feat: stealth payments via Umbra on Base mainnet#251
Open
Huygon764 wants to merge 5 commits into
Open
Conversation
Huygon764
force-pushed
the
develop
branch
2 times, most recently
from
76deaeb to
7f59eb5
Compare
* docs: add llms.txt intro page for AI agents (#256) Add a GitBook-friendly page introducing PolyPay's llms.txt support so non-technical readers can discover the feature and link AI agents to the live playbook. - New page docs/llms-txt-for-agents.md covering what llms.txt is, the live endpoint, the five integration flows it documents, two ways to wire an agent up, and compatibility notes. - Add the page to docs/SUMMARY.md between x402 and Architecture. - Fix stale api.polypay.xyz references in docs/x402-deposits.md to the real api.polypay.pro host. * feat(x402): add Coinbase CDP bazaar deposit route for agentic.market listing (#260) Adds a second x402 deposit endpoint /x402/bazaar/deposit/:multisig that routes through Coinbase CDP facilitator instead of PayAI, so the resource gets indexed in CDP discovery and surfaces on agentic.market. The default /x402/deposit/:multisig path keeps using PayAI (better rate limits, simpler auth) — no UI change. CDP path activates implicitly when CDP_API_KEY_ID is set; otherwise it returns a clear config error. CDP requires Ed25519 JWT signed per-request (2-min TTL), so the service now lazy-imports @coinbase/x402 createAuthHeader to produce the Authorization header. Payment requirements for the CDP path also embed a declareDiscoveryExtension-shaped extensions.bazaar block (strict JSON Schema), without which CDP would settle but not index. Includes scripts/bazaar-bootstrap.ts to produce the first real settlement that triggers CDP indexing — bootstrap must run against a deployed backend (the resource URL ends up in the catalog). Refs #259 --------- Co-authored-by: BoHsuu <[email protected]>
…272) Two independent reasons the deposit endpoint was never cataloged in the CDP x402 Bazaar, both confirmed against @x402/extensions/bazaar source: - processDeposit threw 400 when X-PAYMENT was missing. The CDP Bazaar crawls the endpoint with the bazaar-extension input (no payment) and only indexes resources that answer 402. Now returns 402 + the PaymentRequired body (canonical x402 unpaid response). - extractDiscoveryInfo reads the bazaar extension from paymentPayload.extensions["bazaar"] for v2; the CDP settle payload sent extensions:{}. Attach the discovery extension (and resource description/mimeType) to the v2 payload so settlement catalogs it. Also add routeTemplate so the multisig-address path segment normalizes to /:multisigAddress, and align schema.required with the SDK (createBodyDiscoveryExtension) so info validates under Ajv 2020.
* chore(backend): horizen testnet wipe script + e2e fixes after chainId require - Add scripts/wipe-horizen-testnet.ts (yarn wipe:horizen-testnet) to drop all chainId 2651420 accounts + their transactions/votes/signers/contacts /reserved-nonces. Used after the Horizen testnet zkVerify address swap to clear stale state on staging. Safety: refuses when APP_NETWORK=mainnet, unlinks batch_items.contactId before cascading account deletes, --dry-run prints counts without touching data. - Pass chainId in e2e + staging-e2e test utilities for reserveNonce and createTransaction calls. The endpoints started requiring chainId after the (address, chainId) account key rollout; the tests still sent the legacy shape and got 400. - stagingExecuteTransaction: fall back to polling GET /transactions/:txId when the initial POST hangs up (socket reset by edge / proxy idle timeout) instead of bubbling a cryptic ECONNRESET. Server already persists txHash right after on-chain submission so the poll is safe. * chore(docker): include backend scripts/ in runner image for Cloud Run Jobs
Send ETH privately from a PolyPay multisig on Base mainnet through the Umbra stealth payment protocol. Recipients register their meta-address once on app.umbra.cash; PolyPay observes the StealthKeyRegistry on chain to know who can receive. Each send derives a one-time stealth address client-side and routes through UmbraBatchSend so the on-chain Announcement event lets the recipient withdraw later via app.umbra.cash. Sender flow - StealthToggle in Transfer: gates by chain (Base mainnet), token (ETH only) and recipient registration. Shows the live umbra.toll() so cosigners see the total cost before approving. Disables "Add to batch" when stealth is on — batch flow can't combine with UmbraBatchSend. - Stealth payload (verbatim to/value/data) lands on the transactions row as stealthData. The executor submits it as-is and other voters use it to recompute the same txHash for their own ZK approval proof. - Private badge + tooltip on the transaction row so cosigners understand the on-chain call routes through UmbraBatchSend rather than directly to the recipient. Recipient - No PolyPay backend involvement: app.umbra.cash handles registration. - Sidebar CTA + ReceivePrivatelyModal: always visible on a Base-mainnet account context, switches between violet "Receive privately" and green "Private receive ready" depending on the wallet's registry status. - When the connected wallet matches the recipient of an executed stealth tx, the tx row shows a green dot on the recipient pill and an Open Umbra button in the expanded detail. Docs - New docs/stealth-payments.md covering scope, flows, costs, and what PolyPay intentionally does not handle. - Network support matrix in docs/zkverify-horizen-integration.md so per-chain feature differences live in one place. Schema - stealth_data TEXT column on transactions (migration 20260521083753_add_stealth_data).
Huygon764
force-pushed
the
feat/stealth-payments-umbra
branch
from
9ae7123 to
d680272
Compare
Huygon764
force-pushed
the
develop
branch
2 times, most recently
from
19d0a8b to
00b4811
Compare
Huygon764
force-pushed
the
develop
branch
2 times, most recently
from
e4415ee to
a795dbd
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.