コンテンツにスキップ

X402AssetParam

このコンテンツはまだ日本語訳がありません。

X402AssetParam = { id: KnownAssetId; kind: "known"; } | { domain: { name: string; verifyingContract: Address; version: string; }; kind: "unsafeOverride"; }

Defined in: src/tokens/asset-domain.ts:51

Asset binding for createX402PaymentSigner and the M6 PolicyGatedSigner. Required, discriminated.

Default-on whitelist: integrators MUST declare which asset they intend to sign for. The known branch references a kawasekit-maintained whitelist (see src/tokens/known-assets.ts); the unsafeOverride branch is the deliberate escape hatch for any other asset and is named loudly so it survives a code review. Either way, the signer pins the EIP-712 domain at construction time and refuses to sign if paymentRequirements.asset disagrees with the pinned verifyingContract.

Closes Threat 1.4 (misadvertised EIP-712 domain): the server’s advertised extra.name / extra.version and asset are all ignored for signing purposes — the signer trusts only what the integrator declared here.

Union Members

Type Literal

{ id: KnownAssetId; kind: "known"; }

id

readonly id: KnownAssetId

The asset id to pin. See KnownAssetId for the registry.

kind

readonly kind: "known"

Use a kawasekit-maintained pinned EIP-712 domain.


Type Literal

{ domain: { name: string; verifyingContract: Address; version: string; }; kind: "unsafeOverride"; }

domain

readonly domain: object

domain.name

readonly name: string

domain.verifyingContract

readonly verifyingContract: Address

domain.version

readonly version: string

kind

readonly kind: "unsafeOverride"

Use a caller-supplied EIP-712 domain for an asset NOT on the kawasekit whitelist. The name is deliberately loud — pick this branch only when you have separately audited the contract and its eip712Domain() output.