payment-skill 1.0.0

package/src/core/transaction.ts

@@ -0,0 +1,228 @@
+/**
+ * Payment Skill - Transaction Manager
+ * 
+ * Manages all transactions, their states, and lifecycle
+ */
+
+import * as fs from 'fs-extra';
+import * as path from 'path';
+import { Transaction, TransactionStatus } from '../types';
+import { configManager } from './config';
+
+const DATA_DIR = path.join(process.env.HOME || process.env.USERPROFILE || '.', '.payment-skill');
+const TRANSACTIONS_FILE = path.join(DATA_DIR, 'transactions.json');
+
+export class TransactionManager {
+  private transactions: Map<string, Transaction> = new Map();
+
+  constructor() {
+    this.loadTransactions();
+  }
+
+  private loadTransactions(): void {
+    if (fs.existsSync(TRANSACTIONS_FILE)) {
+      const data = fs.readJsonSync(TRANSACTIONS_FILE);
+      Object.entries(data).forEach(([id, tx]: [string, any]) => {
+        this.transactions.set(id, {
+          ...tx,
+          createdAt: new Date(tx.createdAt),
+          updatedAt: new Date(tx.updatedAt)
+        });
+      });
+    }
+  }
+
+  private saveTransactions(): void {
+    const data: Record<string, Transaction> = {};
+    this.transactions.forEach((tx, id) => {
+      data[id] = tx;
+    });
+    fs.writeJsonSync(TRANSACTIONS_FILE, data, { spaces: 2 });
+  }
+
+  createTransaction(
+    provider: string,
+    merchant: string,
+    amount: number,
+    currency: string,
+    metadata?: Record<string, any>
+  ): Transaction {
+    // Check emergency stop
+    if (configManager.isEmergencyStopActive()) {
+      throw new Error('Emergency stop is active. Cannot create new transactions.');
+    }
+
+    // Check limits
+    this.checkLimits(amount, currency);
+
+    const transaction: Transaction = {
+      id: this.generateTransactionId(),
+      provider,
+      merchant,
+      amount,
+      currency: currency.toUpperCase(),
+      status: 'pending',
+      createdAt: new Date(),
+      updatedAt: new Date(),
+      metadata
+    };
+
+    this.transactions.set(transaction.id, transaction);
+    this.saveTransactions();
+
+    return transaction;
+  }
+
+  private generateTransactionId(): string {
+    return `tx_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`;
+  }
+
+  private checkLimits(amount: number, currency: string): void {
+    const limits = configManager.getLimits();
+    
+    // Check per-transaction limit
+    if (amount > limits.perTransaction) {
+      throw new Error(`Amount ${amount} exceeds per-transaction limit of ${limits.perTransaction}`);
+    }
+
+    // Check daily limit
+    const today = new Date().toDateString();
+    const dailyTotal = this.getDailyTotal(today);
+    if (dailyTotal + amount > limits.daily) {
+      throw new Error(`Daily limit of ${limits.daily} would be exceeded`);
+    }
+
+    // Check hourly transaction count
+    const hourlyCount = this.getHourlyTransactionCount();
+    if (hourlyCount >= limits.maxTransactionsPerHour) {
+      throw new Error(`Hourly transaction limit of ${limits.maxTransactionsPerHour} reached`);
+    }
+
+    // Check time window
+    const timeWindow = configManager.getTimeWindow();
+    if (timeWindow.enabled) {
+      const now = new Date();
+      const currentTime = `${now.getHours().toString().padStart(2, '0')}:${now.getMinutes().toString().padStart(2, '0')}`;
+      
+      if (currentTime < timeWindow.start || currentTime > timeWindow.end) {
+        throw new Error(`Transactions not allowed outside time window ${timeWindow.start}-${timeWindow.end}`);
+      }
+    }
+  }
+
+  private getDailyTotal(date: string): number {
+    let total = 0;
+    this.transactions.forEach(tx => {
+      if (tx.createdAt.toDateString() === date && 
+          (tx.status === 'completed' || tx.status === 'processing')) {
+        total += tx.amount;
+      }
+    });
+    return total;
+  }
+
+  private getHourlyTransactionCount(): number {
+    const oneHourAgo = new Date(Date.now() - 60 * 60 * 1000);
+    let count = 0;
+    this.transactions.forEach(tx => {
+      if (tx.createdAt > oneHourAgo && 
+          (tx.status === 'pending' || tx.status === 'processing' || tx.status === 'completed')) {
+        count++;
+      }
+    });
+    return count;
+  }
+
+  updateTransactionStatus(
+    transactionId: string, 
+    status: TransactionStatus, 
+    error?: string
+  ): Transaction {
+    const tx = this.transactions.get(transactionId);
+    if (!tx) {
+      throw new Error(`Transaction ${transactionId} not found`);
+    }
+
+    // If emergency stop is active, only allow cancellation
+    if (configManager.isEmergencyStopActive() && status !== 'cancelled') {
+      throw new Error('Emergency stop is active. Only cancellation allowed.');
+    }
+
+    tx.status = status;
+    tx.updatedAt = new Date();
+    if (error) {
+      tx.error = error;
+    }
+
+    this.transactions.set(transactionId, tx);
+    this.saveTransactions();
+
+    // Update emergency stop pending list
+    if (status === 'processing') {
+      configManager.addPendingTransaction(transactionId);
+    } else if (['completed', 'failed', 'cancelled'].includes(status)) {
+      configManager.removePendingTransaction(transactionId);
+    }
+
+    return tx;
+  }
+
+  getTransaction(transactionId: string): Transaction | null {
+    return this.transactions.get(transactionId) || null;
+  }
+
+  getTransactions(
+    filters?: {
+      status?: TransactionStatus;
+      provider?: string;
+      merchant?: string;
+      from?: Date;
+      to?: Date;
+    }
+  ): Transaction[] {
+    let txs = Array.from(this.transactions.values());
+
+    if (filters?.status) {
+      txs = txs.filter(tx => tx.status === filters.status);
+    }
+    if (filters?.provider) {
+      txs = txs.filter(tx => tx.provider === filters.provider);
+    }
+    if (filters?.merchant) {
+      txs = txs.filter(tx => tx.merchant === filters.merchant);
+    }
+    if (filters?.from) {
+      txs = txs.filter(tx => tx.createdAt >= filters.from!);
+    }
+    if (filters?.to) {
+      txs = txs.filter(tx => tx.createdAt <= filters.to!);
+    }
+
+    return txs.sort((a, b) => b.createdAt.getTime() - a.createdAt.getTime());
+  }
+
+  getPendingTransactions(): Transaction[] {
+    return this.getTransactions({ status: 'pending' });
+  }
+
+  cancelAllPending(): number {
+    let count = 0;
+    this.transactions.forEach((tx, id) => {
+      if (tx.status === 'pending' || tx.status === 'processing') {
+        this.updateTransactionStatus(id, 'cancelled', 'Cancelled by emergency stop');
+        count++;
+      }
+    });
+    return count;
+  }
+
+  deleteTransaction(transactionId: string): boolean {
+    const deleted = this.transactions.delete(transactionId);
+    if (deleted) {
+      this.saveTransactions();
+    }
+    return deleted;
+  }
+}
+
+export const transactionManager = new TransactionManager();

package/src/index.ts

@@ -0,0 +1,14 @@
+/**
+ * Payment Skill - Main Entry Point
+ * 
+ * Exports all modules for programmatic use
+ */
+
+export { WiseClient } from './api/wise';
+export { BunqClient } from './api/bunq';
+export { ConfigManager, configManager } from './core/config';
+export { TransactionManager, transactionManager } from './core/transaction';
+export * from './types';
+
+// Version
+export const VERSION = '1.0.0';

package/src/server/server.ts

@@ -0,0 +1,131 @@
+/**
+ * Payment Skill - Express Server
+ * 
+ * Serves the web dashboard and handles webhooks
+ */
+
+import express from 'express';
+import cors from 'cors';
+import helmet from 'helmet';
+import path from 'path';
+import { configManager } from '../core/config';
+import { transactionManager } from '../core/transaction';
+
+export class PaymentSkillServer {
+  private app: express.Application;
+  private port: number;
+
+  constructor(port: number = 8080) {
+    this.app = express();
+    this.port = port;
+    this.setupMiddleware();
+    this.setupRoutes();
+  }
+
+  private setupMiddleware(): void {
+    this.app.use(helmet({
+      contentSecurityPolicy: false // Allow inline scripts for dashboard
+    }));
+    this.app.use(cors());
+    this.app.use(express.json());
+    this.app.use(express.static(path.join(__dirname, '../../')));
+  }
+
+  private setupRoutes(): void {
+    // Health check
+    this.app.get('/api/health', (req, res) => {
+      res.json({
+        status: 'ok',
+        version: '1.0.0',
+        emergencyStop: configManager.isEmergencyStopActive()
+      });
+    });
+
+    // Get configuration
+    this.app.get('/api/config', (req, res) => {
+      const config = configManager.getConfig();
+      // Remove sensitive data
+      const safeConfig = {
+        ...config,
+        providers: Object.entries(config.providers).reduce((acc, [key, val]: [string, any]) => {
+          acc[key] = {
+            name: val.name,
+            environment: val.environment,
+            // Don't expose API keys
+            apiKey: val.apiKey ? '***' : undefined
+          };
+          return acc;
+        }, {} as any)
+      };
+      res.json(safeConfig);
+    });
+
+    // Get transactions
+    this.app.get('/api/transactions', (req, res) => {
+      const transactions = transactionManager.getTransactions();
+      res.json(transactions);
+    });
+
+    // Get emergency stop status
+    this.app.get('/api/emergency', (req, res) => {
+      res.json(configManager.getEmergencyStopState());
+    });
+
+    // Activate emergency stop
+    this.app.post('/api/emergency/stop', (req, res) => {
+      configManager.activateEmergencyStop(req.body.reason);
+      transactionManager.cancelAllPending();
+      res.json({ success: true, message: 'Emergency stop activated' });
+    });
+
+    // Deactivate emergency stop
+    this.app.post('/api/emergency/resume', (req, res) => {
+      configManager.deactivateEmergencyStop();
+      res.json({ success: true, message: 'Emergency stop deactivated' });
+    });
+
+    // Get limits
+    this.app.get('/api/limits', (req, res) => {
+      res.json({
+        limits: configManager.getLimits(),
+        timeWindow: configManager.getTimeWindow()
+      });
+    });
+
+    // Webhook endpoints
+    this.app.post('/webhooks/wise', (req, res) => {
+      console.log('Wise webhook received:', req.body);
+      // Process webhook
+      res.status(200).send('OK');
+    });
+
+    this.app.post('/webhooks/bunq', (req, res) => {
+      console.log('Bunq webhook received:', req.body);
+      // Process webhook
+      res.status(200).send('OK');
+    });
+
+    // Dashboard route - serve dashboard.html
+    this.app.get('/', (req, res) => {
+      res.sendFile(path.join(__dirname, '../../dashboard.html'));
+    });
+
+    this.app.get('/dashboard', (req, res) => {
+      res.sendFile(path.join(__dirname, '../../dashboard.html'));
+    });
+  }
+
+  start(): void {
+    this.app.listen(this.port, () => {
+      console.log(`Payment Skill server running on http://localhost:${this.port}`);
+      console.log(`Dashboard: http://localhost:${this.port}/dashboard`);
+    });
+  }
+}
+
+// Start server if run directly
+if (require.main === module) {
+  const port = parseInt(process.env.PORT || '8080');
+  const server = new PaymentSkillServer(port);
+  server.start();
+}

package/src/types/index.ts

@@ -0,0 +1,178 @@
+/**
+ * Payment Skill - Type Definitions
+ * 
+ * Core types for the payment-skill application
+ */
+
+// Merchant Types
+export interface Merchant {
+  id: string;
+  name: string;
+  domains: string[];
+  categories: string[];
+  apiType: string;
+  verified: boolean;
+  riskLevel: 'low' | 'medium' | 'high';
+  canReceivePayments: boolean;
+  apiCapabilities: string[];
+}
+
+export interface MerchantDetectionResult {
+  merchant: string;
+  detected: boolean;
+  apiType?: string;
+  capabilities?: string[];
+  authType?: string;
+  webhookSupport?: boolean;
+  asyncConfirmation?: boolean;
+  confidence: number;
+}
+
+// Provider Types
+export interface ProviderConfig {
+  name: string;
+  apiKey: string;
+  environment: 'sandbox' | 'production';
+  webhookSecret?: string;
+  profileId?: string;
+  additionalConfig?: Record<string, any>;
+}
+
+export interface WiseConfig extends ProviderConfig {
+  profileId?: string;
+}
+
+export interface BunqConfig extends ProviderConfig {
+  installationToken?: string;
+  deviceId?: string;
+}
+
+// Transaction Types
+export interface Transaction {
+  id: string;
+  provider: string;
+  merchant: string;
+  amount: number;
+  currency: string;
+  status: TransactionStatus;
+  createdAt: Date;
+  updatedAt: Date;
+  metadata?: Record<string, any>;
+  error?: string;
+}
+
+export type TransactionStatus = 
+  | 'pending'
+  | 'initiated'
+  | 'requires_action'
+  | 'processing'
+  | 'completed'
+  | 'failed'
+  | 'cancelled'
+  | 'on_hold';
+
+// Template Types
+export interface CommandTemplate {
+  templateId: string;
+  merchant: string;
+  version: string;
+  description: string;
+  prerequisites: TemplatePrerequisites;
+  steps: TemplateStep[];
+  errorHandling: ErrorHandling;
+}
+
+export interface TemplatePrerequisites {
+  apiKey: 'required' | 'optional' | 'none';
+  webhookEndpoint?: 'required' | 'recommended' | 'optional';
+}
+
+export interface TemplateStep {
+  order: number;
+  name: string;
+  command: string;
+  params: Record<string, any>;
+  output?: Record<string, string>;
+  async?: boolean;
+  confirmation?: ConfirmationConfig;
+  nextStep?: NextStepCondition;
+  condition?: string;
+}
+
+export interface ConfirmationConfig {
+  type: 'webhook' | 'poll' | 'manual';
+  events?: string[];
+  timeout?: number;
+  pollInterval?: number;
+}
+
+export interface NextStepCondition {
+  ifStatus: string;
+  then: number | 'complete';
+  else?: number | 'complete';
+}
+
+export interface ErrorHandling {
+  retryOn: string[];
+  maxRetries: number;
+  fallback?: string;
+}
+
+// Limit Types
+export interface LimitConfig {
+  perTransaction: number;
+  daily: number;
+  weekly: number;
+  monthly: number;
+  maxTransactionsPerHour: number;
+}
+
+export interface TimeWindowConfig {
+  enabled: boolean;
+  start: string;
+  end: string;
+  timezone: string;
+  blockedDays?: string[];
+}
+
+// Emergency Stop Types
+export interface EmergencyStopState {
+  active: boolean;
+  activatedAt?: Date;
+  reason?: string;
+  pendingTransactions: string[];
+}
+
+// API Response Types
+export interface ApiResponse<T> {
+  success: boolean;
+  data?: T;
+  error?: string;
+  message?: string;
+}
+
+// Webhook Types
+export interface WebhookEvent {
+  id: string;
+  merchant: string;
+  event: string;
+  data: any;
+  timestamp: Date;
+  signature?: string;
+}
+
+// CLI Types
+export interface CliOptions {
+  verbose?: boolean;
+  json?: boolean;
+  config?: string;
+  dryRun?: boolean;
+}
+
+// Server Types
+export interface ServerConfig {
+  port: number;
+  host: string;
+  webhookPath: string;
+  dashboardPath: string;
+}

package/tsconfig.json

@@ -0,0 +1,23 @@
+{
+  "compilerOptions": {
+    "target": "ES2020",
+    "module": "commonjs",
+    "lib": ["ES2020"],
+    "outDir": "./dist",
+    "rootDir": "./src",
+    "strict": true,
+    "esModuleInterop": true,
+    "skipLibCheck": true,
+    "forceConsistentCasingInFileNames": true,
+    "resolveJsonModule": true,
+    "declaration": true,
+    "declarationMap": true,
+    "sourceMap": true,
+    "moduleResolution": "node",
+    "allowSyntheticDefaultImports": true,
+    "experimentalDecorators": true,
+    "emitDecoratorMetadata": true
+  },
+  "include": ["src/**/*"],
+  "exclude": ["node_modules", "dist", "**/*.test.ts"]
+}

package/verified-merchants.json

@@ -0,0 +1,63 @@
+{
+  "version": "2.0.0",
+  "lastUpdated": "2026-03-10",
+  "description": "Verified merchants list for PaymentSkill - only these merchants are allowed for transactions",
+  "merchants": [
+    {
+      "id": "stripe-connect",
+      "name": "Stripe Connect",
+      "domains": ["stripe.com", "connect.stripe.com"],
+      "categories": ["payments", "finance"],
+      "apiType": "Platform API",
+      "verified": true,
+      "riskLevel": "low",
+      "canReceivePayments": true,
+      "apiCapabilities": ["create_charges", "create_transfers", "create_payouts", "create_connected_accounts"]
+    },
+    {
+      "id": "airwallex",
+      "name": "Airwallex",
+      "domains": ["airwallex.com", "api.airwallex.com"],
+      "categories": ["payments", "finance"],
+      "apiType": "Connected accounts API",
+      "verified": true,
+      "riskLevel": "low",
+      "canReceivePayments": true,
+      "apiCapabilities": ["create_payments", "create_payouts", "create_connected_accounts"]
+    },
+    {
+      "id": "digitalocean",
+      "name": "DigitalOcean",
+      "domains": ["digitalocean.com", "api.digitalocean.com"],
+      "categories": ["cloud", "infrastructure", "hosting"],
+      "apiType": "Team API",
+      "verified": true,
+      "riskLevel": "low",
+      "canReceivePayments": false,
+      "apiCapabilities": ["create_teams", "manage_droplets", "manage_databases"]
+    },
+    {
+      "id": "clickclack-market",
+      "name": "ClickClack Market",
+      "domains": ["clickclack.market"],
+      "categories": ["marketplace", "shopping"],
+      "verified": true,
+      "riskLevel": "low",
+      "canReceivePayments": true,
+      "apiCapabilities": ["custom_api"]
+    }
+  ],
+  "blockedCategories": [
+    "gambling",
+    "adult",
+    "drugs",
+    "weapons",
+    "tobacco"
+  ],
+  "verificationRules": {
+    "requireDomainMatch": true,
+    "allowSubdomains": true,
+    "caseSensitive": false,
+    "strictMode": true
+  }
+}