uvd-x402-sdk 2.3.0 → 2.5.0

package/dist/index.mjs

@@ -682,6 +682,226 @@ function getChainsByToken(tokenType) {
   });
 }
 
+// src/utils/x402.ts
+function detectX402Version(data) {
+  if (typeof data !== "object" || data === null) {
+    return 1;
+  }
+  const obj = data;
+  if (obj.x402Version === 2) {
+    return 2;
+  }
+  if (obj.accepts && Array.isArray(obj.accepts)) {
+    return 2;
+  }
+  if (typeof obj.network === "string") {
+    if (obj.network.includes(":")) {
+      return 2;
+    }
+  }
+  return 1;
+}
+function chainToCAIP2(chainName) {
+  const caip2 = CAIP2_IDENTIFIERS[chainName.toLowerCase()];
+  if (caip2) {
+    return caip2;
+  }
+  const chain = getChainByName(chainName);
+  if (chain) {
+    if (chain.networkType === "evm") {
+      return `eip155:${chain.chainId}`;
+    }
+    return `${chain.networkType}:${chainName}`;
+  }
+  return chainName;
+}
+function caip2ToChain(caip2) {
+  if (CAIP2_TO_CHAIN[caip2]) {
+    return CAIP2_TO_CHAIN[caip2];
+  }
+  const match = caip2.match(/^eip155:(\d+)$/);
+  if (match) {
+    const chainId = parseInt(match[1], 10);
+    for (const [name, _config] of Object.entries(CAIP2_IDENTIFIERS)) {
+      const chain = getChainByName(name);
+      if (chain?.chainId === chainId) {
+        return name;
+      }
+    }
+  }
+  const parts = caip2.split(":");
+  if (parts.length === 2) {
+    const networkName = parts[1];
+    if (getChainByName(networkName)) {
+      return networkName;
+    }
+  }
+  return null;
+}
+function parseNetworkIdentifier(network) {
+  if (network.includes(":")) {
+    return caip2ToChain(network) || network;
+  }
+  return network.toLowerCase();
+}
+function encodeX402Header(header) {
+  return btoa(JSON.stringify(header));
+}
+function decodeX402Header(encoded) {
+  const json = atob(encoded);
+  return JSON.parse(json);
+}
+function createX402V1Header(network, payload) {
+  return {
+    x402Version: 1,
+    scheme: "exact",
+    network,
+    payload
+  };
+}
+function createX402V2Header(network, payload, accepts) {
+  const header = {
+    x402Version: 2,
+    scheme: "exact",
+    network: network.includes(":") ? network : chainToCAIP2(network),
+    payload
+  };
+  if (accepts && accepts.length > 0) {
+    header.accepts = accepts;
+  }
+  return header;
+}
+function createX402Header(chainConfig, payload, version = "auto") {
+  const effectiveVersion = version === "auto" ? 1 : version;
+  if (effectiveVersion === 2) {
+    return createX402V2Header(chainConfig.name, payload);
+  }
+  return createX402V1Header(chainConfig.name, payload);
+}
+function generatePaymentOptions(chainConfigs, amount, facilitator) {
+  return chainConfigs.filter((chain) => chain.x402.enabled).map((chain) => {
+    const atomicAmount = Math.floor(
+      parseFloat(amount) * Math.pow(10, chain.usdc.decimals)
+    ).toString();
+    return {
+      network: chainToCAIP2(chain.name),
+      asset: chain.usdc.address,
+      amount: atomicAmount,
+      facilitator: facilitator || chain.x402.facilitatorUrl
+    };
+  });
+}
+function isCAIP2Format(network) {
+  return network.includes(":");
+}
+function convertX402Header(header, targetVersion) {
+  if (header.x402Version === targetVersion) {
+    return header;
+  }
+  if (targetVersion === 2) {
+    return {
+      x402Version: 2,
+      scheme: "exact",
+      network: chainToCAIP2(header.network),
+      payload: header.payload
+    };
+  } else {
+    const chainName = isCAIP2Format(header.network) ? caip2ToChain(header.network) || header.network : header.network;
+    return {
+      x402Version: 1,
+      scheme: "exact",
+      network: chainName,
+      payload: header.payload
+    };
+  }
+}
+
+// src/utils/validation.ts
+var ETH_ADDRESS_REGEX = /^0x[a-fA-F0-9]{40}$/;
+var SOLANA_ADDRESS_REGEX = /^[1-9A-HJ-NP-Za-km-z]{32,44}$/;
+var STELLAR_ADDRESS_REGEX = /^G[A-Z2-7]{55}$/;
+var NEAR_ADDRESS_REGEX = /^[a-z0-9._-]+$/;
+function validateRecipient(recipient, networkType) {
+  if (!recipient) {
+    throw new X402Error(
+      "Recipient address is required. The payTo/recipient field cannot be empty. Please provide a valid recipient address where payments should be sent.",
+      "INVALID_RECIPIENT"
+    );
+  }
+  const trimmed = recipient.trim();
+  if (trimmed === "") {
+    throw new X402Error(
+      "Recipient address cannot be empty or whitespace. Please provide a valid recipient address.",
+      "INVALID_RECIPIENT"
+    );
+  }
+  if (networkType) {
+    switch (networkType) {
+      case "evm":
+        if (!ETH_ADDRESS_REGEX.test(trimmed)) {
+          throw new X402Error(
+            `Invalid EVM recipient address: "${trimmed}". Expected a 40-character hexadecimal address starting with 0x.`,
+            "INVALID_RECIPIENT"
+          );
+        }
+        break;
+      case "svm":
+      case "solana":
+        if (!SOLANA_ADDRESS_REGEX.test(trimmed)) {
+          throw new X402Error(
+            `Invalid Solana recipient address: "${trimmed}". Expected a base58-encoded public key (32-44 characters).`,
+            "INVALID_RECIPIENT"
+          );
+        }
+        break;
+      case "stellar":
+        if (!STELLAR_ADDRESS_REGEX.test(trimmed)) {
+          throw new X402Error(
+            `Invalid Stellar recipient address: "${trimmed}". Expected a G-prefixed public key (56 characters).`,
+            "INVALID_RECIPIENT"
+          );
+        }
+        break;
+      case "near":
+        if (!NEAR_ADDRESS_REGEX.test(trimmed) || trimmed.length > 64) {
+          throw new X402Error(
+            `Invalid NEAR recipient address: "${trimmed}". Expected a valid NEAR account ID.`,
+            "INVALID_RECIPIENT"
+          );
+        }
+        break;
+    }
+  }
+}
+function validateAmount(amount) {
+  if (!amount) {
+    throw new X402Error(
+      "Payment amount is required.",
+      "INVALID_AMOUNT"
+    );
+  }
+  const trimmed = amount.trim();
+  if (trimmed === "") {
+    throw new X402Error(
+      "Payment amount cannot be empty.",
+      "INVALID_AMOUNT"
+    );
+  }
+  const num = parseFloat(trimmed);
+  if (isNaN(num)) {
+    throw new X402Error(
+      `Invalid payment amount: "${trimmed}". Expected a valid number.`,
+      "INVALID_AMOUNT"
+    );
+  }
+  if (num <= 0) {
+    throw new X402Error(
+      `Payment amount must be positive. Got: ${trimmed}`,
+      "INVALID_AMOUNT"
+    );
+  }
+}
+
 // src/client/X402Client.ts
 var X402Client = class {
   // Configuration
@@ -1032,6 +1252,7 @@ var X402Client = class {
       throw new X402Error("Wallet not connected", "WALLET_NOT_CONNECTED");
     }
     const recipient = this.getRecipientForNetwork(paymentInfo, "evm");
+    validateRecipient(recipient, "evm");
     const nonceBytes = new Uint8Array(32);
     if (typeof window !== "undefined" && window.crypto) {
       window.crypto.getRandomValues(nonceBytes);
@@ -1113,21 +1334,30 @@ var X402Client = class {
   }
   encodeEVMPaymentHeader(payload, chain) {
     const fullSignature = payload.r + payload.s.slice(2) + payload.v.toString(16).padStart(2, "0");
-    const x402Payload = {
+    const version = this.config.x402Version === 2 ? 2 : 1;
+    const payloadData = {
+      signature: fullSignature,
+      authorization: {
+        from: payload.from,
+        to: payload.to,
+        value: payload.value,
+        validAfter: payload.validAfter.toString(),
+        validBefore: payload.validBefore.toString(),
+        nonce: payload.nonce
+      }
+    };
+    const x402Payload = version === 2 ? {
+      x402Version: 2,
+      scheme: "exact",
+      network: chainToCAIP2(chain.name),
+      // CAIP-2 format for v2
+      payload: payloadData
+    } : {
       x402Version: 1,
       scheme: "exact",
       network: chain.name,
-      payload: {
-        signature: fullSignature,
-        authorization: {
-          from: payload.from,
-          to: payload.to,
-          value: payload.value,
-          validAfter: payload.validAfter.toString(),
-          validBefore: payload.validBefore.toString(),
-          nonce: payload.nonce
-        }
-      }
+      // Plain chain name for v1
+      payload: payloadData
     };
     const jsonString = JSON.stringify(x402Payload);
     return btoa(jsonString);
@@ -1174,140 +1404,6 @@ var X402Client = class {
   }
 };
 
-// src/utils/x402.ts
-function detectX402Version(data) {
-  if (typeof data !== "object" || data === null) {
-    return 1;
-  }
-  const obj = data;
-  if (obj.x402Version === 2) {
-    return 2;
-  }
-  if (obj.accepts && Array.isArray(obj.accepts)) {
-    return 2;
-  }
-  if (typeof obj.network === "string") {
-    if (obj.network.includes(":")) {
-      return 2;
-    }
-  }
-  return 1;
-}
-function chainToCAIP2(chainName) {
-  const caip2 = CAIP2_IDENTIFIERS[chainName.toLowerCase()];
-  if (caip2) {
-    return caip2;
-  }
-  const chain = getChainByName(chainName);
-  if (chain) {
-    if (chain.networkType === "evm") {
-      return `eip155:${chain.chainId}`;
-    }
-    return `${chain.networkType}:${chainName}`;
-  }
-  return chainName;
-}
-function caip2ToChain(caip2) {
-  if (CAIP2_TO_CHAIN[caip2]) {
-    return CAIP2_TO_CHAIN[caip2];
-  }
-  const match = caip2.match(/^eip155:(\d+)$/);
-  if (match) {
-    const chainId = parseInt(match[1], 10);
-    for (const [name, _config] of Object.entries(CAIP2_IDENTIFIERS)) {
-      const chain = getChainByName(name);
-      if (chain?.chainId === chainId) {
-        return name;
-      }
-    }
-  }
-  const parts = caip2.split(":");
-  if (parts.length === 2) {
-    const networkName = parts[1];
-    if (getChainByName(networkName)) {
-      return networkName;
-    }
-  }
-  return null;
-}
-function parseNetworkIdentifier(network) {
-  if (network.includes(":")) {
-    return caip2ToChain(network) || network;
-  }
-  return network.toLowerCase();
-}
-function encodeX402Header(header) {
-  return btoa(JSON.stringify(header));
-}
-function decodeX402Header(encoded) {
-  const json = atob(encoded);
-  return JSON.parse(json);
-}
-function createX402V1Header(network, payload) {
-  return {
-    x402Version: 1,
-    scheme: "exact",
-    network,
-    payload
-  };
-}
-function createX402V2Header(network, payload, accepts) {
-  const header = {
-    x402Version: 2,
-    scheme: "exact",
-    network: network.includes(":") ? network : chainToCAIP2(network),
-    payload
-  };
-  if (accepts && accepts.length > 0) {
-    header.accepts = accepts;
-  }
-  return header;
-}
-function createX402Header(chainConfig, payload, version = "auto") {
-  const effectiveVersion = version === "auto" ? 1 : version;
-  if (effectiveVersion === 2) {
-    return createX402V2Header(chainConfig.name, payload);
-  }
-  return createX402V1Header(chainConfig.name, payload);
-}
-function generatePaymentOptions(chainConfigs, amount, facilitator) {
-  return chainConfigs.filter((chain) => chain.x402.enabled).map((chain) => {
-    const atomicAmount = Math.floor(
-      parseFloat(amount) * Math.pow(10, chain.usdc.decimals)
-    ).toString();
-    return {
-      network: chainToCAIP2(chain.name),
-      asset: chain.usdc.address,
-      amount: atomicAmount,
-      facilitator: facilitator || chain.x402.facilitatorUrl
-    };
-  });
-}
-function isCAIP2Format(network) {
-  return network.includes(":");
-}
-function convertX402Header(header, targetVersion) {
-  if (header.x402Version === targetVersion) {
-    return header;
-  }
-  if (targetVersion === 2) {
-    return {
-      x402Version: 2,
-      scheme: "exact",
-      network: chainToCAIP2(header.network),
-      payload: header.payload
-    };
-  } else {
-    const chainName = isCAIP2Format(header.network) ? caip2ToChain(header.network) || header.network : header.network;
-    return {
-      x402Version: 1,
-      scheme: "exact",
-      network: chainName,
-      payload: header.payload
-    };
-  }
-}
-
-export { CAIP2_IDENTIFIERS, CAIP2_TO_CHAIN, DEFAULT_CHAIN, DEFAULT_CONFIG, DEFAULT_FACILITATOR_URL, SUPPORTED_CHAINS, X402Client, X402Error, caip2ToChain, chainToCAIP2, convertX402Header, createX402Header, createX402V1Header, createX402V2Header, decodeX402Header, detectX402Version, encodeX402Header, generatePaymentOptions, getChainById, getChainByName, getChainsByNetworkType, getChainsByToken, getEVMChainIds, getEnabledChains, getExplorerAddressUrl, getExplorerTxUrl, getNetworkType, getSVMChains, getSupportedTokens, getTokenConfig, isCAIP2Format, isChainSupported, isSVMChain, isTokenSupported, parseNetworkIdentifier };
+export { CAIP2_IDENTIFIERS, CAIP2_TO_CHAIN, DEFAULT_CHAIN, DEFAULT_CONFIG, DEFAULT_FACILITATOR_URL, SUPPORTED_CHAINS, X402Client, X402Error, caip2ToChain, chainToCAIP2, convertX402Header, createX402Header, createX402V1Header, createX402V2Header, decodeX402Header, detectX402Version, encodeX402Header, generatePaymentOptions, getChainById, getChainByName, getChainsByNetworkType, getChainsByToken, getEVMChainIds, getEnabledChains, getExplorerAddressUrl, getExplorerTxUrl, getNetworkType, getSVMChains, getSupportedTokens, getTokenConfig, isCAIP2Format, isChainSupported, isSVMChain, isTokenSupported, parseNetworkIdentifier, validateAmount, validateRecipient };
 //# sourceMappingURL=index.mjs.map
 //# sourceMappingURL=index.mjs.map