paynode-sdk-python 2.0.0__py3-none-any.whl → 2.1.0__py3-none-any.whl

paynode_sdk/client.py

@@ -8,7 +8,7 @@ from eth_account.messages import encode_typed_data
 from web3 import Web3
 from requests.adapters import HTTPAdapter
 from urllib3.util.retry import Retry
-from .constants import PAYNODE_ROUTER_ADDRESS, BASE_USDC_ADDRESS, BASE_USDC_DECIMALS, BASE_RPC_URLS, ACCEPTED_TOKENS, MIN_PAYMENT_AMOUNT
+from .constants import PAYNODE_ROUTER_ADDRESS, BASE_USDC_ADDRESS, BASE_USDC_DECIMALS, BASE_RPC_URLS, ACCEPTED_TOKENS, MIN_PAYMENT_AMOUNT, PAYNODE_ROUTER_ABI
 from .errors import PayNodeException, ErrorCode
 
 logger = logging.getLogger("paynode_sdk.client")
@@ -22,6 +22,7 @@ class PayNodeAgentClient:
     def __init__(self, private_key: str, rpc_urls: list | str = BASE_RPC_URLS):
         self.rpc_urls = rpc_urls if isinstance(rpc_urls, list) else [rpc_urls]
         self.w3 = self._init_w3()
+        self.current_rpc_index = 0
         
         # Initialize account and discard private key string
         self.account = self.w3.eth.account.from_key(private_key)
@@ -61,6 +62,24 @@ class PayNodeAgentClient:
                     
         raise PayNodeException(ErrorCode.rpc_error, message="All provided RPC nodes are unreachable.")
 
+    def _rotate_rpc(self):
+        """Switches to the next available RPC node in the list."""
+        self.current_rpc_index = (self.current_rpc_index + 1) % len(self.rpc_urls)
+        new_url = self.rpc_urls[self.current_rpc_index]
+        logger.warning(f"⚠️ [PayNode-PY] RPC failure detected. Rotating to: {new_url}")
+        self.w3 = Web3(Web3.HTTPProvider(new_url, request_kwargs={'timeout': 10}))
+
+    def _call_with_failover(self, func, *args, **kwargs):
+        """Wrapper to retry a web3 call with RPC failover."""
+        for attempt in range(len(self.rpc_urls)):
+            try:
+                return func(*args, **kwargs)
+            except Exception as e:
+                if attempt < len(self.rpc_urls) - 1:
+                    self._rotate_rpc()
+                else:
+                    raise e
+
     def request_gate(self, url: str, method: str = "GET", **kwargs):
         """The high-level autonomous method handling 402 loop."""
         return self._request_with_402_retry(method.upper(), url, **kwargs)
@@ -71,12 +90,12 @@ class PayNodeAgentClient:
     def post(self, url, **kwargs):
         return self.request_gate(url, "POST", **kwargs)
 
-    def _request_with_402_retry(self, method, url, max_retries=3, **kwargs):
+    def _request_with_402_retry(self, method: str, url: str, max_retries: int = 3, **kwargs) -> requests.Response:
         response = None
-        for _ in range(max_retries):
+        for attempt in range(max_retries):
             response = self.session.request(method, url, **kwargs)
             if response.status_code == 402:
-                logger.info("💡 [PayNode-PY] 402 Detected. Analyzing protocol version...")
+                logger.info(f"💡 [PayNode-PY] 402 Detected (Attempt {attempt+1}/{max_retries}). Analyzing protocol version...")
                 
                 # Check for x402 v2 (JSON body or X-402-Required header)
                 content_type = response.headers.get('Content-Type', '')
@@ -101,14 +120,22 @@ class PayNodeAgentClient:
                 if body and body.get('x402Version') == 2:
                     logger.info("🚀 [PayNode-PY] x402 v2 detected. Handling autonomous payment...")
                     if order_id: body['orderId'] = order_id
-                    kwargs = self._handle_x402_v2(body, **kwargs)
+                    kwargs = self._handle_x402_v2(url, body, **kwargs)
                     continue
 
                 raise PayNodeException(ErrorCode.internal_error, message="Unsupported or malformed 402 response")
+            
             return response
+
+        if response and response.status_code == 402:
+            raise PayNodeException(ErrorCode.internal_error, message="Still 402 after all payment attempts. The server may have rejected the payment or authorization.")
         return response
 
-    def _handle_x402_v2(self, requirements, **kwargs):
+    def _handle_x402_v2(self, url: str, requirements: dict, **kwargs) -> dict:
+        """
+        Internal handler for X402 V2/V3.1 protocol.
+        Analyzes requirements, executes payment, and returns updated kwargs for retrying the request.
+        """
         chain_id = self.w3.eth.chain_id
         caip2_chain_id = f"eip155:{chain_id}"
 
@@ -119,13 +146,18 @@ class PayNodeAgentClient:
         if not requirement:
             raise PayNodeException(ErrorCode.internal_error, message=f"No compatible payment requirement found for network {caip2_chain_id}")
 
+        # 🛡️ Token Whitelist Check
+        chain_tokens = ACCEPTED_TOKENS.get(chain_id, [])
+        if chain_tokens and requirement.get('asset').lower() not in [t.lower() for t in chain_tokens]:
+            raise PayNodeException(ErrorCode.token_not_accepted, message=f"Token {requirement['asset']} is not in the whitelist for chain {chain_id}")
+
         logger.info(f"💡 [PayNode-PY] Payment request (v2): {requirement['amount']} atomic units of {requirement['asset']} to {requirement['payTo']}")
         
         # Dust limit check
         if int(requirement['amount']) < MIN_PAYMENT_AMOUNT:
             raise PayNodeException(ErrorCode.amount_too_low, message=f"Payment amount {requirement['amount']} is below the minimum dust limit of {MIN_PAYMENT_AMOUNT}")
 
-        order_id = requirement.get('orderId') or requirements.get('orderId') or urlparse(kwargs.get('url', '')).path
+        order_id = requirement.get('orderId') or requirements.get('orderId') or urlparse(url).path
         
         payload_data = {}
         ptype = requirement.get('type', 'onchain')
@@ -160,9 +192,13 @@ class PayNodeAgentClient:
             allowance = self._get_allowance(asset, router_addr)
 
             if allowance >= amount:
-                tx_hash = self.pay(router_addr, asset, requirement['payTo'], amount, order_id)
+                try:
+                    tx_hash = self.pay(router_addr, asset, requirement['payTo'], amount, order_id)
+                except Exception as e:
+                    logger.warning(f"⚠️ [PayNode-PY] Direct pay failed (possibly allowance race), falling back to permit: {e}")
+                    tx_hash = self.pay_with_permit(router_addr, asset, requirement['payTo'], amount, order_id, version=requirement.get('extra', {}).get('version', '2'))
             else:
-                tx_hash = self.pay_with_permit(router_addr, asset, requirement['payTo'], amount, order_id)
+                tx_hash = self.pay_with_permit(router_addr, asset, requirement['payTo'], amount, order_id, version=requirement.get('extra', {}).get('version', '2'))
             
             payload_data = {"txHash": tx_hash}
 
@@ -249,11 +285,14 @@ class PayNodeAgentClient:
         }
 
     def _get_allowance(self, token_addr, spender_addr):
+        return self._call_with_failover(self.__get_allowance_raw, token_addr, spender_addr)
+
+    def __get_allowance_raw(self, token_addr, spender_addr):
         abi = [{"constant": True, "inputs": [{"name": "o", "type": "address"}, {"name": "s", "type": "address"}], "name": "allowance", "outputs": [{"name": "", "type": "uint256"}], "type": "function"}]
         token = self.w3.eth.contract(address=Web3.to_checksum_address(token_addr), abi=abi)
         return token.functions.allowance(self.account.address, Web3.to_checksum_address(spender_addr)).call()
 
-    def sign_permit(self, token_addr, spender_addr, amount, deadline=None):
+    def sign_permit(self, token_addr: str, spender_addr: str, amount: int, deadline: int = None, version: str = "2"):
         if deadline is None:
             deadline = int(time.time()) + 3600
         
@@ -269,7 +308,7 @@ class PayNodeAgentClient:
         name = token.functions.name().call()
         chain_id = self.w3.eth.chain_id
 
-        domain = {"name": name, "version": "1", "chainId": chain_id, "verifyingContract": token_addr}
+        domain = {"name": name, "version": version, "chainId": chain_id, "verifyingContract": token_addr}
         message = {"owner": self.account.address, "spender": spender_addr, "value": amount, "nonce": nonce, "deadline": deadline}
         types = {
             "EIP712Domain": [
@@ -284,12 +323,19 @@ class PayNodeAgentClient:
         }
         structured_data = {"types": types, "domain": domain, "primaryType": "Permit", "message": message}
         signed = self.account.sign_typed_data(full_message=structured_data)
-        return {"v": signed.v, "r": Web3.to_bytes(signed.r).rjust(32, b'\0'), "s": Web3.to_bytes(signed.s).rjust(32, b'\0'), "deadline": deadline}
+        
+        # NOTE: r/s padding to 32 bytes ensures bytes32 compatibility
+        r_bytes = Web3.to_bytes(signed.r).rjust(32, b'\0')
+        s_bytes = Web3.to_bytes(signed.s).rjust(32, b'\0')
+        
+        return {"v": signed.v, "r": r_bytes, "s": s_bytes, "deadline": deadline}
+
+    def pay_with_permit(self, router_addr, token_addr, merchant_addr, amount, order_id, version="2"):
+        return self._call_with_failover(self.__pay_with_permit_raw, router_addr, token_addr, merchant_addr, amount, order_id, version)
 
-    def pay_with_permit(self, router_addr, token_addr, merchant_addr, amount, order_id):
-        sig = self.sign_permit(token_addr, router_addr, amount)
-        router_abi = [{"inputs": [{"name": "payer", "type": "address"}, {"name": "token", "type": "address"}, {"name": "merchant", "type": "address"}, {"name": "amount", "type": "uint256"}, {"name": "orderId", "type": "bytes32"}, {"name": "deadline", "type": "uint256"}, {"name": "v", "type": "uint8"}, {"name": "r", "type": "bytes32"}, {"name": "s", "type": "bytes32"}], "name": "payWithPermit", "outputs": [], "stateMutability": "nonpayable", "type": "function"}]
-        router = self.w3.eth.contract(address=Web3.to_checksum_address(router_addr), abi=router_abi)
+    def __pay_with_permit_raw(self, router_addr, token_addr, merchant_addr, amount, order_id, version="2"):
+        sig = self.sign_permit(token_addr, router_addr, amount, version=version)
+        router = self.w3.eth.contract(address=Web3.to_checksum_address(router_addr), abi=PAYNODE_ROUTER_ABI)
         order_id_bytes = self.w3.keccak(text=order_id)
         current_gas_price = int(self.w3.eth.gas_price * 1.2)
         with self.nonce_lock:
@@ -301,8 +347,10 @@ class PayNodeAgentClient:
         return self.w3.to_hex(tx_h)
 
     def pay(self, router_addr, token_addr, merchant_addr, amount, order_id):
-        router_abi = [{"inputs": [{"name": "token", "type": "address"}, {"name": "merchant", "type": "address"}, {"name": "amount", "type": "uint256"}, {"name": "orderId", "type": "bytes32"}], "name": "pay", "outputs": [], "stateMutability": "nonpayable", "type": "function"}]
-        router = self.w3.eth.contract(address=Web3.to_checksum_address(router_addr), abi=router_abi)
+        return self._call_with_failover(self.__pay_raw, router_addr, token_addr, merchant_addr, amount, order_id)
+
+    def __pay_raw(self, router_addr, token_addr, merchant_addr, amount, order_id):
+        router = self.w3.eth.contract(address=Web3.to_checksum_address(router_addr), abi=PAYNODE_ROUTER_ABI)
         order_id_bytes = self.w3.keccak(text=order_id)
         current_gas_price = int(self.w3.eth.gas_price * 1.2)
         with self.nonce_lock:

paynode_sdk/constants.py

@@ -2,7 +2,7 @@
 PAYNODE_ROUTER_ADDRESS = "0x4A73696ccF76E7381b044cB95127B3784369Ed63"
 PAYNODE_ROUTER_ADDRESS_SANDBOX = "0x24cD8b68aaC209217ff5a6ef1Bf55a59f2c8Ca6F"
 BASE_USDC_ADDRESS = "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913"
-BASE_USDC_ADDRESS_SANDBOX = "0x109AEddD656Ed2761d1e210E179329105039c784"
+BASE_USDC_ADDRESS_SANDBOX = "0x65c088EfBDB0E03185Dbe8e258Ad0cf4Ab7946b0"
 BASE_USDC_DECIMALS = 6
 
 PROTOCOL_TREASURY = "0x598bF63F5449876efafa7b36b77Deb2070621C0E"
@@ -14,22 +14,7 @@ BASE_RPC_URLS_SANDBOX = ["https://sepolia.base.org", "https://base-sepolia-rpc.p
 
 ACCEPTED_TOKENS = {
     8453: ["0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913"],
-    84532: ["0x109AEddD656Ed2761d1e210E179329105039c784"]
+    84532: ["0x65c088EfBDB0E03185Dbe8e258Ad0cf4Ab7946b0"]
 }
 
-PAYNODE_ROUTER_ABI = [
-    {
-        "anonymous": False,
-        "inputs": [
-            {"indexed": True, "name": "orderId", "type": "bytes32"},
-            {"indexed": True, "name": "merchant", "type": "address"},
-            {"indexed": True, "name": "payer", "type": "address"},
-            {"indexed": False, "name": "token", "type": "address"},
-            {"indexed": False, "name": "amount", "type": "uint256"},
-            {"indexed": False, "name": "fee", "type": "uint256"},
-            {"indexed": False, "name": "chainId", "type": "uint256"}
-        ],
-        "name": "PaymentReceived",
-        "type": "event"
-    }
-]
+PAYNODE_ROUTER_ABI = [{'type': 'constructor', 'inputs': [{'name': '_protocolTreasury', 'type': 'address', 'internalType': 'address'}], 'stateMutability': 'nonpayable'}, {'type': 'function', 'name': 'MAX_BPS', 'inputs': [], 'outputs': [{'name': '', 'type': 'uint256', 'internalType': 'uint256'}], 'stateMutability': 'view'}, {'type': 'function', 'name': 'MIN_PAYMENT_AMOUNT', 'inputs': [], 'outputs': [{'name': '', 'type': 'uint256', 'internalType': 'uint256'}], 'stateMutability': 'view'}, {'type': 'function', 'name': 'PROTOCOL_FEE_BPS', 'inputs': [], 'outputs': [{'name': '', 'type': 'uint256', 'internalType': 'uint256'}], 'stateMutability': 'view'}, {'type': 'function', 'name': 'acceptOwnership', 'inputs': [], 'outputs': [], 'stateMutability': 'nonpayable'}, {'type': 'function', 'name': 'owner', 'inputs': [], 'outputs': [{'name': '', 'type': 'address', 'internalType': 'address'}], 'stateMutability': 'view'}, {'type': 'function', 'name': 'pause', 'inputs': [], 'outputs': [], 'stateMutability': 'nonpayable'}, {'type': 'function', 'name': 'paused', 'inputs': [], 'outputs': [{'name': '', 'type': 'bool', 'internalType': 'bool'}], 'stateMutability': 'view'}, {'type': 'function', 'name': 'pay', 'inputs': [{'name': 'token', 'type': 'address', 'internalType': 'address'}, {'name': 'merchant', 'type': 'address', 'internalType': 'address'}, {'name': 'amount', 'type': 'uint256', 'internalType': 'uint256'}, {'name': 'orderId', 'type': 'bytes32', 'internalType': 'bytes32'}], 'outputs': [], 'stateMutability': 'nonpayable'}, {'type': 'function', 'name': 'payWithPermit', 'inputs': [{'name': 'payer', 'type': 'address', 'internalType': 'address'}, {'name': 'token', 'type': 'address', 'internalType': 'address'}, {'name': 'merchant', 'type': 'address', 'internalType': 'address'}, {'name': 'amount', 'type': 'uint256', 'internalType': 'uint256'}, {'name': 'orderId', 'type': 'bytes32', 'internalType': 'bytes32'}, {'name': 'deadline', 'type': 'uint256', 'internalType': 'uint256'}, {'name': 'v', 'type': 'uint8', 'internalType': 'uint8'}, {'name': 'r', 'type': 'bytes32', 'internalType': 'bytes32'}, {'name': 's', 'type': 'bytes32', 'internalType': 'bytes32'}], 'outputs': [], 'stateMutability': 'nonpayable'}, {'type': 'function', 'name': 'pendingOwner', 'inputs': [], 'outputs': [{'name': '', 'type': 'address', 'internalType': 'address'}], 'stateMutability': 'view'}, {'type': 'function', 'name': 'protocolTreasury', 'inputs': [], 'outputs': [{'name': '', 'type': 'address', 'internalType': 'address'}], 'stateMutability': 'view'}, {'type': 'function', 'name': 'renounceOwnership', 'inputs': [], 'outputs': [], 'stateMutability': 'nonpayable'}, {'type': 'function', 'name': 'transferOwnership', 'inputs': [{'name': 'newOwner', 'type': 'address', 'internalType': 'address'}], 'outputs': [], 'stateMutability': 'nonpayable'}, {'type': 'function', 'name': 'unpause', 'inputs': [], 'outputs': [], 'stateMutability': 'nonpayable'}, {'type': 'function', 'name': 'updateTreasury', 'inputs': [{'name': '_newTreasury', 'type': 'address', 'internalType': 'address'}], 'outputs': [], 'stateMutability': 'nonpayable'}, {'type': 'event', 'name': 'OwnershipTransferStarted', 'inputs': [{'name': 'previousOwner', 'type': 'address', 'indexed': True, 'internalType': 'address'}, {'name': 'newOwner', 'type': 'address', 'indexed': True, 'internalType': 'address'}], 'anonymous': False}, {'type': 'event', 'name': 'OwnershipTransferred', 'inputs': [{'name': 'previousOwner', 'type': 'address', 'indexed': True, 'internalType': 'address'}, {'name': 'newOwner', 'type': 'address', 'indexed': True, 'internalType': 'address'}], 'anonymous': False}, {'type': 'event', 'name': 'Paused', 'inputs': [{'name': 'account', 'type': 'address', 'indexed': False, 'internalType': 'address'}], 'anonymous': False}, {'type': 'event', 'name': 'PaymentReceived', 'inputs': [{'name': 'orderId', 'type': 'bytes32', 'indexed': True, 'internalType': 'bytes32'}, {'name': 'merchant', 'type': 'address', 'indexed': True, 'internalType': 'address'}, {'name': 'payer', 'type': 'address', 'indexed': True, 'internalType': 'address'}, {'name': 'token', 'type': 'address', 'indexed': False, 'internalType': 'address'}, {'name': 'amount', 'type': 'uint256', 'indexed': False, 'internalType': 'uint256'}, {'name': 'fee', 'type': 'uint256', 'indexed': False, 'internalType': 'uint256'}, {'name': 'chainId', 'type': 'uint256', 'indexed': False, 'internalType': 'uint256'}], 'anonymous': False}, {'type': 'event', 'name': 'TreasuryUpdated', 'inputs': [{'name': 'oldTreasury', 'type': 'address', 'indexed': True, 'internalType': 'address'}, {'name': 'newTreasury', 'type': 'address', 'indexed': True, 'internalType': 'address'}], 'anonymous': False}, {'type': 'event', 'name': 'Unpaused', 'inputs': [{'name': 'account', 'type': 'address', 'indexed': False, 'internalType': 'address'}], 'anonymous': False}, {'type': 'error', 'name': 'AmountTooLow', 'inputs': []}, {'type': 'error', 'name': 'EnforcedPause', 'inputs': []}, {'type': 'error', 'name': 'ExpectedPause', 'inputs': []}, {'type': 'error', 'name': 'InvalidAddress', 'inputs': []}, {'type': 'error', 'name': 'OwnableInvalidOwner', 'inputs': [{'name': 'owner', 'type': 'address', 'internalType': 'address'}]}, {'type': 'error', 'name': 'OwnableUnauthorizedAccount', 'inputs': [{'name': 'account', 'type': 'address', 'internalType': 'address'}]}, {'type': 'error', 'name': 'SafeERC20FailedOperation', 'inputs': [{'name': 'token', 'type': 'address', 'internalType': 'address'}]}, {'type': 'error', 'name': 'UnauthorizedCaller', 'inputs': []}]

paynode_sdk/errors.py

@@ -28,7 +28,7 @@ ERROR_MESSAGES = {
     ErrorCode.transaction_not_found: "Transaction not found on-chain.",
     ErrorCode.wrong_contract: "Payment event was not emitted by the official PayNode contract.",
     ErrorCode.order_mismatch: "OrderId in receipt does not match requested ID.",
-    ErrorCode.missing_receipt: "Please pay to PayNode contract and provide 'x-paynode-receipt' header.",
+    ErrorCode.missing_receipt: "Please pay to PayNode contract and provide 'X-402-Payload' header.",
 }
 
 class PayNodeException(Exception):

paynode_sdk/idempotency.py

@@ -18,27 +18,38 @@ class IdempotencyStore(ABC):
         """
         pass
 
+import threading
+
 class MemoryIdempotencyStore(IdempotencyStore):
     def __init__(self):
         self.cache: Dict[str, float] = {}
+        self.last_cleanup = time.time()
+        self.lock = threading.Lock()
 
     async def check_and_set(self, tx_hash: str, ttl_seconds: int) -> bool:
-        now = time.time()
-        expiry = self.cache.get(tx_hash)
+        with self.lock:
+            now = time.time()
+            expiry = self.cache.get(tx_hash)
 
-        if expiry and expiry > now:
-            return False
+            if expiry and expiry > now:
+                return False
 
-        self.cache[tx_hash] = now + ttl_seconds
-        self._cleanup()
-        return True
+            self.cache[tx_hash] = now + ttl_seconds
+            
+            # BUG-5 FIX: Only cleanup periodically to avoid O(n) overhead on every call.
+            if now - self.last_cleanup > 60:
+                self._cleanup()
+                self.last_cleanup = now
+                
+            return True
 
     async def delete(self, tx_hash: str) -> None:
-        self.cache.pop(tx_hash, None)
+        with self.lock:
+            self.cache.pop(tx_hash, None)
 
     def _cleanup(self):
+        # Already inside lock when called from check_and_set
         now = time.time()
-        # Simple cleanup logic: remove expired entries
         expired_keys = [k for k, v in self.cache.items() if v <= now]
         for k in expired_keys:
             del self.cache[k]

paynode_sdk/middleware.py

@@ -47,13 +47,20 @@ class PayNodeMiddleware(BaseHTTPMiddleware):
         self.chain_id = chain_id
         self.generate_order_id = generate_order_id or (lambda r: f"agent_py_{int(time.time() * 1000)}")
 
-        self.amount_int = int(float(price) * (10 ** decimals))
+        # DEV-2 FIX: Avoid float precision risks by using integer arithmetic or decimal string parsing
+        if "." in price:
+            parts = price.split(".")
+            integer_part = parts[0]
+            fraction_part = parts[1][:decimals].ljust(decimals, "0")
+            self.amount_int = int(integer_part + fraction_part)
+        else:
+            self.amount_int = int(price) * (10 ** decimals)
         self.description = kwargs.get('description', "Protected Resource")
         self.max_timeout_seconds = kwargs.get('max_timeout_seconds', 3600)
 
     async def dispatch(self, request: Request, call_next):
-        v2_payload_header = request.headers.get('x-402-payload')
-        order_id = request.headers.get('x-402-order-id')
+        v2_payload_header = request.headers.get('X-402-Payload')
+        order_id = request.headers.get('X-402-Order-Id')
 
         if not order_id:
             order_id = self.generate_order_id(request)
@@ -76,10 +83,14 @@ class PayNodeMiddleware(BaseHTTPMiddleware):
                         "amount": str(self.amount_int),
                         "orderId": order_id
                     },
-                    unified_payload.get("payload", {}).get("extra", {}) if unified_payload.get("type") == "eip3009" else {}
+                    # BUG-1 FIX: extra should come from our own config (v2Response schema), not the agent's payload
+                    {
+                        "name": self.currency,
+                        "version": "2" # USDC v2
+                    } if unified_payload.get("type") == "eip3009" else {}
                 )
                 if result.get("isValid"):
-                    request.state.paynode = {"unified_payload": unified_payload, "order_id": order_id}
+                    request.state.paynode = {"unified_payload": unified_payload, "orderId": order_id}
                     return await call_next(request)
                 else:
                     err = result.get("error")

paynode_sdk/verifier.py

@@ -3,7 +3,7 @@ import time
 import logging
 from concurrent.futures import ThreadPoolExecutor, as_completed
 from .errors import ErrorCode, PayNodeException
-from .constants import ACCEPTED_TOKENS, MIN_PAYMENT_AMOUNT
+from .constants import ACCEPTED_TOKENS, MIN_PAYMENT_AMOUNT, PAYNODE_ROUTER_ABI
 from .idempotency import MemoryIdempotencyStore
 from web3 import Web3
 from eth_account import Account
@@ -55,6 +55,15 @@ class PayNodeVerifier:
         Routes to verify_onchain_payment or verify_transfer_with_authorization (eip3009).
         """
         try:
+            # 1. Double-check Protocol Dust Limit (>= 1000)
+            expected_amount = int(expected.get("amount", 0))
+            if expected_amount < MIN_PAYMENT_AMOUNT:
+                 return {"isValid": False, "error": PayNodeException(ErrorCode.amount_too_low)}
+
+            # 2. Security: Token Whitelist Check
+            if self.accepted_tokens and expected.get("tokenAddress", "").lower() not in self.accepted_tokens:
+                return {"isValid": False, "error": PayNodeException(ErrorCode.token_not_accepted, message=f"Token {expected.get('tokenAddress')} not allowed")}
+
             payload_type = unified_payload.get("type")
             actual_payload = unified_payload.get("payload", {})
             order_id = unified_payload.get("orderId")
@@ -105,16 +114,21 @@ class PayNodeVerifier:
         if receipt.get("status") == 0:
             return {"isValid": False, "error": PayNodeException(ErrorCode.transaction_failed)}
 
-        router_abi = [{"anonymous": False, "inputs": [{"indexed": True, "name": "merchant", "type": "address"}, {"indexed": True, "name": "token", "type": "address"}, {"indexed": False, "name": "amount", "type": "uint256"}, {"indexed": True, "name": "orderId", "type": "bytes32"}, {"indexed": False, "name": "chainId", "type": "uint256"}], "name": "PaymentReceived", "type": "event"}]
-        contract = self.w3.eth.contract(address=Web3.to_checksum_address(self.contract_address), abi=router_abi)
+        contract = self.w3.eth.contract(address=Web3.to_checksum_address(self.contract_address), abi=PAYNODE_ROUTER_ABI)
         
+        # 1. Check if the router was even involved (against 'WrongContract' vs 'InvalidReceipt')
+        # Filter logs for current contract
+        relevant_logs = [log for log in receipt.get("logs", []) if log.get("address", "").lower() == self.contract_address.lower()]
+        if not relevant_logs:
+             return {"isValid": False, "error": PayNodeException(ErrorCode.wrong_contract, message="Transaction did not interact with the expected PayNodeRouter contract")}
+
         try:
-            logs = await asyncio.to_thread(contract.events.PaymentReceived().process_receipt, receipt)
+            processed_logs = await asyncio.to_thread(contract.events.PaymentReceived().process_receipt, {"logs": relevant_logs})
         except Exception:
              return {"isValid": False, "error": PayNodeException(ErrorCode.invalid_receipt)}
 
-        if not logs:
-             return {"isValid": False, "error": PayNodeException(ErrorCode.invalid_receipt, message="No PaymentReceived event found")}
+        if not processed_logs:
+             return {"isValid": False, "error": PayNodeException(ErrorCode.invalid_receipt, message="No PaymentReceived event found in router logs")}
 
         merchant = expected.get("merchantAddress", "").lower()
         token = expected.get("tokenAddress", "").lower()
@@ -122,16 +136,24 @@ class PayNodeVerifier:
         order_id_bytes = self.w3.keccak(text=expected.get("orderId", ""))
 
         valid_log_found = False
-        for log in logs:
+        order_id_mismatch_found = False
+        for log in processed_logs:
             args = log.args
-            if (args.get("merchant", "").lower() == merchant and
-                args.get("token", "").lower() == token and
-                args.get("amount", 0) >= amount and
-                args.get("orderId") == order_id_bytes):
-                valid_log_found = True
-                break
+            is_merchant_match = args.get("merchant", "").lower() == merchant
+            is_token_match = args.get("token", "").lower() == token
+            is_amount_match = args.get("amount", 0) >= amount
+            is_order_match = args.get("orderId") == order_id_bytes
+
+            if is_merchant_match and is_token_match and is_amount_match:
+                if is_order_match:
+                    valid_log_found = True
+                    break
+                else:
+                    order_id_mismatch_found = True
         
         if not valid_log_found:
+             if order_id_mismatch_found:
+                 return {"isValid": False, "error": PayNodeException(ErrorCode.order_mismatch, message="Payment log found but orderId does not match")}
              return {"isValid": False, "error": PayNodeException(ErrorCode.invalid_receipt, message="Payment event data mismatch")}
 
         if self.store:
@@ -218,7 +240,9 @@ class PayNodeVerifier:
                 "message": auth_msg
             }
 
-            recovered_address = Account.recover_typed_data(structured_data, signature=signature)
+            from eth_account.messages import encode_typed_data
+            signable_msg = encode_typed_data(full_message=structured_data)
+            recovered_address = Account.recover_message(signable_msg, signature=signature)
 
             if recovered_address.lower() != auth["from"].lower():
                 return {"isValid": False, "error": PayNodeException(ErrorCode.invalid_receipt, message="Invalid signature")}
@@ -261,19 +285,17 @@ class PayNodeVerifier:
 
             # Concurrent RPC calls
             try:
-                def call_rpc():
-                    balance = token_contract.functions.balanceOf(authorizer_address).call()
-                    is_used = token_contract.functions.authorizationState(authorizer_address, nonce_bytes).call()
-                    return balance, is_used
-
-                balance, is_nonce_used_on_chain = await asyncio.to_thread(call_rpc)
+                balance, is_nonce_used_on_chain = await asyncio.gather(
+                    asyncio.to_thread(token_contract.functions.balanceOf(authorizer_address).call),
+                    asyncio.to_thread(token_contract.functions.authorizationState(authorizer_address, nonce_bytes).call)
+                )
             except Exception as e:
-                # If RPC fails (e.g. mock token doesn't support authorizationState), fallback or fail
                 logger.warning(f"RPC state check failed for token {token_addr}: {e}")
-                # We still keep the local idempotency check. For safety, we return true if balance is not checkable? 
-                # No, JS implementation fallbacks to 0 balance and False nonce.
-                balance = payload_value # Optimistic if check fails? No, let's follow JS more closely but be safe.
-                is_nonce_used_on_chain = False
+                if self.store: await self.store.delete(nonce)
+                return {
+                    "isValid": False, 
+                    "error": PayNodeException(ErrorCode.rpc_error, message=f"Cannot verify on-chain state: {e}")
+                }
 
             if balance < payload_value:
                 if self.store: await self.store.delete(nonce)

paynode_sdk/webhook.py

@@ -3,7 +3,7 @@ PayNode Webhook Notifier — monitors on-chain PaymentReceived events
 and delivers structured webhook POSTs to a merchant's endpoint.
 
 Features:
-- HMAC-SHA256 signature for authenticity (header: x-paynode-signature)
+- HMAC-SHA256 signature for authenticity (header: X-402-Signature)
 - Configurable polling interval
 - Automatic retry with exponential backoff (3 attempts)
 - Async-first design
@@ -73,7 +73,7 @@ class PayNodeWebhookNotifier:
     Usage:
         notifier = PayNodeWebhookNotifier(
             rpc_url="https://mainnet.base.org",
-            contract_address="0x92e20164FC457a2aC35f53D06268168e6352b200",
+            contract_address="0x4A73696ccF76E7381b044cB95127B3784369Ed63",
             webhook_url="https://myshop.com/api/paynode-webhook",
             webhook_secret="whsec_mysecretkey123",
         )
@@ -201,9 +201,9 @@ class PayNodeWebhookNotifier:
 
         headers = {
             "Content-Type": "application/json",
-            "x-paynode-signature": f"sha256={signature}",
-            "x-paynode-event": "payment.received",
-            "x-paynode-delivery-id": f"{event.tx_hash}-{attempt}",
+            "X-402-Signature": f"sha256={signature}",
+            "X-402-Event": "payment.received",
+            "X-402-Delivery-Id": f"{event.tx_hash}-{attempt}",
             **self.custom_headers,
         }
 

{paynode_sdk_python-2.0.0.dist-info → paynode_sdk_python-2.1.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: paynode-sdk-python
-Version: 2.0.0
+Version: 2.1.0
 Summary: PayNode Protocol Python SDK for AI Agents
 Author-email: PayNodeLabs <contact@paynode.dev>
 License: MIT
@@ -54,7 +54,7 @@ response = agent.request_gate("https://api.merchant.com/premium-data", method="P
 print(response.json())
 ```
 
-### Key Features (v2.0)
+### Key Features (v2.1)
 - **EIP-3009 Support**: Sign payments off-chain using `TransferWithAuthorization`, allowing for gasless or relayer-mediated settlement.
 - **X402 V2 Protocol**: JSON-based handshake for more structured and machine-readable payment instructions.
 - **Dual Flow**: Automatic fallback to V1 (on-chain receipts) for legacy merchant support.

paynode_sdk_python-2.1.0.dist-info/RECORD

@@ -0,0 +1,13 @@
+paynode_sdk/__init__.py,sha256=dDP3qUvuhpyeUcCRRIeaHMifaYPE_p6IwZjcmaHgAHU,1187
+paynode_sdk/client.py,sha256=JGY2W00RDiYLjg4VWexaG85BepyWISTfZmZzUX2UabU,17770
+paynode_sdk/constants.py,sha256=axeDk308gMql4riCfSsFPWgk0O3o5FpeiIdDlpDnrgA,6346
+paynode_sdk/errors.py,sha256=0L7pxDA1V305mkmi886OFp5qIaAoVTLmIB0hFQB0zG8,1961
+paynode_sdk/idempotency.py,sha256=IOdyv8STj97EDGlwpGQnGE7K_NHRMmULvLTNTaglnB8,2450
+paynode_sdk/middleware.py,sha256=l3YY6ZsqJ3KBf_2vEtrJNm9XHUXEpJUpL8RG6xwDxC8,6342
+paynode_sdk/verifier.py,sha256=PxSBbhX7ba-0nUdNP_F-CazjN7zmqwmTUJZ6IXw3Nsw,14850
+paynode_sdk/webhook.py,sha256=ngP0Az_-20gPVeHPzeaXuy1_AK1TTqqsmP-HCpAWEEM,8317
+paynode_sdk_python-2.1.0.dist-info/licenses/LICENSE,sha256=U8RjGlEBtXN6PA-qN_N3Uh60jyu3qe26ZBmgt-LAHc4,1069
+paynode_sdk_python-2.1.0.dist-info/METADATA,sha256=MK9N2HYmcj3CXfSo0wbQiBmXn35Dg5CPXJDMbZpCErs,3757
+paynode_sdk_python-2.1.0.dist-info/WHEEL,sha256=aeYiig01lYGDzBgS8HxWXOg3uV61G9ijOsup-k9o1sk,91
+paynode_sdk_python-2.1.0.dist-info/top_level.txt,sha256=c6Skc1Xx-9O-JJ7sHghLW8Kyn4hyJoVPUawH1Mu8iTU,12
+paynode_sdk_python-2.1.0.dist-info/RECORD,,

paynode_sdk_python-2.0.0.dist-info/RECORD

@@ -1,13 +0,0 @@
-paynode_sdk/__init__.py,sha256=dDP3qUvuhpyeUcCRRIeaHMifaYPE_p6IwZjcmaHgAHU,1187
-paynode_sdk/client.py,sha256=RSxF5p5k7JbFZW4dezr48Wb4NYKiPeI5bTwB5ApCYns,15530
-paynode_sdk/constants.py,sha256=-hR1P9B80-aQ0kCbY9hJEb1tpiRia1F0VCki9LpG7zs,1429
-paynode_sdk/errors.py,sha256=9Mnyctt-ekcbNAkgKi45i0UZr8QXDEBwLpQTNtuz9i0,1965
-paynode_sdk/idempotency.py,sha256=SZujxMC_YgrH7qpd8aW2cKp6qFaZCzLY888IIAk-iVc,2061
-paynode_sdk/middleware.py,sha256=0g1kT_mnwXq4c3O5Dkzxl_d6CQrhnfsfzyMqL7M4JOU,5814
-paynode_sdk/verifier.py,sha256=S1sy4dwBFhl9EWORcwAsM3g92a4ljsgUJBzTpYsTG9c,13743
-paynode_sdk/webhook.py,sha256=djpcsqWAlWts2Y-l2bS4_Rjbd_9FCir0rn3J48hLvnY,8333
-paynode_sdk_python-2.0.0.dist-info/licenses/LICENSE,sha256=U8RjGlEBtXN6PA-qN_N3Uh60jyu3qe26ZBmgt-LAHc4,1069
-paynode_sdk_python-2.0.0.dist-info/METADATA,sha256=Dn3wUeBZ75LE0Dg97c0bjNmQs8-Jz4RSkgdVNAZHvwU,3757
-paynode_sdk_python-2.0.0.dist-info/WHEEL,sha256=aeYiig01lYGDzBgS8HxWXOg3uV61G9ijOsup-k9o1sk,91
-paynode_sdk_python-2.0.0.dist-info/top_level.txt,sha256=c6Skc1Xx-9O-JJ7sHghLW8Kyn4hyJoVPUawH1Mu8iTU,12
-paynode_sdk_python-2.0.0.dist-info/RECORD,,