional DelegateState passthrough — avoids a duplicate chain RPC in getTokenLimitsForDelegation
+  // when the caller already fetched it (e.g. via isDelegationSufficientForPayment). Same-request
+  // usage only — do not cache across requests (see delegationCache note in libs/payment.ts).
+  delegateState?: DelegateStateType | null;
 }) {
   // Calculate authorization amount
   // When slippage_config with min_acceptable_rate is provided, use it for precise calculation
@@ -902,16 +900,23 @@ export async function getDelegationTxClaim({
   }
 
   const address = toDelegateAddress(userDid, wallet.address);
-  const tokenLimits = await getTokenLimitsForDelegation(items, paymentMethod, paymentCurrency, address, amount);
-  let tokenRequirements = await getTokenRequirements({
-    items,
-    mode,
-    trialing,
-    billingThreshold,
-    paymentMethod,
-    paymentCurrency,
-    requiredStake,
-  });
+  // These two helpers each issue 1–2 chain RPCs and don't depend on each other,
+  // so fan them out — on CF Workers cold isolates the serial path easily pushed the
+  // request over the runtime CPU/real-time budget and tripped a "hung promise" 500
+  // (see #1351). Parallelising halves the wall-clock for the delegation tx claim.
+  const [tokenLimits, tokenRequirementsResult] = await Promise.all([
+    getTokenLimitsForDelegation(items, paymentMethod, paymentCurrency, address, amount, delegateState),
+    getTokenRequirements({
+      items,
+      mode,
+      trialing,
+      billingThreshold,
+      paymentMethod,
+      paymentCurrency,
+      requiredStake,
+    }),
+  ]);
+  let tokenRequirements = tokenRequirementsResult;
 
   if (mode === 'delegation') {
     tokenRequirements = [];
@@ -1049,6 +1054,9 @@ export async function getStakeTxClaim({
   if (paymentMethod.type === 'arcblock') {
     // create staking data
     const client = paymentMethod.getOcapClient();
+    // CF Workers: warm up chain context to avoid setTimeout(resolve,0) hang on cold client.
+    // Same pattern as pay.ts; needed because did-connect-js tryWithTimeout bounds this callback at 10s.
+    await client.getContext();
 
     const stakeId = hasGrouping ? `stake-group-${subscription.id}` : subscription.id;
 
@@ -1155,6 +1163,8 @@ export async function getOverdraftProtectionStakeTxClaim({
   if (paymentMethod.type === 'arcblock') {
     // create staking data
     const client = paymentMethod.getOcapClient();
+    // CF Workers: warm up chain context to avoid setTimeout(resolve,0) hang on cold client.
+    await client.getContext();
     const nonce = `overdraft-protection-${subscription.id}`;
     const address = await getCustomerStakeAddress(userDid, nonce);
     const { state } = await client.getStakeState({ address });
@@ -1579,6 +1589,9 @@ export async function executeOcapTransactions(
   nonce?: string
 ) {
   const client = paymentMethod.getOcapClient();
+  // CF Workers: warm up chain context to avoid setTimeout(resolve,0) hang on cold client.
+  // Each subsequent executeSingleTransaction (Delegate + Stake broadcast) needs ready context.
+  await client.getContext();
   logger.info('start executeOcapTransactions', { userDid, claims });
 
   const delegation = claims.find((x) => x.type === 'signature' && x.meta?.purpose === 'delegation');

package/api/src/routes/connect/subscribe.ts

@@ -133,6 +133,8 @@ export default {
             items,
             requiredStake,
             slippageConfig: primarySubscription?.slippage_config || undefined,
+            // Reuse DelegateState fetched above — avoids a duplicate chain RPC on CF cold isolates
+            delegateState: delegation.state,
           }),
         });
       }
@@ -243,7 +245,8 @@ export default {
 
       for (const invoice of invoices) {
         if (invoice) {
-          invoiceQueue.pushAndWait({ id: invoice.id, job: { invoiceId: invoice.id, retryOnError: false } });
+          // eslint-disable-next-line no-await-in-loop
+          await invoiceQueue.pushAndWait({ id: invoice.id, job: { invoiceId: invoice.id, retryOnError: false } });
         }
       }
 

package/api/src/routes/credit-grants.ts

@@ -27,6 +27,7 @@ import { blocklet } from '../libs/auth';
 import { formatMetadata } from '../libs/util';
 import { getPriceUintAmountByCurrency } from '../libs/price';
 import { checkTokenBalance } from '../libs/payment';
+import { measurePhase } from '../libs/timing';
 import { getExchangeRateService } from '../libs/exchange-rate/service';
 import { getExchangeRateSymbol, hasTokenAddress } from '../libs/exchange-rate/token-address-mapping';
 import { isRateBelowMinAcceptableRate } from '../libs/slippage';
@@ -290,16 +291,19 @@ router.get('/verify-availability', authMine, async (req, res) => {
     const { customer_id: customerId, currency_id: currencyId } = value;
     let pendingAmount = value.pending_amount;
 
-    const customer = await Customer.findByPkOrDid(customerId);
+    // Parallelize Customer + PaymentCurrency lookups (independent, saves ~85ms RTT)
+    const [customer, currency] = await Promise.all([
+      Customer.findByPkOrDid(customerId),
+      PaymentCurrency.findByPk(currencyId),
+    ]);
     if (!customer) {
       return res.status(404).json({ error: `Customer ${customerId} not found` });
     }
-
-    const currency = await PaymentCurrency.findByPk(currencyId);
     if (!currency) {
       return res.status(404).json({ error: `PaymentCurrency ${currencyId} not found` });
     }
 
+    // AutoRechargeConfig needs customer.id which we now have
     const config = (await AutoRechargeConfig.findOne({
       where: {
         customer_id: customer.id,
@@ -511,13 +515,15 @@ router.get('/verify-availability', authMine, async (req, res) => {
       // This ensures user can pay off pending amount and still have balance for continued usage
       // minimumRequiredBalance = requiredPaymentAmount (to pay off pending) + totalAmount (for one more recharge)
       const minimumRequiredBalance = requiredPaymentAmount.add(totalAmount);
-      balanceResult = await checkTokenBalance({
-        paymentMethod: config.paymentMethod,
-        paymentCurrency: config.rechargeCurrency,
-        userDid: payer,
-        amount: minimumRequiredBalance.toString(),
-        skipUserCheck: true,
-      });
+      balanceResult = await measurePhase('chain', () =>
+        checkTokenBalance({
+          paymentMethod: config.paymentMethod!,
+          paymentCurrency: config.rechargeCurrency!,
+          userDid: payer,
+          amount: minimumRequiredBalance.toString(),
+          skipUserCheck: true,
+        })
+      );
 
       if (!balanceResult.sufficient) {
         return res.json({
@@ -531,13 +537,15 @@ router.get('/verify-availability', authMine, async (req, res) => {
       }
     } else {
       // No pending amount: check if balance can cover at least one recharge
-      balanceResult = await checkTokenBalance({
-        paymentMethod: config.paymentMethod,
-        paymentCurrency: config.rechargeCurrency,
-        userDid: payer,
-        amount: totalAmount.toString(),
-        skipUserCheck: true,
-      });
+      balanceResult = await measurePhase('chain', () =>
+        checkTokenBalance({
+          paymentMethod: config.paymentMethod!,
+          paymentCurrency: config.rechargeCurrency!,
+          userDid: payer,
+          amount: totalAmount.toString(),
+          skipUserCheck: true,
+        })
+      );
 
       if (!balanceResult.sufficient) {
         return res.json({

package/api/src/routes/donations.ts

@@ -1,4 +1,4 @@
-import { Joi } from '@arcblock/validator';
+import Joi from 'joi';
 import { Router } from 'express';
 
 import { BN } from '@ocap/util';
@@ -24,7 +24,7 @@ const donationSchema = Joi.object<DonationSettings>({
   beneficiaries: Joi.array()
     .items(
       Joi.object({
-        address: Joi.DID().required(),
+        address: Joi.string().required(),
         share: Joi.number().positive().required(),
         memo: Joi.string().max(64).optional(),
       })

package/api/src/routes/entitlements.ts

@@ -0,0 +1,105 @@
+// Cross-channel entitlement query API.
+//
+// Endpoints:
+//   GET  /api/entitlements/check     ?customer_did=&product_id=[&livemode=]
+//   GET  /api/entitlements/list      ?customer_did=[&livemode=]
+//
+// Auth model:
+//   - Component-to-component calls (other blocklets via @blocklet/payment-client):
+//     trusted via the component signature; `roles: ['owner','admin']` is the gate.
+//   - Logged-in end users (mobile demo, web SPA): `mine: true` lets them in iff
+//     their DID matches the query's customer_did — enforced in the handler.
+
+import { Router } from 'express';
+import Joi from 'joi';
+
+import { checkEntitlement, listEntitlements } from '../libs/entitlement';
+import logger from '../libs/logger';
+import { authenticate } from '../libs/security';
+import { PaymentMethod } from '../store/models';
+
+const router = Router();
+// component+owner/admin for cross-blocklet calls; ensureLogin for end users —
+// handler then enforces that non-admin users can only query their own DID.
+const auth = authenticate<PaymentMethod>({ component: true, roles: ['owner', 'admin'], ensureLogin: true });
+
+function isAdminUser(role?: string): boolean {
+  return role === 'owner' || role === 'admin';
+}
+
+// Strip the `did:abt:` prefix if present so callers can compare DIDs across
+// the two shapes that show up in the codebase (bare base58 vs canonical).
+// The CF Workers AUTH_SERVICE returns bare addresses; clients send canonical.
+function canonicalDid(did: string | undefined | null): string {
+  if (!did) return '';
+  return did.startsWith('did:abt:') ? did.slice('did:abt:'.length) : did;
+}
+
+function isSelf(req: any, customerDid: string): boolean {
+  const a = canonicalDid(req.user?.did);
+  const b = canonicalDid(customerDid);
+  return !!a && a === b;
+}
+
+const checkQuerySchema = Joi.object<{
+  customer_did: string;
+  product_id: string;
+  livemode?: string | boolean;
+}>({
+  customer_did: Joi.string().required(),
+  product_id: Joi.string().required(),
+  livemode: Joi.alternatives(Joi.boolean(), Joi.string().valid('true', 'false')),
+});
+
+const listQuerySchema = Joi.object<{
+  customer_did: string;
+  livemode?: string | boolean;
+}>({
+  customer_did: Joi.string().required(),
+  livemode: Joi.alternatives(Joi.boolean(), Joi.string().valid('true', 'false')),
+});
+
+function parseLivemode(value: string | boolean | undefined, fallback: boolean): boolean {
+  if (typeof value === 'boolean') return value;
+  if (value === 'true') return true;
+  if (value === 'false') return false;
+  return fallback;
+}
+
+router.get('/check', auth, async (req, res) => {
+  try {
+    const input = await checkQuerySchema.validateAsync(req.query, { stripUnknown: true });
+    if (!isAdminUser((req as any).user?.role) && !isSelf(req, input.customer_did)) {
+      res.status(403).json({ error: 'Cannot query entitlements for other customers' });
+      return;
+    }
+    const livemode = parseLivemode(input.livemode, !!req.livemode);
+    const result = await checkEntitlement({
+      customer_did: input.customer_did,
+      product_id: input.product_id,
+      livemode,
+    });
+    res.json(result);
+  } catch (err: any) {
+    logger.error('entitlements/check failed', { error: err?.message, stack: err?.stack });
+    res.status(400).json({ error: err?.message ?? 'check failed' });
+  }
+});
+
+router.get('/list', auth, async (req, res) => {
+  try {
+    const input = await listQuerySchema.validateAsync(req.query, { stripUnknown: true });
+    if (!isAdminUser((req as any).user?.role) && !isSelf(req, input.customer_did)) {
+      res.status(403).json({ error: 'Cannot list entitlements for other customers' });
+      return;
+    }
+    const livemode = parseLivemode(input.livemode, !!req.livemode);
+    const list = await listEntitlements({ customer_did: input.customer_did, livemode });
+    res.json({ list });
+  } catch (err: any) {
+    logger.error('entitlements/list failed', { error: err?.message, stack: err?.stack });
+    res.status(400).json({ error: err?.message ?? 'list failed' });
+  }
+});
+
+export default router;

package/api/src/routes/events.ts

@@ -186,7 +186,7 @@ router.get('/retry-webhooks', auth, async (req, res) => {
       // eslint-disable-next-line no-restricted-syntax
       for (const webhook of eventWebhooks) {
         // eslint-disable-next-line no-await-in-loop
-        const added = await addWebhookJob(event.id, webhook.id, { persist: false });
+        const added = await addWebhookJob(event.id, webhook.id, { persist: true });
         if (added) {
           scheduled += 1;
         }
@@ -255,7 +255,7 @@ router.post('/:id/retry-webhooks', auth, async (req, res) => {
     // eslint-disable-next-line no-restricted-syntax
     for (const webhook of eventWebhooks) {
       // eslint-disable-next-line no-await-in-loop
-      const added = await addWebhookJob(event.id, webhook.id, { persist: false });
+      const added = await addWebhookJob(event.id, webhook.id, { persist: true });
       if (added) {
         scheduled += 1;
         logger.info('Manually scheduled webhook retry', { eventId: event.id, webhookId: webhook.id });

package/api/src/routes/index.ts

@@ -10,6 +10,9 @@ import creditTransactions from './credit-transactions';
 import customers from './customers';
 import donations from './donations';
 import events from './events';
+import entitlements from './entitlements';
+import appStore from './integrations/app-store';
+import googlePlay from './integrations/google-play';
 import stripe from './integrations/stripe';
 import invoices from './invoices';
 import meterEvents from './meter-events';
@@ -49,8 +52,12 @@ router.use((req, _, next) => {
     } catch {
       req.livemode = true;
     }
-  } else {
-    req.livemode = true;
+  } else if (typeof req.livemode !== 'boolean') {
+    // CF Workers' createExpressReq pre-populates req.livemode from the worker's
+    // PAYMENT_LIVEMODE env var; honor that when set. Express dev has no
+    // upstream, so we fall back to the env var ourselves — defaulting to
+    // livemode=true unless explicitly disabled via PAYMENT_LIVEMODE=false.
+    req.livemode = process.env.PAYMENT_LIVEMODE !== 'false';
   }
 
   next();
@@ -101,6 +108,9 @@ router.use('/donations', loadBaseCurrency, donations);
 router.use('/events', events);
 router.use('/invoices', invoices);
 router.use('/integrations/stripe', stripe);
+router.use('/integrations/google-play', googlePlay);
+router.use('/integrations/app-store', appStore);
+router.use('/entitlements', entitlements);
 router.use('/meter-events', meterEvents);
 router.use('/meters', meters);
 router.use('/passports', passports);