s402 0.3.0 → 0.4.0

package/CHANGELOG.md

@@ -5,6 +5,20 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.4.0] - 2026-04-11
+
+### Changed
+- **BREAKING: `verifySettlement` is now required on `s402ClientScheme` (DAN-280).** The `?` was removed — every scheme implementation MUST provide `verifySettlement()`. Schemes that cannot verify locally (e.g. unlock-TX2) should return `{ verified: false, reason: '...' }`. All 5 SweeFi adapters already implement this method; only custom third-party implementations that relied on the optional marker will need updating.
+- Updated JSDoc: `@since 0.4.0 — required (was optional in 0.3.0)`
+- `mockExactClientScheme()` in `test-utils.ts` now includes `verifySettlement()` returning `{ verified: false }` with reason `'mock scheme'`
+
+### Added
+- **S8 conformance test vectors (DAN-282).** `spec/vectors/settlement-verification.json` — 7 chain-agnostic test vectors covering the `verifySettlement` interface contract: matching digest, mismatched digest (malicious facilitator), settle failed, missing txDigest, invalid base64, stream scheme, and non-verifiable scheme. Each vector includes `expectedShape`, `invariants`, and implementation `notes`.
+
+### Compatibility
+- **BREAKING for 0.3.x consumers**: implementations that omitted `verifySettlement` will now fail type-checking. Add a stub returning `{ verified: false, expectedDigest: '', actualDigest: null, reason: 'not implemented' }` to restore compilation.
+- Wire format: unchanged from v0.3.0.
+
 ## [0.3.0] - 2026-04-11
 
 This release closes the facilitator causal-binding hole identified in the April 2026 scale-fragility review, and establishes s402 as a pure chain-agnostic protocol repo (no Sui code anywhere). Chain-specific implementations now live in downstream adapter repos — the canonical Sui reference is `@sweefi/sui` in the SweeFi monorepo.
@@ -158,6 +172,7 @@ _Version bump for npm publish after license change._
 - Property-based fuzz testing via fast-check
 - 207 tests, zero runtime dependencies
 
+[0.4.0]: https://github.com/s402-protocol/core/compare/v0.3.0...v0.4.0
 [0.3.0]: https://github.com/s402-protocol/core/compare/v0.2.3...v0.3.0
 [0.2.1]: https://github.com/s402-protocol/core/compare/v0.2.0...v0.2.1
 [0.2.0]: https://github.com/s402-protocol/core/compare/v0.1.8...v0.2.0

package/dist/index.d.mts

@@ -1,7 +1,7 @@
 import { createS402Error, s402Error, s402ErrorCode, s402ErrorCodeType, s402ErrorInfo } from "./errors.mjs";
 import { S402_HEADERS, S402_VERSION, s402Discovery, s402EscrowExtra, s402EscrowPayload, s402ExactPayload, s402Mandate, s402MandateRequirements, s402PaymentPayload, s402PaymentPayloadBase, s402PaymentRequirements, s402PaymentSession, s402PrepaidExtra, s402PrepaidPayload, s402RegistryQuery, s402Scheme, s402ServiceEntry, s402SettleResponse, s402SettlementMode, s402StreamExtra, s402StreamPayload, s402UnlockExtra, s402UnlockPayload, s402VerifyResponse } from "./types.mjs";
 import { S402_CONTENT_TYPE, decodePayloadBody, decodePaymentPayload, decodePaymentRequired, decodeRequirementsBody, decodeSettleBody, decodeSettleResponse, detectProtocol, detectTransport, encodePayloadBody, encodePaymentPayload, encodePaymentRequired, encodeRequirementsBody, encodeSettleBody, encodeSettleResponse, extractRequirementsFromResponse, isValidAmount, isValidU64Amount, validateRequirementsShape } from "./http.mjs";
-import { a as s402ServerScheme, i as s402RouteConfig, n as s402DirectScheme, o as s402SettlementVerification, r as s402FacilitatorScheme, t as s402ClientScheme } from "./scheme-D7qqwo3Q.mjs";
+import { a as s402ServerScheme, i as s402RouteConfig, n as s402DirectScheme, o as s402SettlementVerification, r as s402FacilitatorScheme, t as s402ClientScheme } from "./scheme-tVj4sOr-.mjs";
 import { S402_RECEIPT_HEADER, formatReceiptHeader, parseReceiptHeader, s402Receipt, s402ReceiptSigner, s402ReceiptVerifier } from "./receipts.mjs";
 
 //#region src/client.d.ts

package/dist/{scheme-D7qqwo3Q.d.mts → scheme-tVj4sOr-.d.mts}

@@ -32,21 +32,22 @@ interface s402ClientScheme {
    * signed payload the client actually sent.
    *
    * For schemes where the client signs the full transaction before sending
-   * (exact, stream, escrow, unlock-TX1), this is a **local, offline check**:
-   * derive the expected tx digest from the signed bytes and compare it to the
-   * digest the facilitator returned. No RPC call required. This closes the
-   * causal-binding hole identified in the April 2026 scale-fragility review
-   * (see `knowledge/scale-fragility-council-v03.md`): a malicious facilitator
-   * cannot substitute an unrelated-but-real tx digest, because that other
-   * digest would correspond to different signed bytes the client never
+   * (exact, stream, escrow, prepaid, unlock-TX1), this is a **local, offline
+   * check**: derive the expected tx digest from the signed bytes and compare it
+   * to the digest the facilitator returned. No RPC call required. This closes
+   * the causal-binding hole identified in the April 2026 S8 review: a malicious
+   * facilitator cannot substitute an unrelated-but-real tx digest, because that
+   * other digest would correspond to different signed bytes the client never
    * produced.
    *
-   * Optional for backward-compatibility. Schemes that cannot verify locally
+   * Every scheme MUST implement this method. Schemes that cannot verify locally
    * (e.g. unlock-TX2, which is facilitator-constructed) should return
    * `{ verified: false, reason: 'scheme does not support local verification' }`
    * and rely on other attestation mechanisms.
+   *
+   * @since 0.4.0 — required (was optional in 0.3.0)
    */
-  verifySettlement?(payload: s402PaymentPayload, settleResponse: s402SettleResponse): s402SettlementVerification;
+  verifySettlement(payload: s402PaymentPayload, settleResponse: s402SettleResponse): s402SettlementVerification;
 }
 /** Implemented by each scheme on the server side */
 interface s402ServerScheme {

package/dist/test-utils.d.mts

@@ -1,5 +1,5 @@
 import { s402PaymentPayload, s402PaymentRequirements, s402SettleResponse, s402VerifyResponse } from "./types.mjs";
-import { a as s402ServerScheme, r as s402FacilitatorScheme, t as s402ClientScheme } from "./scheme-D7qqwo3Q.mjs";
+import { a as s402ServerScheme, r as s402FacilitatorScheme, t as s402ClientScheme } from "./scheme-tVj4sOr-.mjs";
 
 //#region src/test-utils.d.ts
 /**

package/dist/test-utils.mjs

@@ -29,6 +29,14 @@ function mockExactClientScheme() {
 					signature: "mock-signature"
 				}
 			};
+		},
+		verifySettlement() {
+			return {
+				verified: false,
+				expectedDigest: "",
+				actualDigest: null,
+				reason: "mock scheme"
+			};
 		}
 	};
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "s402",
-  "version": "0.3.0",
+  "version": "0.4.0",
   "type": "module",
   "description": "s402 — Chain-agnostic HTTP 402 wire format. Types, HTTP encoding, and scheme registry for five payment schemes. Wire-compatible with x402. Zero runtime dependencies.",
   "license": "Apache-2.0",

package/test/conformance/vectors/settlement-verification.json

@@ -0,0 +1,180 @@
+[
+  {
+    "description": "Matching digest — verified is true, digests equal",
+    "payload": {
+      "s402Version": "1",
+      "scheme": "exact",
+      "payload": {
+        "transaction": "dHgtYnl0ZXMtaGVyZQ==",
+        "signature": "c2lnLWJ5dGVzLWhlcmU="
+      }
+    },
+    "settleResponse": {
+      "success": true,
+      "txDigest": "KNOWN_DIGEST_ABC123"
+    },
+    "expectedShape": {
+      "verified": "boolean",
+      "expectedDigest": "string",
+      "actualDigest": "string|null"
+    },
+    "invariants": [
+      "IF verified === true THEN expectedDigest === actualDigest",
+      "actualDigest MUST equal settleResponse.txDigest"
+    ],
+    "notes": "The implementation derives expectedDigest from payload.payload.transaction using a chain-specific algorithm. If the facilitator returned the correct digest, verified MUST be true."
+  },
+  {
+    "description": "Mismatched digest — verified is false with DIGEST_MISMATCH reason",
+    "payload": {
+      "s402Version": "1",
+      "scheme": "exact",
+      "payload": {
+        "transaction": "dHgtYnl0ZXMtaGVyZQ==",
+        "signature": "c2lnLWJ5dGVzLWhlcmU="
+      }
+    },
+    "settleResponse": {
+      "success": true,
+      "txDigest": "WRONG_DIGEST_XYZ789"
+    },
+    "expectedShape": {
+      "verified": "boolean",
+      "expectedDigest": "string",
+      "actualDigest": "string|null"
+    },
+    "invariants": [
+      "verified MUST be false",
+      "expectedDigest MUST NOT equal actualDigest",
+      "actualDigest MUST equal settleResponse.txDigest",
+      "reason SHOULD contain 'DIGEST_MISMATCH' or indicate the mismatch"
+    ],
+    "notes": "A malicious facilitator returns a real but unrelated digest. The client detects the mismatch locally without any RPC call."
+  },
+  {
+    "description": "Settle failed — no txDigest available",
+    "payload": {
+      "s402Version": "1",
+      "scheme": "exact",
+      "payload": {
+        "transaction": "dHgtYnl0ZXMtaGVyZQ==",
+        "signature": "c2lnLWJ5dGVzLWhlcmU="
+      }
+    },
+    "settleResponse": {
+      "success": false,
+      "error": "Insufficient gas"
+    },
+    "expectedShape": {
+      "verified": "boolean",
+      "expectedDigest": "string",
+      "actualDigest": "string|null"
+    },
+    "invariants": [
+      "verified MUST be false",
+      "actualDigest MUST be null (no digest was returned)",
+      "reason SHOULD indicate no digest was available"
+    ],
+    "notes": "When settlement fails, there is no digest to verify. The implementation should handle this gracefully rather than throwing."
+  },
+  {
+    "description": "Settle succeeded but txDigest is undefined",
+    "payload": {
+      "s402Version": "1",
+      "scheme": "exact",
+      "payload": {
+        "transaction": "dHgtYnl0ZXMtaGVyZQ==",
+        "signature": "c2lnLWJ5dGVzLWhlcmU="
+      }
+    },
+    "settleResponse": {
+      "success": true
+    },
+    "expectedShape": {
+      "verified": "boolean",
+      "expectedDigest": "string",
+      "actualDigest": "string|null"
+    },
+    "invariants": [
+      "verified MUST be false",
+      "actualDigest MUST be null",
+      "reason SHOULD indicate missing digest"
+    ],
+    "notes": "Edge case: facilitator reports success but omits the digest. This should be treated as unverifiable — the client cannot confirm settlement."
+  },
+  {
+    "description": "Invalid base64 in payload transaction bytes",
+    "payload": {
+      "s402Version": "1",
+      "scheme": "exact",
+      "payload": {
+        "transaction": "!!!NOT-BASE64!!!",
+        "signature": "c2lnLWJ5dGVzLWhlcmU="
+      }
+    },
+    "settleResponse": {
+      "success": true,
+      "txDigest": "SOME_DIGEST"
+    },
+    "expectedShape": {
+      "verified": "boolean",
+      "expectedDigest": "string",
+      "actualDigest": "string|null"
+    },
+    "invariants": [
+      "verified MUST be false",
+      "MUST NOT throw — return a verification result with reason"
+    ],
+    "notes": "Malformed input must fail gracefully. Implementations MUST catch decode errors and return { verified: false } rather than propagating exceptions."
+  },
+  {
+    "description": "Stream scheme — same verification contract applies",
+    "payload": {
+      "s402Version": "1",
+      "scheme": "stream",
+      "payload": {
+        "transaction": "c3RyZWFtLXR4LWJ5dGVz",
+        "signature": "c3RyZWFtLXNpZw=="
+      }
+    },
+    "settleResponse": {
+      "success": true,
+      "txDigest": "STREAM_DIGEST_123"
+    },
+    "expectedShape": {
+      "verified": "boolean",
+      "expectedDigest": "string",
+      "actualDigest": "string|null"
+    },
+    "invariants": [
+      "IF verified === true THEN expectedDigest === actualDigest",
+      "actualDigest MUST equal settleResponse.txDigest"
+    ],
+    "notes": "The S8 invariant applies to ALL client-signed schemes, not just exact. Stream, escrow, prepaid, and unlock-TX1 all sign full transactions before sending to the facilitator."
+  },
+  {
+    "description": "Scheme that cannot verify locally (e.g. unlock-TX2)",
+    "payload": {
+      "s402Version": "1",
+      "scheme": "unlock",
+      "payload": {
+        "transaction": "",
+        "signature": ""
+      }
+    },
+    "settleResponse": {
+      "success": true,
+      "txDigest": "FACILITATOR_BUILT_TX"
+    },
+    "expectedShape": {
+      "verified": "boolean",
+      "expectedDigest": "string",
+      "actualDigest": "string|null"
+    },
+    "invariants": [
+      "verified MUST be false",
+      "reason MUST be present and explain why verification is not possible"
+    ],
+    "notes": "For schemes where the facilitator constructs the transaction (e.g. unlock phase 2), the client has no signed bytes to derive a digest from. The implementation MUST return { verified: false } with a reason, not throw."
+  }
+]