npm - x402-trust-layer - Versions diffs - 5.1.0 - Mend

x402-trust-layer 5.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (293) hide show

package/CHANGELOG.md +55 -0
package/DEPLOY.md +53 -0
package/Dockerfile +30 -0
package/LICENSE +21 -0
package/README.md +294 -0
package/dist/agents/a2a-payment.d.ts +37 -0
package/dist/agents/a2a-payment.js +105 -0
package/dist/agents/agent-escrow.d.ts +30 -0
package/dist/agents/agent-escrow.js +23 -0
package/dist/agents/agent-verify.d.ts +15 -0
package/dist/agents/agent-verify.js +112 -0
package/dist/agents/api-router.d.ts +32 -0
package/dist/agents/api-router.js +228 -0
package/dist/agents/attestation-registry.d.ts +35 -0
package/dist/agents/attestation-registry.js +76 -0
package/dist/agents/audition-coach.d.ts +45 -0
package/dist/agents/audition-coach.js +257 -0
package/dist/agents/bedrock-bridge.d.ts +3 -0
package/dist/agents/bedrock-bridge.js +60 -0
package/dist/agents/budget-allocator.d.ts +24 -0
package/dist/agents/budget-allocator.js +31 -0
package/dist/agents/compliance-ledger.d.ts +66 -0
package/dist/agents/compliance-ledger.js +80 -0
package/dist/agents/dispute-resolver.d.ts +62 -0
package/dist/agents/dispute-resolver.js +124 -0
package/dist/agents/evidence-locker.d.ts +30 -0
package/dist/agents/evidence-locker.js +47 -0
package/dist/agents/facilitator-failover.d.ts +15 -0
package/dist/agents/facilitator-failover.js +18 -0
package/dist/agents/identity-gate.d.ts +20 -0
package/dist/agents/identity-gate.js +79 -0
package/dist/agents/mandate-compiler.d.ts +51 -0
package/dist/agents/mandate-compiler.js +73 -0
package/dist/agents/mandate-diff.d.ts +41 -0
package/dist/agents/mandate-diff.js +170 -0
package/dist/agents/market-buy-advisor.d.ts +65 -0
package/dist/agents/market-buy-advisor.js +234 -0
package/dist/agents/merchant-trust.d.ts +38 -0
package/dist/agents/merchant-trust.js +171 -0
package/dist/agents/mpp-session-broker.d.ts +27 -0
package/dist/agents/mpp-session-broker.js +29 -0
package/dist/agents/mpp-session-v2.d.ts +76 -0
package/dist/agents/mpp-session-v2.js +269 -0
package/dist/agents/payment-intent-compiler.d.ts +21 -0
package/dist/agents/payment-intent-compiler.js +45 -0
package/dist/agents/pipeline-execute.d.ts +40 -0
package/dist/agents/pipeline-execute.js +100 -0
package/dist/agents/pipeline-trust-v2.d.ts +31 -0
package/dist/agents/pipeline-trust-v2.js +111 -0
package/dist/agents/pre-x402-guard.d.ts +35 -0
package/dist/agents/pre-x402-guard.js +84 -0
package/dist/agents/quality-escrow-semantic.d.ts +88 -0
package/dist/agents/quality-escrow-semantic.js +137 -0
package/dist/agents/quality-escrow.d.ts +65 -0
package/dist/agents/quality-escrow.js +104 -0
package/dist/agents/quality-monitor.d.ts +32 -0
package/dist/agents/quality-monitor.js +77 -0
package/dist/agents/rail-optimizer.d.ts +33 -0
package/dist/agents/rail-optimizer.js +133 -0
package/dist/agents/receipt-auditor.d.ts +14 -0
package/dist/agents/receipt-auditor.js +145 -0
package/dist/agents/refund-arbiter.d.ts +24 -0
package/dist/agents/refund-arbiter.js +70 -0
package/dist/agents/research-brief.d.ts +14 -0
package/dist/agents/research-brief.js +66 -0
package/dist/agents/risk-gate.d.ts +11 -0
package/dist/agents/risk-gate.js +78 -0
package/dist/agents/settlement-graph.d.ts +16 -0
package/dist/agents/settlement-graph.js +38 -0
package/dist/agents/spend-governor.d.ts +2 -0
package/dist/agents/spend-governor.js +70 -0
package/dist/agents/trust-network.d.ts +138 -0
package/dist/agents/trust-network.js +244 -0
package/dist/agents/x402-proxy.d.ts +32 -0
package/dist/agents/x402-proxy.js +90 -0
package/dist/client/demo-alchemy-live.d.ts +1 -0
package/dist/client/demo-alchemy-live.js +226 -0
package/dist/client/demo-tail.d.ts +1 -0
package/dist/client/demo-tail.js +100 -0
package/dist/client/demo.d.ts +1 -0
package/dist/client/demo.js +293 -0
package/dist/config.d.ts +94 -0
package/dist/config.js +223 -0
package/dist/index.d.ts +1 -0
package/dist/index.js +389 -0
package/dist/lib/agent-response.d.ts +14 -0
package/dist/lib/agent-response.js +13 -0
package/dist/lib/agentic-gateways.d.ts +5 -0
package/dist/lib/agentic-gateways.js +15 -0
package/dist/lib/agentic-probes.d.ts +10 -0
package/dist/lib/agentic-probes.js +49 -0
package/dist/lib/alchemy-x402-fetch.d.ts +16 -0
package/dist/lib/alchemy-x402-fetch.js +95 -0
package/dist/lib/apply-verifier-body.d.ts +7 -0
package/dist/lib/apply-verifier-body.js +179 -0
package/dist/lib/attestation.d.ts +30 -0
package/dist/lib/attestation.js +107 -0
package/dist/lib/bazaar-extension.d.ts +15 -0
package/dist/lib/bazaar-extension.js +265 -0
package/dist/lib/bazaar.d.ts +100 -0
package/dist/lib/bazaar.js +341 -0
package/dist/lib/certified-sellers.d.ts +41 -0
package/dist/lib/certified-sellers.js +129 -0
package/dist/lib/chains.d.ts +20 -0
package/dist/lib/chains.js +78 -0
package/dist/lib/db-persistence.d.ts +7 -0
package/dist/lib/db-persistence.js +65 -0
package/dist/lib/db.d.ts +5 -0
package/dist/lib/db.js +113 -0
package/dist/lib/discovery-page.d.ts +2 -0
package/dist/lib/discovery-page.js +71 -0
package/dist/lib/ecosystem-telemetry.d.ts +20 -0
package/dist/lib/ecosystem-telemetry.js +80 -0
package/dist/lib/erc8004/agent-card.d.ts +34 -0
package/dist/lib/erc8004/agent-card.js +151 -0
package/dist/lib/erc8004/cache.d.ts +3 -0
package/dist/lib/erc8004/cache.js +17 -0
package/dist/lib/erc8004/constants.d.ts +22 -0
package/dist/lib/erc8004/constants.js +35 -0
package/dist/lib/erc8004/registry.d.ts +19 -0
package/dist/lib/erc8004/registry.js +171 -0
package/dist/lib/erc8004/resolve-agent.d.ts +7 -0
package/dist/lib/erc8004/resolve-agent.js +70 -0
package/dist/lib/erc8004/trust-score.d.ts +33 -0
package/dist/lib/erc8004/trust-score.js +136 -0
package/dist/lib/escrow-ledger.d.ts +14 -0
package/dist/lib/escrow-ledger.js +54 -0
package/dist/lib/escrow-unified.d.ts +15 -0
package/dist/lib/escrow-unified.js +28 -0
package/dist/lib/facilitator-extra.d.ts +13 -0
package/dist/lib/facilitator-extra.js +52 -0
package/dist/lib/facilitators.d.ts +20 -0
package/dist/lib/facilitators.js +89 -0
package/dist/lib/host-policy.d.ts +4 -0
package/dist/lib/host-policy.js +20 -0
package/dist/lib/idempotency.d.ts +4 -0
package/dist/lib/idempotency.js +120 -0
package/dist/lib/ledger.d.ts +2 -0
package/dist/lib/ledger.js +17 -0
package/dist/lib/logger.d.ts +6 -0
package/dist/lib/logger.js +24 -0
package/dist/lib/mandate-vc.d.ts +20 -0
package/dist/lib/mandate-vc.js +25 -0
package/dist/lib/mandate.d.ts +44 -0
package/dist/lib/mandate.js +190 -0
package/dist/lib/marketplace.d.ts +7 -0
package/dist/lib/marketplace.js +127 -0
package/dist/lib/migrations.d.ts +2 -0
package/dist/lib/migrations.js +130 -0
package/dist/lib/nonce-store.d.ts +6 -0
package/dist/lib/nonce-store.js +109 -0
package/dist/lib/openapi-agentcash.d.ts +5 -0
package/dist/lib/openapi-agentcash.js +288 -0
package/dist/lib/openapi-meta.d.ts +5 -0
package/dist/lib/openapi-meta.js +235 -0
package/dist/lib/otel.d.ts +2 -0
package/dist/lib/otel.js +25 -0
package/dist/lib/paid-resource-url.d.ts +6 -0
package/dist/lib/paid-resource-url.js +47 -0
package/dist/lib/parse-with-verifier-fallback.d.ts +3 -0
package/dist/lib/parse-with-verifier-fallback.js +13 -0
package/dist/lib/payment-request-context.d.ts +10 -0
package/dist/lib/payment-request-context.js +5 -0
package/dist/lib/payment-response.d.ts +13 -0
package/dist/lib/payment-response.js +39 -0
package/dist/lib/payto-guard.d.ts +10 -0
package/dist/lib/payto-guard.js +20 -0
package/dist/lib/probe.d.ts +29 -0
package/dist/lib/probe.js +157 -0
package/dist/lib/problem-detail.d.ts +10 -0
package/dist/lib/problem-detail.js +14 -0
package/dist/lib/rate-limit.d.ts +12 -0
package/dist/lib/rate-limit.js +126 -0
package/dist/lib/replay-middleware.d.ts +3 -0
package/dist/lib/replay-middleware.js +27 -0
package/dist/lib/response-guard.d.ts +5 -0
package/dist/lib/response-guard.js +40 -0
package/dist/lib/safe-fetch.d.ts +5 -0
package/dist/lib/safe-fetch.js +19 -0
package/dist/lib/security.d.ts +13 -0
package/dist/lib/security.js +61 -0
package/dist/lib/semantic-judge.d.ts +14 -0
package/dist/lib/semantic-judge.js +107 -0
package/dist/lib/semantic-judge.test.d.ts +1 -0
package/dist/lib/semantic-judge.test.js +11 -0
package/dist/lib/ssrf.d.ts +10 -0
package/dist/lib/ssrf.js +130 -0
package/dist/lib/ssrf.test.d.ts +1 -0
package/dist/lib/ssrf.test.js +16 -0
package/dist/lib/suite-catalog.d.ts +83 -0
package/dist/lib/suite-catalog.js +131 -0
package/dist/lib/telemetry.d.ts +5 -0
package/dist/lib/telemetry.js +37 -0
package/dist/lib/verifier-fast-path.d.ts +10 -0
package/dist/lib/verifier-fast-path.js +44 -0
package/dist/lib/verifier-probe-protocol.d.ts +7 -0
package/dist/lib/verifier-probe-protocol.js +115 -0
package/dist/lib/verify-examples.d.ts +2 -0
package/dist/lib/verify-examples.js +438 -0
package/dist/lib/version.d.ts +2 -0
package/dist/lib/version.js +2 -0
package/dist/lib/webhook-auth.d.ts +3 -0
package/dist/lib/webhook-auth.js +34 -0
package/dist/lib/webhook-routes.d.ts +2 -0
package/dist/lib/webhook-routes.js +112 -0
package/dist/lib/webhooks.d.ts +23 -0
package/dist/lib/webhooks.js +123 -0
package/dist/lib/webhooks.test.d.ts +1 -0
package/dist/lib/webhooks.test.js +16 -0
package/dist/lib/x402-client-options.d.ts +28 -0
package/dist/lib/x402-client-options.js +138 -0
package/dist/lib/x402-headers.d.ts +10 -0
package/dist/lib/x402-headers.js +27 -0
package/dist/lib/x402-paid.d.ts +5 -0
package/dist/lib/x402-paid.js +252 -0
package/dist/lib/x402-payment-replay.d.ts +22 -0
package/dist/lib/x402-payment-replay.js +57 -0
package/dist/lib/x402gle-host-verify.d.ts +3 -0
package/dist/lib/x402gle-host-verify.js +27 -0
package/dist/protocol/agent-passport.d.ts +34 -0
package/dist/protocol/agent-passport.js +44 -0
package/dist/protocol/compliance-v2.d.ts +21 -0
package/dist/protocol/compliance-v2.js +19 -0
package/dist/protocol/credit-bureau.d.ts +18 -0
package/dist/protocol/credit-bureau.js +44 -0
package/dist/protocol/crypto.d.ts +6 -0
package/dist/protocol/crypto.js +41 -0
package/dist/protocol/escrow-fsm.d.ts +33 -0
package/dist/protocol/escrow-fsm.js +99 -0
package/dist/protocol/fraud-engine.d.ts +28 -0
package/dist/protocol/fraud-engine.js +77 -0
package/dist/protocol/observability.d.ts +14 -0
package/dist/protocol/observability.js +21 -0
package/dist/protocol/pipeline-full-trust.d.ts +40 -0
package/dist/protocol/pipeline-full-trust.js +96 -0
package/dist/protocol/proof-of-execution.d.ts +36 -0
package/dist/protocol/proof-of-execution.js +48 -0
package/dist/protocol/reasoning-audit.d.ts +27 -0
package/dist/protocol/reasoning-audit.js +51 -0
package/dist/protocol/replay-guard.d.ts +28 -0
package/dist/protocol/replay-guard.js +76 -0
package/dist/protocol/replay-guard.test.d.ts +1 -0
package/dist/protocol/replay-guard.test.js +10 -0
package/dist/protocol/security-audit.d.ts +18 -0
package/dist/protocol/security-audit.js +45 -0
package/dist/protocol/store.d.ts +5 -0
package/dist/protocol/store.js +59 -0
package/dist/protocol/threat-catalog.d.ts +13 -0
package/dist/protocol/threat-catalog.js +75 -0
package/dist/protocol/trust-oracle.d.ts +23 -0
package/dist/protocol/trust-oracle.js +30 -0
package/dist/protocol/trust-score-v2.d.ts +33 -0
package/dist/protocol/trust-score-v2.js +78 -0
package/dist/protocol/zk-proofs.d.ts +24 -0
package/dist/protocol/zk-proofs.js +32 -0
package/dist/routes/a2a-agent-card.d.ts +3 -0
package/dist/routes/a2a-agent-card.js +28 -0
package/dist/routes/catalog.d.ts +5 -0
package/dist/routes/catalog.js +47 -0
package/dist/routes/register-all.d.ts +3 -0
package/dist/routes/register-all.js +1240 -0
package/dist/routes/schemas.d.ts +83 -0
package/dist/routes/schemas.js +38 -0
package/dist/routes/shared.d.ts +16 -0
package/dist/routes/shared.js +27 -0
package/dist/routes-protocol.d.ts +10 -0
package/dist/routes-protocol.js +322 -0
package/dist/routes.d.ts +2 -0
package/dist/routes.js +2 -0
package/dist/types.d.ts +66 -0
package/dist/types.js +1 -0
package/openapi.json +7940 -0
package/package.json +124 -0
package/public/.well-known/ai-plugin.json +12 -0
package/public/assets/aegis-logo-blue.png +0 -0
package/public/assets/aegis-logo-gold.png +0 -0
package/public/assets/aegis-logo-green.png +0 -0
package/public/assets/aegis-logo-purple.png +0 -0
package/public/assets/aegis-logo-red.png +0 -0
package/public/assets/aegis-logo-white.png +0 -0
package/public/assets/aegis-logo.png +0 -0
package/public/assets/x402-trustlayer-logo.png +0 -0
package/public/assets/x402-trustlayer-logo.svg +5 -0
package/public/data/agents.json +1528 -0
package/public/index.html +198 -0
package/public/landing.css +342 -0
package/public/landing.js +405 -0
package/public/llms-full.txt +582 -0
package/public/llms.txt +132 -0
package/public/skill.md +135 -0
package/railway.toml +9 -0
package/scripts/docker-entrypoint.sh +7 -0
package/scripts/patch-facilitator-timeout.mjs +61 -0

package/dist/config.d.ts ADDED Viewed

@@ -0,0 +1,94 @@
+import { type ChainKey } from "./lib/chains.js";
+export declare const ALLOWED_NETWORKS: Set<string>;
+export declare function isAllowedNetwork(caip2Network: string): boolean;
+/** CDP facilitator — required for CDP Bazaar catalog indexing on agentic.market */
+export declare const CDP_FACILITATOR_URL = "https://api.cdp.coinbase.com/platform/v2/x402/facilitator";
+export declare const config: {
+    port: number;
+    publicBaseUrl: string;
+    canonicalOrigin: string;
+    payTo: string;
+    payToEvm: string;
+    chains: ("solana" | "base" | "polygon" | "base_sepolia" | "solana_devnet")[];
+    networks: string[];
+    primaryChain: ChainKey;
+    facilitatorUrl: string;
+    cdpFacilitatorEnabled: boolean;
+    baseRpcUrl: string;
+    alchemyApiKey: string;
+    erc8004IdentityRegistry: string;
+    erc8004ReputationRegistry: string;
+    trustScoreCacheTtlSec: number;
+    network: ChainKey;
+    attestationHmacSecret: string;
+    testnetMode: boolean;
+    allowVerifierProbeIds: boolean;
+    /** Optional server secret for verifier synthetic probes (header X-Verifier-Fast-Path-Secret). */
+    verifierFastPathSecret: string;
+    webhookAdminSecret: string;
+    /** Production A2A orchestrator requires A2A_ORCHESTRATOR_ENABLED=1 (uses server payer keys). */
+    a2aOrchestratorEnabled: boolean;
+    zkSimulateAllowed: boolean;
+};
+export declare const pricing: {
+    readonly paymentCompiler: "0.15";
+    readonly facilitatorFailover: "0.05";
+    readonly mppBroker: "0.02";
+    readonly mppSessionV2: "0.03";
+    readonly spendGovernor: "0.03";
+    readonly identityGate: "0.05";
+    readonly riskGate: "0.08";
+    readonly apiRouter: "0.02";
+    readonly researchBrief: "0.20";
+    readonly receiptAuditor: "0.05";
+    readonly refundArbiter: "0.08";
+    readonly budgetAllocator: "0.03";
+    readonly settlementGraph: "0.02";
+    readonly qualityMonitor: "0.03";
+    readonly evidenceLocker: "0.10";
+    readonly agentEscrow: "0.12";
+    readonly preX402Guard: "0.05";
+    readonly pipelineExecute: "0.25";
+    readonly x402Proxy: "0.08";
+    readonly attestationIssue: "0.04";
+    readonly attestationVerify: "0.02";
+    readonly trustRegistry: "0.02";
+    readonly marketBuyAdvisor: "0.08";
+    readonly auditionCoach: "0.06";
+    readonly merchantTrust: "0.06";
+    readonly mandateCompile: "0.08";
+    readonly mandateVerify: "0.02";
+    readonly railOptimizer: "0.04";
+    readonly complianceLedger: "0.12";
+    readonly disputeResolve: "0.10";
+    readonly qualityEscrow: "0.10";
+    readonly agentVerify: "0.04";
+    readonly mandateDiff: "0.04";
+    readonly qualityEscrowSemantic: "0.12";
+    readonly merchantCertify: "0.15";
+    readonly buyerGate: "0.03";
+    readonly pipelineTrustV2: "0.35";
+    readonly bondSlash: "0.03";
+    readonly protocolFullTrust: "0.45";
+    readonly protocolPassportIssue: "0.06";
+    readonly protocolPassportVerify: "0.02";
+    readonly protocolTrustScoreV2: "0.08";
+    readonly protocolFraudScan: "0.10";
+    readonly protocolOracleConsensus: "0.12";
+    readonly protocolExecutionIssue: "0.05";
+    readonly protocolExecutionVerify: "0.03";
+    readonly protocolReasoningCommit: "0.08";
+    readonly protocolReasoningDisclose: "0.04";
+    readonly protocolEscrowCreate: "0.08";
+    readonly protocolEscrowTransition: "0.06";
+    readonly protocolEscrowStatus: "0.02";
+    readonly protocolReplayBind: "0.02";
+    readonly protocolReplayVerify: "0.02";
+    readonly protocolZkProve: "0.15";
+    readonly protocolCreditScore: "0.06";
+    readonly protocolComplianceAssess: "0.10";
+    readonly a2aExecute: "0.10";
+    readonly bedrockPreflight: "0.05";
+};
+export declare function assertProductionSecrets(): void;
+export declare function assertConfig(): void;

package/dist/config.js ADDED Viewed

@@ -0,0 +1,223 @@
+import dotenv from "dotenv";
+import { randomBytes } from "node:crypto";
+import { parseChainList, caip2Networks, normalizeToCaip2, NETWORK_ALIAS_TO_CAIP2, } from "./lib/chains.js";
+dotenv.config();
+function env(name) {
+    return (process.env[name] ?? "").trim();
+}
+const DEFAULT_CANONICAL_ORIGIN = "https://x402trustlayer.xyz";
+function resolvePublicBaseUrl(port) {
+    const raw = env("PUBLIC_BASE_URL") || env("CANONICAL_PUBLIC_URL");
+    let url = "";
+    if (raw)
+        url = raw.replace(/\/$/, "");
+    else if (process.env.RAILWAY_PUBLIC_DOMAIN) {
+        url = `https://${process.env.RAILWAY_PUBLIC_DOMAIN}`;
+    }
+    else if (process.env.RENDER_EXTERNAL_URL) {
+        url = process.env.RENDER_EXTERNAL_URL.replace(/\/$/, "");
+    }
+    else {
+        url = `http://127.0.0.1:${port}`;
+    }
+    if (url.startsWith("http://") && !url.includes("127.0.0.1") && !url.includes("localhost")) {
+        url = `https://${url.slice(7)}`;
+    }
+    return url;
+}
+function resolveAttestationHmacSecret() {
+    const configured = env("ATTESTATION_HMAC_SECRET");
+    if (configured.length >= 32)
+        return configured;
+    const isProd = process.env.NODE_ENV === "production" ||
+        !!process.env.RAILWAY_ENVIRONMENT ||
+        !!process.env.RAILWAY_PUBLIC_DOMAIN;
+    if (isProd) {
+        throw new Error("ATTESTATION_HMAC_SECRET is required in production (32+ chars). Generate: openssl rand -hex 32");
+    }
+    const fallback = env("ATTESTATION_DEV_SECRET");
+    if (fallback.length >= 16)
+        return fallback;
+    return `dev-${randomBytes(16).toString("hex")}`;
+}
+function resolveChains() {
+    if (env("X402_TESTNET") === "1" || env("TESTNET") === "1") {
+        return parseChainList(env("NETWORKS") || "base-sepolia,solana-devnet");
+    }
+    return parseChainList(env("NETWORKS") || env("NETWORK") || "base,solana,polygon");
+}
+const chains = resolveChains();
+export const ALLOWED_NETWORKS = new Set(chains.map((c) => NETWORK_ALIAS_TO_CAIP2[c] ?? caip2Networks([c])[0]).filter(Boolean));
+export function isAllowedNetwork(caip2Network) {
+    const n = normalizeToCaip2(caip2Network);
+    if (env("X402_TESTNET") === "1" || env("TESTNET") === "1") {
+        return (ALLOWED_NETWORKS.has(n) ||
+            n === "eip155:84532" ||
+            n === "solana:EtWTRABZaYq6iMfeYKouRu166VU2xqa1");
+    }
+    return ALLOWED_NETWORKS.has(n);
+}
+/** CDP facilitator — required for CDP Bazaar catalog indexing on agentic.market */
+export const CDP_FACILITATOR_URL = "https://api.cdp.coinbase.com/platform/v2/x402/facilitator";
+const ALLOWED_FACILITATOR_ORIGINS = new Set([
+    "https://x402.dexter.cash",
+    "https://api.cdp.coinbase.com",
+    "https://x402.org",
+]);
+function normalizeFacilitatorUrl(url) {
+    return url.replace(/\/$/, "");
+}
+function assertFacilitatorAllowed(url) {
+    let origin = "";
+    try {
+        origin = new URL(url).origin;
+    }
+    catch {
+        throw new Error(`Invalid FACILITATOR_URL: ${url}`);
+    }
+    if (!ALLOWED_FACILITATOR_ORIGINS.has(origin)) {
+        throw new Error(`FACILITATOR_URL origin not allowlisted: ${origin}. Allowed: ${[...ALLOWED_FACILITATOR_ORIGINS].join(", ")}`);
+    }
+}
+function resolveFacilitatorUrl() {
+    const explicit = env("FACILITATOR_URL");
+    if (explicit) {
+        const u = normalizeFacilitatorUrl(explicit);
+        assertFacilitatorAllowed(u);
+        return u;
+    }
+    if (env("X402_TESTNET") === "1" || env("TESTNET") === "1") {
+        return "https://x402.org/facilitator";
+    }
+    if (env("USE_CDP_FACILITATOR") === "1" || env("AGENTIC_CDP") === "1") {
+        return CDP_FACILITATOR_URL;
+    }
+    return "https://x402.dexter.cash";
+}
+export const config = {
+    port: Number(process.env.PORT ?? 3402),
+    publicBaseUrl: resolvePublicBaseUrl(Number(process.env.PORT ?? 3402)),
+    canonicalOrigin: DEFAULT_CANONICAL_ORIGIN,
+    payTo: env("PAY_TO_ADDRESS") || env("PAY_TO"),
+    payToEvm: env("PAY_TO_EVM") || env("PAY_TO_ADDRESS_EVM") || "",
+    chains,
+    networks: caip2Networks(chains),
+    primaryChain: (chains[0] ?? "solana"),
+    facilitatorUrl: resolveFacilitatorUrl(),
+    cdpFacilitatorEnabled: resolveFacilitatorUrl() === CDP_FACILITATOR_URL ||
+        env("USE_CDP_FACILITATOR") === "1" ||
+        env("AGENTIC_CDP") === "1",
+    baseRpcUrl: env("BASE_RPC_URL") || "https://mainnet.base.org",
+    alchemyApiKey: env("ALCHEMY_API_KEY"),
+    erc8004IdentityRegistry: env("ERC8004_IDENTITY_REGISTRY") || "0x8004A169FB4a3325136EB29fA0ceB6D2e539a432",
+    erc8004ReputationRegistry: env("ERC8004_REPUTATION_REGISTRY") || "0x8004BAa17C55a88189AE136b182e5fdA19dE9b63",
+    trustScoreCacheTtlSec: Number(env("TRUSTSCORE_CACHE_TTL_SEC") || "120"),
+    network: (chains[0] ?? "solana"),
+    attestationHmacSecret: resolveAttestationHmacSecret(),
+    testnetMode: env("X402_TESTNET") === "1" || env("TESTNET") === "1",
+    allowVerifierProbeIds: env("ALLOW_VERIFIER_PROBE_IDS") === "1",
+    /** Optional server secret for verifier synthetic probes (header X-Verifier-Fast-Path-Secret). */
+    verifierFastPathSecret: env("VERIFIER_FAST_PATH_SECRET"),
+    webhookAdminSecret: env("WEBHOOK_ADMIN_SECRET"),
+    /** Production A2A orchestrator requires A2A_ORCHESTRATOR_ENABLED=1 (uses server payer keys). */
+    a2aOrchestratorEnabled: env("A2A_ORCHESTRATOR_ENABLED") === "1",
+    zkSimulateAllowed: env("ALLOW_ZK_SIMULATE") === "1" ||
+        !(process.env.NODE_ENV === "production" || !!process.env.RAILWAY_ENVIRONMENT),
+};
+export const pricing = {
+    paymentCompiler: "0.15",
+    facilitatorFailover: "0.05",
+    mppBroker: "0.02",
+    mppSessionV2: "0.03",
+    spendGovernor: "0.03",
+    identityGate: "0.05",
+    riskGate: "0.08",
+    apiRouter: "0.02",
+    researchBrief: "0.20",
+    receiptAuditor: "0.05",
+    refundArbiter: "0.08",
+    budgetAllocator: "0.03",
+    settlementGraph: "0.02",
+    qualityMonitor: "0.03",
+    evidenceLocker: "0.10",
+    agentEscrow: "0.12",
+    preX402Guard: "0.05",
+    pipelineExecute: "0.25",
+    x402Proxy: "0.08",
+    attestationIssue: "0.04",
+    attestationVerify: "0.02",
+    trustRegistry: "0.02",
+    marketBuyAdvisor: "0.08",
+    auditionCoach: "0.06",
+    merchantTrust: "0.06",
+    mandateCompile: "0.08",
+    mandateVerify: "0.02",
+    railOptimizer: "0.04",
+    complianceLedger: "0.12",
+    disputeResolve: "0.10",
+    qualityEscrow: "0.10",
+    agentVerify: "0.04",
+    mandateDiff: "0.04",
+    qualityEscrowSemantic: "0.12",
+    merchantCertify: "0.15",
+    buyerGate: "0.03",
+    pipelineTrustV2: "0.35",
+    bondSlash: "0.03",
+    protocolFullTrust: "0.45",
+    protocolPassportIssue: "0.06",
+    protocolPassportVerify: "0.02",
+    protocolTrustScoreV2: "0.08",
+    protocolFraudScan: "0.10",
+    protocolOracleConsensus: "0.12",
+    protocolExecutionIssue: "0.05",
+    protocolExecutionVerify: "0.03",
+    protocolReasoningCommit: "0.08",
+    protocolReasoningDisclose: "0.04",
+    protocolEscrowCreate: "0.08",
+    protocolEscrowTransition: "0.06",
+    protocolEscrowStatus: "0.02",
+    protocolReplayBind: "0.02",
+    protocolReplayVerify: "0.02",
+    protocolZkProve: "0.15",
+    protocolCreditScore: "0.06",
+    protocolComplianceAssess: "0.10",
+    a2aExecute: "0.10",
+    bedrockPreflight: "0.05",
+};
+function isProductionEnv() {
+    return (process.env.NODE_ENV === "production" ||
+        !!process.env.RAILWAY_ENVIRONMENT ||
+        !!process.env.RAILWAY_PUBLIC_DOMAIN);
+}
+export function assertProductionSecrets() {
+    if (!isProductionEnv())
+        return;
+    const required = [
+        { name: "ATTESTATION_HMAC_SECRET", value: config.attestationHmacSecret, minLen: 32 },
+        { name: "PAY_TO_ADDRESS", value: config.payTo, minLen: 16 },
+        { name: "PAY_TO_EVM", value: config.payToEvm, minLen: 16 },
+    ];
+    for (const { name, value, minLen } of required) {
+        if (!value || value.length < minLen) {
+            console.error(`FATAL: ${name} not set or too short for production.`);
+            process.exit(1);
+        }
+    }
+    if (!config.webhookAdminSecret || config.webhookAdminSecret.length < 16) {
+        console.warn("[config] WEBHOOK_ADMIN_SECRET not set — webhook register/list/delete return 503 until configured.");
+    }
+    if (!config.zkSimulateAllowed) {
+        console.warn("[config] ALLOW_ZK_SIMULATE not set — POST /api/protocol/zk/prove returns 503 in production.");
+    }
+}
+export function assertConfig() {
+    if (!config.payTo) {
+        throw new Error("Missing PAY_TO_ADDRESS. Set it in Railway/Render Variables (or .env locally) to your USDC receive wallet.");
+    }
+    assertProductionSecrets();
+    if (config.publicBaseUrl.includes("railway.app") &&
+        !env("PUBLIC_BASE_URL") &&
+        !env("CANONICAL_PUBLIC_URL")) {
+        console.warn(`[config] PUBLIC_BASE_URL not set — discovery URLs use ${config.publicBaseUrl}. Set PUBLIC_BASE_URL=${DEFAULT_CANONICAL_ORIGIN} for x402trustlayer.xyz indexing.`);
+    }
+}

package/dist/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ import "./lib/db.js";