fix(x402): validate server payment requirements before signing in pay and eip3009AuthenticatedFetch#11
Open
Nexory wants to merge 1 commit into
Conversation
… signing The pay CLI signed the server-supplied 402 payment requirements directly via signX402Payment without validation. Apply the existing validatePaymentRequirements guard (now exported from x402-payment) on the CLI path before signing: reject burn/zero payTo addresses and, with the new --max-amount flag, reject amounts above the caller's cap. Adds focused tests for the guard.
Nexory
force-pushed
the
fix/x402-validate-payment-requirements
branch
from
55d8f5b to
e8d54a0
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
The
payCLI signed the server-supplied 402 payment requirements directly viasignX402Paymentwithout any validation. This wires the existingvalidatePaymentRequirementsguard (now exported fromx402-payment) into the CLI path before signing:payToaddresses,--max-amountflag, rejects amounts above the caller's cap.Adds focused unit tests for the guard.
Note on scope
Re-scoped after the lib-level
validatePaymentRequirementslanded inmain: this PR now only applies that existing guard on thepayCLI path (which still signed server requirements unvalidated) and adds the--max-amountcap plus tests. Earlier auth/manifest changes were dropped to keep this focused on the validation fix.Testing
npm run type-checknpm run test(636/636 passing, including the new validate-payment-requirements suite)npm run lint(biome, clean)