[SDK] Deprecate payTo parameter and simplify facilitator implementation

[joaquim-verges]

---

PR-Codex overview

This PR focuses on enhancing error handling and response structures in payment settlement and verification processes, alongside some refactoring in the codebase for better clarity and functionality.

Detailed summary

• Added errorMessage field to FacilitatorSettleResponseSchema and FacilitatorVerifyResponseSchema.
• Improved error handling in settlePayment and verifyPayment functions.
• Refactored signERC2612Permit to use to instead of facilitatorAddress.
• Removed payTo input from the UI and adjusted related logic.
• Updated middleware to use a new twFacilitator instance.

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Summary by CodeRabbit

• New Features

  • Clearer error responses: adds separate error (code) and errorMessage fields for verification and settlement results.

• Refactor

  • "Pay To" input removed; payment recipient is now set automatically to the facilitator.
  • Centralized facilitator configuration; payTo parameter no longer required in requests.
  • Permit signing now uses the recipient (to) as the spender, removing facilitator-address requirement.
  • Response and type schemas updated to include optional errorMessage fields.

• Chores

  • Removed automated PR author-assignment workflow.

[changeset-bot]

⚠️ No Changeset found

Latest commit: f6a2994

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
docs-v2	Ready	Preview	Comment	Oct 3, 2025 9:17am
nebula	Ready	Preview	Comment	Oct 3, 2025 9:17am
thirdweb_playground	Ready	Preview	Comment	Oct 3, 2025 9:17am
thirdweb-www	Ready	Preview	Comment	Oct 3, 2025 9:17am
wallet-ui	Ready	Preview	Comment	Oct 3, 2025 9:17am

[coderabbitai]

Walkthrough

Removed the user-editable payTo input and all runtime payTo handling; payTo is now derived from the facilitator address. Middleware uses a pre-initialized facilitator instead of per-request creation. Schemas/types add optional errorMessage fields and adjust verify/settle responses. Signing uses the to address as the ERC-2612 spender.

Changes

Cohort / File(s)	Summary
Playground UI: Remove Pay To input apps/playground-web/src/app/payments/x402/components/X402LeftSection.tsx	Removed Pay To UI block, associated payToId state and handler; options.payTo is no longer updated from the UI.
Middleware: Static facilitator, no payTo apps/playground-web/src/middleware.ts	Replaced per-request createFacilitator with pre-initialized twFacilitator; removed extraction/validation of payTo; removed payTo from settle payload; centralized facilitator usage and removed per-request facilitator/wait creation.
Facilitator API: verify signature & headers packages/thirdweb/src/x402/facilitator.ts	Imported FacilitatorVerifyResponse type; changed verify signature to return Promise<FacilitatorVerifyResponse>; removed "x-settlement-wallet-address" header from auth headers.
Schemas: errorMessage and new verify response packages/thirdweb/src/x402/schemas.ts	Extended FacilitatorSettleResponseSchema with optional errorMessage; added FacilitatorVerifyResponseSchema (extends VerifyResponseSchema) and exported FacilitatorVerifyResponse type.
Types: deprecate payTo, add errorMessage packages/thirdweb/src/x402/types.ts	Removed PaymentArgs.payTo: Address; added deprecated payTo?: string; added optional errorMessage?: string to PaymentRequiredResult.responseBody and clarified error as a code.
Payment decode: derive payTo from facilitator packages/thirdweb/src/x402/common.ts	Removed payTo parameter from decodePaymentRequest; derive payTo via getAddress(facilitator.address); removed facilitatorAddress from extra payload; adjusted decoding comments.
Signing: use to as spender packages/thirdweb/src/x402/sign.ts	signERC2612Permit signature updated to accept to; uses to as the permit spender; removed check for facilitatorAddress in PaymentRequirements.extra.
Verify flow: structured error fields packages/thirdweb/src/x402/verify-payment.ts	Non-verified path now returns error (code) and optional errorMessage; catch path standardized to error: "Verification error" with optional errorMessage from thrown error.
Settle flow: structured error fields packages/thirdweb/src/x402/settle-payment.ts	On settlement failure, response uses error (code) and errorMessage (from settlement or fallback); catch path standardized to error: "Settlement error" with optional errorMessage.
CI: remove auto-assign workflow .github/workflows/auto-assign.yml	Removed GitHub Actions workflow that auto-assigned PR authors.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant UI as Playground UI
  participant MW as Middleware
  participant FAC as Facilitator (twFacilitator)
  participant X402 as X402 Library
  participant CH as Chain

  note over UI: No user-provided payTo
  UI->>MW: Initiate payment (chainId, request)
  MW->>FAC: Use pre-initialized twFacilitator
  MW->>X402: verifyPayment(request, facilitator)
  X402->>FAC: verify(...)
  FAC-->>X402: FacilitatorVerifyResponse (ok | {error, errorMessage})
  alt verified
    X402-->>MW: { verified: true }
    MW->>X402: settlePayment(..., facilitator, waitUntil)
    X402->>CH: Execute settlement (payTo = facilitator.address)
    CH-->>X402: Result (ok | fail with errorMessage)
    X402-->>MW: { ok | {error, errorMessage} }
  else not verified
    X402-->>MW: { error, errorMessage }
  end
  MW-->>UI: Response (includes error and optional errorMessage)

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Pre-merge checks and finishing touches

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Description Check	⚠️ Warning	The pull request description reproduces the commented template placeholders and a PR-Codex overview but does not populate the required sections such as a filled-in title header, notes for the reviewer, or testing instructions. It lacks any actual ‘## Notes for the reviewer’ or ‘## How to test’ content as specified by the repository’s description template. Therefore it does not conform to the required pull request description format.	Please populate the description template by adding a concise title header, a ‘## Notes for the reviewer’ section with relevant context, and a ‘## How to test’ section detailing steps to verify the changes.
Docstring Coverage	⚠️ Warning	Docstring coverage is 66.67% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The title clearly and concisely summarizes the removal of the payTo parameter and the simplification of the facilitator implementation, which are the core changes introduced by this pull request. It directly reflects the main objectives without unnecessary detail.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch _X402_Remove_payTo_parameter_and_simplify_facilitator_implementation

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between b04f00e and f6a2994.

📒 Files selected for processing (10)

• .github/workflows/auto-assign.yml (0 hunks)
• apps/playground-web/src/app/payments/x402/components/X402LeftSection.tsx (0 hunks)
• apps/playground-web/src/middleware.ts (3 hunks)
• packages/thirdweb/src/x402/common.ts (2 hunks)
• packages/thirdweb/src/x402/facilitator.ts (3 hunks)
• packages/thirdweb/src/x402/schemas.ts (2 hunks)
• packages/thirdweb/src/x402/settle-payment.ts (2 hunks)
• packages/thirdweb/src/x402/sign.ts (2 hunks)
• packages/thirdweb/src/x402/types.ts (2 hunks)
• packages/thirdweb/src/x402/verify-payment.ts (2 hunks)

💤 Files with no reviewable changes (2)

• apps/playground-web/src/app/payments/x402/components/X402LeftSection.tsx
• .github/workflows/auto-assign.yml

🚧 Files skipped from review as they are similar to previous changes (3)

• packages/thirdweb/src/x402/common.ts
• packages/thirdweb/src/x402/settle-payment.ts
• packages/thirdweb/src/x402/verify-payment.ts

🧰 Additional context used

📓 Path-based instructions (5)

**/*.{ts,tsx}

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.{ts,tsx}: Write idiomatic TypeScript with explicit function declarations and return types
Limit each file to one stateless, single-responsibility function for clarity
Re-use shared types from @/types or local types.ts barrels
Prefer type aliases over interface except for nominal shapes
Avoid any and unknown unless unavoidable; narrow generics when possible
Choose composition over inheritance; leverage utility types (Partial, Pick, etc.)
Comment only ambiguous logic; avoid restating TypeScript in prose

**/*.{ts,tsx}: Use explicit function declarations and explicit return types in TypeScript
Limit each file to one stateless, single‑responsibility function
Re‑use shared types from @/types where applicable
Prefer type aliases over interface except for nominal shapes
Avoid any and unknown unless unavoidable; narrow generics when possible
Prefer composition over inheritance; use utility types (Partial, Pick, etc.)
Lazy‑import optional features and avoid top‑level side‑effects to reduce bundle size

Files:

• packages/thirdweb/src/x402/types.ts
• apps/playground-web/src/middleware.ts
• packages/thirdweb/src/x402/schemas.ts
• packages/thirdweb/src/x402/sign.ts
• packages/thirdweb/src/x402/facilitator.ts

**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (CLAUDE.md)

Load heavy dependencies inside async paths to keep initial bundle lean (lazy loading)

Files:

• packages/thirdweb/src/x402/types.ts
• apps/playground-web/src/middleware.ts
• packages/thirdweb/src/x402/schemas.ts
• packages/thirdweb/src/x402/sign.ts
• packages/thirdweb/src/x402/facilitator.ts

**/types.ts

📄 CodeRabbit inference engine (AGENTS.md)

Provide and re‑use local type barrels in a types.ts file

Files:

• packages/thirdweb/src/x402/types.ts

packages/thirdweb/**/*.{ts,tsx}

📄 CodeRabbit inference engine (AGENTS.md)

packages/thirdweb/**/*.{ts,tsx}: Every public symbol must have comprehensive TSDoc with at least one compiling @example and a custom tag (@beta, @internal, @experimental, etc.)
Comment only ambiguous logic; avoid restating TypeScript in prose
Lazy‑load heavy dependencies inside async paths (e.g., const { jsPDF } = await import("jspdf"))

Files:

• packages/thirdweb/src/x402/types.ts
• packages/thirdweb/src/x402/schemas.ts
• packages/thirdweb/src/x402/sign.ts
• packages/thirdweb/src/x402/facilitator.ts

apps/{dashboard,playground-web}/**/*.{ts,tsx}

📄 CodeRabbit inference engine (CLAUDE.md)

apps/{dashboard,playground-web}/**/*.{ts,tsx}: Import UI primitives from @/components/ui/* (Button, Input, Select, Tabs, Card, Sidebar, Badge, Separator) in dashboard and playground apps
Use NavLink for internal navigation with automatic active states in dashboard and playground apps
Use Tailwind CSS only – no inline styles or CSS modules
Use cn() from @/lib/utils for conditional class logic
Use design system tokens (e.g., bg-card, border-border, text-muted-foreground)
Server Components (Node edge): Start files with import "server-only";
Client Components (browser): Begin files with 'use client';
Always call getAuthToken() to retrieve JWT from cookies on server side
Use Authorization: Bearer header – never embed tokens in URLs
Return typed results (e.g., Project[], User[]) – avoid any
Wrap client-side data fetching calls in React Query (@tanstack/react-query)
Use descriptive, stable queryKeys for React Query cache hits
Configure staleTime/cacheTime in React Query based on freshness (default ≥ 60s)
Keep tokens secret via internal API routes or server actions
Never import posthog-js in server components

Files:

• apps/playground-web/src/middleware.ts

🧬 Code graph analysis (3)

apps/playground-web/src/middleware.ts (1)

packages/thirdweb/src/x402/facilitator.ts (1)

• facilitator (107-262)

packages/thirdweb/src/x402/sign.ts (1)

packages/thirdweb/src/x402/schemas.ts (2)

• RequestedPaymentRequirements (50-52)
• networkToChainId (108-129)

packages/thirdweb/src/x402/facilitator.ts (1)

packages/thirdweb/src/x402/schemas.ts (1)

• FacilitatorVerifyResponse (66-68)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: E2E Tests (pnpm, esbuild)
• GitHub Check: E2E Tests (pnpm, vite)
• GitHub Check: E2E Tests (pnpm, webpack)
• GitHub Check: Size
• GitHub Check: Lint Packages
• GitHub Check: Analyze (javascript)

🔇 Additional comments (11)

packages/thirdweb/src/x402/types.ts (2)

37-38: LGTM! Deprecation is properly documented.

The payTo field has been correctly deprecated with clear migration guidance pointing users to facilitator.address. The type change from Address to optional string maintains backward compatibility while discouraging new usage.

---

52-55: LGTM! Error handling improvements are well-structured.

The addition of the optional errorMessage field alongside the error code provides better error reporting capabilities. The updated comment clarifying that error is an error code (vs. a generic message) improves API clarity.

packages/thirdweb/src/x402/sign.ts (2)

231-239: LGTM! Simplified parameter handling.

The refactor to use the to parameter directly from ExactEvmPayloadAuthorization instead of extracting facilitatorAddress from PaymentRequirements.extra simplifies the function signature and removes unnecessary validation logic. This aligns well with the PR's goal of simplifying facilitator implementation.

---

266-266: LGTM! Consistent use of to parameter.

The change from facilitatorAddress to to for the ERC-2612 Permit spender is correct and aligns with the updated function signature. This ensures the permit is granted to the proper recipient address.

apps/playground-web/src/middleware.ts (3)

17-22: LGTM! Efficient facilitator initialization.

Pre-initializing the facilitator at module scope is a good optimization that avoids repeated initialization on each request. The configuration correctly uses environment variables and passes all required parameters.

---

62-63: LGTM! Cleaner facilitator usage.

Passing the pre-initialized twFacilitator and waitUntil directly to settlePayment simplifies the call and aligns with the PR's goal of simplifying facilitator implementation.

---

33-38: chainId validation is sufficient
settlePayment derives payTo via facilitator.address, so only chainId needs validation.

packages/thirdweb/src/x402/schemas.ts (2)

9-9: LGTM! Required import added.

The import of VerifyResponseSchema from x402/types is necessary for the new FacilitatorVerifyResponseSchema defined later in the file.

---

56-56: LGTM! Consistent error messaging.

Adding the optional errorMessage field to FacilitatorSettleResponseSchema provides better error reporting capabilities and aligns with the same addition to the verify response schema.

packages/thirdweb/src/x402/facilitator.ts (2)

8-8: LGTM! Required type import added.

The import of FacilitatorVerifyResponse is necessary for the updated return type of the verify method.

---

39-39: LGTM! Return type correctly updated.

The method signature now properly returns Promise<FacilitatorVerifyResponse> instead of Promise<VerifyResponse>, aligning with the new schema that includes the optional errorMessage field.

Warning

Review ran into problems

🔥 Problems

Errors were encountered while retrieving linked issues.

Errors (1)

• TEAM-0000: Entity not found: Issue - Could not find referenced Issue.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[joaquim-verges]

• [SDK] Deprecate payTo parameter and simplify facilitator implementation #8177 👈 (View in Graphite)
• main

---

How to use the Graphite Merge Queue

Add either label to this PR to merge it via the merge queue:

• merge-queue - adds this PR to the back of the merge queue
• hotfix - for urgent hot fixes, skip the queue and merge this PR next

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has enabled the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

This stack of pull requests is managed by Graphite. Learn more about stacking.

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

packages/thirdweb/src/x402/facilitator.ts (1)

175-175: Fix type cast to match method signature.

The method signature declares Promise<FacilitatorVerifyResponse> but line 175 casts to VerifyResponse. This creates a type inconsistency.

Apply this diff to fix the type cast:

       const data = await res.json();
-      return data as VerifyResponse;
+      return data as FacilitatorVerifyResponse;
     },

🧹 Nitpick comments (1)

apps/playground-web/src/middleware.ts (1)

33-38: Consider making the error message more specific.

The error message "Missing required parameters" is now slightly generic since only chainId is validated. Consider updating it to "Missing required parameter: chainId" for clarity.

Apply this diff to improve error message specificity:

   if (!chainId) {
     return NextResponse.json(
-      { error: "Missing required parameters" },
+      { error: "Missing required parameter: chainId" },
       { status: 400 },
     );
   }

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 9095041 and 7bced32.

📒 Files selected for processing (9)

• apps/playground-web/src/app/payments/x402/components/X402LeftSection.tsx (0 hunks)
• apps/playground-web/src/middleware.ts (3 hunks)
• packages/thirdweb/src/x402/common.ts (2 hunks)
• packages/thirdweb/src/x402/facilitator.ts (3 hunks)
• packages/thirdweb/src/x402/schemas.ts (2 hunks)
• packages/thirdweb/src/x402/settle-payment.ts (2 hunks)
• packages/thirdweb/src/x402/sign.ts (2 hunks)
• packages/thirdweb/src/x402/types.ts (2 hunks)
• packages/thirdweb/src/x402/verify-payment.ts (2 hunks)

💤 Files with no reviewable changes (1)

• apps/playground-web/src/app/payments/x402/components/X402LeftSection.tsx

🧰 Additional context used

📓 Path-based instructions (5)

**/*.{ts,tsx}

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.{ts,tsx}: Write idiomatic TypeScript with explicit function declarations and return types
Limit each file to one stateless, single-responsibility function for clarity
Re-use shared types from @/types or local types.ts barrels
Prefer type aliases over interface except for nominal shapes
Avoid any and unknown unless unavoidable; narrow generics when possible
Choose composition over inheritance; leverage utility types (Partial, Pick, etc.)
Comment only ambiguous logic; avoid restating TypeScript in prose

**/*.{ts,tsx}: Use explicit function declarations and explicit return types in TypeScript
Limit each file to one stateless, single‑responsibility function
Re‑use shared types from @/types where applicable
Prefer type aliases over interface except for nominal shapes
Avoid any and unknown unless unavoidable; narrow generics when possible
Prefer composition over inheritance; use utility types (Partial, Pick, etc.)
Lazy‑import optional features and avoid top‑level side‑effects to reduce bundle size

Files:

• packages/thirdweb/src/x402/schemas.ts
• packages/thirdweb/src/x402/facilitator.ts
• apps/playground-web/src/middleware.ts
• packages/thirdweb/src/x402/types.ts
• packages/thirdweb/src/x402/common.ts
• packages/thirdweb/src/x402/verify-payment.ts
• packages/thirdweb/src/x402/settle-payment.ts
• packages/thirdweb/src/x402/sign.ts

**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (CLAUDE.md)

Load heavy dependencies inside async paths to keep initial bundle lean (lazy loading)

Files:

• packages/thirdweb/src/x402/schemas.ts
• packages/thirdweb/src/x402/facilitator.ts
• apps/playground-web/src/middleware.ts
• packages/thirdweb/src/x402/types.ts
• packages/thirdweb/src/x402/common.ts
• packages/thirdweb/src/x402/verify-payment.ts
• packages/thirdweb/src/x402/settle-payment.ts
• packages/thirdweb/src/x402/sign.ts

packages/thirdweb/**/*.{ts,tsx}

📄 CodeRabbit inference engine (AGENTS.md)

packages/thirdweb/**/*.{ts,tsx}: Every public symbol must have comprehensive TSDoc with at least one compiling @example and a custom tag (@beta, @internal, @experimental, etc.)
Comment only ambiguous logic; avoid restating TypeScript in prose
Lazy‑load heavy dependencies inside async paths (e.g., const { jsPDF } = await import("jspdf"))

Files:

• packages/thirdweb/src/x402/schemas.ts
• packages/thirdweb/src/x402/facilitator.ts
• packages/thirdweb/src/x402/types.ts
• packages/thirdweb/src/x402/common.ts
• packages/thirdweb/src/x402/verify-payment.ts
• packages/thirdweb/src/x402/settle-payment.ts
• packages/thirdweb/src/x402/sign.ts

apps/{dashboard,playground-web}/**/*.{ts,tsx}

📄 CodeRabbit inference engine (CLAUDE.md)

apps/{dashboard,playground-web}/**/*.{ts,tsx}: Import UI primitives from @/components/ui/* (Button, Input, Select, Tabs, Card, Sidebar, Badge, Separator) in dashboard and playground apps
Use NavLink for internal navigation with automatic active states in dashboard and playground apps
Use Tailwind CSS only – no inline styles or CSS modules
Use cn() from @/lib/utils for conditional class logic
Use design system tokens (e.g., bg-card, border-border, text-muted-foreground)
Server Components (Node edge): Start files with import "server-only";
Client Components (browser): Begin files with 'use client';
Always call getAuthToken() to retrieve JWT from cookies on server side
Use Authorization: Bearer header – never embed tokens in URLs
Return typed results (e.g., Project[], User[]) – avoid any
Wrap client-side data fetching calls in React Query (@tanstack/react-query)
Use descriptive, stable queryKeys for React Query cache hits
Configure staleTime/cacheTime in React Query based on freshness (default ≥ 60s)
Keep tokens secret via internal API routes or server actions
Never import posthog-js in server components

Files:

• apps/playground-web/src/middleware.ts

**/types.ts

📄 CodeRabbit inference engine (AGENTS.md)

Provide and re‑use local type barrels in a types.ts file

Files:

• packages/thirdweb/src/x402/types.ts

🧬 Code graph analysis (4)

packages/thirdweb/src/x402/facilitator.ts (1)

packages/thirdweb/src/x402/schemas.ts (1)

• FacilitatorVerifyResponse (66-68)

apps/playground-web/src/middleware.ts (2)

packages/thirdweb/src/x402/facilitator.ts (1)

• facilitator (107-262)

packages/thirdweb/src/exports/x402.ts (1)

• facilitator (3-3)

packages/thirdweb/src/x402/common.ts (2)

packages/thirdweb/src/x402/facilitator.ts (1)

• facilitator (107-262)

packages/thirdweb/src/exports/x402.ts (1)

• facilitator (3-3)

packages/thirdweb/src/x402/sign.ts (1)

packages/thirdweb/src/x402/schemas.ts (2)

• RequestedPaymentRequirements (50-52)
• networkToChainId (108-129)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

• GitHub Check: E2E Tests (pnpm, vite)
• GitHub Check: Size
• GitHub Check: E2E Tests (pnpm, webpack)
• GitHub Check: E2E Tests (pnpm, esbuild)
• GitHub Check: Lint Packages
• GitHub Check: Build Packages
• GitHub Check: Analyze (javascript)

🔇 Additional comments (14)

apps/playground-web/src/middleware.ts (2)

16-22: LGTM! Pre-initializing the facilitator improves performance.

Moving the facilitator initialization to module scope avoids recreating it on every request, which is a performance improvement. The configuration correctly uses environment variables and the facilitator function signature.

---

62-63: LGTM! Clean separation of concerns.

Passing waitUntil and facilitator as separate parameters to settlePayment properly separates facilitator configuration from per-request timing preferences. This aligns with the simplification goals of the PR.

packages/thirdweb/src/x402/types.ts (2)

52-55: LGTM! Error response structure improved.

The addition of errorMessage alongside error provides better error messaging capabilities. The field descriptions clearly distinguish between error code and human-readable message.

---

37-38: payTo deprecation change is backward-compatible. Changing from a required Address to an optional string does not break existing calls, as Address is assignable to string.

packages/thirdweb/src/x402/verify-payment.ts (2)

104-117: LGTM! Error handling improved with dual error fields.

The introduction of separate error (code) and errorMessage (human-readable) fields provides better error context. The fallback chain is well-structured:

1. Custom error messages from config
2. Facilitator-provided error messages
3. Default/generic messages

---

127-130: LGTM! Consistent error handling in catch block.

The catch block properly distinguishes between error code ("Verification error") and error message, with appropriate type guards for the Error instance.

packages/thirdweb/src/x402/common.ts (2)

139-139: LGTM! Comment clarification.

The updated comment "decode b64 payment" is more accurate than "Verify payment" since this section only decodes the payment data without verifying it.

---

107-107: LGTM—facilitator.address guaranteed
All calls to decodePaymentRequest (in verify-payment.ts and settle-payment.ts) destructure and pass facilitator, so using facilitator.address for payTo is safe.

packages/thirdweb/src/x402/settle-payment.ts (2)

159-172: LGTM! Settlement error handling mirrors verification pattern.

The error handling structure is consistent with verify-payment.ts, using separate error and errorMessage fields with the same fallback chain. This consistency improves maintainability.

---

182-185: LGTM! Consistent catch block error handling.

The catch block follows the same pattern as verification, properly distinguishing error code from error message.

packages/thirdweb/src/x402/facilitator.ts (2)

8-8: LGTM! Import updated for new response type.

The import of FacilitatorVerifyResponse correctly replaces the generic VerifyResponse import for facilitator-specific verification.

---

39-39: LGTM! Method signature updated correctly.

The verify method now correctly returns FacilitatorVerifyResponse, which includes the optional errorMessage field.

Also applies to: 152-152

packages/thirdweb/src/x402/sign.ts (2)

266-266: LGTM! Spender correctly uses recipient address.

The change to use to as the spender in the Permit message is correct and aligns with the ERC-2612 standard where the spender is the address authorized to transfer tokens on behalf of the owner.

---

233-234: LGTM—signature simplified by using to parameter.

Verify that the ExactEvmPayloadAuthorization type definition includes the to field.

[github-actions]

size-limit report 📦

Path	Size	Loading time (3g)	Running time (snapdragon)	Total time
thirdweb (esm)	64.6 KB (0%)	1.3 s (0%)	375 ms (+234.18% 🔺)	1.7 s
thirdweb (cjs)	365.75 KB (0%)	7.4 s (0%)	1.2 s (+22.76% 🔺)	8.5 s
thirdweb (minimal + tree-shaking)	5.73 KB (0%)	115 ms (0%)	177 ms (+1484.01% 🔺)	292 ms
thirdweb/chains (tree-shaking)	526 B (0%)	11 ms (0%)	92 ms (+3642.94% 🔺)	103 ms
thirdweb/react (minimal + tree-shaking)	19.13 KB (0%)	383 ms (0%)	202 ms (+3857.75% 🔺)	584 ms

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 56.29%. Comparing base (2dbb9e2) to head (f6a2994).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #8177   +/-   ##
=======================================
  Coverage   56.29%   56.29%           
=======================================
  Files         906      906           
  Lines       59209    59209           
  Branches     4182     4179    -3     
=======================================
  Hits        33330    33330           
  Misses      25774    25774           
  Partials      105      105           

Flag	Coverage Δ
packages	56.29% <ø> (ø)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.