npm - settld - Versions diffs - 0.1.2 → 0.2.0 - Mend

settld 0.1.2 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (483) hide show

package/README.md +93 -3
package/SETTLD_VERSION +1 -1
package/bin/settld-mcp +2 -0
package/bin/settld.js +71 -0
package/conformance/kernel-v0/README.md +7 -0
package/conformance/kernel-v0/run.mjs +292 -4
package/docs/ACCESS.md +57 -0
package/docs/ADOPTION_CHECKLIST.md +44 -0
package/docs/ALERTS.md +198 -0
package/docs/ARCHITECTURE.md +69 -0
package/docs/ARCHITECTURE_FOUNDER_GUIDE.md +284 -0
package/docs/ARTIFACTS.md +60 -0
package/docs/CERTIFICATION_CHECKLIST.md +33 -0
package/docs/CIRCLE_SANDBOX_E2E.md +152 -0
package/docs/CONFIG.md +297 -0
package/docs/CONTRACTS_APIS.md +23 -0
package/docs/DEPRECATION.md +31 -0
package/docs/DOMAIN_MODEL.md +92 -0
package/docs/EVENT_ENVELOPE.md +53 -0
package/docs/FINANCE_PACK_FORMAT.md +53 -0
package/docs/INCIDENT_TAXONOMY.md +30 -0
package/docs/JOB_STATE_MACHINE.md +66 -0
package/docs/KERNEL_COMPATIBLE.md +60 -0
package/docs/KERNEL_V0.md +40 -0
package/docs/KEY_ROTATION.md +80 -0
package/docs/LEDGER.md +82 -0
package/docs/LIVENESS.md +76 -0
package/docs/MVP_BUILD_ORDER.md +36 -0
package/docs/ONCALL_PLAYBOOK.md +39 -0
package/docs/OPERATIONS_SIGNING.md +20 -0
package/docs/OVERVIEW.md +190 -0
package/docs/PERF_BASELINE.md +85 -0
package/docs/PRD.md +77 -0
package/docs/QUICKSTART_KERNEL_V0.md +96 -0
package/docs/QUICKSTART_MCP.md +377 -0
package/docs/QUICKSTART_MCP_HOSTS.md +210 -0
package/docs/QUICKSTART_POLICY_PACKS.md +65 -0
package/docs/QUICKSTART_PRODUCE.md +61 -0
package/docs/QUICKSTART_PROFILES.md +198 -0
package/docs/QUICKSTART_RELEASE_VERIFY.md +39 -0
package/docs/QUICKSTART_SDK.md +125 -0
package/docs/QUICKSTART_SDK_PYTHON.md +111 -0
package/docs/QUICKSTART_VERIFY.md +54 -0
package/docs/QUICKSTART_X402_GATEWAY.md +317 -0
package/docs/README.md +33 -0
package/docs/RELEASE_CHECKLIST.md +182 -0
package/docs/RELEASING.md +82 -0
package/docs/REPO_SETTINGS.md +37 -0
package/docs/RUNBOOK.md +86 -0
package/docs/SKILLS.md +42 -0
package/docs/SKILL_BUNDLE_FORMAT.md +48 -0
package/docs/SLO.md +131 -0
package/docs/SUMMARY.md +17 -0
package/docs/SUPPORT.md +31 -0
package/docs/THREAT_MODEL.md +36 -0
package/docs/TRUST.md +59 -0
package/docs/WORKFLOW.md +35 -0
package/docs/X402_BATCH_SETTLEMENT.md +126 -0
package/docs/blog/2026-02-14-your-ai-agent-just-spent-500-where-is-the-receipt.md +73 -0
package/docs/examples/x402-provider-payout-registry.example.json +14 -0
package/docs/gitbook/README.md +64 -0
package/docs/gitbook/SETUP.md +25 -0
package/docs/gitbook/SUMMARY.md +15 -0
package/docs/gitbook/api-reference.md +73 -0
package/docs/gitbook/closepacks.md +55 -0
package/docs/gitbook/conformance.md +59 -0
package/docs/gitbook/core-primitives.md +85 -0
package/docs/gitbook/dispute-lifecycle.md +33 -0
package/docs/gitbook/faq.md +21 -0
package/docs/gitbook/guides.md +49 -0
package/docs/gitbook/operations-runbook.md +36 -0
package/docs/gitbook/quickstart.md +103 -0
package/docs/gitbook/replay-and-audit.md +30 -0
package/docs/gitbook/sdk-reference.md +35 -0
package/docs/gitbook/security-model.md +58 -0
package/docs/integrations/README.md +15 -0
package/docs/integrations/github-actions-verify.yml +31 -0
package/docs/integrations/github-actions.md +34 -0
package/docs/integrations/openclaw/CLAWHUB_PUBLISH_CHECKLIST.md +65 -0
package/docs/integrations/openclaw/PUBLIC_QUICKSTART.md +95 -0
package/docs/integrations/openclaw/settld-mcp-skill/SKILL.md +69 -0
package/docs/integrations/openclaw/settld-mcp-skill/mcp-server.example.json +12 -0
package/docs/kernel-compatible/capabilities.json +36 -0
package/docs/marketing/agent-commerce-substrate.md +78 -0
package/docs/marketing/hn-repost-2026-02-17.md +102 -0
package/docs/marketing/show-hn-post.md +45 -0
package/docs/ops/ARTIFACT_VERIFICATION_STATUS.md +43 -0
package/docs/ops/BILLING_WEBHOOK_REPLAY.md +105 -0
package/docs/ops/CI_FLAKE_BUDGET.md +31 -0
package/docs/ops/DISPUTE_FINANCE_RECONCILIATION_PACKET.md +56 -0
package/docs/ops/GO_LIVE_GATE_S13.md +27 -0
package/docs/ops/HOSTED_BASELINE_R2.md +129 -0
package/docs/ops/KERNEL_V0_SHIP_GATE.md +69 -0
package/docs/ops/LIGHTHOUSE_PRODUCTION_CLOSE.md +51 -0
package/docs/ops/MCP_COMPATIBILITY_MATRIX.md +30 -0
package/docs/ops/MINIMUM_PRODUCTION_TOPOLOGY.md +89 -0
package/docs/ops/P0_BACKEND_PROGRESS.md +150 -0
package/docs/ops/PAYMENTS_ALPHA_R5.md +105 -0
package/docs/ops/PILOT_ONBOARDING_RUNBOOK.md +112 -0
package/docs/ops/PRODUCTION_DEPLOYMENT_CHECKLIST.md +140 -0
package/docs/ops/R1_SLOS.md +66 -0
package/docs/ops/RELEASE_SIGNING_INCIDENT.md +58 -0
package/docs/ops/SELF_SERVE_LAUNCH_AUTOMATION.md +89 -0
package/docs/ops/THROUGHPUT_DRILL_10X.md +48 -0
package/docs/ops/TRUST_CONFIG_WIZARD.md +60 -0
package/docs/ops/X402_PILOT_WEEKLY_METRICS.md +76 -0
package/docs/ops/tool-call-disputes-holdback.md +52 -0
package/docs/pilot-kit/PILOT_PACKAGE_SCORECARD_X402.md +46 -0
package/docs/pilot-kit/README.md +29 -0
package/docs/pilot-kit/architecture-one-pager.md +48 -0
package/docs/pilot-kit/buyer-email.txt +19 -0
package/docs/pilot-kit/buyer-one-pager.md +31 -0
package/docs/pilot-kit/gtm-pilot-playbook.md +182 -0
package/docs/pilot-kit/offline-verify.md +33 -0
package/docs/pilot-kit/procurement-one-pager.md +50 -0
package/docs/pilot-kit/rfp-clause.md +46 -0
package/docs/pilot-kit/roi-calculator-template.csv +2 -0
package/docs/pilot-kit/security-qa.md +153 -0
package/docs/pilot-kit/security-summary.md +35 -0
package/docs/plans/2026-02-13-mcp-spike-design.md +113 -0
package/docs/plans/2026-02-20-trust-os-v1-jira-backlog.md +348 -0
package/docs/plans/2026-02-21-agent-economic-actor-operating-model.md +169 -0
package/docs/plans/2026-02-21-trust-os-v1-strategy.md +241 -0
package/docs/research/2026-02-21-agent-spend-host-landscape.md +57 -0
package/docs/spec/AcceptanceCriteria.v1.md +17 -0
package/docs/spec/AcceptanceEvaluation.v1.md +10 -0
package/docs/spec/AgentEvent.v1.md +47 -0
package/docs/spec/AgentIdentity.v1.md +62 -0
package/docs/spec/AgentPassport.v1.md +95 -0
package/docs/spec/AgentReputation.v1.md +59 -0
package/docs/spec/AgentReputation.v2.md +52 -0
package/docs/spec/AgentRun.v1.md +47 -0
package/docs/spec/AgentRunSettlement.v1.md +52 -0
package/docs/spec/AgentWallet.v1.md +43 -0
package/docs/spec/AgreementDelegation.v1.md +109 -0
package/docs/spec/ArbitrationCase.v1.md +67 -0
package/docs/spec/ArbitrationOutcomeMapping.v1.md +62 -0
package/docs/spec/ArbitrationVerdict.v1.md +60 -0
package/docs/spec/BundleHeadAttestation.v1.md +32 -0
package/docs/spec/CANONICAL_JSON.md +31 -0
package/docs/spec/CRYPTOGRAPHY.md +61 -0
package/docs/spec/ClosePack.v1.md +49 -0
package/docs/spec/ClosePackManifest.v1.md +24 -0
package/docs/spec/DelegationGrant.v1.md +90 -0
package/docs/spec/DisputeCaseLifecycle.v1.md +51 -0
package/docs/spec/DisputeOpenEnvelope.v1.md +43 -0
package/docs/spec/ERRORS.md +76 -0
package/docs/spec/ESCROW_NETTING_INVARIANTS.md +71 -0
package/docs/spec/EvidenceIndex.v1.md +20 -0
package/docs/spec/ExecutionIntent.v1.md +90 -0
package/docs/spec/FinancePackBundleManifest.v1.md +24 -0
package/docs/spec/FundingHold.v1.md +60 -0
package/docs/spec/GovernancePolicy.v1.md +34 -0
package/docs/spec/GovernancePolicy.v2.md +30 -0
package/docs/spec/INVARIANTS.md +389 -0
package/docs/spec/InteractionDirectionMatrix.v1.md +30 -0
package/docs/spec/InvoiceBundleManifest.v1.md +24 -0
package/docs/spec/InvoiceClaim.v1.md +11 -0
package/docs/spec/MONEY_RAIL_STATE_MACHINE.md +58 -0
package/docs/spec/MarketplaceAcceptance.v2.md +46 -0
package/docs/spec/MarketplaceOffer.v2.md +54 -0
package/docs/spec/MeteringReport.v1.md +18 -0
package/docs/spec/OperatorAction.v1.md +90 -0
package/docs/spec/PRODUCER_ERRORS.md +42 -0
package/docs/spec/PolicyDecision.v1.md +83 -0
package/docs/spec/PricingMatrix.v1.md +20 -0
package/docs/spec/PricingMatrixSignatures.v1.md +30 -0
package/docs/spec/PricingMatrixSignatures.v2.md +29 -0
package/docs/spec/ProduceCliOutput.v1.md +46 -0
package/docs/spec/ProofBundleManifest.v1.md +24 -0
package/docs/spec/README.md +109 -0
package/docs/spec/REFERENCE_IMPLEMENTATIONS.md +29 -0
package/docs/spec/REFERENCE_VERIFIER_BEHAVIOR.md +68 -0
package/docs/spec/REMOTE_SIGNER.md +66 -0
package/docs/spec/ReleaseIndex.v1.md +32 -0
package/docs/spec/ReleaseIndexSignatures.v1.md +17 -0
package/docs/spec/ReleaseTrust.v1.md +13 -0
package/docs/spec/ReleaseTrust.v2.md +26 -0
package/docs/spec/RemoteSignerRequest.v1.md +21 -0
package/docs/spec/RemoteSignerResponse.v1.md +16 -0
package/docs/spec/ReputationEvent.v1.md +63 -0
package/docs/spec/RevocationList.v1.md +28 -0
package/docs/spec/SIGNER_PROVIDER_PLUGIN.md +32 -0
package/docs/spec/STRICTNESS.md +68 -0
package/docs/spec/SUPPLY_CHAIN.md +33 -0
package/docs/spec/SettlementAdjustment.v1.md +45 -0
package/docs/spec/SettlementDecisionRecord.v1.md +48 -0
package/docs/spec/SettlementDecisionRecord.v2.md +53 -0
package/docs/spec/SettlementDecisionReport.v1.md +44 -0
package/docs/spec/SettlementKernel.v1.md +59 -0
package/docs/spec/SettlementReceipt.v1.md +63 -0
package/docs/spec/SlaDefinition.v1.md +24 -0
package/docs/spec/SlaEvaluation.v1.md +12 -0
package/docs/spec/THREAT_MODEL.md +113 -0
package/docs/spec/TOOL_PROVENANCE.md +30 -0
package/docs/spec/TRUST_ANCHORS.md +84 -0
package/docs/spec/TenantSettings.v1.md +90 -0
package/docs/spec/TenantSettings.v2.md +99 -0
package/docs/spec/TimestampProof.v1.md +25 -0
package/docs/spec/ToolCallAgreement.v1.md +34 -0
package/docs/spec/ToolCallEvidence.v1.md +47 -0
package/docs/spec/ToolManifest.v1.md +47 -0
package/docs/spec/VERIFIER_ENVIRONMENT.md +38 -0
package/docs/spec/VERSIONING.md +107 -0
package/docs/spec/VerificationReport.v1.md +50 -0
package/docs/spec/VerifyAboutOutput.v1.md +10 -0
package/docs/spec/VerifyCliOutput.v1.md +28 -0
package/docs/spec/WARNINGS.md +83 -0
package/docs/spec/error-codes.v1.txt +285 -0
package/docs/spec/examples/agreement_delegation_v1.example.json +21 -0
package/docs/spec/examples/arbitration_case_v1.example.json +26 -0
package/docs/spec/examples/arbitration_verdict_v1.example.json +32 -0
package/docs/spec/examples/dispute_open_envelope_v1.example.json +18 -0
package/docs/spec/examples/produce_cli_output_v1.example.json +32 -0
package/docs/spec/examples/release_index_signature_v1.example.json +9 -0
package/docs/spec/examples/release_index_signatures_v1.example.json +14 -0
package/docs/spec/examples/release_index_v1.example.json +15 -0
package/docs/spec/examples/release_trust_v1.example.json +7 -0
package/docs/spec/examples/release_trust_v2.example.json +22 -0
package/docs/spec/examples/remote_signer_request_v1.example.json +18 -0
package/docs/spec/examples/remote_signer_response_v1.example.json +8 -0
package/docs/spec/examples/reputation_event_v1.example.json +29 -0
package/docs/spec/examples/verification_report_v1.example.json +24 -0
package/docs/spec/examples/verify_about_output_v1.example.json +29 -0
package/docs/spec/examples/verify_cli_output_v1.example.json +13 -0
package/docs/spec/legacy/MarketplaceAcceptance.v1.md +48 -0
package/docs/spec/legacy/MarketplaceOffer.v1.md +56 -0
package/docs/spec/legacy/schemas/MarketplaceAcceptance.v1.schema.json +53 -0
package/docs/spec/legacy/schemas/MarketplaceOffer.v1.schema.json +61 -0
package/docs/spec/producer-error-codes.v1.txt +14 -0
package/docs/spec/schemas/AcceptanceCriteria.v1.schema.json +24 -0
package/docs/spec/schemas/AcceptanceEvaluation.v1.schema.json +26 -0
package/docs/spec/schemas/AgentEvent.v1.schema.json +49 -0
package/docs/spec/schemas/AgentIdentity.v1.schema.json +129 -0
package/docs/spec/schemas/AgentPassport.v1.schema.json +112 -0
package/docs/spec/schemas/AgentReputation.v1.schema.json +151 -0
package/docs/spec/schemas/AgentReputation.v2.schema.json +120 -0
package/docs/spec/schemas/AgentRun.v1.schema.json +71 -0
package/docs/spec/schemas/AgentRunSettlement.v1.schema.json +75 -0
package/docs/spec/schemas/AgentWallet.v1.schema.json +54 -0
package/docs/spec/schemas/AgreementDelegation.v1.schema.json +50 -0
package/docs/spec/schemas/ArbitrationCase.v1.schema.json +133 -0
package/docs/spec/schemas/ArbitrationVerdict.v1.schema.json +149 -0
package/docs/spec/schemas/BundleHeadAttestation.v1.schema.json +21 -0
package/docs/spec/schemas/ClosePackManifest.v1.schema.json +38 -0
package/docs/spec/schemas/DelegationGrant.v1.schema.json +102 -0
package/docs/spec/schemas/DisputeOpenEnvelope.v1.schema.json +78 -0
package/docs/spec/schemas/EvidenceIndex.v1.schema.json +41 -0
package/docs/spec/schemas/ExecutionIntent.v1.schema.json +85 -0
package/docs/spec/schemas/FinancePackBundleManifest.v1.schema.json +38 -0
package/docs/spec/schemas/FundingHold.v1.schema.json +46 -0
package/docs/spec/schemas/GovernancePolicy.v1.schema.json +45 -0
package/docs/spec/schemas/GovernancePolicy.v2.schema.json +70 -0
package/docs/spec/schemas/InteractionDirectionMatrix.v1.schema.json +43 -0
package/docs/spec/schemas/InvoiceBundleManifest.v1.schema.json +38 -0
package/docs/spec/schemas/InvoiceClaim.v1.schema.json +39 -0
package/docs/spec/schemas/MarketplaceAcceptance.v2.schema.json +53 -0
package/docs/spec/schemas/MarketplaceOffer.v2.schema.json +61 -0
package/docs/spec/schemas/MeteringReport.v1.schema.json +45 -0
package/docs/spec/schemas/OperatorAction.v1.schema.json +113 -0
package/docs/spec/schemas/PolicyDecision.v1.schema.json +74 -0
package/docs/spec/schemas/PricingMatrix.v1.schema.json +24 -0
package/docs/spec/schemas/PricingMatrixSignatures.v1.schema.json +24 -0
package/docs/spec/schemas/PricingMatrixSignatures.v2.schema.json +24 -0
package/docs/spec/schemas/ProduceCliOutput.v1.schema.json +107 -0
package/docs/spec/schemas/ProofBundleManifest.v1.schema.json +37 -0
package/docs/spec/schemas/PublicKeys.v1.schema.json +33 -0
package/docs/spec/schemas/ReleaseIndex.v1.schema.json +45 -0
package/docs/spec/schemas/ReleaseIndexSignature.v1.schema.json +16 -0
package/docs/spec/schemas/ReleaseIndexSignatures.v1.schema.json +16 -0
package/docs/spec/schemas/ReleaseTrust.v1.schema.json +15 -0
package/docs/spec/schemas/ReleaseTrust.v2.schema.json +37 -0
package/docs/spec/schemas/RemoteSignerPublicKeyResponse.v1.schema.json +14 -0
package/docs/spec/schemas/RemoteSignerRequest.v1.schema.json +24 -0
package/docs/spec/schemas/RemoteSignerResponse.v1.schema.json +10 -0
package/docs/spec/schemas/RemoteSignerSignRequest.v1.schema.json +27 -0
package/docs/spec/schemas/RemoteSignerSignResponse.v1.schema.json +16 -0
package/docs/spec/schemas/ReputationEvent.v1.schema.json +164 -0
package/docs/spec/schemas/RevocationList.v1.schema.json +51 -0
package/docs/spec/schemas/SettlementAdjustment.v1.schema.json +44 -0
package/docs/spec/schemas/SettlementDecisionRecord.v1.schema.json +66 -0
package/docs/spec/schemas/SettlementDecisionRecord.v2.schema.json +149 -0
package/docs/spec/schemas/SettlementDecisionReport.v1.schema.json +61 -0
package/docs/spec/schemas/SettlementReceipt.v1.schema.json +135 -0
package/docs/spec/schemas/SlaDefinition.v1.schema.json +33 -0
package/docs/spec/schemas/SlaEvaluation.v1.schema.json +26 -0
package/docs/spec/schemas/TenantSettings.v1.schema.json +90 -0
package/docs/spec/schemas/TenantSettings.v2.schema.json +161 -0
package/docs/spec/schemas/TimestampProof.v1.schema.json +17 -0
package/docs/spec/schemas/ToolCallAgreement.v1.schema.json +34 -0
package/docs/spec/schemas/ToolCallEvidence.v1.schema.json +45 -0
package/docs/spec/schemas/ToolManifest.v1.schema.json +54 -0
package/docs/spec/schemas/VerificationReport.v1.schema.json +83 -0
package/docs/spec/schemas/VerifyAboutOutput.v1.schema.json +54 -0
package/docs/spec/schemas/VerifyCliOutput.v1.schema.json +75 -0
package/docs/spec/schemas/VerifyReleaseOutput.v1.schema.json +47 -0
package/docs/spec/x402-error-codes.v1.txt +35 -0
package/docs/templates/buyer-email.txt +18 -0
package/docs/templates/buyer-one-pager.md +24 -0
package/package.json +53 -6
package/scripts/acceptance/full-stack.mjs +734 -0
package/scripts/acceptance/full-stack.sh +99 -0
package/scripts/audit/build-audit-packet.mjs +242 -0
package/scripts/backup-pg.sh +45 -0
package/scripts/backup-restore/README.md +18 -0
package/scripts/backup-restore/capture-state.mjs +130 -0
package/scripts/backup-restore/client.mjs +97 -0
package/scripts/backup-restore/seed-workload.mjs +235 -0
package/scripts/backup-restore/verify-state.mjs +139 -0
package/scripts/backup-restore-test.sh +217 -0
package/scripts/chaos.js +221 -0
package/scripts/ci/build-launch-cutover-packet.mjs +304 -0
package/scripts/ci/build-self-serve-benchmark-report.mjs +122 -0
package/scripts/ci/changelog-guard.mjs +145 -0
package/scripts/ci/check-kernel-v0-launch-gate.mjs +233 -0
package/scripts/ci/check-secret-hygiene.mjs +78 -0
package/scripts/ci/check-version-consistency.mjs +42 -0
package/scripts/ci/cli-pack-smoke.mjs +160 -0
package/scripts/ci/flake-budget-guard.mjs +68 -0
package/scripts/ci/generate-error-codes.mjs +54 -0
package/scripts/ci/lib/lighthouse-tracker.mjs +90 -0
package/scripts/ci/lib/self-serve-launch-gate.mjs +89 -0
package/scripts/ci/npm-pack-smoke.mjs +454 -0
package/scripts/ci/run-10x-throughput-drill.mjs +318 -0
package/scripts/ci/run-10x-throughput-incident-rehearsal.mjs +368 -0
package/scripts/ci/run-arbitration-workspace-browser-e2e.sh +22 -0
package/scripts/ci/run-circle-sandbox-smoke.mjs +237 -0
package/scripts/ci/run-go-live-gate.mjs +150 -0
package/scripts/ci/run-kernel-v0-ship-gate.mjs +97 -0
package/scripts/ci/run-mcp-host-cert-matrix.mjs +201 -0
package/scripts/ci/run-mcp-host-smoke.mjs +473 -0
package/scripts/ci/run-offline-verification-parity-gate.mjs +762 -0
package/scripts/ci/run-onboarding-host-success-gate.mjs +516 -0
package/scripts/ci/run-onboarding-policy-slo-gate.mjs +537 -0
package/scripts/ci/run-production-cutover-gate.mjs +540 -0
package/scripts/ci/run-public-openclaw-npx-smoke.mjs +148 -0
package/scripts/ci/run-release-promotion-guard.mjs +756 -0
package/scripts/ci/run-self-serve-launch-gate.mjs +56 -0
package/scripts/ci/runtime-import-smoke.mjs +58 -0
package/scripts/ci/update-lighthouse-tracker.mjs +112 -0
package/scripts/closepack/lib.mjs +286 -0
package/scripts/collect-debug.sh +263 -0
package/scripts/demo/compositional-settlement-3hop.mjs +237 -0
package/scripts/demo/delivery-robot/export-ui-fixture.mjs +188 -0
package/scripts/demo/delivery-robot/generate.mjs +377 -0
package/scripts/demo/kernel-agent-goes-shopping.mjs +202 -0
package/scripts/demo/magic-link-first-green.mjs +118 -0
package/scripts/demo/magic-link-kind-smoke.mjs +577 -0
package/scripts/demo/mcp-paid-exa.mjs +1110 -0
package/scripts/dev/billing-doctor.sh +145 -0
package/scripts/dev/billing-smoke-prod.sh +219 -0
package/scripts/dev/billing-webhook-replay.sh +161 -0
package/scripts/dev/env.dev.example +29 -0
package/scripts/dev/env.sh +37 -0
package/scripts/dev/new-sdk-key.sh +81 -0
package/scripts/dev/sdk-first-run.sh +21 -0
package/scripts/dev/smoke-x402-gateway.sh +115 -0
package/scripts/dev/start-api.sh +24 -0
package/scripts/doctor/mcp-host.mjs +120 -0
package/scripts/examples/produce-and-verify-jobproof.mjs +191 -0
package/scripts/examples/sdk-first-paid-rfq.py +105 -0
package/scripts/examples/sdk-first-verified-run.mjs +85 -0
package/scripts/examples/sdk-first-verified-run.py +99 -0
package/scripts/examples/sdk-tenant-analytics.mjs +103 -0
package/scripts/examples/sdk-tenant-analytics.py +118 -0
package/scripts/finance-pack/bundle.mjs +284 -0
package/scripts/fixtures/generate-bundle-fixtures.mjs +877 -0
package/scripts/governance/export.mjs +169 -0
package/scripts/load/delivery-stress.k6.js +183 -0
package/scripts/load/ingest-burst.k6.js +236 -0
package/scripts/load/run-delivery-load.js +66 -0
package/scripts/load/webhook-receiver.js +131 -0
package/scripts/magic-link/migrate-run-records-to-db.mjs +35 -0
package/scripts/mcp/probe.mjs +238 -0
package/scripts/mcp/settld-mcp-http-gateway.mjs +178 -0
package/scripts/mcp/settld-mcp-server.mjs +1511 -0
package/scripts/openapi/write.mjs +13 -0
package/scripts/ops/bootstrap-tenant-conformance.mjs +185 -0
package/scripts/ops/build-x402-pilot-reliability-report.mjs +489 -0
package/scripts/ops/check-x402-receipt-sample.mjs +181 -0
package/scripts/ops/design-partner-run-packet.mjs +466 -0
package/scripts/ops/dispute-finance-reconciliation-packet.mjs +313 -0
package/scripts/ops/hosted-baseline-evidence.mjs +890 -0
package/scripts/ops/money-rails-chargeback-evidence.mjs +509 -0
package/scripts/ops/money-rails-reconcile-evidence.mjs +180 -0
package/scripts/ops/p0-seed-money-rail-operation.mjs +432 -0
package/scripts/ops/run-x402-hitl-smoke.mjs +607 -0
package/scripts/pilot/finance-pack.mjs +495 -0
package/scripts/pilot/fixtures/robot-keypair.json +4 -0
package/scripts/pilot/fixtures/server-signer.json +4 -0
package/scripts/policy/cli.mjs +600 -0
package/scripts/profile/cli.mjs +1324 -0
package/scripts/proof-bundle/job.mjs +109 -0
package/scripts/proof-bundle/lib.mjs +92 -0
package/scripts/proof-bundle/month.mjs +103 -0
package/scripts/provider/conformance-run.mjs +159 -0
package/scripts/provider/keys-generate.mjs +135 -0
package/scripts/provider/publish.mjs +420 -0
package/scripts/quickstart/x402.mjs +334 -0
package/scripts/register-entity-secret.mjs +102 -0
package/scripts/release/build-artifacts.mjs +181 -0
package/scripts/release/generate-release-index.mjs +112 -0
package/scripts/release/release-index-lib.mjs +232 -0
package/scripts/release/sign-release-index.mjs +85 -0
package/scripts/release/validate-release-assets.mjs +170 -0
package/scripts/release/verify-release.mjs +261 -0
package/scripts/restore-pg.sh +34 -0
package/scripts/scaffold/create-settld-paid-tool.mjs +19 -0
package/scripts/sdk/smoke-python.py +30 -0
package/scripts/sdk/smoke.mjs +16 -0
package/scripts/settlement/x402-batch-worker.mjs +1091 -0
package/scripts/setup/circle-bootstrap.mjs +310 -0
package/scripts/setup/host-config.mjs +617 -0
package/scripts/setup/onboard.mjs +1337 -0
package/scripts/setup/openclaw-onboard.mjs +423 -0
package/scripts/setup/wizard.mjs +986 -0
package/scripts/slo/check.mjs +239 -0
package/scripts/smoke/k8s-smoke.mjs +214 -0
package/scripts/spec/generate-protocol-vectors.mjs +1019 -0
package/scripts/test/check-no-generated-artifacts.sh +12 -0
package/scripts/test/run.sh +59 -0
package/scripts/trust/validate-trust-file.mjs +57 -0
package/scripts/trust-config/rotate-settld-pay.mjs +277 -0
package/scripts/trust-config/wizard.mjs +161 -0
package/scripts/vendor-contract-test-lib.mjs +182 -0
package/scripts/vendor-contract-test.mjs +55 -0
package/scripts/vercel/build-mkdocs.sh +9 -0
package/scripts/vercel/ignore-mkdocs.sh +25 -0
package/scripts/vercel/install-mkdocs.sh +6 -0
package/scripts/verify-pg.js +217 -0
package/scripts/x402/receipt-verify.mjs +289 -0
package/services/finance-sink/src/dedupe-store.js +29 -6
package/services/receiver/src/dedupe-store.js +29 -5
package/services/x402-gateway/Dockerfile +13 -0
package/services/x402-gateway/README.md +58 -0
package/services/x402-gateway/examples/upstream-mock.js +337 -0
package/services/x402-gateway/src/server.js +1058 -0
package/src/api/app.js +34658 -16940
package/src/api/maintenance.js +70 -0
package/src/api/middleware/trust-kernel.js +114 -0
package/src/api/openapi.js +1778 -70
package/src/api/persistence.js +456 -0
package/src/api/server.js +81 -5
package/src/api/store.js +1581 -62
package/src/api/workers/deliveries.js +99 -4
package/src/api/workers/insolvency-sweep.js +159 -0
package/src/core/agent-card.js +69 -0
package/src/core/agent-wallets.js +231 -0
package/src/core/agreement-delegation.js +549 -0
package/src/core/billing-plans.js +40 -6
package/src/core/circle-reserve-adapter.js +845 -0
package/src/core/event-policy.js +21 -2
package/src/core/maintenance-locks.js +1 -0
package/src/core/operator-action.js +303 -0
package/src/core/paid-tool-manifest.js +318 -0
package/src/core/policy-decision.js +322 -0
package/src/core/policy-packs.js +207 -0
package/src/core/profile-fingerprint.js +27 -0
package/src/core/profile-simulation-reasons.js +84 -0
package/src/core/profile-templates.js +242 -0
package/src/core/provider-publish-conformance.js +525 -0
package/src/core/provider-publish-proof.js +396 -0
package/src/core/provider-quote-signature.js +170 -0
package/src/core/settld-keys.js +112 -0
package/src/core/settld-pay-token.js +344 -0
package/src/core/settlement-kernel.js +239 -2
package/src/core/settlement-verifier.js +335 -0
package/src/core/tool-call-agreement.js +112 -0
package/src/core/tool-call-evidence.js +144 -0
package/src/core/tool-provider-signature.js +98 -0
package/src/core/wallet-assignment-resolver.js +129 -0
package/src/core/wallet-provider-bootstrap.js +365 -0
package/src/core/x402-escalation-override.js +258 -0
package/src/core/x402-gate.js +118 -0
package/src/core/x402-provider-refund-decision.js +220 -0
package/src/core/x402-receipt-verifier.js +708 -0
package/src/core/x402-reversal-command.js +251 -0
package/src/core/x402-wallet-issuer-decision.js +252 -0
package/src/core/zk-verifier.js +300 -0
package/src/db/migrations/029_reputation_event_index.sql +54 -0
package/src/db/migrations/030_artifacts_source_event_unique_job_only.sql +15 -0
package/src/db/pg.js +18 -7
package/src/db/store-pg.js +1508 -111

package/scripts/dev/billing-doctor.sh ADDED Viewed

@@ -0,0 +1,145 @@
+#!/usr/bin/env bash
+set -euo pipefail
+ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
+# shellcheck source=/dev/null
+source "$ROOT_DIR/scripts/dev/env.sh"
+for bin in curl jq; do
+  if ! command -v "$bin" >/dev/null 2>&1; then
+    echo "Missing required tool: $bin"
+    exit 1
+  fi
+done
+if ! curl -fsS "$SETTLD_BASE_URL/healthz" >/dev/null 2>&1; then
+  cat <<EOF
+API is not reachable at $SETTLD_BASE_URL.
+Start it in another shell:
+  npm run dev:start
+EOF
+  exit 1
+fi
+if [[ -z "${SETTLD_API_KEY:-}" ]]; then
+  SETTLD_API_KEY="$(bash "$ROOT_DIR/scripts/dev/new-sdk-key.sh" --print-only)"
+  export SETTLD_API_KEY
+fi
+API_AUTH_HEADER="authorization: Bearer $SETTLD_API_KEY"
+PERIOD="$(date -u +%Y-%m)"
+api_post_json() {
+  local path="$1"
+  local payload="$2"
+  local response
+  local body
+  local status
+  response="$(curl -sS -X POST "$SETTLD_BASE_URL$path" \
+    -H "$API_AUTH_HEADER" \
+    -H "x-proxy-tenant-id: $SETTLD_TENANT_ID" \
+    -H "content-type: application/json" \
+    -d "$payload" \
+    -w $'\n%{http_code}')"
+  body="$(printf "%s" "$response" | sed '$d')"
+  status="$(printf "%s" "$response" | tail -n1)"
+  if [[ ! "$status" =~ ^2 ]]; then
+    echo "Request failed: POST $path (HTTP $status)"
+    echo "$body" | jq . 2>/dev/null || echo "$body"
+    exit 1
+  fi
+  printf "%s" "$body"
+}
+echo "[1/5] Running first verified settlement..."
+RUN_JSON="$(cd "$ROOT_DIR" && SETTLD_SDK_DISPUTE_WINDOW_DAYS=3 npm run -s sdk:first-run)"
+echo "$RUN_JSON" | jq .
+RUN_ID="$(echo "$RUN_JSON" | jq -r '.runId')"
+PAYER_AGENT_ID="$(echo "$RUN_JSON" | jq -r '.payerAgentId')"
+if [[ -z "$RUN_ID" || "$RUN_ID" == "null" ]]; then
+  echo "Could not parse runId from sdk:first-run output."
+  exit 1
+fi
+if [[ -z "$PAYER_AGENT_ID" || "$PAYER_AGENT_ID" == "null" ]]; then
+  echo "Could not parse payerAgentId from sdk:first-run output."
+  exit 1
+fi
+SUFFIX="$(date +%s%N | cut -c1-16)"
+DISPUTE_ID="dispute_doctor_${SUFFIX}"
+CASE_ID="arb_case_doctor_${SUFFIX}"
+echo "[2/5] Opening dispute..."
+DISPUTE_JSON="$(api_post_json "/runs/$RUN_ID/dispute/open" "{\"disputeId\":\"$DISPUTE_ID\",\"reason\":\"billing doctor validation\",\"openedByAgentId\":\"$PAYER_AGENT_ID\"}")"
+echo "$DISPUTE_JSON" | jq .
+echo "[3/5] Opening arbitration case..."
+ARBITRATION_JSON="$(api_post_json "/runs/$RUN_ID/arbitration/open" "{\"caseId\":\"$CASE_ID\",\"disputeId\":\"$DISPUTE_ID\",\"arbiterAgentId\":\"$PAYER_AGENT_ID\"}")"
+echo "$ARBITRATION_JSON" | jq .
+echo "[4/5] Reading billable events..."
+EVENTS_JSON="$(curl -sS "$SETTLD_BASE_URL/ops/finance/billable-events?period=$PERIOD" \
+  -H "authorization: Bearer $PROXY_OPS_TOKEN" \
+  -H "x-proxy-tenant-id: $SETTLD_TENANT_ID")"
+SCOPED_EVENTS_JSON="$(echo "$EVENTS_JSON" | jq --arg runId "$RUN_ID" --arg caseId "$CASE_ID" '
+  [.events[] | select((.runId == $runId) or (.arbitrationCaseId == $caseId))]
+')"
+echo "$SCOPED_EVENTS_JSON" | jq --arg tenantId "$SETTLD_TENANT_ID" --arg runId "$RUN_ID" --arg caseId "$CASE_ID" --arg period "$PERIOD" '
+{
+  tenantId: $tenantId,
+  period: $period,
+  runId: $runId,
+  arbitrationCaseId: $caseId,
+  count: length,
+  eventTypeCounts: (reduce .[] as $event ({verified_run: 0, settled_volume: 0, arbitration_usage: 0};
+    if ($event.eventType == "verified_run") then .verified_run += 1
+    elif ($event.eventType == "settled_volume") then .settled_volume += 1
+    elif ($event.eventType == "arbitration_usage") then .arbitration_usage += 1
+    else .
+    end)),
+  events: .
+}'
+RUN_VERIFIED_EVENTS="$(echo "$SCOPED_EVENTS_JSON" | jq --arg runId "$RUN_ID" '[.[] | select(.eventType=="verified_run" and .runId==$runId)] | length')"
+RUN_SETTLED_EVENTS="$(echo "$SCOPED_EVENTS_JSON" | jq --arg runId "$RUN_ID" '[.[] | select(.eventType=="settled_volume" and .runId==$runId)] | length')"
+ARBITRATION_EVENTS_FOR_CASE="$(echo "$SCOPED_EVENTS_JSON" | jq --arg caseId "$CASE_ID" '[.[] | select(.eventType=="arbitration_usage" and .arbitrationCaseId==$caseId)] | length')"
+if [[ "$RUN_VERIFIED_EVENTS" -lt 1 ]]; then
+  echo "Expected at least one verified_run event for run $RUN_ID, found $RUN_VERIFIED_EVENTS."
+  exit 1
+fi
+if [[ "$RUN_SETTLED_EVENTS" -lt 1 ]]; then
+  echo "Expected at least one settled_volume event for run $RUN_ID, found $RUN_SETTLED_EVENTS."
+  exit 1
+fi
+if [[ "$ARBITRATION_EVENTS_FOR_CASE" -lt 1 ]]; then
+  echo "Expected at least one arbitration_usage event for case $CASE_ID, found $ARBITRATION_EVENTS_FOR_CASE."
+  exit 1
+fi
+echo "[5/5] Reading billing summary..."
+SUMMARY_JSON="$(curl -sS "$SETTLD_BASE_URL/ops/finance/billing/summary?period=$PERIOD" \
+  -H "authorization: Bearer $PROXY_OPS_TOKEN" \
+  -H "x-proxy-tenant-id: $SETTLD_TENANT_ID")"
+echo "$SUMMARY_JSON" | jq '{
+  tenantId,
+  period,
+  plan: { planId: .plan.planId },
+  usage: .usage,
+  enforcement: .enforcement
+}'
+ARBITRATION_CASES="$(echo "$SUMMARY_JSON" | jq -r '.usage.arbitrationCases // 0')"
+if [[ "$ARBITRATION_CASES" -lt 1 ]]; then
+  echo "Expected arbitrationCases >= 1 in billing summary, got $ARBITRATION_CASES."
+  exit 1
+fi
+echo
+echo "Billing doctor passed."
+echo "Run: $RUN_ID"
+echo "Dispute: $DISPUTE_ID"
+echo "Arbitration case: $CASE_ID"

package/scripts/dev/billing-smoke-prod.sh ADDED Viewed

@@ -0,0 +1,219 @@
+#!/usr/bin/env bash
+set -euo pipefail
+# Load local env defaults automatically (same behavior as other dev scripts).
+ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
+if [[ -f "$ROOT_DIR/scripts/dev/env.sh" ]]; then
+  # shellcheck source=/dev/null
+  source "$ROOT_DIR/scripts/dev/env.sh"
+fi
+for bin in curl jq; do
+  if ! command -v "$bin" >/dev/null 2>&1; then
+    echo "Missing required tool: $bin"
+    exit 1
+  fi
+done
+: "${SETTLD_BASE_URL:?SETTLD_BASE_URL is required (example: https://<your-api-domain>)}"
+: "${PROXY_OPS_TOKEN:?PROXY_OPS_TOKEN is required}"
+# Default to an isolated smoke tenant to avoid stale billing/subscription state
+# in long-lived tenants (for example tenant_default).
+if [[ -z "${SETTLD_TENANT_ID:-}" || "${SETTLD_TENANT_ID}" == "tenant_default" ]]; then
+  SETTLD_TENANT_ID="tenant_smoke_$(date +%s)"
+fi
+export SETTLD_TENANT_ID
+if [[ "$SETTLD_BASE_URL" == "http://127.0.0.1:3000" || "$SETTLD_BASE_URL" == "http://localhost:3000" ]]; then
+  cat <<EOF
+This is the production smoke script, but SETTLD_BASE_URL is still local ($SETTLD_BASE_URL).
+Set your deployed API URL once:
+  echo 'SETTLD_BASE_URL=https://api.settld.work' >> .env.dev.runtime
+EOF
+  exit 1
+fi
+if [[ "$PROXY_OPS_TOKEN" == "dev_ops_token" ]]; then
+  cat <<EOF
+PROXY_OPS_TOKEN is still the local default (dev_ops_token), which will fail in production.
+Set your real prod token once:
+  echo 'PROXY_OPS_TOKEN=<your_prod_ops_token>' >> .env.dev.runtime
+EOF
+  exit 1
+fi
+api_get() {
+  local path="$1"
+  local response body status
+  response="$(curl -sS "$SETTLD_BASE_URL$path" \
+    -H "x-proxy-ops-token: $PROXY_OPS_TOKEN" \
+    -H "x-proxy-tenant-id: $SETTLD_TENANT_ID" \
+    -w $'\n%{http_code}')"
+  body="$(printf "%s" "$response" | sed '$d')"
+  status="$(printf "%s" "$response" | tail -n1)"
+  if [[ ! "$status" =~ ^2 ]]; then
+    echo "GET $path failed (HTTP $status)" >&2
+    echo "$body" | jq . 2>/dev/null >&2 || echo "$body" >&2
+    exit 1
+  fi
+  printf "%s" "$body"
+}
+api_post_json() {
+  local path="$1"
+  local payload="$2"
+  local response body status
+  response="$(curl -sS -X POST "$SETTLD_BASE_URL$path" \
+    -H "x-proxy-ops-token: $PROXY_OPS_TOKEN" \
+    -H "x-proxy-tenant-id: $SETTLD_TENANT_ID" \
+    -H "content-type: application/json" \
+    -d "$payload" \
+    -w $'\n%{http_code}')"
+  body="$(printf "%s" "$response" | sed '$d')"
+  status="$(printf "%s" "$response" | tail -n1)"
+  if [[ ! "$status" =~ ^2 ]]; then
+    echo "POST $path failed (HTTP $status)" >&2
+    echo "$body" | jq . 2>/dev/null >&2 || echo "$body" >&2
+    exit 1
+  fi
+  printf "%s" "$body"
+}
+api_post_json_with_status() {
+  local path="$1"
+  local payload="$2"
+  local response body status
+  response="$(curl -sS -X POST "$SETTLD_BASE_URL$path" \
+    -H "x-proxy-ops-token: $PROXY_OPS_TOKEN" \
+    -H "x-proxy-tenant-id: $SETTLD_TENANT_ID" \
+    -H "content-type: application/json" \
+    -d "$payload" \
+    -w $'\n%{http_code}')"
+  body="$(printf "%s" "$response" | sed '$d')"
+  status="$(printf "%s" "$response" | tail -n1)"
+  printf "%s\n%s" "$status" "$body"
+}
+echo "[1/5] Health check..."
+HEALTH_RAW="$(curl -sS "$SETTLD_BASE_URL/healthz" || true)"
+if ! echo "$HEALTH_RAW" | jq -e . >/dev/null 2>&1; then
+  echo "Health endpoint did not return JSON."
+  echo "This usually means SETTLD_BASE_URL points to the frontend (for example Vercel) instead of the API service."
+  echo
+  echo "First 240 chars returned:"
+  echo "$HEALTH_RAW" | head -c 240
+  echo
+  echo
+  echo "Expected something like: {\"ok\":true,\"dbOk\":true,...}"
+  exit 1
+fi
+HEALTH_JSON="$HEALTH_RAW"
+echo "$HEALTH_JSON" | jq '{ok,dbOk,dbLatencyMs}'
+if [[ "$(echo "$HEALTH_JSON" | jq -r '.ok // false')" != "true" ]]; then
+  echo "Health check failed."
+  exit 1
+fi
+STRIPE_CUSTOMER_ID=""
+if [[ -n "${PROXY_BILLING_STRIPE_SECRET_KEY:-}" ]]; then
+  STRIPE_CUSTOMER_ID="$(
+    curl -sS https://api.stripe.com/v1/customers \
+      -u "$PROXY_BILLING_STRIPE_SECRET_KEY:" \
+      -d "name=Settld Smoke Customer $(date +%s)" | jq -r '.id'
+  )"
+  if [[ -z "$STRIPE_CUSTOMER_ID" || "$STRIPE_CUSTOMER_ID" == "null" ]]; then
+    echo "Failed to create Stripe customer for smoke run." >&2
+    exit 1
+  fi
+fi
+echo "[2/5] Billing checkout session..."
+CHECKOUT_PAYLOAD="$(jq -n \
+  --arg plan "builder" \
+  --arg customerId "$STRIPE_CUSTOMER_ID" \
+  --arg successUrl "${SETTLD_BASE_URL%/}/billing/success" \
+  --arg cancelUrl "${SETTLD_BASE_URL%/}/billing/cancel" \
+  '{
+    plan: $plan,
+    successUrl: $successUrl,
+    cancelUrl: $cancelUrl
+  } + (if ($customerId | length) > 0 then { customerId: $customerId } else {} end)'
+)"
+CHECKOUT_JSON="$(api_post_json "/ops/finance/billing/providers/stripe/checkout" "$CHECKOUT_PAYLOAD")"
+echo "$CHECKOUT_JSON" | jq '{tenantId, mode: .checkoutSession.mode, plan: .checkoutSession.plan, sessionId: .checkoutSession.sessionId, sessionUrl: .checkoutSession.sessionUrl}'
+CHECKOUT_MODE="$(echo "$CHECKOUT_JSON" | jq -r '.checkoutSession.mode // ""')"
+if [[ "$CHECKOUT_MODE" != "live" && "$CHECKOUT_MODE" != "stub" ]]; then
+  echo "Unexpected checkout mode: $CHECKOUT_MODE"
+  exit 1
+fi
+echo "[3/5] Billing customer portal session..."
+CUSTOMER_ID="$STRIPE_CUSTOMER_ID"
+if [[ -z "$CUSTOMER_ID" || "$CUSTOMER_ID" == "null" ]]; then
+  CUSTOMER_ID="cus_smoke_$(date +%s)"
+fi
+PORTAL_RESPONSE="$(api_post_json_with_status "/ops/finance/billing/providers/stripe/portal" "{\"customerId\":\"$CUSTOMER_ID\"}")"
+PORTAL_STATUS="$(printf "%s" "$PORTAL_RESPONSE" | head -n1)"
+PORTAL_JSON="$(printf "%s" "$PORTAL_RESPONSE" | sed '1d')"
+if [[ "$PORTAL_STATUS" =~ ^2 ]] && [[ "$(echo "$PORTAL_JSON" | jq -r '.portalSession.sessionUrl // ""')" != "" ]]; then
+  echo "$PORTAL_JSON" | jq '{tenantId, mode: .portalSession.mode, customerId: .portalSession.customerId, sessionId: .portalSession.sessionId, sessionUrl: .portalSession.sessionUrl}'
+else
+  # In live mode with a synthetic customer id, Stripe returns upstream "No such customer".
+  echo "$PORTAL_JSON" | jq '{tenantId,error,code,details}' 2>/dev/null || echo "$PORTAL_JSON"
+  if [[ "$PORTAL_STATUS" != "502" || "$(echo "$PORTAL_JSON" | jq -r '.code // ""' 2>/dev/null)" != "BILLING_PROVIDER_UPSTREAM_ERROR" ]]; then
+    echo "Unexpected portal response (HTTP $PORTAL_STATUS)."
+    exit 1
+  fi
+fi
+echo "[4/5] Provider reconcile subscription mapping..."
+TS="$(date +%s)"
+GROWTH_PRICE_ID="${PROXY_BILLING_STRIPE_PRICE_ID_GROWTH:-}"
+if [[ -z "$GROWTH_PRICE_ID" ]]; then
+  GROWTH_CHECKOUT_JSON="$(api_post_json "/ops/finance/billing/providers/stripe/checkout" '{"plan":"growth"}')"
+  GROWTH_PRICE_ID="$(echo "$GROWTH_CHECKOUT_JSON" | jq -r '.checkoutSession.priceId // ""')"
+fi
+if [[ -z "$GROWTH_PRICE_ID" ]]; then
+  # In stub mode we still need a deterministic value in event payloads; plan mapping
+  # is derived from metadata and does not require a live provider price id.
+  GROWTH_PRICE_ID="price_stub_growth"
+fi
+RECON_PAYLOAD="$(jq -n \
+  --arg eventId "evt_smoke_price_map_${TS}" \
+  --arg subId "sub_smoke_price_map_${TS}" \
+  --arg customerId "$CUSTOMER_ID" \
+  --arg price "$GROWTH_PRICE_ID" \
+  --arg plan "growth" \
+  --argjson created "$TS" \
+  '{events:[{id:$eventId,type:"customer.subscription.updated",created:$created,data:{object:{id:$subId,customer:$customerId,status:"active",items:{data:[{price:{id:$price,metadata:{settldPlan:$plan}}}]},metadata:{settldPlan:$plan}}}}]}'
+)"
+RECON_JSON="$(api_post_json "/ops/finance/billing/providers/stripe/reconcile" "$RECON_PAYLOAD")"
+echo "$RECON_JSON" | jq '{tenantId,summary}'
+if [[ "$(echo "$RECON_JSON" | jq -r '.summary.applied // 0')" -lt 1 ]]; then
+  echo "Reconcile did not apply events."
+  exit 1
+fi
+PLAN_JSON="$(api_get "/ops/finance/billing/plan")"
+echo "$PLAN_JSON" | jq '{tenantId,billing,resolvedPlan}'
+if [[ "$(echo "$PLAN_JSON" | jq -r '.billing.plan // ""')" != "growth" ]]; then
+  echo "Expected billing.plan=growth after reconcile mapping."
+  exit 1
+fi
+echo "[5/5] Billing summary..."
+PERIOD="$(date -u +%Y-%m)"
+SUMMARY_JSON="$(api_get "/ops/finance/billing/summary?period=$PERIOD")"
+echo "$SUMMARY_JSON" | jq '{tenantId,period,usage,enforcement}'
+if [[ "$(echo "$SUMMARY_JSON" | jq -r '.usage.eventCount // 0')" -lt 0 ]]; then
+  echo "Unexpected summary payload."
+  exit 1
+fi
+echo
+echo "Production billing smoke passed."
+echo "Base URL: $SETTLD_BASE_URL"
+echo "Tenant:   $SETTLD_TENANT_ID"

package/scripts/dev/billing-webhook-replay.sh ADDED Viewed

@@ -0,0 +1,161 @@
+#!/usr/bin/env bash
+set -euo pipefail
+ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
+if [[ -f "$ROOT_DIR/scripts/dev/env.sh" ]]; then
+  # shellcheck source=/dev/null
+  source "$ROOT_DIR/scripts/dev/env.sh"
+fi
+for bin in curl jq; do
+  if ! command -v "$bin" >/dev/null 2>&1; then
+    echo "Missing required tool: $bin" >&2
+    exit 1
+  fi
+done
+: "${SETTLD_BASE_URL:?SETTLD_BASE_URL is required}"
+: "${PROXY_OPS_TOKEN:?PROXY_OPS_TOKEN is required}"
+: "${SETTLD_TENANT_ID:?SETTLD_TENANT_ID is required}"
+LIMIT="${LIMIT:-200}"
+OFFSET="${OFFSET:-0}"
+REASON="${REASON:-}"
+EVENT_TYPE="${EVENT_TYPE:-}"
+AUDIT_IDS="${AUDIT_IDS:-}"
+DRY_RUN="${DRY_RUN:-1}"
+if [[ "$DRY_RUN" == "1" || "${DRY_RUN,,}" == "true" ]]; then
+  DRY_RUN_JSON="true"
+else
+  DRY_RUN_JSON="false"
+fi
+urlencode() {
+  local input="${1:-}"
+  jq -rn --arg v "$input" '$v|@uri'
+}
+api_get() {
+  local path="$1"
+  local response body status
+  response="$(curl -sS "$SETTLD_BASE_URL$path" \
+    -H "x-proxy-ops-token: $PROXY_OPS_TOKEN" \
+    -H "x-proxy-tenant-id: $SETTLD_TENANT_ID" \
+    -w $'\n%{http_code}')"
+  body="$(printf "%s" "$response" | sed '$d')"
+  status="$(printf "%s" "$response" | tail -n1)"
+  if [[ ! "$status" =~ ^2 ]]; then
+    echo "GET $path failed (HTTP $status)" >&2
+    echo "$body" | jq . 2>/dev/null >&2 || echo "$body" >&2
+    exit 1
+  fi
+  printf "%s" "$body"
+}
+api_post_json() {
+  local path="$1"
+  local payload="$2"
+  local response body status
+  response="$(curl -sS -X POST "$SETTLD_BASE_URL$path" \
+    -H "x-proxy-ops-token: $PROXY_OPS_TOKEN" \
+    -H "x-proxy-tenant-id: $SETTLD_TENANT_ID" \
+    -H "content-type: application/json" \
+    -d "$payload" \
+    -w $'\n%{http_code}')"
+  body="$(printf "%s" "$response" | sed '$d')"
+  status="$(printf "%s" "$response" | tail -n1)"
+  if [[ ! "$status" =~ ^2 ]]; then
+    echo "POST $path failed (HTTP $status)" >&2
+    echo "$body" | jq . 2>/dev/null >&2 || echo "$body" >&2
+    exit 1
+  fi
+  printf "%s" "$body"
+}
+echo "[1/4] Stripe reconcile report snapshot"
+REPORT_JSON="$(api_get "/ops/finance/billing/providers/stripe/reconcile/report?limit=${LIMIT}&offset=${OFFSET}")"
+echo "$REPORT_JSON" | jq '{
+  tenantId,
+  provider,
+  counts,
+  ingestBreakdown,
+  rejectedReasonCounts,
+  replayableRejectedCount
+}'
+echo "[2/4] Dead-letter candidate snapshot"
+DEAD_LETTER_PATH="/ops/finance/billing/providers/stripe/dead-letter?limit=${LIMIT}&offset=${OFFSET}"
+if [[ -n "$REASON" ]]; then
+  DEAD_LETTER_PATH="${DEAD_LETTER_PATH}&reason=$(urlencode "$REASON")"
+fi
+if [[ -n "$EVENT_TYPE" ]]; then
+  DEAD_LETTER_PATH="${DEAD_LETTER_PATH}&eventType=$(urlencode "$EVENT_TYPE")"
+fi
+DEAD_JSON="$(api_get "$DEAD_LETTER_PATH")"
+echo "$DEAD_JSON" | jq '{
+  tenantId,
+  provider,
+  count,
+  limit,
+  offset,
+  sample: (.events[:5] | map({auditId, eventId, eventType, reason, source, replayable}))
+}'
+if [[ "$(echo "$DEAD_JSON" | jq -r '.count // 0')" == "0" ]]; then
+  echo "No replayable dead-letter events found."
+  exit 0
+fi
+echo "[3/4] Replay request"
+AUDIT_IDS_JSON="[]"
+if [[ -n "$AUDIT_IDS" ]]; then
+  AUDIT_IDS_JSON="$(printf "%s" "$AUDIT_IDS" | tr ',' '\n' | sed 's/^[[:space:]]*//;s/[[:space:]]*$//' | jq -Rn '[inputs | select(length>0) | tonumber]')"
+fi
+REPLAY_PAYLOAD="$(
+  jq -n \
+    --argjson dryRun "$DRY_RUN_JSON" \
+    --arg reason "$REASON" \
+    --arg eventType "$EVENT_TYPE" \
+    --argjson limit "$LIMIT" \
+    --argjson offset "$OFFSET" \
+    --argjson auditIds "$AUDIT_IDS_JSON" \
+    '{
+      dryRun: $dryRun,
+      limit: $limit,
+      offset: $offset
+    }
+    + (if ($reason|length)>0 then {reason:$reason} else {} end)
+    + (if ($eventType|length)>0 then {eventType:$eventType} else {} end)
+    + (if ($auditIds|length)>0 then {auditIds:$auditIds} else {} end)'
+)"
+REPLAY_JSON="$(api_post_json "/ops/finance/billing/providers/stripe/dead-letter/replay" "$REPLAY_PAYLOAD")"
+echo "$REPLAY_JSON" | jq '{
+  tenantId,
+  provider,
+  dryRun,
+  summary,
+  sample: (.results[:10])
+}'
+echo "[4/4] Post-replay report snapshot"
+POST_REPORT_JSON="$(api_get "/ops/finance/billing/providers/stripe/reconcile/report?limit=${LIMIT}&offset=${OFFSET}")"
+echo "$POST_REPORT_JSON" | jq '{
+  tenantId,
+  provider,
+  counts,
+  ingestBreakdown,
+  rejectedReasonCounts,
+  replayableRejectedCount
+}'
+FAILED_COUNT="$(echo "$REPLAY_JSON" | jq -r '.summary.failed // 0')"
+if [[ "$DRY_RUN_JSON" == "false" && "$FAILED_COUNT" != "0" ]]; then
+  echo "Replay completed with failed events: $FAILED_COUNT" >&2
+  exit 2
+fi
+echo "Billing webhook replay guardrail flow completed."

package/scripts/dev/env.dev.example ADDED Viewed

@@ -0,0 +1,29 @@
+# Copy to .env.dev at repo root:
+#   cp scripts/dev/env.dev.example .env.dev
+# Core dev URLs
+SETTLD_BASE_URL=http://127.0.0.1:3000
+SETTLD_TENANT_ID=tenant_default
+PROXY_OPS_TOKEN=dev_ops_token
+# PG runtime
+STORE=pg
+PROXY_PG_SCHEMA=public
+PROXY_MIGRATE_ON_STARTUP=1
+DATABASE_URL=postgresql://neondb_owner:replace_me@host/neondb?sslmode=verify-full&channel_binding=require
+# Stripe billing (test mode first)
+# Free-first growth default: keep billing usage metering on but disable hard-limit blocking.
+# Set to 1 when you intentionally want billing-plan hard limits to enforce 402 blocks.
+PROXY_BILLING_PLAN_ENFORCEMENT_ENABLED=0
+# Backend uses secret key + price IDs.
+# Publishable key is for frontend Stripe.js usage and is optional for backend-only local flows.
+STRIPE_PUBLISHABLE_KEY=pk_test_replace_me
+PROXY_BILLING_STRIPE_SECRET_KEY=sk_test_replace_me
+PROXY_BILLING_STRIPE_PRICE_ID_BUILDER=price_replace_me_builder
+PROXY_BILLING_STRIPE_PRICE_ID_GROWTH=price_replace_me_growth
+PROXY_BILLING_STRIPE_PRICE_ID_ENTERPRISE=price_replace_me_enterprise
+PROXY_BILLING_STRIPE_CHECKOUT_SUCCESS_URL=http://127.0.0.1:3000/billing/success
+PROXY_BILLING_STRIPE_CHECKOUT_CANCEL_URL=http://127.0.0.1:3000/billing/cancel
+PROXY_BILLING_STRIPE_PORTAL_RETURN_URL=http://127.0.0.1:3000/settings/billing

package/scripts/dev/env.sh ADDED Viewed

@@ -0,0 +1,37 @@
+#!/usr/bin/env bash
+set -euo pipefail
+if [[ "${BASH_SOURCE[0]}" == "$0" ]]; then
+  echo "source scripts/dev/env.sh"
+  echo "This file must be sourced so exports are applied to your shell."
+  exit 1
+fi
+ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
+ENV_FILE="${SETTLD_ENV_FILE:-$ROOT_DIR/.env.dev}"
+RUNTIME_ENV_FILE="${SETTLD_RUNTIME_ENV_FILE:-$ROOT_DIR/.env.dev.runtime}"
+if [[ -f "$ENV_FILE" ]]; then
+  set -a
+  # shellcheck source=/dev/null
+  . "$ENV_FILE"
+  set +a
+fi
+if [[ -f "$RUNTIME_ENV_FILE" ]]; then
+  set -a
+  # shellcheck source=/dev/null
+  . "$RUNTIME_ENV_FILE"
+  set +a
+fi
+: "${SETTLD_BASE_URL:=http://127.0.0.1:3000}"
+: "${SETTLD_TENANT_ID:=tenant_default}"
+: "${PROXY_OPS_TOKEN:=dev_ops_token}"
+export SETTLD_BASE_URL
+export SETTLD_TENANT_ID
+export PROXY_OPS_TOKEN
+export SETTLD_ENV_FILE="$ENV_FILE"
+export SETTLD_RUNTIME_ENV_FILE="$RUNTIME_ENV_FILE"

package/scripts/dev/new-sdk-key.sh ADDED Viewed

@@ -0,0 +1,81 @@
+#!/usr/bin/env bash
+set -euo pipefail
+ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
+# shellcheck source=/dev/null
+source "$ROOT_DIR/scripts/dev/env.sh"
+PRINT_ONLY=0
+OPS_TOKEN_OVERRIDE=""
+if [[ "${1:-}" == "--help" ]]; then
+  cat <<'EOF'
+Usage:
+  bash scripts/dev/new-sdk-key.sh
+  bash scripts/dev/new-sdk-key.sh --print-only
+  bash scripts/dev/new-sdk-key.sh --ops-token <tok> [--print-only]
+Behavior:
+  - mints a new API key via /ops/api-keys
+  - writes SETTLD_API_KEY into .env.dev.runtime
+  - prints export command for current shell
+EOF
+  exit 0
+fi
+# Parse flags (source'd env files may override shell exports; we support explicit override).
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+    --print-only)
+      PRINT_ONLY=1
+      shift
+      ;;
+    --ops-token)
+      OPS_TOKEN_OVERRIDE="${2:-}"
+      if [[ -z "${OPS_TOKEN_OVERRIDE:-}" ]]; then
+        echo "--ops-token requires a value" >&2
+        exit 2
+      fi
+      shift 2
+      ;;
+    *)
+      echo "Unknown arg: $1" >&2
+      exit 2
+      ;;
+  esac
+done
+if [[ -n "${OPS_TOKEN_OVERRIDE:-}" ]]; then
+  export PROXY_OPS_TOKEN="$OPS_TOKEN_OVERRIDE"
+fi
+# Prefer x-proxy-ops-token for hosted deployments that may not forward Authorization.
+RESPONSE="$(
+  curl -sS -X POST "$SETTLD_BASE_URL/ops/api-keys" \
+    -H "x-proxy-ops-token: $PROXY_OPS_TOKEN" \
+    -H "authorization: Bearer $PROXY_OPS_TOKEN" \
+    -H "x-proxy-tenant-id: $SETTLD_TENANT_ID" \
+    -H "content-type: application/json" \
+    -d '{"scopes":["ops_read","ops_write","finance_read","finance_write","audit_read"],"description":"sdk quickstart"}'
+)"
+KEY_ID="$(echo "$RESPONSE" | jq -r '.keyId // empty')"
+SECRET="$(echo "$RESPONSE" | jq -r '.secret // empty')"
+if [[ -z "$KEY_ID" || -z "$SECRET" ]]; then
+  echo "Failed to mint SDK key."
+  echo "$RESPONSE" | jq .
+  exit 1
+fi
+SETTLD_API_KEY_VALUE="${KEY_ID}.${SECRET}"
+if [[ "$PRINT_ONLY" == "1" ]]; then
+  echo "$SETTLD_API_KEY_VALUE"
+  exit 0
+fi
+printf "SETTLD_API_KEY=%s\n" "$SETTLD_API_KEY_VALUE" >"$SETTLD_RUNTIME_ENV_FILE"
+chmod 600 "$SETTLD_RUNTIME_ENV_FILE" || true
+echo "Wrote $SETTLD_RUNTIME_ENV_FILE"
+echo "export SETTLD_API_KEY='$SETTLD_API_KEY_VALUE'"