mppx@0.5.14

Patch Changes

• 1ba7af2: Hardened sponsored Tempo session open and topUp flows by enforcing fee-payer policy limits, blocking call smuggling, and adding feePayerPolicy support.
• 1ba7af2: Fixed fee-sponsored Tempo charge flows by simulating sponsored transactions before broadcast and binding swap approvals to the DEX input token.
• 1ba7af2: Normalized Tempo session channel IDs across storage and verification paths, preventing case-variant aliases from creating duplicate channel state.

mppx@0.5.13

Patch Changes

• 7e16df7: Make Tempo charge fee-sponsorship policy resolve per chain and allow overriding it with feePayerPolicy.
• 13d2851: Fixed Tempo HTML pay button text overrides and make the HTML page title follow a custom paymentRequired label when title is omitted.
• e81f45c: Add Tempo charge supportedModes request support so clients and servers can explicitly negotiate push vs pull settlement.

mppx@0.5.12

Patch Changes

• f6ce313: Add typed paymentPreferences support that emits Accept-Payment on client requests and filters composed server challenges accordingly.
• 7059598: Accept zero-dollar proof credentials signed by authorized Tempo access keys and export Tempo proof DID helpers from mppx/tempo.
• b6a18c4: Raised too low fee-payer maxTotalFee policy

mppx@0.5.11

Patch Changes

• 2aff2c0: Handled malformed Host headers in the Node request listener instead of letting them crash the process.

mppx@0.5.10

Patch Changes

• d95c01c: Pruned internal dependencies.

mppx@0.5.9

Patch Changes

• 4d7fe94: Bumped internal deps

mppx@0.5.8

Patch Changes

• 00572a0: Normalized Tempo fee-payer co-signing for charge flows so the final sponsored transaction is rebuilt from validated fields with centralized fee-payer policy checks.
• 7d4fdab: Centralize the authoritative challenge verification inputs by adding captured-request and verified-envelope context plumbing, shared canonical HMAC input generation, and a single pinned-request comparison path without changing the existing server hook model.
• b087c21: Add an optional atomic Store.update() primitive for custom store backends and use it to make Tempo replay protection and channel state updates safe across distributed deployments.

mppx@0.5.7

Patch Changes

• 9cffd24: Added Config, Text, and Theme type exports to mppx/html entrypoint.

mppx@0.5.6

Patch Changes

• 0c4ce6f: Added .compose support to HTML payment links.

mppx@0.5.5

Patch Changes

• e7147c2: Bind attribution memo nonce to challenge ID. The 7-byte nonce field (bytes 25–31) is now derived from keccak256(challengeId)[0..6] instead of random bytes, preventing transaction hash stealing in push mode. Attribution.encode() now requires challengeId. The server verifies challenge binding and server fingerprint for hash (push) credentials. Pull-mode transaction credentials are not affected — the server controls broadcast, so there is no hash-stealing risk.

  Breaking: Attribution.encode() now requires challengeId — callers must pass the challenge ID to generate a memo. Old push-mode clients that generate random attribution nonces or plain transfers without memos are rejected by the server. Pull-mode clients are unaffected.