authCapture: drop chain-based assetTransferMethod auto-injection

The server's defaultMoneyConversion was inspecting a per-chain
permit2Only flag and injecting assetTransferMethod: 'permit2' for BSC
and Tempo. That's wrong framing — whether a token implements
receiveWithAuthorization is a token-level capability, not a chain
property. The current behavior happened to be correct for the canonical
default stables on those chains, but it pre-locked merchants out of
making their own choice if they used a different token.

Now: defaultMoneyConversion only emits the EIP-712 domain (name,
version) for the canonical stable. assetTransferMethod is always the
merchant's call. If a merchant pairs eip3009 with a token that lacks
receiveWithAuthorization, the failure surfaces as simulation_failed
at the facilitator (consistent with how upstream specs handle the
analogous case).

Tests updated: dropped the two "should inject permit2 on BSC/Tempo"
cases; replaced the "should NOT inject on ERC-3009 chains" with a
generic "should never inject" that walks all three chain categories.

Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>

Author: A1igator

packages/evm/src/authCapture/server/scheme.ts

@@ -20,14 +20,13 @@ import type {
  * default stablecoin used by `defaultMoneyConversion` when the merchant gives a
  * decimal price like "$1.50".
  *
- * The `name` / `version` fields are the EIP-712 domain used by the ERC-3009
- * `assetTransferMethod`. Chains where the canonical stable does NOT support
- * ERC-3009 (BSC's Binance-Peg USDC, Tempo's pathUSD) are flagged `permit2Only`;
- * `defaultMoneyConversion` then injects `assetTransferMethod: "permit2"` into
- * the returned `extra` so the client signs a Permit2 PermitTransferFrom and
- * the facilitator dispatches to the Permit2 collector. Permit2 has its own
- * EIP-712 domain (chain-invariant), so the per-token name/version are
- * irrelevant on the Permit2 path.
+ * `name` / `version` are the EIP-712 domain used by the ERC-3009
+ * `assetTransferMethod`. Whether a token supports ERC-3009 is a token-level
+ * capability, not a chain property; merchants whose chosen token lacks
+ * `receiveWithAuthorization` (e.g., BSC's Binance-Peg USDC, Tempo's pathUSD)
+ * MUST set `assetTransferMethod: "permit2"` in `extra` themselves. The server
+ * does not auto-pick a method based on chain. If the wrong method is paired
+ * with an incompatible token, the failure surfaces at facilitator simulation.
  */
 const ASSET_INFO: Record<
   string,
@@ -36,8 +35,6 @@ const ASSET_INFO: Record<
     name: string
     version: string
     decimals: number
-    /** If true, the canonical stable on this chain does not support ERC-3009; merchants must use Permit2. */
-    permit2Only?: boolean
   }
 > = {
   // ----- Mainnets -----
@@ -128,22 +125,21 @@ const ASSET_INFO: Record<
     decimals: 6,
   },
 
-  // ----- Permit2-only mainnets -----
-  // BNB Smart Chain — Binance-Peg USDC (18 decimals; lacks ERC-3009).
+  // ----- Mainnets where the canonical stable lacks ERC-3009 -----
+  // Merchants on these chains MUST set `assetTransferMethod: "permit2"` themselves.
+  // BNB Smart Chain — Binance-Peg USDC (18 decimals; no `receiveWithAuthorization`).
   'eip155:56': {
     address: '0x8AC76a51cc950d9822D68b83fE1Ad97B32Cd580d',
     name: 'USDC',
     version: '1',
     decimals: 18,
-    permit2Only: true,
   },
-  // Tempo — pathUSD (TIP-20 predeploy, 6 decimals; not USDC, lacks ERC-3009).
+  // Tempo — pathUSD (TIP-20 predeploy, 6 decimals; no `receiveWithAuthorization`).
   'eip155:4217': {
     address: '0x20c0000000000000000000000000000000000000',
     name: 'pathUSD',
     version: '1',
     decimals: 6,
-    permit2Only: true,
   },
 }
 
@@ -239,10 +235,9 @@ export class AuthCaptureServerScheme implements SchemeNetworkServer {
 
   /**
    * Default money conversion — converts decimal amount to the default stablecoin on the network.
-   *
-   * For `permit2Only` chains, injects `assetTransferMethod: "permit2"` so the
-   * client signs Permit2 instead of ERC-3009 (which the canonical stable on
-   * those chains doesn't support).
+   * Returns just the EIP-712 domain (`name` / `version`) in `extra`. The merchant
+   * is responsible for setting `assetTransferMethod` if the chosen token doesn't
+   * support the spec default (`"eip3009"`).
    */
   private defaultMoneyConversion(amount: number, network: Network): AssetAmount {
     const assetInfo = ASSET_INFO[network]
@@ -252,18 +247,13 @@ export class AuthCaptureServerScheme implements SchemeNetworkServer {
 
     const tokenAmount = convertToTokenAmount(String(amount), assetInfo.decimals)
 
-    const extra: Record<string, unknown> = {
-      name: assetInfo.name,
-      version: assetInfo.version,
-    }
-    if (assetInfo.permit2Only) {
-      extra.assetTransferMethod = 'permit2'
-    }
-
     return {
       asset: assetInfo.address,
       amount: tokenAmount,
-      extra,
+      extra: {
+        name: assetInfo.name,
+        version: assetInfo.version,
+      },
     }
   }
 

packages/evm/test/unit/authCapture/server.test.ts

@@ -104,40 +104,31 @@ describe('AuthCaptureServerScheme', () => {
       )
     })
 
-    it('should inject assetTransferMethod: "permit2" on BSC (permit2Only chain)', async () => {
+    it('should resolve BSC default to Binance-Peg USDC without setting assetTransferMethod', async () => {
       const scheme = new AuthCaptureServerScheme()
       const result = await scheme.parsePrice('$1.00', 'eip155:56')
 
       expect(result.asset).toBe('0x8AC76a51cc950d9822D68b83fE1Ad97B32Cd580d')
       // BSC's Binance-Peg USDC has 18 decimals, so $1.00 = 1e18 base units.
       expect(result.amount).toBe('1000000000000000000')
-      expect(result.extra).toEqual({
-        name: 'USDC',
-        version: '1',
-        assetTransferMethod: 'permit2',
-      })
+      expect(result.extra).toEqual({ name: 'USDC', version: '1' })
     })
 
-    it('should inject assetTransferMethod: "permit2" on Tempo (permit2Only chain)', async () => {
+    it('should resolve Tempo default to pathUSD without setting assetTransferMethod', async () => {
       const scheme = new AuthCaptureServerScheme()
       const result = await scheme.parsePrice('$1.00', 'eip155:4217')
 
       expect(result.asset).toBe('0x20c0000000000000000000000000000000000000')
       expect(result.amount).toBe('1000000')
-      expect(result.extra).toEqual({
-        name: 'pathUSD',
-        version: '1',
-        assetTransferMethod: 'permit2',
-      })
+      expect(result.extra).toEqual({ name: 'pathUSD', version: '1' })
     })
 
-    it('should NOT inject assetTransferMethod on ERC-3009 chains', async () => {
+    it('should never inject assetTransferMethod (merchant decides)', async () => {
       const scheme = new AuthCaptureServerScheme()
-      const result = await scheme.parsePrice('$1.00', 'eip155:8453')
-
-      // ERC-3009 chains rely on the default ('eip3009') in client/facilitator;
-      // the server intentionally omits the field so merchants can override.
-      expect(result.extra).not.toHaveProperty('assetTransferMethod')
+      for (const network of ['eip155:8453', 'eip155:56', 'eip155:4217'] as const) {
+        const result = await scheme.parsePrice('$1.00', network)
+        expect(result.extra).not.toHaveProperty('assetTransferMethod')
+      }
     })
   })