wolverine-ai 5.4.0 → 5.4.2

package/bin/wolverine.js

@@ -246,9 +246,12 @@ if (args.includes("--backups")) {
 const scriptPath = args.find(a => !a.startsWith("--")) || "server/index.js";
 
 // Initialize server/ from template if it doesn't exist (first run)
-const { initServer } = require("../src/core/init-server");
+const { initServer, ensureX402Deps } = require("../src/core/init-server");
 initServer(process.cwd(), scriptPath);
 
+// Ensure x402 payment deps are installed (if vault exists)
+ensureX402Deps(process.cwd());
+
 // System detection (for analytics + dashboard, NOT for forking)
 // Wolverine runs as a single process manager. If users want clustering,
 // they handle it inside their server (e.g. @fastify/cluster, pm2 cluster mode).

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "wolverine-ai",
-  "version": "5.4.0",
+  "version": "5.4.2",
   "description": "Self-healing Node.js server framework powered by AI. Catches crashes, diagnoses errors, generates fixes, verifies, and restarts — automatically.",
   "main": "src/index.js",
   "bin": {

package/src/core/init-server.js

@@ -55,4 +55,38 @@ function _copyDir(src, dest) {
   }
 }
 
-module.exports = { initServer };
+/**
+ * Ensure x402 payment dependencies are installed.
+ * Called on startup — checks if @coinbase/x402 is resolvable.
+ * Auto-installs if vault is initialized (user wants x402).
+ */
+function ensureX402Deps(cwd) {
+  // Check if x402 packages are needed
+  const vaultPath = path.join(cwd, ".wolverine", "vault", "eth.vault");
+  const hasVault = fs.existsSync(vaultPath);
+  if (!hasVault) return; // No vault = no x402 needed
+
+  // Check if already installed
+  try {
+    require.resolve("@coinbase/x402");
+    require.resolve("x402");
+    return; // Already installed
+  } catch {}
+
+  // Auto-install x402 deps
+  console.log(chalk.blue("  📦 Installing x402 payment dependencies..."));
+  try {
+    const { execSync } = require("child_process");
+    execSync("npm install @coinbase/x402 x402 viem --no-save --ignore-engines 2>/dev/null", {
+      cwd,
+      stdio: "pipe",
+      timeout: 60000,
+    });
+    console.log(chalk.green("  ✅ x402 dependencies installed"));
+  } catch (err) {
+    console.log(chalk.yellow(`  ⚠️ x402 dep install failed: ${err.message?.slice(0, 80)}`));
+    console.log(chalk.gray("    Run manually: npm install @coinbase/x402 x402 viem"));
+  }
+}
+
+module.exports = { initServer, ensureX402Deps };

package/src/middleware/x402-fastify.js

@@ -174,50 +174,29 @@ async function x402Plugin(fastify, opts) {
       return;
     }
 
-    // Payment verified — attach info to request
+    // Settle via facilitator BEFORE handler runs — USDC must move before granting access
     const payer = decodedPayment.payload.authorization.from;
-    request.x402 = { paid: true, amount: price, from: payer, value: userValue, verified: true };
-
-    // Log payment
-    _logPayment({ route: request.url, method: request.method, amount: price, from: payer, verified: true, timestamp: Date.now() });
-  });
-
-  // Settlement hook — settle AFTER successful handler response
-  fastify.addHook("onSend", async (request, reply, payload) => {
-    if (!request.x402?.paid || !_facilitatorClient) return payload;
-    if (reply.statusCode >= 400) return payload;
-
     try {
-      const paymentHeader = request.headers["x-payment"] || request.headers["payment-signature"];
-      const raw = JSON.parse(Buffer.from(paymentHeader, "base64").toString("utf-8"));
-      const decodedPayment = { x402Version: raw.x402Version || 1, scheme: raw.scheme || "exact", network: raw.network || _network, payload: raw.payload };
-
-      const userValue = decodedPayment.payload.authorization.value;
-      const { getAddress } = await import("viem");
-      const proto = request.headers["x-forwarded-proto"] || "https";
-      const host = request.headers["x-forwarded-host"] || request.headers.host || "localhost";
-      const requirements = {
-        scheme: "exact", network: _network, maxAmountRequired: userValue,
-        resource: `${proto}://${host}${request.url}`, description: "", mimeType: "application/json",
-        payTo: getAddress(_payTo), maxTimeoutSeconds: 60, asset: getAddress(USDC_ADDRESS), extra: USDC_EIP712,
-      };
-
-      const settleResult = await _facilitatorClient.settle(decodedPayment, requirements);
-      if (settleResult.success) {
-        request.x402.txHash = settleResult.transaction;
-        request.x402.settled = true;
-        console.log(`  💰 x402 settled: ${settleResult.transaction || "confirmed"} (${request.x402.amount} from ${request.x402.from?.slice(0, 10)})`);
-        // Update payment log
-        _logPayment({ route: request.url, method: request.method, amount: request.x402.amount, from: request.x402.from, txHash: settleResult.transaction, verified: true, settled: true, timestamp: Date.now() });
-      } else {
+      const settleResult = await _facilitatorClient.settle(decodedPayment, actualRequirements);
+      if (!settleResult.success) {
         console.log(`  ⚠️ x402 settle failed: ${settleResult.errorReason || "unknown"}`);
+        reply.code(402).send({ error: "Payment settlement failed", reason: settleResult.errorReason });
+        return;
       }
+      const txHash = settleResult.transaction || null;
+      console.log(`  💰 x402 settled: ${txHash || "confirmed"} (${price} from ${payer?.slice(0, 10)})`);
+
+      request.x402 = { paid: true, amount: price, from: payer, value: userValue, verified: true, settled: true, txHash };
+      _logPayment({ route: request.url, method: request.method, amount: price, from: payer, txHash, verified: true, settled: true, timestamp: Date.now() });
     } catch (err) {
       console.log(`  ⚠️ x402 settle error: ${err.message}`);
+      reply.code(402).send({ error: "Payment settlement failed: " + err.message });
+      return;
     }
-    return payload;
   });
 
+  // No onSend settle needed — settlement happens in preHandler before handler runs
+
   // Public info endpoint
   fastify.get("/x402/info", async () => ({
     payTo: _payTo, network: _network, protocol: "x402", x402Version: 1,