certifieddata-agent-commerce 0.1.0__tar.gz

certifieddata_agent_commerce-0.1.0/.gitignore

@@ -0,0 +1,18 @@
+node_modules/
+dist/
+.turbo/
+*.tsbuildinfo
+.env
+.env.local
+.env.*.local
+*.log
+.DS_Store
+coverage/
+.nyc_output/
+__pycache__/
+*.pyc
+*.pyo
+.pytest_cache/
+.venv/
+dist-info/
+*.egg-info/

certifieddata_agent_commerce-0.1.0/PKG-INFO

@@ -0,0 +1,152 @@
+Metadata-Version: 2.4
+Name: certifieddata-agent-commerce
+Version: 0.1.0
+Summary: CertifiedData Agent Commerce Python SDK — provenance-aware payments for AI artifacts
+Project-URL: Homepage, https://certifieddata.io/agent-commerce
+Project-URL: Repository, https://github.com/certifieddata/certifieddata-agent-commerce-public
+Project-URL: Documentation, https://certifieddata.io/agent-commerce/docs
+Project-URL: Bug Tracker, https://github.com/certifieddata/certifieddata-agent-commerce-public/issues
+License: Apache-2.0
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: Apache Software License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Office/Business :: Financial
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Requires-Python: >=3.9
+Requires-Dist: httpx>=0.27.0
+Provides-Extra: dev
+Requires-Dist: mypy>=1.8; extra == 'dev'
+Requires-Dist: pytest-httpx>=0.30; extra == 'dev'
+Requires-Dist: pytest>=8.0; extra == 'dev'
+Requires-Dist: ruff>=0.3; extra == 'dev'
+Description-Content-Type: text/markdown
+
+# certifieddata-agent-commerce
+
+Python SDK for [CertifiedData Agent Commerce](https://certifieddata.io/agent-commerce) — provenance-aware, policy-governed payments for AI agents and artifacts.
+
+## Install
+
+```bash
+pip install certifieddata-agent-commerce
+```
+
+> **Note:** Install name is `certifieddata-agent-commerce`. Import name is `certifieddata_agent_commerce` (underscore, as required by Python naming conventions).
+
+## Quick start
+
+```python
+from certifieddata_agent_commerce import CertifiedDataAgentCommerceClient
+
+# Reads CDAC_API_KEY and CDAC_BASE_URL from environment automatically
+client = CertifiedDataAgentCommerceClient()
+
+# Phase 1 — agent declares intent
+tx = client.transactions.create(
+    amount=2500,       # cents ($25.00)
+    currency="usd",
+    rail="stripe",
+)
+
+# Phase 2 — attach provenance (binds AI decision record to payment)
+client.transactions.attach_links(
+    tx["id"],
+    decision_record_id="dec_abc123",
+)
+
+# Phase 3+4 — capture: policy eval → settle → inline signed receipt
+capture = client.transactions.capture(tx["id"])
+receipt = capture["receipt"]
+
+print(receipt["receipt_id"])
+print(receipt["decision_record_id"])
+print(receipt["sha256_hash"])
+print(receipt["ed25519_sig"])
+```
+
+## Configure
+
+```bash
+export CDAC_API_KEY=cdp_test_xxx
+export CDAC_BASE_URL=https://sandbox.certifieddata.io  # omit for live
+```
+
+| Environment | Key prefix   | Base URL                           |
+|-------------|--------------|------------------------------------|
+| Sandbox     | `cdp_test_`  | `https://sandbox.certifieddata.io` |
+| Live        | `cdp_live_`  | `https://certifieddata.io`         |
+
+## Verify receipts publicly
+
+Verification requires no API key:
+
+```bash
+curl https://certifieddata.io/api/payments/verify/<receipt_id>
+```
+
+Returns:
+
+```json
+{
+  "valid": true,
+  "hashValid": true,
+  "signatureValid": true,
+  "signingKeyId": "cd_root_2026",
+  "signatureAlg": "Ed25519"
+}
+```
+
+## Local development (mock server)
+
+```bash
+# Start mock server on port 3456
+pip install flask
+python examples/claude-demo/mock_server.py
+
+# Run demo against mock
+CDAC_API_KEY=cdp_test_any CDAC_BASE_URL=http://localhost:3456 \
+  python examples/claude-demo/demo.py
+```
+
+## Receipt shape
+
+Every successful capture returns an inline signed receipt:
+
+```json
+{
+  "receipt_id": "rcpt_...",
+  "transaction_id": "txn_...",
+  "policy_id": "pol_...",
+  "decision_record_id": "dec_...",
+  "sha256_hash": "sha256:...",
+  "ed25519_sig": "..."
+}
+```
+
+`decision_record_id` is the canonical provenance field linking the payment to the AI decision that triggered it.
+
+## Package names
+
+| Context | Name |
+|---------|------|
+| `pip install` | `certifieddata-agent-commerce` |
+| `import` | `certifieddata_agent_commerce` |
+| Main class | `CertifiedDataAgentCommerceClient` |
+
+Python requires hyphens in distribution names and underscores in import names — these are the same package, different naming conventions.
+
+## Resources
+
+- [Agent Commerce docs](https://certifieddata.io/agent-commerce)
+- [Public repo](https://github.com/certifieddata/certifieddata-agent-commerce-public)
+- [OpenAPI spec](https://github.com/certifieddata/certifieddata-agent-commerce-public/blob/main/openapi/certifieddata-agent-commerce-v1.openapi.yaml)
+- [Receipt verification](https://certifieddata.io/agent-commerce/payment-verification)
+
+## License
+
+Apache-2.0

certifieddata_agent_commerce-0.1.0/README.md

@@ -0,0 +1,124 @@
+# certifieddata-agent-commerce
+
+Python SDK for [CertifiedData Agent Commerce](https://certifieddata.io/agent-commerce) — provenance-aware, policy-governed payments for AI agents and artifacts.
+
+## Install
+
+```bash
+pip install certifieddata-agent-commerce
+```
+
+> **Note:** Install name is `certifieddata-agent-commerce`. Import name is `certifieddata_agent_commerce` (underscore, as required by Python naming conventions).
+
+## Quick start
+
+```python
+from certifieddata_agent_commerce import CertifiedDataAgentCommerceClient
+
+# Reads CDAC_API_KEY and CDAC_BASE_URL from environment automatically
+client = CertifiedDataAgentCommerceClient()
+
+# Phase 1 — agent declares intent
+tx = client.transactions.create(
+    amount=2500,       # cents ($25.00)
+    currency="usd",
+    rail="stripe",
+)
+
+# Phase 2 — attach provenance (binds AI decision record to payment)
+client.transactions.attach_links(
+    tx["id"],
+    decision_record_id="dec_abc123",
+)
+
+# Phase 3+4 — capture: policy eval → settle → inline signed receipt
+capture = client.transactions.capture(tx["id"])
+receipt = capture["receipt"]
+
+print(receipt["receipt_id"])
+print(receipt["decision_record_id"])
+print(receipt["sha256_hash"])
+print(receipt["ed25519_sig"])
+```
+
+## Configure
+
+```bash
+export CDAC_API_KEY=cdp_test_xxx
+export CDAC_BASE_URL=https://sandbox.certifieddata.io  # omit for live
+```
+
+| Environment | Key prefix   | Base URL                           |
+|-------------|--------------|------------------------------------|
+| Sandbox     | `cdp_test_`  | `https://sandbox.certifieddata.io` |
+| Live        | `cdp_live_`  | `https://certifieddata.io`         |
+
+## Verify receipts publicly
+
+Verification requires no API key:
+
+```bash
+curl https://certifieddata.io/api/payments/verify/<receipt_id>
+```
+
+Returns:
+
+```json
+{
+  "valid": true,
+  "hashValid": true,
+  "signatureValid": true,
+  "signingKeyId": "cd_root_2026",
+  "signatureAlg": "Ed25519"
+}
+```
+
+## Local development (mock server)
+
+```bash
+# Start mock server on port 3456
+pip install flask
+python examples/claude-demo/mock_server.py
+
+# Run demo against mock
+CDAC_API_KEY=cdp_test_any CDAC_BASE_URL=http://localhost:3456 \
+  python examples/claude-demo/demo.py
+```
+
+## Receipt shape
+
+Every successful capture returns an inline signed receipt:
+
+```json
+{
+  "receipt_id": "rcpt_...",
+  "transaction_id": "txn_...",
+  "policy_id": "pol_...",
+  "decision_record_id": "dec_...",
+  "sha256_hash": "sha256:...",
+  "ed25519_sig": "..."
+}
+```
+
+`decision_record_id` is the canonical provenance field linking the payment to the AI decision that triggered it.
+
+## Package names
+
+| Context | Name |
+|---------|------|
+| `pip install` | `certifieddata-agent-commerce` |
+| `import` | `certifieddata_agent_commerce` |
+| Main class | `CertifiedDataAgentCommerceClient` |
+
+Python requires hyphens in distribution names and underscores in import names — these are the same package, different naming conventions.
+
+## Resources
+
+- [Agent Commerce docs](https://certifieddata.io/agent-commerce)
+- [Public repo](https://github.com/certifieddata/certifieddata-agent-commerce-public)
+- [OpenAPI spec](https://github.com/certifieddata/certifieddata-agent-commerce-public/blob/main/openapi/certifieddata-agent-commerce-v1.openapi.yaml)
+- [Receipt verification](https://certifieddata.io/agent-commerce/payment-verification)
+
+## License
+
+Apache-2.0

certifieddata_agent_commerce-0.1.0/pyproject.toml

@@ -0,0 +1,46 @@
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[project]
+name = "certifieddata-agent-commerce"
+version = "0.1.0"
+description = "CertifiedData Agent Commerce Python SDK — provenance-aware payments for AI artifacts"
+readme = "README.md"
+license = { text = "Apache-2.0" }
+requires-python = ">=3.9"
+dependencies = [
+  "httpx>=0.27.0",
+]
+classifiers = [
+  "Development Status :: 3 - Alpha",
+  "Intended Audience :: Developers",
+  "License :: OSI Approved :: Apache Software License",
+  "Programming Language :: Python :: 3",
+  "Programming Language :: Python :: 3.9",
+  "Programming Language :: Python :: 3.10",
+  "Programming Language :: Python :: 3.11",
+  "Programming Language :: Python :: 3.12",
+  "Topic :: Software Development :: Libraries :: Python Modules",
+  "Topic :: Office/Business :: Financial",
+]
+
+[project.urls]
+Homepage = "https://certifieddata.io/agent-commerce"
+Repository = "https://github.com/certifieddata/certifieddata-agent-commerce-public"
+Documentation = "https://certifieddata.io/agent-commerce/docs"
+"Bug Tracker" = "https://github.com/certifieddata/certifieddata-agent-commerce-public/issues"
+
+[project.optional-dependencies]
+dev = ["pytest>=8.0", "pytest-httpx>=0.30", "ruff>=0.3", "mypy>=1.8"]
+
+[tool.hatch.build.targets.wheel]
+packages = ["src/certifieddata_agent_commerce"]
+
+[tool.ruff]
+line-length = 100
+target-version = "py39"
+
+[tool.mypy]
+python_version = "3.9"
+strict = true

certifieddata_agent_commerce-0.1.0/src/certifieddata_agent_commerce/__init__.py

@@ -0,0 +1,43 @@
+"""
+CertifiedData Agent Commerce Python SDK
+
+Provenance-aware payments and settlement for AI artifact commerce.
+
+Usage::
+
+    from certifieddata_agent_commerce import CertifiedDataAgentCommerceClient
+
+    client = CertifiedDataAgentCommerceClient(api_key="cdp_test_...")
+
+    payee = client.payees.create(
+        entity_type="company",
+        legal_name="Atlas Synthetic Labs, Inc.",
+        idempotency_key="create-payee-001",
+    )
+
+See https://github.com/certifieddata/certifieddata-agent-commerce-public for full documentation.
+"""
+
+from .client import CertifiedDataAgentCommerceClient
+from .errors import (
+    CDACError,
+    CDACAuthError,
+    CDACValidationError,
+    CDACNotFoundError,
+    CDACConflictError,
+    CDACRateLimitError,
+)
+from .webhooks import verify_webhook_signature
+
+__all__ = [
+    "CertifiedDataAgentCommerceClient",
+    "CDACError",
+    "CDACAuthError",
+    "CDACValidationError",
+    "CDACNotFoundError",
+    "CDACConflictError",
+    "CDACRateLimitError",
+    "verify_webhook_signature",
+]
+
+__version__ = "0.1.0"

certifieddata_agent_commerce-0.1.0/src/certifieddata_agent_commerce/_http.py

@@ -0,0 +1,72 @@
+"""Internal HTTP client wrapper using httpx."""
+
+from typing import Any, Optional
+import httpx
+from .errors import _raise_for_status
+
+
+class HttpClient:
+    def __init__(
+        self,
+        api_key: str,
+        base_url: str = "https://api.certifieddata.io",
+        api_version: str = "2025-01-01",
+        timeout: float = 30.0,
+    ) -> None:
+        self._base_url = base_url.rstrip("/")
+        self._client = httpx.Client(
+            base_url=self._base_url,
+            headers={
+                "Authorization": f"Bearer {api_key}",
+                "CDAC-API-Version": api_version,
+                "Content-Type": "application/json",
+                "User-Agent": "certifieddata-agent-commerce-python/0.1.0",
+            },
+            timeout=timeout,
+        )
+
+    def request(
+        self,
+        method: str,
+        path: str,
+        *,
+        params: Optional[dict[str, Any]] = None,
+        json: Optional[Any] = None,
+        idempotency_key: Optional[str] = None,
+    ) -> Any:
+        headers: dict[str, str] = {}
+        if idempotency_key:
+            headers["Idempotency-Key"] = idempotency_key
+
+        # Remove None values from query params
+        if params:
+            params = {k: v for k, v in params.items() if v is not None}
+
+        response = self._client.request(
+            method,
+            path,
+            params=params or None,
+            json=json,
+            headers=headers,
+        )
+
+        body: Any = None
+        if response.content:
+            try:
+                body = response.json()
+            except Exception:
+                body = {"raw": response.text}
+
+        if not response.is_success:
+            _raise_for_status(response.status_code, body)
+
+        return body
+
+    def close(self) -> None:
+        self._client.close()
+
+    def __enter__(self) -> "HttpClient":
+        return self
+
+    def __exit__(self, *_: Any) -> None:
+        self.close()

certifieddata_agent_commerce-0.1.0/src/certifieddata_agent_commerce/client.py

@@ -0,0 +1,90 @@
+"""CertifiedData Agent Commerce Python SDK — main client."""
+
+import os
+from typing import Optional
+
+from ._http import HttpClient
+from .resources.payees import PayeesResource
+from .resources.payment_intents import PaymentIntentsResource
+from .resources.transactions import TransactionsResource
+from .resources.settlements import SettlementsResource
+from .resources.refunds import RefundsResource
+from .resources.events import EventsResource
+from .webhooks import verify_webhook_signature as _verify_webhook_signature
+
+
+class CertifiedDataAgentCommerceClient:
+    """
+    CertifiedData Agent Commerce API client.
+
+    Usage::
+
+        from certifieddata_agent_commerce import CertifiedDataAgentCommerceClient
+
+        # api_key reads CDAC_API_KEY, base_url reads CDAC_BASE_URL
+        client = CertifiedDataAgentCommerceClient()
+
+        # or pass explicitly:
+        client = CertifiedDataAgentCommerceClient(
+            api_key="cdp_test_...",
+            base_url="https://sandbox.certifieddata.io",
+        )
+
+    Use ``cdp_test_`` keys for sandbox, ``cdp_live_`` keys for production.
+    """
+
+    def __init__(
+        self,
+        *,
+        api_key: Optional[str] = None,
+        base_url: Optional[str] = None,
+        api_version: str = "2025-01-01",
+        timeout: float = 30.0,
+    ) -> None:
+        resolved_key = api_key or os.environ.get("CDAC_API_KEY")
+        if not resolved_key:
+            raise ValueError("api_key is required. Pass it directly or set CDAC_API_KEY.")
+        resolved_url = base_url or os.environ.get("CDAC_BASE_URL") or "https://certifieddata.io"
+        self._http = HttpClient(
+            api_key=resolved_key,
+            base_url=resolved_url,
+            api_version=api_version,
+            timeout=timeout,
+        )
+        self.payees = PayeesResource(self._http)
+        self.payment_intents = PaymentIntentsResource(self._http)
+        self.transactions = TransactionsResource(self._http)
+        self.settlements = SettlementsResource(self._http)
+        self.refunds = RefundsResource(self._http)
+        self.events = EventsResource(self._http)
+
+    def verify_webhook_signature(
+        self,
+        raw_body: str | bytes,
+        signature_header: str,
+        timestamp_header: str,
+        secret: str,
+        tolerance_seconds: int = 300,
+    ) -> bool:
+        """
+        Verify a CDP webhook signature.
+
+        :param raw_body: Raw request body before any JSON parsing.
+        :param signature_header: ``CDAC-Signature`` header value.
+        :param timestamp_header: ``CDAC-Timestamp`` header value.
+        :param secret: Webhook endpoint secret.
+        :param tolerance_seconds: Timestamp tolerance in seconds (default 300).
+        """
+        return _verify_webhook_signature(
+            raw_body, signature_header, timestamp_header, secret, tolerance_seconds
+        )
+
+    def close(self) -> None:
+        """Close the underlying HTTP client."""
+        self._http.close()
+
+    def __enter__(self) -> "CertifiedDataAgentCommerceClient":
+        return self
+
+    def __exit__(self, *_: object) -> None:
+        self.close()

certifieddata_agent_commerce-0.1.0/src/certifieddata_agent_commerce/errors.py

@@ -0,0 +1,80 @@
+"""CDP error classes. All errors inherit from CDACError."""
+
+from typing import Any, Optional
+
+
+class CDACError(Exception):
+    """Base class for all CertifiedData Agent Commerce SDK errors."""
+
+    def __init__(
+        self,
+        message: str,
+        *,
+        http_status: Optional[int] = None,
+        code: Optional[str] = None,
+        retryable: bool = False,
+        raw: Optional[Any] = None,
+    ) -> None:
+        super().__init__(message)
+        self.message = message
+        self.http_status = http_status
+        self.code = code
+        self.retryable = retryable
+        self.raw = raw
+
+    def __repr__(self) -> str:
+        return f"{self.__class__.__name__}(code={self.code!r}, http_status={self.http_status}, message={self.message!r})"
+
+
+class CDACAuthError(CDACError):
+    """Authentication failed (401/403)."""
+
+
+class CDACValidationError(CDACError):
+    """Request validation failed (400)."""
+
+    def __init__(self, message: str, *, validation_errors: Optional[list[Any]] = None, **kwargs: Any) -> None:
+        super().__init__(message, **kwargs)
+        self.validation_errors = validation_errors or []
+
+
+class CDACNotFoundError(CDACError):
+    """Resource not found (404)."""
+
+
+class CDACConflictError(CDACError):
+    """Conflict — state transition error or idempotency conflict (409)."""
+
+
+class CDACRateLimitError(CDACError):
+    """Rate limit exceeded (429). Retryable."""
+
+    def __init__(self, message: str, *, retry_after: Optional[int] = None, **kwargs: Any) -> None:
+        super().__init__(message, retryable=True, **kwargs)
+        self.retry_after = retry_after
+
+
+def _raise_for_status(http_status: int, body: Any) -> None:
+    """Raise an appropriate CDACError from an HTTP status and error body."""
+    error = body.get("error", {}) if isinstance(body, dict) else {}
+    code = error.get("code", "unknown")
+    message = error.get("message", "An unexpected error occurred.")
+    retryable = error.get("retryable", False)
+
+    if http_status == 401 or http_status == 403:
+        raise CDACAuthError(message, http_status=http_status, code=code, raw=body)
+    if http_status == 400:
+        raise CDACValidationError(
+            message,
+            http_status=http_status,
+            code=code,
+            raw=body,
+            validation_errors=error.get("errors", []),
+        )
+    if http_status == 404:
+        raise CDACNotFoundError(message, http_status=http_status, code=code, raw=body)
+    if http_status == 409:
+        raise CDACConflictError(message, http_status=http_status, code=code, raw=body)
+    if http_status == 429:
+        raise CDACRateLimitError(message, http_status=http_status, code=code, raw=body)
+    raise CDACError(message, http_status=http_status, code=code, retryable=retryable, raw=body)

certifieddata_agent_commerce-0.1.0/src/certifieddata_agent_commerce/resources/__init__.py

@@ -0,0 +1 @@
+# Resources package

certifieddata_agent_commerce-0.1.0/src/certifieddata_agent_commerce/resources/events.py

@@ -0,0 +1,29 @@
+"""Events resource."""
+
+from typing import Any, Optional
+from .._http import HttpClient
+
+
+class EventsResource:
+    def __init__(self, http: HttpClient) -> None:
+        self._http = http
+
+    def get(self, event_id: str) -> dict[str, Any]:
+        return self._http.request("GET", f"/v1/events/{event_id}")
+
+    def list(
+        self,
+        *,
+        event_type: Optional[str] = None,
+        limit: Optional[int] = None,
+        starting_after: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "GET",
+            "/v1/events",
+            params={
+                "event_type": event_type,
+                "limit": limit,
+                "starting_after": starting_after,
+            },
+        )

certifieddata_agent_commerce-0.1.0/src/certifieddata_agent_commerce/resources/payees.py

@@ -0,0 +1,136 @@
+"""Payees resource."""
+
+from typing import Any, Optional
+from .._http import HttpClient
+
+
+class PayeesResource:
+    def __init__(self, http: HttpClient) -> None:
+        self._http = http
+
+    def create(
+        self,
+        *,
+        entity_type: str,
+        legal_name: Optional[str] = None,
+        email: Optional[str] = None,
+        default_payout_method: Optional[str] = None,
+        metadata: Optional[dict[str, str]] = None,
+        idempotency_key: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "POST",
+            "/v1/payees",
+            json={
+                "entity_type": entity_type,
+                "legal_name": legal_name,
+                "email": email,
+                "default_payout_method": default_payout_method,
+                "metadata": metadata,
+            },
+            idempotency_key=idempotency_key,
+        )
+
+    def get(self, payee_id: str) -> dict[str, Any]:
+        return self._http.request("GET", f"/v1/payees/{payee_id}")
+
+    def list(
+        self,
+        *,
+        limit: Optional[int] = None,
+        starting_after: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "GET",
+            "/v1/payees",
+            params={"limit": limit, "starting_after": starting_after},
+        )
+
+    def update(
+        self,
+        payee_id: str,
+        *,
+        legal_name: Optional[str] = None,
+        email: Optional[str] = None,
+        default_payout_method: Optional[str] = None,
+        metadata: Optional[dict[str, str]] = None,
+        idempotency_key: Optional[str] = None,
+    ) -> dict[str, Any]:
+        body = {}
+        if legal_name is not None:
+            body["legal_name"] = legal_name
+        if email is not None:
+            body["email"] = email
+        if default_payout_method is not None:
+            body["default_payout_method"] = default_payout_method
+        if metadata is not None:
+            body["metadata"] = metadata
+        return self._http.request(
+            "PATCH",
+            f"/v1/payees/{payee_id}",
+            json=body,
+            idempotency_key=idempotency_key,
+        )
+
+    def create_alias(
+        self,
+        payee_id: str,
+        *,
+        external_system: str,
+        external_ref: str,
+        idempotency_key: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "POST",
+            f"/v1/payees/{payee_id}/aliases",
+            json={"external_system": external_system, "external_ref": external_ref},
+            idempotency_key=idempotency_key,
+        )
+
+    def list_aliases(
+        self,
+        payee_id: str,
+        *,
+        limit: Optional[int] = None,
+        starting_after: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "GET",
+            f"/v1/payees/{payee_id}/aliases",
+            params={"limit": limit, "starting_after": starting_after},
+        )
+
+    def create_payout_destination(
+        self,
+        payee_id: str,
+        *,
+        rail_type: str,
+        is_default: bool = False,
+        processor_ref: Optional[str] = None,
+        metadata: Optional[dict[str, str]] = None,
+        idempotency_key: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "POST",
+            f"/v1/payees/{payee_id}/payout-destinations",
+            json={
+                "rail_type": rail_type,
+                "is_default": is_default,
+                "processor_ref": processor_ref,
+                "metadata": metadata,
+            },
+            idempotency_key=idempotency_key,
+        )
+
+    def list_payout_destinations(
+        self,
+        payee_id: str,
+        *,
+        limit: Optional[int] = None,
+        starting_after: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "GET",
+            f"/v1/payees/{payee_id}/payout-destinations",
+            params={"limit": limit, "starting_after": starting_after},
+        )

certifieddata_agent_commerce-0.1.0/src/certifieddata_agent_commerce/resources/payment_intents.py

@@ -0,0 +1,75 @@
+"""Payment intents resource."""
+
+from typing import Any, Optional
+from .._http import HttpClient
+
+
+class PaymentIntentsResource:
+    def __init__(self, http: HttpClient) -> None:
+        self._http = http
+
+    def create(
+        self,
+        *,
+        amount: int,
+        currency: str,
+        rail: str,
+        customer_id: Optional[str] = None,
+        payee_id: Optional[str] = None,
+        description: Optional[str] = None,
+        metadata: Optional[dict[str, str]] = None,
+        idempotency_key: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "POST",
+            "/v1/payment-intents",
+            json={
+                "amount": amount,
+                "currency": currency,
+                "rail": rail,
+                "customer_id": customer_id,
+                "payee_id": payee_id,
+                "description": description,
+                "metadata": metadata,
+            },
+            idempotency_key=idempotency_key,
+        )
+
+    def get(self, payment_intent_id: str) -> dict[str, Any]:
+        return self._http.request("GET", f"/v1/payment-intents/{payment_intent_id}")
+
+    def list(
+        self,
+        *,
+        limit: Optional[int] = None,
+        starting_after: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "GET",
+            "/v1/payment-intents",
+            params={"limit": limit, "starting_after": starting_after},
+        )
+
+    def confirm(
+        self,
+        payment_intent_id: str,
+        *,
+        idempotency_key: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "POST",
+            f"/v1/payment-intents/{payment_intent_id}/confirm",
+            idempotency_key=idempotency_key,
+        )
+
+    def cancel(
+        self,
+        payment_intent_id: str,
+        *,
+        idempotency_key: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "POST",
+            f"/v1/payment-intents/{payment_intent_id}/cancel",
+            idempotency_key=idempotency_key,
+        )

certifieddata_agent_commerce-0.1.0/src/certifieddata_agent_commerce/resources/refunds.py

@@ -0,0 +1,45 @@
+"""Refunds resource."""
+
+from typing import Any, Optional
+from .._http import HttpClient
+
+
+class RefundsResource:
+    def __init__(self, http: HttpClient) -> None:
+        self._http = http
+
+    def create(
+        self,
+        *,
+        transaction_id: str,
+        amount: int,
+        reason: Optional[str] = None,
+        metadata: Optional[dict[str, str]] = None,
+        idempotency_key: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "POST",
+            "/v1/refunds",
+            json={
+                "transaction_id": transaction_id,
+                "amount": amount,
+                "reason": reason,
+                "metadata": metadata,
+            },
+            idempotency_key=idempotency_key,
+        )
+
+    def get(self, refund_id: str) -> dict[str, Any]:
+        return self._http.request("GET", f"/v1/refunds/{refund_id}")
+
+    def list(
+        self,
+        *,
+        limit: Optional[int] = None,
+        starting_after: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "GET",
+            "/v1/refunds",
+            params={"limit": limit, "starting_after": starting_after},
+        )

certifieddata_agent_commerce-0.1.0/src/certifieddata_agent_commerce/resources/settlements.py

@@ -0,0 +1,73 @@
+"""Settlements resource."""
+
+from typing import Any, Optional
+from .._http import HttpClient
+
+
+class SettlementsResource:
+    def __init__(self, http: HttpClient) -> None:
+        self._http = http
+
+    def create(
+        self,
+        *,
+        payee_id: str,
+        amount: int,
+        currency: str,
+        transaction_ids: list[str],
+        destination_id: Optional[str] = None,
+        metadata: Optional[dict[str, str]] = None,
+        idempotency_key: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "POST",
+            "/v1/settlements",
+            json={
+                "payee_id": payee_id,
+                "amount": amount,
+                "currency": currency,
+                "transaction_ids": transaction_ids,
+                "destination_id": destination_id,
+                "metadata": metadata,
+            },
+            idempotency_key=idempotency_key,
+        )
+
+    def get(self, settlement_id: str) -> dict[str, Any]:
+        return self._http.request("GET", f"/v1/settlements/{settlement_id}")
+
+    def list(
+        self,
+        *,
+        limit: Optional[int] = None,
+        starting_after: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "GET",
+            "/v1/settlements",
+            params={"limit": limit, "starting_after": starting_after},
+        )
+
+    def submit(
+        self,
+        settlement_id: str,
+        *,
+        idempotency_key: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "POST",
+            f"/v1/settlements/{settlement_id}/submit",
+            idempotency_key=idempotency_key,
+        )
+
+    def cancel(
+        self,
+        settlement_id: str,
+        *,
+        idempotency_key: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "POST",
+            f"/v1/settlements/{settlement_id}/cancel",
+            idempotency_key=idempotency_key,
+        )

certifieddata_agent_commerce-0.1.0/src/certifieddata_agent_commerce/resources/transactions.py

@@ -0,0 +1,110 @@
+"""Transactions resource."""
+
+from typing import Any, Optional
+from .._http import HttpClient
+
+
+class TransactionsResource:
+    def __init__(self, http: HttpClient) -> None:
+        self._http = http
+
+    def create(
+        self,
+        *,
+        amount: int,
+        currency: str,
+        rail: str,
+        payment_intent_id: Optional[str] = None,
+        payee_id: Optional[str] = None,
+        customer_id: Optional[str] = None,
+        description: Optional[str] = None,
+        metadata: Optional[dict[str, str]] = None,
+        idempotency_key: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "POST",
+            "/v1/transactions",
+            json={
+                "amount": amount,
+                "currency": currency,
+                "rail": rail,
+                "payment_intent_id": payment_intent_id,
+                "payee_id": payee_id,
+                "customer_id": customer_id,
+                "description": description,
+                "metadata": metadata,
+            },
+            idempotency_key=idempotency_key,
+        )
+
+    def get(self, transaction_id: str) -> dict[str, Any]:
+        return self._http.request("GET", f"/v1/transactions/{transaction_id}")
+
+    def list(
+        self,
+        *,
+        limit: Optional[int] = None,
+        starting_after: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "GET",
+            "/v1/transactions",
+            params={"limit": limit, "starting_after": starting_after},
+        )
+
+    def attach_links(
+        self,
+        transaction_id: str,
+        *,
+        artifact_id: Optional[str] = None,
+        certificate_id: Optional[str] = None,
+        decision_record_id: Optional[str] = None,
+        decision_id: Optional[str] = None,
+        dataset_id: Optional[str] = None,
+        model_id: Optional[str] = None,
+        output_id: Optional[str] = None,
+        receipt_hash: Optional[str] = None,
+        external_reference: Optional[str] = None,
+        provenance_metadata: Optional[dict[str, str]] = None,
+        idempotency_key: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "POST",
+            f"/v1/transactions/{transaction_id}/attach-links",
+            json={
+                "artifact_id": artifact_id,
+                "certificate_id": certificate_id,
+                "decision_record_id": decision_record_id or decision_id,
+                "dataset_id": dataset_id,
+                "model_id": model_id,
+                "output_id": output_id,
+                "receipt_hash": receipt_hash,
+                "external_reference": external_reference,
+                "provenance_metadata": provenance_metadata,
+            },
+            idempotency_key=idempotency_key,
+        )
+
+    def capture(
+        self,
+        transaction_id: str,
+        *,
+        idempotency_key: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "POST",
+            f"/v1/transactions/{transaction_id}/capture",
+            idempotency_key=idempotency_key,
+        )
+
+    def cancel(
+        self,
+        transaction_id: str,
+        *,
+        idempotency_key: Optional[str] = None,
+    ) -> dict[str, Any]:
+        return self._http.request(
+            "POST",
+            f"/v1/transactions/{transaction_id}/cancel",
+            idempotency_key=idempotency_key,
+        )

certifieddata_agent_commerce-0.1.0/src/certifieddata_agent_commerce/webhooks.py

@@ -0,0 +1,60 @@
+"""Webhook signature verification for CDP webhooks."""
+
+import hashlib
+import hmac
+import time
+
+
+def verify_webhook_signature(
+    raw_body: str | bytes,
+    signature_header: str,
+    timestamp_header: str,
+    secret: str,
+    tolerance_seconds: int = 300,
+) -> bool:
+    """
+    Verify a CDP webhook signature.
+
+    CDP signs webhooks using HMAC-SHA256 over the string:
+        ``{timestamp}.{raw_body}``
+
+    The ``CDAC-Signature`` header has the format::
+        ``t={timestamp},v1={hmac_hex}``
+
+    :param raw_body: Raw request body (str or bytes) — before any JSON parsing.
+    :param signature_header: Value of the ``CDAC-Signature`` header.
+    :param timestamp_header: Value of the ``CDAC-Timestamp`` header.
+    :param secret: Webhook endpoint secret.
+    :param tolerance_seconds: Maximum age of the webhook in seconds (default 300).
+    :returns: True if the signature is valid and within the timestamp tolerance.
+    :raises ValueError: If the signature header format is invalid.
+    """
+    # Parse timestamp
+    try:
+        ts = int(timestamp_header)
+    except (ValueError, TypeError) as exc:
+        raise ValueError(f"Invalid CDAC-Timestamp header: {timestamp_header!r}") from exc
+
+    # Check timestamp tolerance
+    now = int(time.time())
+    if abs(now - ts) > tolerance_seconds:
+        return False
+
+    # Extract v1 signature from header
+    v1_sig: str | None = None
+    for part in signature_header.split(","):
+        part = part.strip()
+        if part.startswith("v1="):
+            v1_sig = part[3:]
+            break
+
+    if not v1_sig:
+        return False
+
+    # Compute expected signature
+    body_bytes = raw_body.encode("utf-8") if isinstance(raw_body, str) else raw_body
+    signed_payload = f"{ts}.".encode("utf-8") + body_bytes
+    expected = hmac.new(secret.encode("utf-8"), signed_payload, hashlib.sha256).hexdigest()
+
+    # Constant-time comparison
+    return hmac.compare_digest(expected, v1_sig)