x402z-server 0.0.19 → 0.1.12

package/README.md

@@ -1,6 +1,6 @@
 # x402z-server
 
-Server-side helpers for the erc7984-mind-v1 x402 scheme.
+Server-side helpers for erc7984-mind-v1 and exact x402 schemes.
 
 ## Install
 
@@ -27,20 +27,25 @@ const relayer = await createRelayer({
 
 const server = await createX402zServer({
   facilitatorUrl: "http://localhost:8040",
-  asset: "0xToken",
-  eip712: { name: "FHEToken Confidential", version: "1" },
-  decimals: 6,
-  batcherAddress: "0xBatcher",
-  signer: { address, signTypedData },
-  relayer,
+  confidential: {
+    asset: "0xToken",
+    eip712: { name: "FHEToken Confidential", version: "1" },
+    decimals: 6,
+    batcherAddress: "0xBatcher",
+    signer: { address, signTypedData },
+    relayer,
+  },
   routes: {
     "GET /demo": {
-      accepts: {
-        payTo: "0xPayTo",
-        price: "1.0",
-        network: "eip155:11155111",
-        maxTimeoutSeconds: 300,
-      },
+      accepts: [
+        {
+          scheme: "erc7984-mind-v1",
+          payTo: "0xPayTo",
+          price: "1.0",
+          network: "eip155:11155111",
+          maxTimeoutSeconds: 300,
+        },
+      ],
       description: "Demo content",
       mimeType: "text/plain",
     },
@@ -57,9 +62,10 @@ server.listen(8080);
 
 - `createX402zServer(config)`
   - `facilitatorUrl` (required): HTTP facilitator endpoint
-  - `asset`, `eip712`, `decimals`, `batcherAddress`: scheme config
-  - `signer` (required): signer used to decrypt transfer amounts
-  - `relayer` (required): FHEVM relayer instance used for decryption
+  - `confidential` (optional): confidential scheme config (required if any route uses `erc7984-mind-v1`)
+  - `confidential.signer`: signer used to decrypt transfer amounts
+  - `confidential.relayer`: FHEVM relayer instance used for decryption
+  - `confidential.asset`, `confidential.eip712`, `confidential.decimals`, `confidential.batcherAddress`: optional overrides; when omitted, defaults are pulled from the facilitator `/supported` response
   - `routes`: map of `METHOD /path` to payment requirements
   - `onPaid`: handler for successful payment (returns response body + optional headers)
 
@@ -67,9 +73,37 @@ server.listen(8080);
 
 See `examples/README.md` for the full-process server + facilitator setup.
 
+## Exact scheme (ERC20) usage
+
+```ts
+import { createX402zServer } from "x402z-server";
+
+const server = await createX402zServer({
+  facilitatorUrl: "http://localhost:8040",
+  routes: {
+    "GET /erc20-demo": {
+      accepts: [
+        {
+          scheme: "exact",
+          payTo: "0xYourAddress",
+          price: "$0.01",
+          network: "eip155:84532",
+        },
+      ],
+      description: "Exact USDC payment demo",
+      mimeType: "text/plain",
+    },
+  },
+  onPaid: async () => ({ body: "paid content" }),
+});
+
+server.listen(8090);
+```
+
 ## Notes
 
-- Scheme name: `erc7984-mind-v1`
+- Confidential scheme name: `erc7984-mind-v1`
+- Exact scheme name: `exact`
 - `confidential.batcherAddress` is required in requirements; clients bind encrypted inputs to it.
 
 ## API surface
@@ -87,8 +121,10 @@ Types:
 - `X402zServerNetworkOptions`: network config for the scheme.
 - `X402zServerRegistrationOptions`: registration options for the scheme.
 - `X402zRouteOptions`: route config for paywalled endpoints.
+- `X402zRouteAccept`: accept config item for confidential or exact schemes.
 - `X402zRouteHandler`: handler signature for paid requests.
 - `X402zServerOptions`: options for `createX402zServer`.
+- `X402zConfidentialServerConfig`: options for confidential server config.
 - `CompiledRoute`: compiled route metadata.
 - `DynamicPayTo`: callback for dynamic payee address.
 - `DynamicPrice`: callback for dynamic pricing.

package/dist/index.d.mts

@@ -6,7 +6,10 @@ import * as http from 'http';
 import { RelayerSigner, RelayerInstance } from 'x402z-shared';
 export { CompiledRoute, DynamicPayTo, DynamicPrice, FacilitatorClient, FacilitatorConfig, HTTPAdapter, HTTPFacilitatorClient, HTTPProcessResult, HTTPRequestContext, HTTPResponseInstructions, PaymentOption, PaywallConfig, PaywallProvider, ProcessSettleFailureResponse, ProcessSettleResultResponse, ProcessSettleSuccessResponse, RouteConfigurationError, RouteValidationError, RoutesConfig, UnpaidResponseBody, UnpaidResponseResult, x402HTTPResourceServer } from '@x402/core/http';
 
-type X402zServerNetworkOptions = {
+type NoScheme$1 = {
+    scheme?: never;
+};
+type X402zServerNetworkOptions = NoScheme$1 & {
     asset: `0x${string}`;
     eip712: {
         name: string;
@@ -39,13 +42,24 @@ type X402zServerRegistrationOptions = X402zServerSchemeOptions & {
 };
 declare function registerX402zEvmServerScheme(server: x402ResourceServer, config: X402zServerRegistrationOptions): x402ResourceServer;
 
-type X402zRouteOptions = {
-    accepts: {
-        payTo: string;
-        price: string;
-        network: Network;
-        maxTimeoutSeconds: number;
-    };
+type X402zRouteAccept = {
+    scheme: "erc7984-mind-v1";
+    payTo: string;
+    price: string;
+    network: Network;
+    maxTimeoutSeconds: number;
+} | {
+    scheme: "exact";
+    payTo: string;
+    price: Price;
+    network: Network;
+    maxTimeoutSeconds?: number;
+};
+type NoScheme = {
+    scheme?: never;
+};
+type X402zRouteOptions = NoScheme & {
+    accepts: X402zRouteAccept[];
     description: string;
     mimeType: string;
 };
@@ -57,12 +71,8 @@ type X402zRouteHandler = (args: {
     headers?: Record<string, string>;
     body: string;
 }>;
-type X402zServerOptions = X402zServerRegistrationOptions & {
+type X402zBaseServerOptions = {
     facilitatorUrl: string;
-    routes: Record<string, X402zRouteOptions>;
-    onPaid: X402zRouteHandler;
-    signer: RelayerSigner;
-    relayer: RelayerInstance;
     debug?: boolean;
     cors?: {
         allowOrigin: string;
@@ -73,6 +83,25 @@ type X402zServerOptions = X402zServerRegistrationOptions & {
         maxAgeSeconds?: number;
     };
 };
+type X402zConfidentialServerConfig = {
+    getNetworkConfig?: (network: Network) => X402zServerNetworkOptions;
+    networks?: Network[];
+    asset?: `0x${string}`;
+    eip712?: {
+        name: string;
+        version: string;
+    };
+    decimals?: number;
+    resourceHash?: `0x${string}`;
+    batcherAddress?: `0x${string}`;
+    signer: RelayerSigner;
+    relayer: RelayerInstance;
+} & NoScheme;
+type X402zServerOptions = X402zBaseServerOptions & {
+    routes: Record<string, X402zRouteOptions>;
+    onPaid: X402zRouteHandler;
+    confidential?: X402zConfidentialServerConfig;
+} & NoScheme;
 declare function createX402zServer(config: X402zServerOptions): Promise<http.Server<typeof http.IncomingMessage, typeof http.ServerResponse>>;
 
-export { X402zEvmServerScheme, type X402zRouteHandler, type X402zRouteOptions, type X402zServerNetworkOptions, type X402zServerOptions, type X402zServerRegistrationOptions, type X402zServerSchemeOptions, createX402zServer, registerX402zEvmServerScheme };
+export { type X402zConfidentialServerConfig, X402zEvmServerScheme, type X402zRouteAccept, type X402zRouteHandler, type X402zRouteOptions, type X402zServerNetworkOptions, type X402zServerOptions, type X402zServerRegistrationOptions, type X402zServerSchemeOptions, createX402zServer, registerX402zEvmServerScheme };

package/dist/index.d.ts

@@ -6,7 +6,10 @@ import * as http from 'http';
 import { RelayerSigner, RelayerInstance } from 'x402z-shared';
 export { CompiledRoute, DynamicPayTo, DynamicPrice, FacilitatorClient, FacilitatorConfig, HTTPAdapter, HTTPFacilitatorClient, HTTPProcessResult, HTTPRequestContext, HTTPResponseInstructions, PaymentOption, PaywallConfig, PaywallProvider, ProcessSettleFailureResponse, ProcessSettleResultResponse, ProcessSettleSuccessResponse, RouteConfigurationError, RouteValidationError, RoutesConfig, UnpaidResponseBody, UnpaidResponseResult, x402HTTPResourceServer } from '@x402/core/http';
 
-type X402zServerNetworkOptions = {
+type NoScheme$1 = {
+    scheme?: never;
+};
+type X402zServerNetworkOptions = NoScheme$1 & {
     asset: `0x${string}`;
     eip712: {
         name: string;
@@ -39,13 +42,24 @@ type X402zServerRegistrationOptions = X402zServerSchemeOptions & {
 };
 declare function registerX402zEvmServerScheme(server: x402ResourceServer, config: X402zServerRegistrationOptions): x402ResourceServer;
 
-type X402zRouteOptions = {
-    accepts: {
-        payTo: string;
-        price: string;
-        network: Network;
-        maxTimeoutSeconds: number;
-    };
+type X402zRouteAccept = {
+    scheme: "erc7984-mind-v1";
+    payTo: string;
+    price: string;
+    network: Network;
+    maxTimeoutSeconds: number;
+} | {
+    scheme: "exact";
+    payTo: string;
+    price: Price;
+    network: Network;
+    maxTimeoutSeconds?: number;
+};
+type NoScheme = {
+    scheme?: never;
+};
+type X402zRouteOptions = NoScheme & {
+    accepts: X402zRouteAccept[];
     description: string;
     mimeType: string;
 };
@@ -57,12 +71,8 @@ type X402zRouteHandler = (args: {
     headers?: Record<string, string>;
     body: string;
 }>;
-type X402zServerOptions = X402zServerRegistrationOptions & {
+type X402zBaseServerOptions = {
     facilitatorUrl: string;
-    routes: Record<string, X402zRouteOptions>;
-    onPaid: X402zRouteHandler;
-    signer: RelayerSigner;
-    relayer: RelayerInstance;
     debug?: boolean;
     cors?: {
         allowOrigin: string;
@@ -73,6 +83,25 @@ type X402zServerOptions = X402zServerRegistrationOptions & {
         maxAgeSeconds?: number;
     };
 };
+type X402zConfidentialServerConfig = {
+    getNetworkConfig?: (network: Network) => X402zServerNetworkOptions;
+    networks?: Network[];
+    asset?: `0x${string}`;
+    eip712?: {
+        name: string;
+        version: string;
+    };
+    decimals?: number;
+    resourceHash?: `0x${string}`;
+    batcherAddress?: `0x${string}`;
+    signer: RelayerSigner;
+    relayer: RelayerInstance;
+} & NoScheme;
+type X402zServerOptions = X402zBaseServerOptions & {
+    routes: Record<string, X402zRouteOptions>;
+    onPaid: X402zRouteHandler;
+    confidential?: X402zConfidentialServerConfig;
+} & NoScheme;
 declare function createX402zServer(config: X402zServerOptions): Promise<http.Server<typeof http.IncomingMessage, typeof http.ServerResponse>>;
 
-export { X402zEvmServerScheme, type X402zRouteHandler, type X402zRouteOptions, type X402zServerNetworkOptions, type X402zServerOptions, type X402zServerRegistrationOptions, type X402zServerSchemeOptions, createX402zServer, registerX402zEvmServerScheme };
+export { type X402zConfidentialServerConfig, X402zEvmServerScheme, type X402zRouteAccept, type X402zRouteHandler, type X402zRouteOptions, type X402zServerNetworkOptions, type X402zServerOptions, type X402zServerRegistrationOptions, type X402zServerSchemeOptions, createX402zServer, registerX402zEvmServerScheme };

package/dist/index.js

@@ -20,12 +20,12 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 // src/index.ts
 var index_exports = {};
 __export(index_exports, {
-  HTTPFacilitatorClient: () => import_http3.HTTPFacilitatorClient,
+  HTTPFacilitatorClient: () => import_http2.HTTPFacilitatorClient,
   X402zEvmServerScheme: () => X402zEvmServerScheme,
   createX402zServer: () => createX402zServer,
   registerX402zEvmServerScheme: () => registerX402zEvmServerScheme,
-  x402HTTPResourceServer: () => import_http3.x402HTTPResourceServer,
-  x402ResourceServer: () => import_server3.x402ResourceServer
+  x402HTTPResourceServer: () => import_http2.x402HTTPResourceServer,
+  x402ResourceServer: () => import_server4.x402ResourceServer
 });
 module.exports = __toCommonJS(index_exports);
 
@@ -124,9 +124,9 @@ var import_node_http = require("http");
 var import_node_url = require("url");
 var import_server = require("@x402/core/server");
 var import_http = require("@x402/core/http");
-var import_http2 = require("@x402/core/http");
 var import_x402z_shared = require("x402z-shared");
 var import_viem = require("viem");
+var import_server2 = require("@x402/evm/exact/server");
 function getRelayerRpcUrl(relayer) {
   const network = relayer.network;
   if (typeof network === "string") {
@@ -150,24 +150,181 @@ function buildAdapter(req) {
   };
 }
 function sendText(res, status, headers, body) {
-  res.writeHead(status, headers);
+  res.writeHead(status, void 0, headers);
   res.end(body);
 }
+async function fetchSupported(facilitatorUrl, fetchFn) {
+  const base = facilitatorUrl.replace(/\/$/, "");
+  const response = await fetchFn(`${base}/supported`);
+  if (!response.ok) {
+    throw new Error(`Failed to fetch supported schemes: ${response.status}`);
+  }
+  return response.json();
+}
+function normalizeExactDefaults(extra) {
+  const exact = extra?.exact ?? null;
+  if (!exact?.asset) {
+    return null;
+  }
+  const name = exact.eip712?.name ?? exact.name;
+  const version = exact.eip712?.version ?? exact.version;
+  if (!name || !version) {
+    return null;
+  }
+  return {
+    asset: exact.asset,
+    decimals: exact.decimals ?? 6,
+    name,
+    version
+  };
+}
+function normalizeConfidentialDefaults(extra) {
+  const confidential = extra?.confidential ?? null;
+  if (!confidential?.asset || !confidential.eip712?.name || !confidential.eip712?.version) {
+    return null;
+  }
+  if (!confidential.batcherAddress) {
+    return null;
+  }
+  return {
+    asset: confidential.asset,
+    eip712: {
+      name: confidential.eip712.name,
+      version: confidential.eip712.version
+    },
+    decimals: confidential.decimals ?? 6,
+    batcherAddress: confidential.batcherAddress,
+    resourceHash: confidential.resourceHash
+  };
+}
+function parseMoneyToDecimal(money) {
+  if (typeof money === "number") {
+    return money;
+  }
+  if (typeof money !== "string") {
+    throw new Error("Invalid price type for exact scheme");
+  }
+  const clean = money.replace(/^\$/, "").trim();
+  const amount = Number.parseFloat(clean);
+  if (Number.isNaN(amount)) {
+    throw new Error(`Invalid money format: ${money}`);
+  }
+  return amount;
+}
+function convertToTokenAmount(amount, decimals) {
+  const [intPart, decPart = ""] = String(amount).split(".");
+  const paddedDec = decPart.padEnd(decimals, "0").slice(0, decimals);
+  return (intPart + paddedDec).replace(/^0+/, "") || "0";
+}
 async function createX402zServer(config) {
   const debugEnabled = config.debug ?? process.env.X402Z_DEBUG === "1";
-  const facilitatorClient = new import_http2.HTTPFacilitatorClient({ url: config.facilitatorUrl });
+  const fetchFn = globalThis.fetch;
+  const facilitatorClient = new import_http.HTTPFacilitatorClient({ url: config.facilitatorUrl });
   const resourceServer = new import_server.x402ResourceServer(facilitatorClient);
-  registerX402zEvmServerScheme(resourceServer, config);
-  const relayer = config.relayer;
-  const rpcUrl = getRelayerRpcUrl(relayer);
+  const wantsExact = Object.values(config.routes).some(
+    (route) => route.accepts.some((accept) => accept.scheme === "exact")
+  );
+  const wantsConfidential = Object.values(config.routes).some(
+    (route) => route.accepts.some((accept) => accept.scheme === "erc7984-mind-v1")
+  );
+  const confidentialConfig = config.confidential;
+  if (wantsConfidential && !confidentialConfig) {
+    throw new Error("confidential config is required when using erc7984-mind-v1 routes");
+  }
+  const needsExactDefaults = Object.values(config.routes).some(
+    (route) => route.accepts.some((accept) => accept.scheme === "exact" && typeof accept.price !== "object")
+  );
+  let supportedExactDefaults = {};
+  if (wantsExact && needsExactDefaults) {
+    if (!fetchFn) {
+      throw new Error("fetch is required to load exact defaults from facilitator");
+    }
+    const supported = await fetchSupported(config.facilitatorUrl, fetchFn);
+    for (const kind of supported.kinds ?? []) {
+      if (kind.scheme !== "exact") continue;
+      const normalized = normalizeExactDefaults(kind.extra);
+      if (normalized) {
+        supportedExactDefaults[kind.network] = normalized;
+      }
+    }
+  }
+  if (wantsConfidential && confidentialConfig) {
+    let supportedDefaults = {};
+    const needsSupportedDefaults = !confidentialConfig.getNetworkConfig && (!confidentialConfig.asset || !confidentialConfig.eip712 || !confidentialConfig.batcherAddress);
+    if (needsSupportedDefaults) {
+      if (!fetchFn) {
+        throw new Error("fetch is required to load confidential defaults from facilitator");
+      }
+      const supported = await fetchSupported(config.facilitatorUrl, fetchFn);
+      for (const kind of supported.kinds ?? []) {
+        if (kind.scheme !== "erc7984-mind-v1") continue;
+        const normalized = normalizeConfidentialDefaults(kind.extra);
+        if (normalized) {
+          supportedDefaults[kind.network] = normalized;
+        }
+      }
+    }
+    const getNetworkConfig = confidentialConfig.getNetworkConfig ?? ((network) => {
+      const base = supportedDefaults[network] ?? {};
+      const override = {
+        asset: confidentialConfig.asset,
+        eip712: confidentialConfig.eip712,
+        decimals: confidentialConfig.decimals,
+        resourceHash: confidentialConfig.resourceHash,
+        batcherAddress: confidentialConfig.batcherAddress
+      };
+      const merged = {
+        ...base,
+        ...Object.fromEntries(Object.entries(override).filter(([, value]) => value !== void 0))
+      };
+      if (!merged.decimals) {
+        merged.decimals = 6;
+      }
+      if (!merged.asset || !merged.eip712?.name || !merged.eip712?.version || !merged.batcherAddress) {
+        throw new Error(`Missing confidential defaults for network ${network}`);
+      }
+      return merged;
+    });
+    registerX402zEvmServerScheme(resourceServer, {
+      getNetworkConfig,
+      networks: confidentialConfig.networks
+    });
+  }
+  if (wantsExact) {
+    (0, import_server2.registerExactEvmScheme)(resourceServer, {});
+  }
+  const relayer = confidentialConfig?.relayer;
+  const rpcUrl = relayer ? getRelayerRpcUrl(relayer) : null;
   const routes = {};
   for (const [path, route] of Object.entries(config.routes)) {
+    const accepts = route.accepts.map((accept) => {
+      if (accept.scheme !== "exact") {
+        return accept;
+      }
+      if (typeof accept.price === "object") {
+        return accept;
+      }
+      const defaults = supportedExactDefaults[accept.network];
+      if (!defaults) {
+        throw new Error(`Missing exact defaults for network ${accept.network}`);
+      }
+      const decimalAmount = parseMoneyToDecimal(accept.price);
+      const amount = convertToTokenAmount(decimalAmount, defaults.decimals);
+      return {
+        ...accept,
+        price: {
+          amount,
+          asset: defaults.asset,
+          extra: {
+            name: defaults.name,
+            version: defaults.version
+          }
+        }
+      };
+    });
     routes[path] = {
       ...route,
-      accepts: {
-        ...route.accepts,
-        scheme: "erc7984-mind-v1"
-      }
+      accepts
     };
   }
   const httpServer = new import_http.x402HTTPResourceServer(resourceServer, routes);
@@ -177,7 +334,9 @@ async function createX402zServer(config) {
     const method = adapter.getMethod();
     const path = adapter.getPath();
     const paymentHeader = adapter.getHeader("payment-signature") ?? adapter.getHeader("x402-payment") ?? adapter.getHeader("x-payment");
-    console.log(`[server] ${method} ${path}`);
+    if (debugEnabled) {
+      console.debug(`[server] ${method} ${path}`);
+    }
     const corsHeaders = config.cors ? {
       "Access-Control-Allow-Origin": config.cors.allowOrigin,
       "Access-Control-Allow-Methods": config.cors.allowMethods ?? "GET,POST,OPTIONS",
@@ -208,7 +367,9 @@ async function createX402zServer(config) {
     if (result.type === "payment-error") {
       res.writeHead(result.response.status, { ...corsHeaders, ...result.response.headers });
       res.end(result.response.isHtml ? result.response.body : JSON.stringify(result.response.body ?? {}));
-      console.log(`[server] ${method} ${path} -> ${result.response.status}`);
+      if (debugEnabled) {
+        console.debug(`[server] ${method} ${path} -> ${result.response.status}`);
+      }
       return;
     }
     if (result.type === "payment-verified") {
@@ -216,68 +377,91 @@ async function createX402zServer(config) {
       if (!settle.success) {
         res.writeHead(500, { ...corsHeaders, "Content-Type": "application/json" });
         res.end(JSON.stringify({ error: settle.errorReason }));
-        console.log(`[server] ${method} ${path} -> 500 settlement_failed`);
+        if (debugEnabled) {
+          console.debug(`[server] ${method} ${path} -> 500 settlement_failed`);
+        }
         return;
       }
-      try {
-        const observerClient = (0, import_viem.createPublicClient)({
-          transport: (0, import_viem.http)(rpcUrl)
-        });
-        const payTo = (0, import_viem.getAddress)(result.paymentRequirements.payTo);
-        const observer = await observerClient.readContract({
-          address: (0, import_viem.getAddress)(result.paymentRequirements.asset),
-          abi: import_x402z_shared.confidentialTokenAbi,
-          functionName: "observer",
-          args: [payTo]
-        });
-        const signerAddress = (0, import_viem.getAddress)(config.signer.address);
-        if (!observer || !(0, import_viem.isAddressEqual)(observer, signerAddress)) {
+      if (result.paymentRequirements.scheme === "erc7984-mind-v1") {
+        try {
+          if (!confidentialConfig || !relayer || !rpcUrl) {
+            res.writeHead(500, { ...corsHeaders, "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "confidential_config_missing" }));
+            if (debugEnabled) {
+              console.debug(`[server] ${method} ${path} -> 500 confidential_config_missing`);
+            }
+            return;
+          }
+          const observerClient = (0, import_viem.createPublicClient)({
+            transport: (0, import_viem.http)(rpcUrl)
+          });
+          const payTo = (0, import_viem.getAddress)(result.paymentRequirements.payTo);
+          const observer = await observerClient.readContract({
+            address: (0, import_viem.getAddress)(result.paymentRequirements.asset),
+            abi: import_x402z_shared.confidentialTokenAbi,
+            functionName: "observer",
+            args: [payTo]
+          });
+          const signerAddress = (0, import_viem.getAddress)(confidentialConfig.signer.address);
+          if (!observer || !(0, import_viem.isAddressEqual)(observer, signerAddress)) {
+            res.writeHead(500, { ...corsHeaders, "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "observer_required" }));
+            if (debugEnabled) {
+              console.debug(`[server] ${method} ${path} -> 500 observer_required`);
+            }
+            return;
+          }
+          const batch = settle;
+          const transferredHandle = batch.batch?.transferredHandle;
+          if (!transferredHandle) {
+            res.writeHead(500, { ...corsHeaders, "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "missing_transferred_handle" }));
+            if (debugEnabled) {
+              console.debug(`[server] ${method} ${path} -> 500 missing_transferred_handle`);
+            }
+            return;
+          }
+          const decryptedAmount = await (0, import_x402z_shared.decryptEuint64)(
+            relayer,
+            transferredHandle,
+            result.paymentRequirements.asset,
+            confidentialConfig.signer
+          );
+          const expected = BigInt(result.paymentRequirements.amount);
+          if (decryptedAmount !== expected) {
+            res.writeHead(500, { ...corsHeaders, "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "settlement_amount_mismatch" }));
+            if (debugEnabled) {
+              console.debug(`[server] ${method} ${path} -> 500 settlement_amount_mismatch`);
+            }
+            return;
+          }
+        } catch (error) {
+          if (debugEnabled) {
+            console.error("[server] settlement verification error", error);
+          }
           res.writeHead(500, { ...corsHeaders, "Content-Type": "application/json" });
-          res.end(JSON.stringify({ error: "observer_required" }));
-          console.log(`[server] ${method} ${path} -> 500 observer_required`);
+          res.end(JSON.stringify({ error: "settlement_verification_failed" }));
+          if (debugEnabled) {
+            console.debug(`[server] ${method} ${path} -> 500 settlement_verification_failed`);
+          }
           return;
         }
-        const batch = settle;
-        const transferredHandle = batch.batch?.transferredHandle;
-        if (!transferredHandle) {
-          res.writeHead(500, { ...corsHeaders, "Content-Type": "application/json" });
-          res.end(JSON.stringify({ error: "missing_transferred_handle" }));
-          console.log(`[server] ${method} ${path} -> 500 missing_transferred_handle`);
-          return;
-        }
-        const decryptedAmount = await (0, import_x402z_shared.decryptEuint64)(
-          relayer,
-          transferredHandle,
-          result.paymentRequirements.asset,
-          config.signer
-        );
-        const expected = BigInt(result.paymentRequirements.amount);
-        if (decryptedAmount !== expected) {
-          res.writeHead(500, { ...corsHeaders, "Content-Type": "application/json" });
-          res.end(JSON.stringify({ error: "settlement_amount_mismatch" }));
-          console.log(`[server] ${method} ${path} -> 500 settlement_amount_mismatch`);
-          return;
-        }
-      } catch (error) {
-        res.writeHead(500, { ...corsHeaders, "Content-Type": "application/json" });
-        res.end(JSON.stringify({ error: "settlement_verification_failed" }));
-        console.log(`[server] ${method} ${path} -> 500 settlement_verification_failed`);
-        if (debugEnabled) {
-          console.debug("[x402z-server] settlement verification error", error);
-        }
-        return;
       }
+      const settleHeaders = settle.headers ?? {};
       const payload = await config.onPaid({
         paymentRequirements: result.paymentRequirements,
-        settleHeaders: settle.headers
+        settleHeaders
       });
       const status = payload.status ?? 200;
       const responseHeaders = {
         ...corsHeaders,
-        "Content-Type": "text/plain",
-        ...settle.headers,
+        ...settleHeaders,
         ...payload.headers ?? {}
       };
+      if (!responseHeaders["Content-Type"] && !responseHeaders["content-type"]) {
+        responseHeaders["Content-Type"] = "text/plain";
+      }
       if (debugEnabled) {
         console.debug("[x402z-server] response", {
           status,
@@ -286,7 +470,9 @@ async function createX402zServer(config) {
         });
       }
       sendText(res, status, responseHeaders, payload.body);
-      console.log(`[server] ${method} ${path} -> ${status}`);
+      if (debugEnabled) {
+        console.debug(`[server] ${method} ${path} -> ${status}`);
+      }
       return;
     }
     sendText(
@@ -295,14 +481,16 @@ async function createX402zServer(config) {
       { ...corsHeaders, "Content-Type": "text/plain" },
       "no payment required"
     );
-    console.log(`[server] ${method} ${path} -> 200`);
+    if (debugEnabled) {
+      console.debug(`[server] ${method} ${path} -> 200`);
+    }
   });
   return server;
 }
 
 // src/index.ts
-var import_server3 = require("@x402/core/server");
-var import_http3 = require("@x402/core/http");
+var import_server4 = require("@x402/core/server");
+var import_http2 = require("@x402/core/http");
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   HTTPFacilitatorClient,

package/dist/index.mjs

@@ -92,10 +92,14 @@ function registerX402zEvmServerScheme(server, config) {
 import { createServer } from "http";
 import { URL } from "url";
 import { x402ResourceServer } from "@x402/core/server";
-import { decodePaymentSignatureHeader, x402HTTPResourceServer } from "@x402/core/http";
-import { HTTPFacilitatorClient } from "@x402/core/http";
+import {
+  decodePaymentSignatureHeader,
+  x402HTTPResourceServer,
+  HTTPFacilitatorClient
+} from "@x402/core/http";
 import { confidentialTokenAbi, decryptEuint64 } from "x402z-shared";
 import { createPublicClient, getAddress, http, isAddressEqual } from "viem";
+import { registerExactEvmScheme } from "@x402/evm/exact/server";
 function getRelayerRpcUrl(relayer) {
   const network = relayer.network;
   if (typeof network === "string") {
@@ -119,24 +123,181 @@ function buildAdapter(req) {
   };
 }
 function sendText(res, status, headers, body) {
-  res.writeHead(status, headers);
+  res.writeHead(status, void 0, headers);
   res.end(body);
 }
+async function fetchSupported(facilitatorUrl, fetchFn) {
+  const base = facilitatorUrl.replace(/\/$/, "");
+  const response = await fetchFn(`${base}/supported`);
+  if (!response.ok) {
+    throw new Error(`Failed to fetch supported schemes: ${response.status}`);
+  }
+  return response.json();
+}
+function normalizeExactDefaults(extra) {
+  const exact = extra?.exact ?? null;
+  if (!exact?.asset) {
+    return null;
+  }
+  const name = exact.eip712?.name ?? exact.name;
+  const version = exact.eip712?.version ?? exact.version;
+  if (!name || !version) {
+    return null;
+  }
+  return {
+    asset: exact.asset,
+    decimals: exact.decimals ?? 6,
+    name,
+    version
+  };
+}
+function normalizeConfidentialDefaults(extra) {
+  const confidential = extra?.confidential ?? null;
+  if (!confidential?.asset || !confidential.eip712?.name || !confidential.eip712?.version) {
+    return null;
+  }
+  if (!confidential.batcherAddress) {
+    return null;
+  }
+  return {
+    asset: confidential.asset,
+    eip712: {
+      name: confidential.eip712.name,
+      version: confidential.eip712.version
+    },
+    decimals: confidential.decimals ?? 6,
+    batcherAddress: confidential.batcherAddress,
+    resourceHash: confidential.resourceHash
+  };
+}
+function parseMoneyToDecimal(money) {
+  if (typeof money === "number") {
+    return money;
+  }
+  if (typeof money !== "string") {
+    throw new Error("Invalid price type for exact scheme");
+  }
+  const clean = money.replace(/^\$/, "").trim();
+  const amount = Number.parseFloat(clean);
+  if (Number.isNaN(amount)) {
+    throw new Error(`Invalid money format: ${money}`);
+  }
+  return amount;
+}
+function convertToTokenAmount(amount, decimals) {
+  const [intPart, decPart = ""] = String(amount).split(".");
+  const paddedDec = decPart.padEnd(decimals, "0").slice(0, decimals);
+  return (intPart + paddedDec).replace(/^0+/, "") || "0";
+}
 async function createX402zServer(config) {
   const debugEnabled = config.debug ?? process.env.X402Z_DEBUG === "1";
+  const fetchFn = globalThis.fetch;
   const facilitatorClient = new HTTPFacilitatorClient({ url: config.facilitatorUrl });
   const resourceServer = new x402ResourceServer(facilitatorClient);
-  registerX402zEvmServerScheme(resourceServer, config);
-  const relayer = config.relayer;
-  const rpcUrl = getRelayerRpcUrl(relayer);
+  const wantsExact = Object.values(config.routes).some(
+    (route) => route.accepts.some((accept) => accept.scheme === "exact")
+  );
+  const wantsConfidential = Object.values(config.routes).some(
+    (route) => route.accepts.some((accept) => accept.scheme === "erc7984-mind-v1")
+  );
+  const confidentialConfig = config.confidential;
+  if (wantsConfidential && !confidentialConfig) {
+    throw new Error("confidential config is required when using erc7984-mind-v1 routes");
+  }
+  const needsExactDefaults = Object.values(config.routes).some(
+    (route) => route.accepts.some((accept) => accept.scheme === "exact" && typeof accept.price !== "object")
+  );
+  let supportedExactDefaults = {};
+  if (wantsExact && needsExactDefaults) {
+    if (!fetchFn) {
+      throw new Error("fetch is required to load exact defaults from facilitator");
+    }
+    const supported = await fetchSupported(config.facilitatorUrl, fetchFn);
+    for (const kind of supported.kinds ?? []) {
+      if (kind.scheme !== "exact") continue;
+      const normalized = normalizeExactDefaults(kind.extra);
+      if (normalized) {
+        supportedExactDefaults[kind.network] = normalized;
+      }
+    }
+  }
+  if (wantsConfidential && confidentialConfig) {
+    let supportedDefaults = {};
+    const needsSupportedDefaults = !confidentialConfig.getNetworkConfig && (!confidentialConfig.asset || !confidentialConfig.eip712 || !confidentialConfig.batcherAddress);
+    if (needsSupportedDefaults) {
+      if (!fetchFn) {
+        throw new Error("fetch is required to load confidential defaults from facilitator");
+      }
+      const supported = await fetchSupported(config.facilitatorUrl, fetchFn);
+      for (const kind of supported.kinds ?? []) {
+        if (kind.scheme !== "erc7984-mind-v1") continue;
+        const normalized = normalizeConfidentialDefaults(kind.extra);
+        if (normalized) {
+          supportedDefaults[kind.network] = normalized;
+        }
+      }
+    }
+    const getNetworkConfig = confidentialConfig.getNetworkConfig ?? ((network) => {
+      const base = supportedDefaults[network] ?? {};
+      const override = {
+        asset: confidentialConfig.asset,
+        eip712: confidentialConfig.eip712,
+        decimals: confidentialConfig.decimals,
+        resourceHash: confidentialConfig.resourceHash,
+        batcherAddress: confidentialConfig.batcherAddress
+      };
+      const merged = {
+        ...base,
+        ...Object.fromEntries(Object.entries(override).filter(([, value]) => value !== void 0))
+      };
+      if (!merged.decimals) {
+        merged.decimals = 6;
+      }
+      if (!merged.asset || !merged.eip712?.name || !merged.eip712?.version || !merged.batcherAddress) {
+        throw new Error(`Missing confidential defaults for network ${network}`);
+      }
+      return merged;
+    });
+    registerX402zEvmServerScheme(resourceServer, {
+      getNetworkConfig,
+      networks: confidentialConfig.networks
+    });
+  }
+  if (wantsExact) {
+    registerExactEvmScheme(resourceServer, {});
+  }
+  const relayer = confidentialConfig?.relayer;
+  const rpcUrl = relayer ? getRelayerRpcUrl(relayer) : null;
   const routes = {};
   for (const [path, route] of Object.entries(config.routes)) {
+    const accepts = route.accepts.map((accept) => {
+      if (accept.scheme !== "exact") {
+        return accept;
+      }
+      if (typeof accept.price === "object") {
+        return accept;
+      }
+      const defaults = supportedExactDefaults[accept.network];
+      if (!defaults) {
+        throw new Error(`Missing exact defaults for network ${accept.network}`);
+      }
+      const decimalAmount = parseMoneyToDecimal(accept.price);
+      const amount = convertToTokenAmount(decimalAmount, defaults.decimals);
+      return {
+        ...accept,
+        price: {
+          amount,
+          asset: defaults.asset,
+          extra: {
+            name: defaults.name,
+            version: defaults.version
+          }
+        }
+      };
+    });
     routes[path] = {
       ...route,
-      accepts: {
-        ...route.accepts,
-        scheme: "erc7984-mind-v1"
-      }
+      accepts
     };
   }
   const httpServer = new x402HTTPResourceServer(resourceServer, routes);
@@ -146,7 +307,9 @@ async function createX402zServer(config) {
     const method = adapter.getMethod();
     const path = adapter.getPath();
     const paymentHeader = adapter.getHeader("payment-signature") ?? adapter.getHeader("x402-payment") ?? adapter.getHeader("x-payment");
-    console.log(`[server] ${method} ${path}`);
+    if (debugEnabled) {
+      console.debug(`[server] ${method} ${path}`);
+    }
     const corsHeaders = config.cors ? {
       "Access-Control-Allow-Origin": config.cors.allowOrigin,
       "Access-Control-Allow-Methods": config.cors.allowMethods ?? "GET,POST,OPTIONS",
@@ -177,7 +340,9 @@ async function createX402zServer(config) {
     if (result.type === "payment-error") {
       res.writeHead(result.response.status, { ...corsHeaders, ...result.response.headers });
       res.end(result.response.isHtml ? result.response.body : JSON.stringify(result.response.body ?? {}));
-      console.log(`[server] ${method} ${path} -> ${result.response.status}`);
+      if (debugEnabled) {
+        console.debug(`[server] ${method} ${path} -> ${result.response.status}`);
+      }
       return;
     }
     if (result.type === "payment-verified") {
@@ -185,68 +350,91 @@ async function createX402zServer(config) {
       if (!settle.success) {
         res.writeHead(500, { ...corsHeaders, "Content-Type": "application/json" });
         res.end(JSON.stringify({ error: settle.errorReason }));
-        console.log(`[server] ${method} ${path} -> 500 settlement_failed`);
+        if (debugEnabled) {
+          console.debug(`[server] ${method} ${path} -> 500 settlement_failed`);
+        }
         return;
       }
-      try {
-        const observerClient = createPublicClient({
-          transport: http(rpcUrl)
-        });
-        const payTo = getAddress(result.paymentRequirements.payTo);
-        const observer = await observerClient.readContract({
-          address: getAddress(result.paymentRequirements.asset),
-          abi: confidentialTokenAbi,
-          functionName: "observer",
-          args: [payTo]
-        });
-        const signerAddress = getAddress(config.signer.address);
-        if (!observer || !isAddressEqual(observer, signerAddress)) {
-          res.writeHead(500, { ...corsHeaders, "Content-Type": "application/json" });
-          res.end(JSON.stringify({ error: "observer_required" }));
-          console.log(`[server] ${method} ${path} -> 500 observer_required`);
-          return;
-        }
-        const batch = settle;
-        const transferredHandle = batch.batch?.transferredHandle;
-        if (!transferredHandle) {
+      if (result.paymentRequirements.scheme === "erc7984-mind-v1") {
+        try {
+          if (!confidentialConfig || !relayer || !rpcUrl) {
+            res.writeHead(500, { ...corsHeaders, "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "confidential_config_missing" }));
+            if (debugEnabled) {
+              console.debug(`[server] ${method} ${path} -> 500 confidential_config_missing`);
+            }
+            return;
+          }
+          const observerClient = createPublicClient({
+            transport: http(rpcUrl)
+          });
+          const payTo = getAddress(result.paymentRequirements.payTo);
+          const observer = await observerClient.readContract({
+            address: getAddress(result.paymentRequirements.asset),
+            abi: confidentialTokenAbi,
+            functionName: "observer",
+            args: [payTo]
+          });
+          const signerAddress = getAddress(confidentialConfig.signer.address);
+          if (!observer || !isAddressEqual(observer, signerAddress)) {
+            res.writeHead(500, { ...corsHeaders, "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "observer_required" }));
+            if (debugEnabled) {
+              console.debug(`[server] ${method} ${path} -> 500 observer_required`);
+            }
+            return;
+          }
+          const batch = settle;
+          const transferredHandle = batch.batch?.transferredHandle;
+          if (!transferredHandle) {
+            res.writeHead(500, { ...corsHeaders, "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "missing_transferred_handle" }));
+            if (debugEnabled) {
+              console.debug(`[server] ${method} ${path} -> 500 missing_transferred_handle`);
+            }
+            return;
+          }
+          const decryptedAmount = await decryptEuint64(
+            relayer,
+            transferredHandle,
+            result.paymentRequirements.asset,
+            confidentialConfig.signer
+          );
+          const expected = BigInt(result.paymentRequirements.amount);
+          if (decryptedAmount !== expected) {
+            res.writeHead(500, { ...corsHeaders, "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "settlement_amount_mismatch" }));
+            if (debugEnabled) {
+              console.debug(`[server] ${method} ${path} -> 500 settlement_amount_mismatch`);
+            }
+            return;
+          }
+        } catch (error) {
+          if (debugEnabled) {
+            console.error("[server] settlement verification error", error);
+          }
           res.writeHead(500, { ...corsHeaders, "Content-Type": "application/json" });
-          res.end(JSON.stringify({ error: "missing_transferred_handle" }));
-          console.log(`[server] ${method} ${path} -> 500 missing_transferred_handle`);
+          res.end(JSON.stringify({ error: "settlement_verification_failed" }));
+          if (debugEnabled) {
+            console.debug(`[server] ${method} ${path} -> 500 settlement_verification_failed`);
+          }
           return;
         }
-        const decryptedAmount = await decryptEuint64(
-          relayer,
-          transferredHandle,
-          result.paymentRequirements.asset,
-          config.signer
-        );
-        const expected = BigInt(result.paymentRequirements.amount);
-        if (decryptedAmount !== expected) {
-          res.writeHead(500, { ...corsHeaders, "Content-Type": "application/json" });
-          res.end(JSON.stringify({ error: "settlement_amount_mismatch" }));
-          console.log(`[server] ${method} ${path} -> 500 settlement_amount_mismatch`);
-          return;
-        }
-      } catch (error) {
-        res.writeHead(500, { ...corsHeaders, "Content-Type": "application/json" });
-        res.end(JSON.stringify({ error: "settlement_verification_failed" }));
-        console.log(`[server] ${method} ${path} -> 500 settlement_verification_failed`);
-        if (debugEnabled) {
-          console.debug("[x402z-server] settlement verification error", error);
-        }
-        return;
       }
+      const settleHeaders = settle.headers ?? {};
       const payload = await config.onPaid({
         paymentRequirements: result.paymentRequirements,
-        settleHeaders: settle.headers
+        settleHeaders
       });
       const status = payload.status ?? 200;
       const responseHeaders = {
         ...corsHeaders,
-        "Content-Type": "text/plain",
-        ...settle.headers,
+        ...settleHeaders,
         ...payload.headers ?? {}
       };
+      if (!responseHeaders["Content-Type"] && !responseHeaders["content-type"]) {
+        responseHeaders["Content-Type"] = "text/plain";
+      }
       if (debugEnabled) {
         console.debug("[x402z-server] response", {
           status,
@@ -255,7 +443,9 @@ async function createX402zServer(config) {
         });
       }
       sendText(res, status, responseHeaders, payload.body);
-      console.log(`[server] ${method} ${path} -> ${status}`);
+      if (debugEnabled) {
+        console.debug(`[server] ${method} ${path} -> ${status}`);
+      }
       return;
     }
     sendText(
@@ -264,7 +454,9 @@ async function createX402zServer(config) {
       { ...corsHeaders, "Content-Type": "text/plain" },
       "no payment required"
     );
-    console.log(`[server] ${method} ${path} -> 200`);
+    if (debugEnabled) {
+      console.debug(`[server] ${method} ${path} -> 200`);
+    }
   });
   return server;
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "x402z-server",
-  "version": "0.0.19",
+  "version": "0.1.12",
   "main": "./dist/index.js",
   "module": "./dist/index.mjs",
   "types": "./dist/index.d.ts",
@@ -8,9 +8,10 @@
     "dist"
   ],
   "dependencies": {
-    "@x402/core": "^2.0.0",
+    "@x402/core": "^2.2.0",
+    "@x402/evm": "^2.2.0",
     "viem": "^2.43.3",
-    "x402z-shared": "0.0.19"
+    "x402z-shared": "0.1.0"
   },
   "devDependencies": {
     "jest": "^29.7.0",