X402AssetParam
X402AssetParam = {
id:KnownAssetId;kind:"known"; } | {domain: {name:string;verifyingContract:Address;version:string; };kind:"unsafeOverride"; }
Defined in: src/tokens/asset-domain.ts:51
Asset binding for createX402PaymentSigner and the M6 PolicyGatedSigner. Required, discriminated.
Default-on whitelist: integrators MUST declare which asset they intend
to sign for. The known branch references a kawasekit-maintained
whitelist (see src/tokens/known-assets.ts); the unsafeOverride branch
is the deliberate escape hatch for any other asset and is named loudly so
it survives a code review. Either way, the signer pins the EIP-712 domain
at construction time and refuses to sign if paymentRequirements.asset
disagrees with the pinned verifyingContract.
Closes Threat 1.4 (misadvertised EIP-712 domain): the server’s advertised
extra.name / extra.version and asset are all ignored for signing
purposes — the signer trusts only what the integrator declared here.
Union Members
Type Literal
{ id: KnownAssetId; kind: "known"; }
id
readonlyid:KnownAssetId
The asset id to pin. See KnownAssetId for the registry.
kind
readonlykind:"known"
Use a kawasekit-maintained pinned EIP-712 domain.
Type Literal
{ domain: { name: string; verifyingContract: Address; version: string; }; kind: "unsafeOverride"; }
domain
readonlydomain:object
domain.name
readonlyname:string
domain.verifyingContract
readonlyverifyingContract:Address
domain.version
readonlyversion:string
kind
readonlykind:"unsafeOverride"
Use a caller-supplied EIP-712 domain for an asset NOT on the
kawasekit whitelist. The name is deliberately loud — pick this
branch only when you have separately audited the contract and its
eip712Domain() output.