diff --git a/backend/package.json b/backend/package.json
index 9d4d903f..68598134 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -21,10 +21,14 @@
   },
   "dependencies": {
     "@aws-sdk/client-s3": "^3.645.0",
+    "@remix-run/node": "^2.14.0",
     "@smithy/node-http-handler": "^3.2.3",
+    "@types/express-session": "^1.18.1",
     "@types/underscore": "^1.11.15",
+    "cookie-parser": "^1.4.7",
     "dotenv": "^16.4.5",
     "express": "^4.19.2",
+    "express-session": "^1.18.1",
     "he": "^1.2.0",
     "module-alias": "^2.2.3",
     "sanitize-html": "^2.14.0",
diff --git a/backend/src/controllers/tools.ts b/backend/src/controllers/tools.ts
index 7ed10c5b..b9370e7b 100644
--- a/backend/src/controllers/tools.ts
+++ b/backend/src/controllers/tools.ts
@@ -16,6 +16,7 @@ import {
   SanitizedFields,
   SaveUserConfigRequest
 } from './types.js'
+import { getSession } from '@/services/session.js'
 
 export const getDefault = async (_: Request, res: Response) => {
   try {
@@ -33,15 +34,24 @@ export const createUserConfig = async (req: Request, res: Response) => {
     const data: CreateConfigRequest = req.body
     const tag = data.version || data.tag
 
-    if (!data.walletAddress) {
+    if (!data?.walletAddress) {
       throw 'Wallet address is required'
     }
+    const walletAddress = decodeURIComponent(`https://${data.walletAddress}`)
+
+    const cookieHeader = req.headers.cookie
+    const session = await getSession(cookieHeader)
+
+    const validForWallet = session?.get('validForWallet')
+
+    if (!session || validForWallet !== walletAddress) {
+      throw 'Grant confirmation is required'
+    }
+
     const defaultData = await getDefaultData()
     const defaultDataContent: ConfigVersions['default'] =
       JSON.parse(defaultData).default
-    defaultDataContent.walletAddress = decodeURIComponent(
-      `https://${data.walletAddress}`
-    )
+    defaultDataContent.walletAddress = walletAddress
 
     sanitizeConfigFields({ ...defaultDataContent, tag })
 
@@ -51,6 +61,7 @@ export const createUserConfig = async (req: Request, res: Response) => {
     try {
       // existing config
       const s3data = await s3.send(new GetObjectCommand(params))
+
       // Convert the file stream to a string
       fileContentString = await streamToString(
         s3data.Body as NodeJS.ReadableStream
@@ -97,10 +108,17 @@ export const createUserConfig = async (req: Request, res: Response) => {
 export const saveUserConfig = async (req: Request, res: Response) => {
   try {
     const data: SaveUserConfigRequest = req.body
+    const cookieHeader = req.headers.cookie
+    const session = await getSession(cookieHeader)
+
+    const validForWallet = session?.get('validForWallet')
 
     if (!data.walletAddress) {
       throw 'Wallet address is required'
     }
+    if (!session || validForWallet !== data.walletAddress) {
+      throw 'Grant confirmation is required'
+    }
 
     const { s3, params } = getS3AndParams(data.walletAddress)
 
@@ -132,11 +150,14 @@ export const getUserConfig = async (req: Request, res: Response) => {
     if (!id) {
       throw new S3FileNotFoundError('Wallet address is required')
     }
+    const walletAddress = decodeURIComponent(`https://${id}`)
 
     // ensure we have all keys w default values, user config will overwrite values that exist in saved json
     const defaultData = await getDefaultData()
+    const parsedDefaultData = JSON.parse(defaultData)
+    parsedDefaultData.default.walletAddress = walletAddress
 
-    const { s3, params } = getS3AndParams(id)
+    const { s3, params } = getS3AndParams(walletAddress)
     const data = await s3.send(new GetObjectCommand(params))
     // Convert the file stream to a string
     const fileContentString = await streamToString(
@@ -144,7 +165,7 @@ export const getUserConfig = async (req: Request, res: Response) => {
     )
 
     let fileContent = Object.assign(
-      JSON.parse(defaultData),
+      parsedDefaultData,
       ...[JSON.parse(fileContentString)]
     )
     fileContent = filterDeepProperties(fileContent)
diff --git a/backend/src/server.ts b/backend/src/server.ts
index 7997a460..f1df1845 100644
--- a/backend/src/server.ts
+++ b/backend/src/server.ts
@@ -2,7 +2,9 @@ import https from 'https'
 import http from 'http'
 import fs from 'fs'
 import express, { Express } from 'express'
+import session from 'express-session'
 import routes from './routes/index.js'
+import { SESSION_COOKIE_SECRET_KEY } from './services/session.js'
 
 const router: Express = express()
 
@@ -21,10 +23,24 @@ if (isDevelopment) {
 router.use(express.urlencoded({ extended: true }))
 router.use(express.json())
 
+// Session middleware
+router.use(
+  session({
+    secret: SESSION_COOKIE_SECRET_KEY,
+    resave: false,
+    saveUninitialized: true, // Only save the session if it is modified
+    cookie: {
+      httpOnly: true,
+      secure: true,
+      sameSite: 'none'
+    }
+  })
+)
+
 router.use((req, res, next) => {
   // set the CORS policy
   res.header('Access-Control-Allow-Origin', '*')
-  // set the CORS headers
+  res.header('Access-Control-Allow-Credentials', 'true')
   res.header(
     'Access-Control-Allow-Headers',
     'origin,X-Requested-With,Content-Type,Accept,Authorization'
diff --git a/backend/src/services/session.ts b/backend/src/services/session.ts
new file mode 100644
index 00000000..21fa81fc
--- /dev/null
+++ b/backend/src/services/session.ts
@@ -0,0 +1,17 @@
+import { createCookieSessionStorage } from '@remix-run/node'
+
+export const SESSION_COOKIE_SECRET_KEY =
+  process.env.SESSION_COOKIE_SECRET_KEY || 'supersecretilpaystring'
+
+const { getSession, commitSession, destroySession } =
+  createCookieSessionStorage({
+    cookie: {
+      name: 'wmtools-session',
+      httpOnly: true,
+      secure: true,
+      sameSite: 'none',
+      secrets: [SESSION_COOKIE_SECRET_KEY]
+    }
+  })
+
+export { getSession, commitSession, destroySession }
diff --git a/backend/src/types/index.ts b/backend/src/types/index.ts
new file mode 100644
index 00000000..dba3b9a5
--- /dev/null
+++ b/backend/src/types/index.ts
@@ -0,0 +1,7 @@
+import 'express-session'
+
+declare module 'express-session' {
+  interface Session {
+    validForWallet?: string
+  }
+}
diff --git a/backend/tsconfig.json b/backend/tsconfig.json
index bef7e01c..8be378c1 100644
--- a/backend/tsconfig.json
+++ b/backend/tsconfig.json
@@ -10,5 +10,6 @@
     }
   },
   "include": ["src/**/*", "tests/**/*"],
-  "exclude": ["node_modules", "**/node_modules/*"]
+  "exclude": ["node_modules", "**/node_modules/*"],
+  "files": ["src/types/index.ts"]
 }
diff --git a/docker/dev/.env.example b/docker/dev/.env.example
index 476f6a2a..dee7dc6d 100644
--- a/docker/dev/.env.example
+++ b/docker/dev/.env.example
@@ -5,6 +5,11 @@ SCRIPT_FRONTEND_URL=https://localhost:5100/
 SCRIPT_ILPAY_URL=https://interledgerpay.com/extension/
 SCRIPT_EMBED_URL=https://localhost:5100/
 
+OP_KEY_ID=
+OP_PRIVATE_KEY=
+OP_WALLET_ADDRESS=
+OP_REDIRECT_URL=
+
 # BACKEND
 AWS_ACCESS_KEY_ID=
 AWS_SECRET_ACCESS_KEY=
diff --git a/docker/dev/docker-compose.yml b/docker/dev/docker-compose.yml
index 77483e4d..30a94aa5 100644
--- a/docker/dev/docker-compose.yml
+++ b/docker/dev/docker-compose.yml
@@ -50,6 +50,10 @@ services:
       ILPAY_URL: ${SCRIPT_ILPAY_URL}
       FRONTEND_URL: ${SCRIPT_FRONTEND_URL}
       INIT_SCRIPT_URL: ${SCRIPT_EMBED_URL}
+      OP_KEY_ID: ${OP_KEY_ID}
+      OP_PRIVATE_KEY: ${OP_PRIVATE_KEY}
+      OP_WALLET_ADDRESS: ${OP_WALLET_ADDRESS}
+      OP_REDIRECT_URL: ${OP_REDIRECT_URL}
     networks:
       - wm-tools
     command: pnpm run dev
diff --git a/frontend/Dockerfile b/frontend/Dockerfile
index 394d9c18..bee84e82 100644
--- a/frontend/Dockerfile
+++ b/frontend/Dockerfile
@@ -44,10 +44,12 @@ RUN pnpm --filter frontend build
 ARG VITE_SCRIPT_API_URL
 ARG VITE_SCRIPT_FRONTEND_URL
 ARG VITE_SCRIPT_ILPAY_URL
+ARG VITE_INIT_SCRIPT_URL
 
 ENV VITE_SCRIPT_API_URL=$VITE_SCRIPT_API_URL \
     VITE_SCRIPT_FRONTEND_URL=$VITE_SCRIPT_FRONTEND_URL \
-    VITE_SCRIPT_ILPAY_URL=$VITE_SCRIPT_ILPAY_URL
+    VITE_SCRIPT_ILPAY_URL=$VITE_SCRIPT_ILPAY_URL \
+    VITE_INIT_SCRIPT_URL=$VITE_INIT_SCRIPT_URL
 
 RUN pnpm --filter frontend build:init
 
diff --git a/frontend/Dockerfile.dev b/frontend/Dockerfile.dev
index c9356f3a..5680bfe8 100644
--- a/frontend/Dockerfile.dev
+++ b/frontend/Dockerfile.dev
@@ -31,10 +31,12 @@ EXPOSE 5100
 ARG VITE_SCRIPT_API_URL
 ARG VITE_SCRIPT_FRONTEND_URL
 ARG VITE_SCRIPT_ILPAY_URL
+ARG VITE_INIT_SCRIPT_URL
 
 ENV VITE_SCRIPT_API_URL=$VITE_SCRIPT_API_URL \
     VITE_SCRIPT_FRONTEND_URL=$VITE_SCRIPT_FRONTEND_URL \
-    VITE_SCRIPT_ILPAY_URL=$VITE_SCRIPT_ILPAY_URL
+    VITE_SCRIPT_ILPAY_URL=$VITE_SCRIPT_ILPAY_URL \
+    VITE_INIT_SCRIPT_URL=$VITE_INIT_SCRIPT_URL
 
 WORKDIR /app/frontend
 
diff --git a/frontend/app/components/Snackbar.tsx b/frontend/app/components/Snackbar.tsx
index 49187caf..709d7028 100644
--- a/frontend/app/components/Snackbar.tsx
+++ b/frontend/app/components/Snackbar.tsx
@@ -2,7 +2,7 @@ import { Transition } from '@headlessui/react'
 import { cx } from 'class-variance-authority'
 import type { FC } from 'react'
 import { Fragment, useEffect } from 'react'
-import { type Message } from '~/lib/message.server'
+import { type Message } from '~/lib/server/message.server.js'
 import { CheckCircleSolid, XIcon, XCircleSolid } from '../components/icons.js'
 
 interface SnackbarProps {
diff --git a/frontend/app/components/modals/Confirm.tsx b/frontend/app/components/modals/Confirm.tsx
index 5e3069ea..47c84436 100644
--- a/frontend/app/components/modals/Confirm.tsx
+++ b/frontend/app/components/modals/Confirm.tsx
@@ -3,9 +3,11 @@ import { Form } from '@remix-run/react'
 import { ElementErrors } from '~/lib/types.js'
 import { XIcon } from '~/components/icons.js'
 import { Button } from '~/components/index.js'
+import { ReactElement } from 'react'
 
 type ConfirmModalProps = {
-  title: string
+  title: string | ReactElement
+  description: string | ReactElement
   isOpen: boolean
   errors?: ElementErrors
   onClose: () => void
@@ -14,6 +16,7 @@ type ConfirmModalProps = {
 
 export const ConfirmModal = ({
   title,
+  description,
   isOpen,
   onClose,
   onConfirm
@@ -44,13 +47,16 @@ export const ConfirmModal = ({
               <div className="mt-2">
                 <Form method="post" replace preventScrollReset>
                   <fieldset>
+                    <div className="flex justify-center p-4 mx-2">
+                      {description}
+                    </div>
                     <div className="flex justify-center space-x-4">
                       <Button
                         className="mx-0"
                         aria-label={`confirm`}
                         onClick={onConfirm}
                       >
-                        Yes
+                        Continue
                       </Button>
                       <Button aria-label={`close`} onClick={onClose}>
                         Cancel
diff --git a/frontend/app/components/modals/NewVersion.tsx b/frontend/app/components/modals/NewVersion.tsx
index 8c38dc42..985041c9 100644
--- a/frontend/app/components/modals/NewVersion.tsx
+++ b/frontend/app/components/modals/NewVersion.tsx
@@ -3,7 +3,6 @@ import { Form } from '@remix-run/react'
 import { ElementConfigType, ElementErrors } from '~/lib/types.js'
 import { XIcon } from '~/components/icons.js'
 import { Button, Input, WalletAddress } from '~/components/index.js'
-import { useState } from 'react'
 
 type NewVersionModalProps = {
   title: string
@@ -14,6 +13,8 @@ type NewVersionModalProps = {
   toolConfig: ElementConfigType
   setToolConfig: React.Dispatch<React.SetStateAction<ElementConfigType>>
   fullConfig?: Record<string, ElementConfigType>
+  versionName: string
+  setVersionName: (value: string) => void
 }
 
 export const NewVersionModal = ({
@@ -24,10 +25,10 @@ export const NewVersionModal = ({
   isSubmitting,
   toolConfig,
   setToolConfig,
-  fullConfig
+  fullConfig,
+  versionName,
+  setVersionName
 }: NewVersionModalProps) => {
-  const [versionName, setVersionName] = useState('')
-
   return (
     <Dialog as="div" className="relative z-10" onClose={onClose} open={isOpen}>
       <div className="fixed inset-0 bg-slate-500 bg-opacity-75 transition-opacity" />
@@ -81,7 +82,9 @@ export const NewVersionModal = ({
                       <input
                         type="hidden"
                         name="fullconfig"
-                        value={JSON.stringify(fullConfig)}
+                        value={JSON.stringify(
+                          fullConfig || { default: toolConfig }
+                        )}
                       />
                     </div>
                     <div className="flex justify-end space-x-4">
diff --git a/frontend/app/lib/apiClient.ts b/frontend/app/lib/apiClient.ts
index 08c0752b..dd4728b5 100644
--- a/frontend/app/lib/apiClient.ts
+++ b/frontend/app/lib/apiClient.ts
@@ -56,7 +56,9 @@ export class ApiClient {
     const wa = encodeURIComponent(
       walletAddress.replace('$', '').replace('https://', '')
     )
-    const response = await axios.get(`${apiUrl}tools/${wa}`, { httpsAgent })
+    const response = await axios.get(`${apiUrl}tools/${wa}`, {
+      httpsAgent
+    })
 
     if (response.status === 200) {
       return {
@@ -73,7 +75,8 @@ export class ApiClient {
 
   public static async createUserConfig(
     version: string,
-    walletAddress: string
+    walletAddress: string,
+    cookieHeader: string
   ): Promise<ApiResponse> {
     const tag = encodeURIComponent(version)
     const wa = encodeURIComponent(
@@ -83,7 +86,11 @@ export class ApiClient {
       `${apiUrl}tools`,
       { walletAddress: wa, tag },
       {
-        httpsAgent
+        httpsAgent,
+        withCredentials: true,
+        headers: {
+          Cookie: cookieHeader // Manually attach the session cookie
+        }
       }
     )
 
@@ -102,10 +109,15 @@ export class ApiClient {
   }
 
   public static async saveUserConfig(
-    configData: Partial<ElementConfigType>
+    configData: Partial<ElementConfigType>,
+    cookieHeader: string
   ): Promise<ApiResponse> {
     const response = await axios.put(`${apiUrl}tools`, configData, {
-      httpsAgent
+      httpsAgent,
+      withCredentials: true,
+      headers: {
+        Cookie: cookieHeader // Manually attach the session cookie
+      }
     })
 
     if (response.status === 200) {
diff --git a/frontend/app/lib/presets.ts b/frontend/app/lib/presets.ts
index 6338f02f..84bd9981 100644
--- a/frontend/app/lib/presets.ts
+++ b/frontend/app/lib/presets.ts
@@ -2,6 +2,16 @@ import { tooltips } from './tooltips.js'
 import { CornerType, SlideAnimationType, PositionType } from './types.js'
 
 export const validConfigTypes = ['button', 'banner', 'widget']
+export const modalTypes = [
+  'confirm',
+  'import',
+  'info',
+  'new-version',
+  'script',
+  'wallet-ownership',
+  'grant-response'
+]
+export type ModalType = (typeof modalTypes)[number]
 
 export const textColorPresets = ['#ffffff', '#000000']
 export const triggerColorPresets = ['#ffffff', '#000000', '#096b63']
diff --git a/frontend/app/lib/message.server.ts b/frontend/app/lib/server/message.server.ts
similarity index 100%
rename from frontend/app/lib/message.server.ts
rename to frontend/app/lib/server/message.server.ts
diff --git a/frontend/app/lib/server/open-payments.server.ts b/frontend/app/lib/server/open-payments.server.ts
new file mode 100644
index 00000000..2a8eba6f
--- /dev/null
+++ b/frontend/app/lib/server/open-payments.server.ts
@@ -0,0 +1,158 @@
+import {
+  type AuthenticatedClient,
+  type PendingGrant,
+  type WalletAddress,
+  createAuthenticatedClient,
+  isFinalizedGrant,
+  isPendingGrant
+} from '@interledger/open-payments'
+import { createId } from '@paralleldrive/cuid2'
+import { toWalletAddressUrl } from '../utils.js'
+
+async function createClient() {
+  return await createAuthenticatedClient({
+    keyId: process.env.OP_KEY_ID!,
+    privateKey: Buffer.from(process.env.OP_PRIVATE_KEY!, 'base64'),
+    walletAddressUrl: process.env.OP_WALLET_ADDRESS!
+  })
+}
+
+export async function getValidWalletAddress(walletAddress: string) {
+  const opClient = await createClient()
+  const response = await getWalletAddress(walletAddress, opClient)
+  return response
+}
+
+export async function createInteractiveGrant(args: {
+  walletAddress: WalletAddress
+  redirectUrl?: string
+}) {
+  const opClient = await createClient()
+  const clientNonce = crypto.randomUUID()
+  const paymentId = createId()
+
+  const outgoingPaymentGrant = await createOutgoingPaymentGrant({
+    walletAddress: args.walletAddress,
+    debitAmount: {
+      value: String(1 * 10 ** args.walletAddress.assetScale),
+      assetCode: args.walletAddress.assetCode,
+      assetScale: args.walletAddress.assetScale
+    },
+    nonce: clientNonce,
+    paymentId: paymentId,
+    opClient,
+    redirectUrl: args.redirectUrl
+  })
+
+  return outgoingPaymentGrant
+}
+
+export interface Amount {
+  value: string
+  assetCode: string
+  assetScale: number
+}
+
+type CreateOutgoingPaymentParams = {
+  walletAddress: WalletAddress
+  debitAmount?: Amount
+  receiveAmount?: Amount
+  nonce?: string
+  paymentId: string
+  opClient: AuthenticatedClient
+}
+
+async function createOutgoingPaymentGrant(
+  params: CreateOutgoingPaymentParams & { redirectUrl?: string }
+): Promise<PendingGrant> {
+  const {
+    walletAddress,
+    debitAmount,
+    receiveAmount,
+    nonce,
+    paymentId,
+    opClient,
+    redirectUrl
+  } = params
+
+  const grant = await opClient.grant
+    .request(
+      {
+        url: walletAddress.authServer
+      },
+      {
+        access_token: {
+          access: [
+            {
+              identifier: walletAddress.id,
+              type: 'outgoing-payment',
+              actions: ['create', 'read'],
+              limits: {
+                debitAmount: debitAmount,
+                receiveAmount: receiveAmount
+              }
+            }
+          ]
+        },
+        interact: {
+          start: ['redirect'],
+          finish: {
+            method: 'redirect',
+            uri: `${redirectUrl ?? process.env.OP_REDIRECT_URL}?paymentId=${paymentId}`,
+            nonce: nonce || ''
+          }
+        }
+      }
+    )
+    .catch((error) => {
+      console.log({ error })
+      throw new Error('Could not retrieve outgoing payment grant.')
+    })
+
+  if (!isPendingGrant(grant)) {
+    throw new Error('Expected interactive outgoing payment grant.')
+  }
+
+  return grant
+}
+
+export async function isGrantValidAndAccepted(
+  payment: PendingGrant,
+  interactRef: string
+): Promise<boolean> {
+  const opClient = await createClient()
+
+  const continuation = await opClient.grant.continue(
+    {
+      accessToken: payment.continue.access_token.value,
+      url: payment.continue.uri
+    },
+    {
+      interact_ref: interactRef
+    }
+  )
+
+  if (!isFinalizedGrant(continuation)) {
+    return false
+  }
+
+  // when continuation has access_token value it has been accepted by user
+  return continuation?.access_token?.value ? true : false
+}
+
+export async function getWalletAddress(
+  url: string,
+  opClient?: AuthenticatedClient
+) {
+  opClient = opClient ? opClient : await createClient()
+  const walletAddress = await opClient.walletAddress
+    .get({
+      url: toWalletAddressUrl(url)
+    })
+    .catch((error) => {
+      console.log({ error })
+      throw new Error('Invalid wallet address.')
+    })
+
+  return walletAddress
+}
diff --git a/frontend/app/lib/server/session.server.ts b/frontend/app/lib/server/session.server.ts
new file mode 100644
index 00000000..12b885e4
--- /dev/null
+++ b/frontend/app/lib/server/session.server.ts
@@ -0,0 +1,16 @@
+import { createCookieSessionStorage } from '@remix-run/node'
+
+const { getSession, commitSession, destroySession } =
+  createCookieSessionStorage({
+    cookie: {
+      name: 'wmtools-session',
+      httpOnly: true,
+      secure: true,
+      sameSite: 'none',
+      secrets: [
+        process.env.SESSION_COOKIE_SECRET_KEY || 'supersecretilpaystring'
+      ]
+    }
+  })
+
+export { getSession, commitSession, destroySession }
diff --git a/frontend/app/lib/validate.server.ts b/frontend/app/lib/server/validate.server.ts
similarity index 76%
rename from frontend/app/lib/validate.server.ts
rename to frontend/app/lib/server/validate.server.ts
index 1b74721c..30ff7c98 100644
--- a/frontend/app/lib/validate.server.ts
+++ b/frontend/app/lib/server/validate.server.ts
@@ -4,8 +4,8 @@ import {
   PositionType,
   SlideAnimationType,
   WalletAddressFormatError
-} from './types.js'
-import { isWalletAddress } from './utils.js'
+} from '../types.js'
+import { isWalletAddress, toWalletAddressUrl } from '../utils.js'
 
 const rangeError = { message: 'Value has to be between 16 and 24' }
 
@@ -13,13 +13,15 @@ export const walletSchema = z.object({
   walletAddress: z
     .string()
     .min(1, { message: 'Wallet address is required' })
-    .superRefine(async (url, ctx) => {
-      if (url.length === 0) return
+    .transform((url) => toWalletAddressUrl(url))
+    .superRefine(async (updatedUrl, ctx) => {
+      if (updatedUrl.length === 0) return
 
       try {
-        checkHrefFormat(toWalletAddressUrl(url))
-        await isValidWalletAddress(url)
+        checkHrefFormat(updatedUrl)
+        await isValidWalletAddress(updatedUrl)
       } catch (e) {
+        console.log({ e })
         ctx.addIssue({
           code: z.ZodIssueCode.custom,
           message:
@@ -100,8 +102,44 @@ export const getElementSchema = (type: string) => {
   }
 }
 
-function toWalletAddressUrl(s: string): string {
-  return s.startsWith('$') ? s.replace('$', 'https://') : s
+export const validateForm = async (
+  formData: {
+    [k: string]: FormDataEntryValue
+  },
+  elementType?: string
+) => {
+  const intent = formData?.intent
+  let result
+
+  if (intent == 'import') {
+    result = await walletSchema.safeParseAsync(formData)
+  } else if (intent == 'newversion') {
+    result = await versionSchema
+      .merge(walletSchema)
+      .merge(fullConfigSchema)
+      .safeParseAsync(formData)
+  } else {
+    let currentSchema
+
+    switch (elementType) {
+      case 'button':
+        currentSchema = createButtonSchema
+        break
+      case 'widget':
+        currentSchema = createWidgetSchema
+        break
+      case 'banner':
+      default:
+        currentSchema = createBannerSchema
+    }
+    result = await currentSchema
+      .merge(fullConfigSchema)
+      .safeParseAsync(Object.assign(formData, { ...{ elementType } }))
+  }
+  /* eslint-disable  @typescript-eslint/no-explicit-any */
+  const payload = result.data as unknown as any
+
+  return { result, payload }
 }
 
 function checkHrefFormat(href: string): void {
diff --git a/frontend/app/lib/types.ts b/frontend/app/lib/types.ts
index cdaffaa0..3d372c00 100644
--- a/frontend/app/lib/types.ts
+++ b/frontend/app/lib/types.ts
@@ -3,7 +3,7 @@ import {
   createBannerSchema,
   createButtonSchema,
   createWidgetSchema
-} from './validate.server.js'
+} from './server/validate.server.js'
 
 export enum CornerType {
   None = 'None',
diff --git a/frontend/app/lib/utils.ts b/frontend/app/lib/utils.ts
index e6c1e4c0..120c4d62 100644
--- a/frontend/app/lib/utils.ts
+++ b/frontend/app/lib/utils.ts
@@ -338,3 +338,7 @@ export const isWalletAddress = (o: WalletAddress): o is WalletAddress => {
     typeof o.resourceServer === 'string'
   )
 }
+
+export function toWalletAddressUrl(s: string): string {
+  return s.startsWith('$') ? s.replace('$', 'https://') : s
+}
diff --git a/frontend/app/routes/create.$type.tsx b/frontend/app/routes/create.$type.tsx
index 6f0402eb..d1b575de 100644
--- a/frontend/app/routes/create.$type.tsx
+++ b/frontend/app/routes/create.$type.tsx
@@ -6,7 +6,7 @@ import {
   useNavigation,
   useSubmit
 } from '@remix-run/react'
-import { useEffect, useState } from 'react'
+import { ReactElement, useEffect, useState } from 'react'
 import {
   ConfirmModal,
   ImportModal,
@@ -23,23 +23,21 @@ import {
   ToolPreview
 } from '~/components/index.js'
 import { ApiClient, ApiResponse } from '~/lib/apiClient.js'
-import { type Message, messageStorage } from '~/lib/message.server.js'
-import { validConfigTypes } from '~/lib/presets.js'
+import { validConfigTypes, ModalType } from '~/lib/presets.js'
 import { tooltips } from '~/lib/tooltips.js'
 import { ElementConfigType, ElementErrors } from '~/lib/types.js'
 import {
   capitalizeFirstLetter,
   encodeAndCompressParameters,
-  getIlpayCss
+  getIlpayCss,
+  toWalletAddressUrl
 } from '~/lib/utils.js'
+import { validateForm } from '~/lib/server/validate.server'
+import { commitSession, getSession } from '~/lib/server/session.server'
 import {
-  createBannerSchema,
-  createButtonSchema,
-  createWidgetSchema,
-  fullConfigSchema,
-  versionSchema,
-  walletSchema
-} from '~/lib/validate.server'
+  getValidWalletAddress,
+  createInteractiveGrant
+} from '~/lib/server/open-payments.server'
 
 export async function loader({ params, request }: LoaderFunctionArgs) {
   const elementType = params.type
@@ -47,10 +45,17 @@ export async function loader({ params, request }: LoaderFunctionArgs) {
   const url = new URL(request.url)
   const contentOnlyParam = url.searchParams.get('contentOnly')
 
-  const cookies = request.headers.get('cookie')
+  const session = await getSession(request.headers.get('Cookie'))
+  const walletAddress = session.get('wallet-address')
+  const lastAction = session.get('last-action')
+  const grantResponse = session.get('grant-response')
+  const isGrantAccepted = session.get('is-grant-accepted')
+  const isGrantResponse = session.get('is-grant-response')
 
-  const session = await messageStorage.getSession(cookies)
-  const message = session.get('script') as Message
+  // removed unneeded data
+  session.unset('grant-response')
+  session.unset('is-grant-accepted')
+  session.unset('is-grant-response')
 
   // get default config
   const apiResponse: ApiResponse = await ApiClient.getDefaultConfig()
@@ -59,14 +64,25 @@ export async function loader({ params, request }: LoaderFunctionArgs) {
   const ilpayUrl = process.env.ILPAY_URL || ''
   const scriptInitUrl = process.env.INIT_SCRIPT_URL || ''
 
-  return {
-    elementType,
-    defaultConfig,
-    message,
-    ilpayUrl,
-    scriptInitUrl,
-    contentOnlyParam
-  }
+  return json(
+    {
+      elementType,
+      defaultConfig,
+      ilpayUrl,
+      scriptInitUrl,
+      walletAddress,
+      contentOnlyParam,
+      grantResponse,
+      isGrantResponse,
+      isGrantAccepted,
+      lastAction
+    },
+    {
+      headers: {
+        'Set-Cookie': await commitSession(session) // Commit session changes
+      }
+    }
+  )
 }
 
 export default function Create() {
@@ -75,7 +91,12 @@ export default function Create() {
     defaultConfig,
     ilpayUrl,
     scriptInitUrl,
-    contentOnlyParam
+    walletAddress,
+    contentOnlyParam,
+    isGrantAccepted,
+    grantResponse,
+    isGrantResponse,
+    lastAction
   } = useLoaderData<typeof loader>()
   const response = useActionData<typeof action>()
   const { state } = useNavigation()
@@ -86,24 +107,60 @@ export default function Create() {
   const [toolConfig, setToolConfig] = useState<ElementConfigType>(defaultConfig)
   const [fullConfig, setFullConfig] =
     useState<Record<string, ElementConfigType>>()
-  const [modalOpen, setModalOpen] = useState(false)
-  const [importModalOpen, setImportModalOpen] = useState(false)
-  const [newVersionModalOpen, setNewVersionModalOpen] = useState(false)
-  const [infoModalOpen, setInfoModalOpen] = useState(false)
-  const [confirmModalOpen, setConfirmModalOpen] = useState(false)
+  const [modalOpen, setModalOpen] = useState<ModalType | undefined>()
+
+  const [versionName, setVersionName] = useState('')
   const [selectedVersion, setSelectedVersion] = useState('default')
   const [versionOptions, setVersionOptions] = useState<SelectOption[]>([
     { label: 'Default', value: 'default' }
   ])
   const [configUpdateTrigger, setConfigUpdateTrigger] = useState(0)
 
-  const wa = (toolConfig?.walletAddress || '')
-    .replace('$', '')
-    .replace('https://', '')
+  const wa = toWalletAddressUrl(toolConfig?.walletAddress || '')
   const scriptToDisplay = `<script id="wmt-init-script" type="module" src="${scriptInitUrl}init.js?wa=${wa}&tag=[version]&types=[elements]"></script>`
   const submitForm = useSubmit()
 
-  const onConfirm = () => {
+  const getFormData = (
+    configArray: Record<string, ElementConfigType>,
+    intent: string,
+    version: string
+  ) => {
+    const formData = new FormData()
+    const defaultSet = configArray.default as unknown as Record<string, string>
+    Object.keys(defaultSet).map((key) => {
+      formData.set(key, defaultSet[key])
+    })
+
+    formData.set('intent', intent)
+    formData.set('version', version)
+    formData.set('fullconfig', JSON.stringify(configArray))
+
+    return formData
+  }
+
+  const setConfigs = (
+    fullConfigObject: Record<string, ElementConfigType>,
+    versionName: string
+  ) => {
+    if (fullConfigObject?.default) {
+      const versionLabels = Object.keys(fullConfigObject).map((key) => {
+        return {
+          label: capitalizeFirstLetter(key.replaceAll('-', ' ')),
+          value: key
+        }
+      })
+      setVersionOptions(versionLabels)
+      setFullConfig(fullConfigObject)
+    }
+    if (versionName) {
+      const selVersion = versionName
+      setSelectedVersion(selVersion)
+    }
+    // make sure the update is triggered
+    setConfigUpdateTrigger((prev) => prev + 1)
+  }
+
+  const onConfirmRemove = () => {
     if (fullConfig) {
       const { [selectedVersion]: _, ...rest } = fullConfig
       setFullConfig(rest)
@@ -115,85 +172,126 @@ export default function Create() {
       )
       setVersionOptions(filteredOptions)
       setSelectedVersion('default')
-      setConfirmModalOpen(false)
-
-      const formData = new FormData()
-      formData.append('intent', 'remove')
-      formData.append('version', 'default')
-      formData.append('fullconfig', JSON.stringify(rest))
-      const defaultSet = rest.default as unknown as Record<string, string>
-      Object.keys(defaultSet).map((key) => {
-        formData.append(key, defaultSet[key])
-      })
+      setModalOpen(undefined)
+
+      const formData = getFormData(rest, 'remove', 'default')
       submitForm(formData, { method: 'post' })
     }
   }
 
+  const onConfirmOwnership = () => {
+    if (response?.grantRequired) {
+      window.location.href = response.grantRequired
+    }
+  }
+
+  const onResubmit = () => {
+    setModalOpen(undefined)
+    const formData = getFormData(fullConfig || {}, lastAction, selectedVersion)
+    submitForm(formData, { method: 'post' })
+  }
+
+  const getConfirmModalContent = (type: string) => {
+    let title: string | ReactElement = '',
+      description = '',
+      onConfirm = () => {}
+    const onClose = () => setModalOpen(undefined)
+
+    switch (type) {
+      case 'confirm':
+        title = `Are you sure you want to remove ${selectedVersion}?`
+        onConfirm = onConfirmRemove
+        break
+      case 'wallet-ownership':
+        title = (
+          <span>
+            Please confirm you are owner of
+            <span className="flex w-full justify-center text-center">
+              {walletAddress?.id || ''}
+            </span>
+          </span>
+        )
+        description =
+          "You will need to confirm a grant to prove that you are the owner of the wallet address. It's value is set to 1 but there will be no funds removed from your wallet"
+        onConfirm = onConfirmOwnership
+        break
+      case 'grant-response':
+        title = grantResponse
+        onConfirm = isGrantAccepted ? onResubmit : onClose
+        break
+    }
+    return { title, description, onClose, onConfirm }
+  }
+
+  useEffect(() => {
+    const newVersion = sessionStorage.getItem('new-version')
+    const userFullconfig = JSON.parse(
+      sessionStorage.getItem('fullconfig') || '{}'
+    )
+    // make sure newly created version has config value
+    if (newVersion && !userFullconfig[newVersion]) {
+      userFullconfig[newVersion] = userFullconfig['default']
+    }
+
+    setConfigs(userFullconfig, newVersion || 'default')
+
+    if (isGrantResponse) {
+      setModalOpen('grant-response')
+    }
+  }, [])
+
   useEffect(() => {
     const errors = Object.keys(response?.errors?.fieldErrors || {})
 
     if (response && !errors.length && response.displayScript) {
-      setModalOpen(true)
+      setModalOpen('script')
+    } else if (response && response.grantRequired) {
+      setModalOpen('wallet-ownership')
     } else if (
       response &&
       response.apiResponse &&
       response.apiResponse.newversion
     ) {
-      const versionLabels = Object.keys(response.apiResponse?.payload).map(
-        (key) => {
-          return {
-            label: capitalizeFirstLetter(key.replaceAll('-', ' ')),
-            value: key
-          }
-        }
-      )
-      setVersionOptions(versionLabels)
-      setFullConfig(response.apiResponse.payload)
+      const newVersion = response.apiResponse.newversion
+      const userFullconfig = response.apiResponse?.payload
 
-      setNewVersionModalOpen(false)
-      setInfoModalOpen(true)
-      const selVersion = response.apiResponse.newversion
-      setSelectedVersion(selVersion)
-      // make sure the update is triggered
-      setConfigUpdateTrigger((prev) => prev + 1)
+      setConfigs(userFullconfig, newVersion)
+      setModalOpen('info')
     } else if (
       response &&
       response.apiResponse &&
       response.apiResponse.isFailure == false
     ) {
-      const versionLabels = Object.keys(response.apiResponse?.payload).map(
-        (key) => {
-          return {
-            label: capitalizeFirstLetter(key.replaceAll('-', ' ')),
-            value: key
-          }
-        }
-      )
-      setVersionOptions(versionLabels)
+      setConfigs(response.apiResponse?.payload, 'default')
 
-      setFullConfig(response.apiResponse.payload)
-      setImportModalOpen(false)
+      setModalOpen(undefined)
       if (response.intent != 'remove') {
-        setInfoModalOpen(true)
+        setModalOpen('info')
       }
-      setSelectedVersion('default')
-      // make sure the update is triggered
-      setConfigUpdateTrigger((prev) => prev + 1)
     }
   }, [response])
 
   useEffect(() => {
-    const updatedFullConfig = {
-      ...fullConfig,
-      [selectedVersion]: toolConfig
+    if (fullConfig) {
+      const updatedFullConfig = {
+        ...fullConfig,
+        [selectedVersion]: toolConfig
+      }
+      setFullConfig(updatedFullConfig)
+
+      //preserve data for page redirect
+      sessionStorage.setItem('new-version', selectedVersion)
+      sessionStorage.setItem('fullconfig', JSON.stringify(updatedFullConfig))
     }
-    setFullConfig(updatedFullConfig)
   }, [toolConfig])
 
   useEffect(() => {
     if (fullConfig) {
       const config = fullConfig[selectedVersion]
       setToolConfig(config)
+
+      //preserve data for page redirect
+      sessionStorage.setItem('new-version', selectedVersion)
     }
   }, [selectedVersion, configUpdateTrigger])
 
@@ -202,10 +300,10 @@ export default function Create() {
       <PageHeader
         title={`Create ${elementType}`}
         elementType={elementType}
-        setImportModalOpen={setImportModalOpen}
+        setImportModalOpen={() => setModalOpen('import')}
         link={`/${contentOnly ? '?contentOnly' : ''}`}
-        setNewVersionModalOpen={setNewVersionModalOpen}
-        setConfirmModalOpen={setConfirmModalOpen}
+        setNewVersionModalOpen={() => setModalOpen('new-version')}
+        setConfirmModalOpen={() => setModalOpen('confirm')}
         versionOptions={versionOptions}
         selectedVersion={selectedVersion}
         setSelectedVersion={setSelectedVersion}
@@ -255,39 +353,44 @@ export default function Create() {
         tooltip={tooltips.scriptModal}
         defaultType={elementType}
         scriptForDisplay={scriptToDisplay}
-        isOpen={modalOpen}
-        onClose={() => setModalOpen(false)}
+        isOpen={modalOpen == 'script'}
+        onClose={() => setModalOpen(undefined)}
       />
       <ImportModal
         title="Import config from wallet address"
-        isOpen={importModalOpen}
+        isOpen={modalOpen == 'import'}
         isSubmitting={isSubmitting}
-        onClose={() => setImportModalOpen(false)}
+        onClose={() => setModalOpen(undefined)}
         toolConfig={toolConfig}
         setToolConfig={setToolConfig}
         errors={response?.errors}
       />
       <NewVersionModal
         title="Create a new version of your config"
-        isOpen={newVersionModalOpen}
+        isOpen={modalOpen == 'new-version'}
         isSubmitting={isSubmitting}
-        onClose={() => setNewVersionModalOpen(false)}
+        onClose={() => setModalOpen(undefined)}
         errors={response?.errors}
         toolConfig={toolConfig}
         setToolConfig={setToolConfig}
         fullConfig={fullConfig}
+        versionName={versionName}
+        setVersionName={(v) => {
+          setVersionName(v)
+          sessionStorage.setItem('new-version', v)
+        }}
       />
       <InfoModal
         title="Available configs"
         content={versionOptions.map((ver) => ver.value).join(', ')}
-        isOpen={infoModalOpen}
-        onClose={() => setInfoModalOpen(false)}
+        isOpen={modalOpen == 'info'}
+        onClose={() => setModalOpen(undefined)}
       />
       <ConfirmModal
-        title={`Are you sure you want to remove ${selectedVersion}?`}
-        isOpen={confirmModalOpen}
-        onClose={() => setConfirmModalOpen(false)}
-        onConfirm={onConfirm}
+        {...getConfirmModalContent(modalOpen ?? '')}
+        isOpen={['confirm', 'wallet-ownership', 'grant-response'].includes(
+          modalOpen ?? ''
+        )}
       />
     </div>
   )
@@ -298,87 +401,113 @@ export async function action({ request, params }: ActionFunctionArgs) {
   const formData = Object.fromEntries(await request.formData())
   const intent = formData?.intent
 
+  const theCookie = request.headers.get('Cookie')
+  const session = await getSession(theCookie)
+  session.set('last-action', intent as string)
+
   let apiResponse: ApiResponse = { isFailure: true, newversion: false }
-  let displayScript: boolean = false
+  const displayScript: boolean = false
+  const grantRequired: string = ''
+  let validForWallet: string
   const errors: ElementErrors = {
     fieldErrors: {},
     message: []
   }
 
-  if (intent == 'import') {
-    const result = await walletSchema.safeParseAsync(formData)
-
-    if (!result.success) {
-      errors.fieldErrors = result.error.flatten().fieldErrors
-      return json(
-        { errors, apiResponse, displayScript, intent },
-        { status: 400 }
-      )
-    }
-
-    const payload = result.data
-    apiResponse = await ApiClient.getUserConfig(payload.walletAddress)
+  const actionResponse = {
+    errors,
+    apiResponse,
+    displayScript,
+    intent,
+    grantRequired
+  }
 
-    return json({ errors, apiResponse, displayScript, intent }, { status: 200 })
-  } else if (intent == 'newversion') {
-    const result = await versionSchema
-      .merge(walletSchema)
-      .merge(fullConfigSchema)
-      .safeParseAsync(formData)
-
-    if (!result.success) {
-      errors.fieldErrors = result.error.flatten().fieldErrors
-      return json(
-        { errors, apiResponse, displayScript, intent },
-        { status: 400 }
-      )
+  // validate form data
+  const { result, payload } = await validateForm(formData, elementType)
+  if (!result.success || !payload) {
+    errors.fieldErrors = result.error?.flatten().fieldErrors || {
+      walletAddress: undefined
     }
+    return json(actionResponse, { status: 400 })
+  }
+  // additional check for newversion
+  if (intent == 'newversion') {
+    // get existing keys
+    const apiData = await ApiClient.getUserConfig(payload.walletAddress)
+    const currentConfig = apiData.payload || {}
 
-    const payload = result.data
     const versionName = payload.version.replaceAll(' ', '-')
-    const configKeys = Object.keys(JSON.parse(payload.fullconfig))
+    const configKeys = Object.keys(currentConfig)
     if (configKeys.indexOf(versionName) !== -1) {
       errors.fieldErrors = { version: ['Already exists'] }
-      return json(
-        { errors, apiResponse, displayScript, intent },
-        { status: 400 }
-      )
+      actionResponse.errors = errors
+      return json(actionResponse, { status: 400 })
     }
+  }
+
+  // no need when importing
+  if (intent != 'import') {
+    const ownerWalletAddress: string = payload.walletAddress as string
+    validForWallet = session.get('validForWallet')
+
+    if (!validForWallet || validForWallet !== ownerWalletAddress) {
+      try {
+        const walletAddress = await getValidWalletAddress(ownerWalletAddress)
+        session.set('wallet-address', walletAddress)
+
+        const redirectUrl = `${process.env.FRONTEND_URL}grant/${elementType}/`
+        const grant = await createInteractiveGrant({
+          walletAddress: walletAddress,
+          redirectUrl
+        })
+        session.set('payment-grant', grant)
+
+        actionResponse.grantRequired = grant.interact.redirect
+      } catch (err) {
+        console.log({ err })
+        errors.fieldErrors = {
+          walletAddress: ['Could not verify ownership of wallet address']
+        }
+        actionResponse.errors = errors
+      }
+
+      return json(actionResponse, {
+        status: 200,
+        headers: {
+          'Set-Cookie': await commitSession(session)
+        }
+      })
+    }
+  }
+
+  if (intent == 'import') {
+    session.set('last-action', '')
+    apiResponse = await ApiClient.getUserConfig(payload.walletAddress)
+
+    actionResponse.apiResponse = apiResponse
+    return json(actionResponse, {
+      status: 200,
+      headers: {
+        'Set-Cookie': await commitSession(session)
+      }
+    })
+  } else if (intent == 'newversion') {
+    const versionName = payload.version.replaceAll(' ', '-')
     apiResponse = await ApiClient.createUserConfig(
       versionName,
-      payload.walletAddress
+      payload.walletAddress,
+      theCookie || ''
     )
     apiResponse.newversion = versionName
 
-    return json({ errors, apiResponse, displayScript, intent }, { status: 200 })
+    actionResponse.apiResponse = apiResponse
+    return json(actionResponse, {
+      status: 200,
+      headers: {
+        'Set-Cookie': await commitSession(session)
+      }
+    })
   } else {
-    let currentSchema
-
-    switch (elementType) {
-      case 'button':
-        currentSchema = createButtonSchema
-        break
-      case 'widget':
-        currentSchema = createWidgetSchema
-        break
-      case 'banner':
-      default:
-        currentSchema = createBannerSchema
-    }
-    const result = await currentSchema
-      .merge(fullConfigSchema)
-      .safeParseAsync(Object.assign(formData, { ...{ elementType } }))
-
-    if (!result.success) {
-      errors.fieldErrors = result.error.flatten().fieldErrors
-      return json(
-        { errors, apiResponse, displayScript, intent },
-        { status: 400 }
-      )
-    }
-
-    const payload = result.data
-
     if (payload.elementType == 'widget') {
       const css = await encodeAndCompressParameters(
         getIlpayCss(payload as unknown as ElementConfigType)
@@ -387,11 +516,15 @@ export async function action({ request, params }: ActionFunctionArgs) {
       Object.assign(payload, { css })
     }
 
-    apiResponse = await ApiClient.saveUserConfig(payload)
-    if (intent != 'remove') {
-      displayScript = true
-    }
+    apiResponse = await ApiClient.saveUserConfig(payload, theCookie || '')
 
-    return json({ errors, apiResponse, displayScript, intent }, { status: 200 })
+    actionResponse.apiResponse = apiResponse
+    actionResponse.displayScript = intent != 'remove' ? true : displayScript
+    return json(actionResponse, {
+      status: 200,
+      headers: {
+        'Set-Cookie': await commitSession(session)
+      }
+    })
   }
 }
diff --git a/frontend/app/routes/grant.$type.tsx b/frontend/app/routes/grant.$type.tsx
new file mode 100644
index 00000000..f2cb1ef3
--- /dev/null
+++ b/frontend/app/routes/grant.$type.tsx
@@ -0,0 +1,43 @@
+import { LoaderFunctionArgs } from '@remix-run/node'
+import { redirect } from '@remix-run/react'
+import { commitSession, getSession } from '~/lib/server/session.server'
+import { isGrantValidAndAccepted } from '~/lib/server/open-payments.server'
+
+export async function loader({ params, request }: LoaderFunctionArgs) {
+  const elementType = params.type
+
+  const url = new URL(request.url)
+  const interactRef = url.searchParams.get('interact_ref') || ''
+  const result = url.searchParams.get('result') || ''
+
+  const session = await getSession(request.headers.get('Cookie'))
+  const walletAddress = session.get('wallet-address')
+  const grant = session.get('payment-grant')
+
+  const isGrantResponse = true
+  let grantResponse = result == 'grant_rejected' ? 'Grant was declined' : ''
+  let isGrantAccepted = false
+
+  if (walletAddress && grant && interactRef) {
+    try {
+      isGrantAccepted = await isGrantValidAndAccepted(grant, interactRef)
+    } catch (_err) {
+      isGrantAccepted = false
+    }
+    if (isGrantAccepted) {
+      grantResponse = 'Wallet ownership confirmed!'
+      session.set('validForWallet', walletAddress.id)
+    }
+    session.unset('payment-grant')
+  }
+
+  session.set('is-grant-accepted', isGrantAccepted)
+  session.set('is-grant-response', isGrantResponse)
+  session.set('grant-response', grantResponse)
+
+  return redirect(`/create/${elementType}`, {
+    headers: {
+      'Set-Cookie': await commitSession(session)
+    }
+  })
+}
diff --git a/frontend/package.json b/frontend/package.json
index 650851ff..8372cc92 100644
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -15,6 +15,8 @@
   },
   "dependencies": {
     "@headlessui/react": "^1.7.19",
+    "@interledger/open-payments": "^6.13.2",
+    "@paralleldrive/cuid2": "^2.2.2",
     "@remix-run/node": "^2.14.0",
     "@remix-run/react": "^2.14.0",
     "@remix-run/serve": "^2.14.0",
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 628bbe6b..3a9df320 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -41,18 +41,30 @@ importers:
       '@aws-sdk/client-s3':
         specifier: ^3.645.0
         version: 3.682.0
+      '@remix-run/node':
+        specifier: ^2.14.0
+        version: 2.14.0(typescript@5.6.3)
       '@smithy/node-http-handler':
         specifier: ^3.2.3
         version: 3.2.5
+      '@types/express-session':
+        specifier: ^1.18.1
+        version: 1.18.1
       '@types/underscore':
         specifier: ^1.11.15
         version: 1.13.0
+      cookie-parser:
+        specifier: ^1.4.7
+        version: 1.4.7
       dotenv:
         specifier: ^16.4.5
         version: 16.4.5
       express:
         specifier: ^4.19.2
         version: 4.21.1
+      express-session:
+        specifier: ^1.18.1
+        version: 1.18.1
       he:
         specifier: ^1.2.0
         version: 1.2.0
@@ -99,6 +111,12 @@ importers:
       '@headlessui/react':
         specifier: ^1.7.19
         version: 1.7.19(react-dom@18.3.1(react@18.3.1))(react@18.3.1)
+      '@interledger/open-payments':
+        specifier: ^6.13.2
+        version: 6.13.2
+      '@paralleldrive/cuid2':
+        specifier: ^2.2.2
+        version: 2.2.2
       '@remix-run/node':
         specifier: ^2.14.0
         version: 2.14.0(typescript@5.1.6)
@@ -195,6 +213,10 @@ packages:
     resolution: {integrity: sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw==}
     engines: {node: '>=6.0.0'}
 
+  '@apidevtools/json-schema-ref-parser@11.7.2':
+    resolution: {integrity: sha512-4gY54eEGEstClvEkGnwVkTkrx0sqwemEFG5OSRRn3tD91XH0+Q8XIkYIfo7IwEWPpJZwILb9GUXeShtplRc/eA==}
+    engines: {node: '>= 16'}
+
   '@aws-crypto/crc32@5.2.0':
     resolution: {integrity: sha512-nLbCWqQNgUiwwtFsen1AdzAtvuLRsQS8rYgMuxCrdKf9kOssamGLuPwyTY9wyYblNr9+1XM8v6zoDTPPSIeANg==}
     engines: {node: '>=16.0.0'}
@@ -690,6 +712,15 @@ packages:
     resolution: {integrity: sha512-93zYdMES/c1D69yZiKDBj0V24vqNzB/koF26KPaagAfd3P/4gUlh3Dys5ogAK+Exi9QyzlD8x/08Zt7wIKcDcA==}
     deprecated: Use @eslint/object-schema instead
 
+  '@interledger/http-signature-utils@2.0.2':
+    resolution: {integrity: sha512-gTAPFMt7xwG1zv1rbrltcZTAqOw/ZJwkVdnNjQzu5G9JTfvJQzS6pcpiVUej1cblpewotbOzosgdX00f93q9zA==}
+
+  '@interledger/open-payments@6.13.2':
+    resolution: {integrity: sha512-siAnS+Rp+SEZtm+YSWVHWCA4EJB7a6pKBZ9SR61UV1kgrzVzVHAZ8HA0cNTteLEEdFuW1xqVv8zqz27lxdvLgA==}
+
+  '@interledger/openapi@2.0.2':
+    resolution: {integrity: sha512-HOQnALmRtRkGkh63OnFhoCVsK4BKhQosJyoBCe6Cuu+jp8Oj2fAqTNz8ys+h6s30cJcIpk2UBlsj4wZ3pj26Ug==}
+
   '@isaacs/cliui@8.0.2':
     resolution: {integrity: sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==}
     engines: {node: '>=12'}
@@ -715,12 +746,19 @@ packages:
   '@jridgewell/trace-mapping@0.3.9':
     resolution: {integrity: sha512-3Belt6tdc8bPgAtbcmdtNJlirVoTmEb5e2gC94PnkwEW9jI6CAHUeoG85tjWP5WquqfavoMtMwiG4P926ZKKuQ==}
 
+  '@jsdevtools/ono@7.1.3':
+    resolution: {integrity: sha512-4JQNk+3mVzK3xh2rqd6RB4J46qUR19azEHBneZyTZM+c456qOrbbM/5xcR8huNCCcbVt7+UmizG6GuUvPvKUYg==}
+
   '@jspm/core@2.1.0':
     resolution: {integrity: sha512-3sRl+pkyFY/kLmHl0cgHiFp2xEqErA8N3ECjMs7serSUBmoJ70lBa0PG5t0IM6WJgdZNyyI0R8YFfi5wM8+mzg==}
 
   '@mdx-js/mdx@2.3.0':
     resolution: {integrity: sha512-jLuwRlz8DQfQNiUCJR50Y09CGPq3fLtmtUQfVrj79E0JWu3dvsVcxVIcfhR5h0iXu+/z++zDrYeiJqifRynJkA==}
 
+  '@noble/hashes@1.6.1':
+    resolution: {integrity: sha512-pq5D8h10hHBjyqX+cfBm0i8JUXJ0UhczFc4r74zbuT9XgewFo2E3J1cOaGtdZynILNmQ685YWGzGE1Zv6io50w==}
+    engines: {node: ^14.21.3 || >=16}
+
   '@nodelib/fs.scandir@2.1.5':
     resolution: {integrity: sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==}
     engines: {node: '>= 8'}
@@ -749,6 +787,9 @@ packages:
     resolution: {integrity: sha512-gGq0NJkIGSwdbUt4yhdF8ZrmkGKVz9vAdVzpOfnom+V8PLSmSOVhZwbNvZZS1EYcJN5hzzKBxmmVVAInM6HQLg==}
     engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0}
 
+  '@paralleldrive/cuid2@2.2.2':
+    resolution: {integrity: sha512-ZOBkgDwEdoYVlSeRbYYXs0S9MejQofiVYoTbKzy/6GQa39/q5tQU2IX46+shYnUkpEl3wc+J6wRlar7r2EK2xA==}
+
   '@pkgjs/parseargs@0.11.0':
     resolution: {integrity: sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==}
     engines: {node: '>=14'}
@@ -1195,6 +1236,9 @@ packages:
   '@types/express-serve-static-core@4.19.6':
     resolution: {integrity: sha512-N4LZ2xG7DatVqhCZzOGb1Yi5lMbXSZcmdLDe9EzSndPV2HpWYWzRbaerl2n27irrm94EPpprqa8KpskPT085+A==}
 
+  '@types/express-session@1.18.1':
+    resolution: {integrity: sha512-S6TkD/lljxDlQ2u/4A70luD8/ZxZcrU5pQwI1rVXCiaVIywoFgbA+PIUNDjPhQpPdK0dGleLtYc/y7XWBfclBg==}
+
   '@types/express@4.17.21':
     resolution: {integrity: sha512-ejlPM315qwLpaQlQDTjPdsUFSc6ZsP4AN6AlWnogPjQ7CVi7PYF3YVz+CY3jE2pwYf7E/7HlDAN0rV2GxTG0HQ==}
 
@@ -1207,6 +1251,9 @@ packages:
   '@types/http-errors@2.0.4':
     resolution: {integrity: sha512-D0CFMMtydbJAegzOyHjtiKPLlvnm3iTZyZRSZoLq2mRhDdmLfIWOCYPfQJ4cu2erKghU++QvjcUjp/5h7hESpA==}
 
+  '@types/json-schema@7.0.15':
+    resolution: {integrity: sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA==}
+
   '@types/json5@0.0.29':
     resolution: {integrity: sha512-dRLjCWHYg4oaA77cxO64oO+7JwCwnIzkZPdrrC71jQmQtlhM556pwKo5bUzqvZndkVbeFLIIi+9TC40JNF5hNQ==}
 
@@ -1365,9 +1412,20 @@ packages:
     resolution: {integrity: sha512-4I7Td01quW/RpocfNayFdFVk1qSuoh0E7JrbRJ16nH01HhKFQ88INq9Sd+nd72zqRySlr9BmDA8xlEJ6vJMrYA==}
     engines: {node: '>=8'}
 
+  ajv-formats@2.1.1:
+    resolution: {integrity: sha512-Wx0Kx52hxE7C18hkMEggYlEifqWZtYaRgouJor+WMdPnQyEK13vgEWyVNup7SoeeoLMsr4kf5h6dOW11I15MUA==}
+    peerDependencies:
+      ajv: ^8.0.0
+    peerDependenciesMeta:
+      ajv:
+        optional: true
+
   ajv@6.12.6:
     resolution: {integrity: sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==}
 
+  ajv@8.17.1:
+    resolution: {integrity: sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==}
+
   ansi-regex@5.0.1:
     resolution: {integrity: sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==}
     engines: {node: '>=8'}
@@ -1446,6 +1504,10 @@ packages:
   asynckit@0.4.0:
     resolution: {integrity: sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==}
 
+  atomic-sleep@1.0.0:
+    resolution: {integrity: sha512-kNOjDqAh7px0XWNI+4QbzoiR/nTkHAWNud2uvnJquD1/x5a7EQZMJT0AczqK0Qn67oY/TTQ1LbUKajZpp3I9tQ==}
+    engines: {node: '>=8.0.0'}
+
   autoprefixer@10.4.20:
     resolution: {integrity: sha512-XY25y5xSv/wEoqzDyXXME4AFfkZI0P23z6Fs3YgymDnKJkCGOnkL0iTxCa85UTqaSgfcqyf3UA6+c7wUvx/16g==}
     engines: {node: ^10 || ^12 || >=14}
@@ -1469,6 +1531,10 @@ packages:
   base64-js@1.5.1:
     resolution: {integrity: sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==}
 
+  base64url@3.0.1:
+    resolution: {integrity: sha512-ir1UPr3dkwexU7FdV8qBBbNDRUhMmIekYMFZfi+C/sLNnRESKPl23nB9b2pltqfOQNnGzsDdId90AEtG5tCx4A==}
+    engines: {node: '>=6.0.0'}
+
   basic-auth@2.0.1:
     resolution: {integrity: sha512-NF+epuEdnUYVlGuhaxbbq+dvJttwLnGY+YixlXlME5KpQ5W3CnXA5cVTneY3SPbPDRkcjMbifrwmFYcClgOZeg==}
     engines: {node: '>= 0.8'}
@@ -1511,6 +1577,9 @@ packages:
   buffer@5.7.1:
     resolution: {integrity: sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ==}
 
+  buffer@6.0.3:
+    resolution: {integrity: sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==}
+
   bytes@3.1.2:
     resolution: {integrity: sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg==}
     engines: {node: '>= 0.8'}
@@ -1523,6 +1592,10 @@ packages:
     resolution: {integrity: sha512-/aJwG2l3ZMJ1xNAnqbMpA40of9dj/pIH3QfiuQSqjfPJF747VR0J/bHn+/KdNnHKc6XQcWt/AfRSBft82W1d2A==}
     engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0}
 
+  cache-content-type@1.0.1:
+    resolution: {integrity: sha512-IKufZ1o4Ut42YUrZSo8+qnMTrFuKkvyoLXUywKz9GJ5BrhOFGhLdkx9sG4KAnVvbY6kEcSFjLQul+DVmBm2bgA==}
+    engines: {node: '>= 6.0.0'}
+
   call-bind@1.0.7:
     resolution: {integrity: sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==}
     engines: {node: '>= 0.4'}
@@ -1598,6 +1671,10 @@ packages:
     resolution: {integrity: sha512-rQ1+kcj+ttHG0MKVGBUXwayCCF1oh39BF5COIpRzuCEv8Mwjv0XucrI2ExNTOn9IlLifGClWQcU9BrZORvtw6Q==}
     engines: {node: '>=6'}
 
+  co@4.6.0:
+    resolution: {integrity: sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==}
+    engines: {iojs: '>= 1.0.0', node: '>= 0.12.0'}
+
   color-convert@2.0.1:
     resolution: {integrity: sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==}
     engines: {node: '>=7.0.0'}
@@ -1650,9 +1727,16 @@ packages:
   convert-source-map@2.0.0:
     resolution: {integrity: sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==}
 
+  cookie-parser@1.4.7:
+    resolution: {integrity: sha512-nGUvgXnotP3BsjiLX2ypbQnWoGUPIIfHQNZkkC668ntrzGWEZVW70HDEB1qnNGMicPje6EttlIgzo51YSwNQGw==}
+    engines: {node: '>= 0.8.0'}
+
   cookie-signature@1.0.6:
     resolution: {integrity: sha512-QADzlaHc8icV8I7vbaJXJwod9HWYp8uCqf1xa4OfNu1T7JVxQIrUgOWtHdNDtPiywmFbiS12VjotIXLrKM3orQ==}
 
+  cookie-signature@1.0.7:
+    resolution: {integrity: sha512-NXdYc3dLr47pBkpUCHtKSwIOQXLVn8dZEuywboCOJY/osA0wFSLlSawr3KN8qXJEyX66FcONTH8EIlVuK0yyFA==}
+
   cookie-signature@1.2.2:
     resolution: {integrity: sha512-D76uU73ulSXrD1UXF4KE2TMxVVwhsnCgfAyTg9k8P6KGZjlXKrOLe4dJQKI3Bxi5wjesZoFXJWElNWBjPZMbhg==}
     engines: {node: '>=6.6.0'}
@@ -1665,6 +1749,14 @@ packages:
     resolution: {integrity: sha512-6DnInpx7SJ2AK3+CTUE/ZM0vWTUboZCegxhC2xiIydHR9jNuTAASBrfEpHhiGOZw/nX51bHt6YQl8jsGo4y/0w==}
     engines: {node: '>= 0.6'}
 
+  cookie@0.7.2:
+    resolution: {integrity: sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==}
+    engines: {node: '>= 0.6'}
+
+  cookies@0.9.1:
+    resolution: {integrity: sha512-TG2hpqe4ELx54QER/S3HQ9SRVnQnGBtKUz5bLQWtYAQ+o6GpgMs6sYUvaiJjVxb+UXwhRhAEP3m7LbsIZ77Hmw==}
+    engines: {node: '>= 0.8'}
+
   core-util-is@1.0.3:
     resolution: {integrity: sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ==}
 
@@ -1747,6 +1839,9 @@ packages:
       babel-plugin-macros:
         optional: true
 
+  deep-equal@1.0.1:
+    resolution: {integrity: sha512-bHtC0iYvWhyaTzvV3CZgPeZQqCOBGyGsVV7v4eevpdkLHfiSrXUdBG+qAuSz4RI70sszvjQ1QSZ98An1yNwpSw==}
+
   deep-is@0.1.4:
     resolution: {integrity: sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ==}
 
@@ -1772,6 +1867,13 @@ packages:
     resolution: {integrity: sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==}
     engines: {node: '>=0.4.0'}
 
+  delegates@1.0.0:
+    resolution: {integrity: sha512-bd2L678uiWATM6m5Z1VzNCErI3jiGzt6HGY8OVICs40JQq/HALfbyNJmp0UDakEY4pMMaN0Ly5om/B1VI/+xfQ==}
+
+  depd@1.1.2:
+    resolution: {integrity: sha512-7emPTl6Dpo6JRXOXjLRxck+FlLRX5847cLKEn00PLAgc3g2hTZZgr+e4c2v6QpSmLeFP3n5yUo7ft6avBK/5jQ==}
+    engines: {node: '>= 0.6'}
+
   depd@2.0.0:
     resolution: {integrity: sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw==}
     engines: {node: '>= 0.8'}
@@ -2030,6 +2132,10 @@ packages:
     resolution: {integrity: sha512-i/2XbnSz/uxRCU6+NdVJgKWDTM427+MqYbkQzD321DuCQJUqOuJKIA0IM2+W2xtYHdKOmZ4dR6fExsd4SXL+WQ==}
     engines: {node: '>=6'}
 
+  events@3.3.0:
+    resolution: {integrity: sha512-mQw+2fkQbALzQ7V0MY0IqdnXNOeTtP4r0lN9z7AAawCXgqea7bDii20AYrIBrFd/Hx0M2Ocz6S111CaFkUcb0Q==}
+    engines: {node: '>=0.8.x'}
+
   execa@5.1.1:
     resolution: {integrity: sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==}
     engines: {node: '>=10'}
@@ -2038,6 +2144,10 @@ packages:
     resolution: {integrity: sha512-eNTPlAD67BmP31LDINZ3U7HSF8l57TxOY2PmBJ1shpCvpnxBF93mWCE8YHBnXs8qiUZJc9WDcWIeC3a2HIAMfw==}
     engines: {node: '>=6'}
 
+  express-session@1.18.1:
+    resolution: {integrity: sha512-a5mtTqEaZvBCL9A9aqkrtfz+3SMDhOVUnjafjo+s7A9Txkq+SVX2DLvSp1Zrv4uCXa3lMSK3viWnh9Gg07PBUA==}
+    engines: {node: '>= 0.8.0'}
+
   express@4.21.1:
     resolution: {integrity: sha512-YSFlK1Ee0/GC8QaO91tHcDxJiE/X4FbpAyQWkxAvG6AXCuR65YzK8ua6D9hvi/TzUfZMpc+BwuM1IPw8fmQBiQ==}
     engines: {node: '>= 0.10.0'}
@@ -2058,6 +2168,13 @@ packages:
   fast-levenshtein@2.0.6:
     resolution: {integrity: sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==}
 
+  fast-redact@3.5.0:
+    resolution: {integrity: sha512-dwsoQlS7h9hMeYUq1W++23NDcBLV4KqONnITDV9DjfS3q1SgDGVrBdvvTLUotWtPSD7asWDV9/CmsZPy8Hf70A==}
+    engines: {node: '>=6'}
+
+  fast-uri@3.0.3:
+    resolution: {integrity: sha512-aLrHthzCjH5He4Z2H9YZ+v6Ujb9ocRuW6ZzkJQOrTxleEijANq4v1TsaPaVG1PZcuurEzrLcWRyYBYXD5cEiaw==}
+
   fast-xml-parser@4.4.1:
     resolution: {integrity: sha512-xkjOecfnKGkSsOwtZ5Pz7Us/T6mrbPQrq0nh+aCO5V9nk5NLWmasAHumTKjiPJPWANe+kAZ84Jc8ooJkzZ88Sw==}
     hasBin: true
@@ -2288,10 +2405,27 @@ packages:
   htmlparser2@8.0.2:
     resolution: {integrity: sha512-GYdjWKDkbRLkZ5geuHs5NY1puJ+PXwP7+fHPRz06Eirsb9ugf6d8kkXav6ADhcODhFFPMIXyxkxSuMf3D6NCFA==}
 
+  http-assert@1.5.0:
+    resolution: {integrity: sha512-uPpH7OKX4H25hBmU6G1jWNaqJGpTXxey+YOUizJUAgu0AjLUeC8D73hTrhvDS5D+GJN1DN1+hhc/eF/wpxtp0w==}
+    engines: {node: '>= 0.8'}
+
+  http-errors@1.8.1:
+    resolution: {integrity: sha512-Kpk9Sm7NmI+RHhnj6OIWDI1d6fIoFAtFt9RLaTMRlg/8w49juAStsrBgp0Dp4OdxdVbRIeKhtCUvoi/RuAhO4g==}
+    engines: {node: '>= 0.6'}
+
   http-errors@2.0.0:
     resolution: {integrity: sha512-FtwrG/euBzaEjYeRqOgly7G0qviiXoJWnvEH2Z1plBdXgbyjv34pHTSb9zoeHMyDy33+DWy5Wt9Wo+TURtOYSQ==}
     engines: {node: '>= 0.8'}
 
+  http-message-signatures@0.1.2:
+    resolution: {integrity: sha512-gjJYDgFBy+xnlAs2G0gIWpiorCv9Xi7pIlOnnd91zHAK7BtkLxonmm/JAtd5e6CakOuW03IwEuJzj2YMy8lfWQ==}
+
+  http-message-signatures@1.0.4:
+    resolution: {integrity: sha512-gavCQWnxHFg0BVlKs6CmYK7hNSH1o0x0mHTC68yBAHYOYuTVXPv52mEE7QuT5TenfiagTdOa/zPJzen4lEX7Rg==}
+
+  httpbis-digest-headers@1.0.0:
+    resolution: {integrity: sha512-RpaFuZD3tG8wtsvjDv1u7O8wAvfpAxS20F3CrFPZOMn+IBb7E7yiqlN5Tks4E5tBEnTdpMOD151rJsUv03sAIg==}
+
   human-signals@2.1.0:
     resolution: {integrity: sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==}
     engines: {node: '>=10.17.0'}
@@ -2536,6 +2670,9 @@ packages:
     resolution: {integrity: sha512-2yTgeWTWzMWkHu6Jp9NKgePDaYHbntiwvYuuJLbbN9vl7DC9DvXKOB2BC3ZZ92D3cvV/aflH0osDfwpHepQ53w==}
     hasBin: true
 
+  jose@4.15.9:
+    resolution: {integrity: sha512-1vUQX+IdDMVPj4k8kOxgUqlcK518yluMuGZwqlr44FS1ppZB/5GWh4rZG89erpOBOJjU/OBsnCVFfapsRz6nEA==}
+
   js-tokens@4.0.0:
     resolution: {integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==}
 
@@ -2558,6 +2695,9 @@ packages:
   json-schema-traverse@0.4.1:
     resolution: {integrity: sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==}
 
+  json-schema-traverse@1.0.0:
+    resolution: {integrity: sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==}
+
   json-stable-stringify-without-jsonify@1.0.1:
     resolution: {integrity: sha512-Bdboy+l7tA3OGW6FjyFHWkP5LuByj1Tk33Ljyq0axyzdk9//JSi2u3fP1QSmd1KNwq6VOKYGlAu87CisVir6Pw==}
 
@@ -2577,6 +2717,10 @@ packages:
     resolution: {integrity: sha512-ZZow9HBI5O6EPgSJLUb8n2NKgmVWTwCvHGwFuJlMjvLFqlGG6pjirPhtdsseaLZjSibD8eegzmYpUZwoIlj2cQ==}
     engines: {node: '>=4.0'}
 
+  keygrip@1.1.0:
+    resolution: {integrity: sha512-iYSchDJ+liQ8iwbSI2QqsQOvqv58eJCEanyJPJi+Khyu8smkcKSFUCbPwzFcL7YVtZ6eONjqRX/38caJ7QjRAQ==}
+    engines: {node: '>= 0.6'}
+
   keyv@4.5.4:
     resolution: {integrity: sha512-oxVHkHR/EJf2CNXnWxRLW6mg7JyCCUcG0DtEGmL2ctUo1PNTin1PUil+r/+4r5MpVgC/fn1kjsx7mjSujKqIpw==}
 
@@ -2584,6 +2728,21 @@ packages:
     resolution: {integrity: sha512-o+NO+8WrRiQEE4/7nwRJhN1HWpVmJm511pBHUxPLtp0BUISzlBplORYSmTclCnJvQq2tKu/sgl3xVpkc7ZWuQQ==}
     engines: {node: '>=6'}
 
+  koa-compose@4.1.0:
+    resolution: {integrity: sha512-8ODW8TrDuMYvXRwra/Kh7/rJo9BtOfPc6qO8eAfC80CnCvSjSl0bkRM24X6/XBBEyj0v1nRUQ1LyOy3dbqOWXw==}
+
+  koa-convert@2.0.0:
+    resolution: {integrity: sha512-asOvN6bFlSnxewce2e/DK3p4tltyfC4VM7ZwuTuepI7dEQVcvpyFuBcEARu1+Hxg8DIwytce2n7jrZtRlPrARA==}
+    engines: {node: '>= 10'}
+
+  koa@2.15.3:
+    resolution: {integrity: sha512-j/8tY9j5t+GVMLeioLaxweJiKUayFhlGqNTzf2ZGwL0ZCQijd2RLHK0SLW5Tsko8YyyqCZC2cojIb0/s62qTAg==}
+    engines: {node: ^4.8.4 || ^6.10.1 || ^7.10.1 || >= 8.1.4}
+
+  ky@1.7.2:
+    resolution: {integrity: sha512-OzIvbHKKDpi60TnF9t7UUVAF1B4mcqc02z5PIvrm08Wyb+yOcz63GRvEuVxNT18a9E1SrNouhB4W2NNLeD7Ykg==}
+    engines: {node: '>=18'}
+
   levn@0.4.1:
     resolution: {integrity: sha512-+bT2uH4E5LGE7h/n3evcS/sQlJXCpIp6ym8OWJ5eV6+67Dsql/LaaT7qJBAt2rzfoa/5QBGBhxDix1dMt2kQKQ==}
     engines: {node: '>= 0.8.0'}
@@ -2993,6 +3152,10 @@ packages:
     resolution: {integrity: sha512-yBYjY9QX2hnRmZHAjG/f13MzmBzxzYgQhFrke06TTyKY5zSTEqkOeukBzIdVA3j3ulu8Qa3MbVFShV7T2RmGtQ==}
     engines: {node: '>= 0.4'}
 
+  on-exit-leak-free@2.1.2:
+    resolution: {integrity: sha512-0eJJY6hXLGf1udHwfNftBqH+g73EU4B504nZeKpz1sYRKafAghwxEJunB2O7rDZkL4PGfsMVnTXZ2EjibbqcsA==}
+    engines: {node: '>=14.0.0'}
+
   on-finished@2.3.0:
     resolution: {integrity: sha512-ikqdkGAAyf/X/gPhXGvfgAytDZtDbr+bkNUJ0N9h5MI/dmdgCs3l6hoHrcUv41sRKew3jIwrp4qQDXiK99Utww==}
     engines: {node: '>= 0.8'}
@@ -3012,6 +3175,27 @@ packages:
     resolution: {integrity: sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==}
     engines: {node: '>=6'}
 
+  only@0.0.2:
+    resolution: {integrity: sha512-Fvw+Jemq5fjjyWz6CpKx6w9s7xxqo3+JCyM0WXWeCSOboZ8ABkyvP8ID4CZuChA/wxSx+XSJmdOm8rGVyJ1hdQ==}
+
+  openapi-default-setter@12.1.3:
+    resolution: {integrity: sha512-wHKwvEuOWwke5WcQn8pyCTXT5WQ+rm9FpJmDeEVECEBWjEyB/MVLYfXi+UQeSHTTu2Tg4VDHHmzbjOqN6hYeLQ==}
+
+  openapi-jsonschema-parameters@12.1.3:
+    resolution: {integrity: sha512-aHypKxWHwu2lVqfCIOCZeJA/2NTDiP63aPwuoIC+5ksLK5/IQZ3oKTz7GiaIegz5zFvpMDxDvLR2DMQQSkOAug==}
+
+  openapi-request-coercer@12.1.3:
+    resolution: {integrity: sha512-CT2ZDhBmAZpHhAzHhEN+/J5oMK3Ds99ayLLdXh2Aw1DCcn72EM8VuIGVwG5fSjvkMsgtn7FgltFosHqeM6PRFQ==}
+
+  openapi-request-validator@12.1.3:
+    resolution: {integrity: sha512-HW1sG00A9Hp2oS5g8CBvtaKvRAc4h5E4ksmuC5EJgmQ+eAUacL7g+WaYCrC7IfoQaZrjxDfeivNZUye/4D8pwA==}
+
+  openapi-response-validator@12.1.3:
+    resolution: {integrity: sha512-beZNb6r1SXAg1835S30h9XwjE596BYzXQFAEZlYAoO2imfxAu5S7TvNFws5k/MMKMCOFTzBXSjapqEvAzlblrQ==}
+
+  openapi-types@12.1.3:
+    resolution: {integrity: sha512-N4YtSYJqghVu4iek2ZUvcN/0aqH1kRDuNqzcycDxhOUpg7GdvLa2F3DgS6yBNhInhv2r/6I0Flkn7CqL8+nIcw==}
+
   optionator@0.9.4:
     resolution: {integrity: sha512-6IpQ7mKUxRcZNLIObR0hz7lxsapSSIYNZJwXPGeF0mTVqGKFIXj1DQcMoT22S3ROcLyY/rz0PWaWZ9ayWmad9g==}
     engines: {node: '>= 0.8.0'}
@@ -3110,6 +3294,16 @@ packages:
     resolution: {integrity: sha512-udgsAY+fTnvv7kI7aaxbqwWNb0AHiB0qBO89PZKPkoTmGOgdbrHDKD+0B2X4uTfJ/FT1R09r9gTsjUjNJotuog==}
     engines: {node: '>=0.10.0'}
 
+  pino-abstract-transport@1.2.0:
+    resolution: {integrity: sha512-Guhh8EZfPCfH+PMXAb6rKOjGQEoy0xlAIn+irODG5kgfYV+BQ0rGYYWTIel3P5mmyXqkYkPmdIkywsn6QKUR1Q==}
+
+  pino-std-serializers@6.2.2:
+    resolution: {integrity: sha512-cHjPPsE+vhj/tnhCy/wiMh3M3z3h/j15zHQX+S9GkTBgqJuTuJzYJ4gUyACLhDaJ7kk9ba9iRDmbH2tJU03OiA==}
+
+  pino@8.21.0:
+    resolution: {integrity: sha512-ip4qdzjkAyDDZklUaZkcRFb2iA118H9SgRh8yzTkSQK8HilsOJF7rSY8HoW5+I0M46AZgX/pxbprf2vvzQCE0Q==}
+    hasBin: true
+
   pirates@4.0.6:
     resolution: {integrity: sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==}
     engines: {node: '>= 6'}
@@ -3230,6 +3424,13 @@ packages:
   process-nextick-args@2.0.1:
     resolution: {integrity: sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==}
 
+  process-warning@3.0.0:
+    resolution: {integrity: sha512-mqn0kFRl0EoqhnL0GQ0veqFHyIN1yig9RHh/InzORTUiZHFRAur+aMtRkELNwGs9aNwKS6tg/An4NYBPGwvtzQ==}
+
+  process@0.11.10:
+    resolution: {integrity: sha512-cdGef/drWFoydD1JsMzuFf8100nZl+GT+yacc2bEced5f9Rjk4z+WtFUTBu9PhOi9j/jfmBPu0mMEY4wIdAF8A==}
+    engines: {node: '>= 0.6.0'}
+
   promise-inflight@1.0.1:
     resolution: {integrity: sha512-6zWPyEOFaQBJYcGMHBKTKJ3u6TBsnMFOIZSa6ce1e/ZrrsOlnHRHbabMjLiBYKp+n44X9eUI6VUPaukCXHuG4g==}
     peerDependencies:
@@ -3282,6 +3483,13 @@ packages:
   queue-microtask@1.2.3:
     resolution: {integrity: sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A==}
 
+  quick-format-unescaped@4.0.4:
+    resolution: {integrity: sha512-tYC1Q1hgyRuHgloV/YXs2w15unPVh8qfu/qCTfhTYamaw7fyhumKa2yGpdSo87vY32rIclj+4fWYQXUMs9EHvg==}
+
+  random-bytes@1.0.0:
+    resolution: {integrity: sha512-iv7LhNVO047HzYR3InF6pUcUsPQiHTM1Qal51DcGSuZFBil1aBBWG5eHPNek7bvILMaYJ/8RU1e8w1AMdHmLQQ==}
+    engines: {node: '>= 0.8'}
+
   range-parser@1.2.1:
     resolution: {integrity: sha512-Hrgsx+orqoygnmhFbKaHE6c296J+HTAQXoxEF6gNupROmmGJRoyzfG3ccAveqCBrwr/2yxQ5BVd/GTl5agOwSg==}
     engines: {node: '>= 0.6'}
@@ -3341,10 +3549,18 @@ packages:
     resolution: {integrity: sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==}
     engines: {node: '>= 6'}
 
+  readable-stream@4.5.2:
+    resolution: {integrity: sha512-yjavECdqeZ3GLXNgRXgeQEdz9fvDDkNKyHnbHRFtOr7/LcfgBcmct7t/ET+HaCTqfh06OzoAxrkN/IfjJBVe+g==}
+    engines: {node: ^12.22.0 || ^14.17.0 || >=16.0.0}
+
   readdirp@3.6.0:
     resolution: {integrity: sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA==}
     engines: {node: '>=8.10.0'}
 
+  real-require@0.2.0:
+    resolution: {integrity: sha512-57frrGM/OCTLqLOAh0mhVA9VBMHd+9U7Zb2THMGdBUoZVOtGbJzjxsYGDJ3A9AYYCP4hn6y1TVbaOfzWtm5GFg==}
+    engines: {node: '>= 12.13.0'}
+
   reflect.getprototypeof@1.0.6:
     resolution: {integrity: sha512-fmfw4XgoDke3kdI6h4xcUz1dG8uaiv5q9gcEwLS4Pnth2kxT+GZ7YehS1JTMGBQmtV7Y4GFGbs2re2NqhdozUg==}
     engines: {node: '>= 0.4'}
@@ -3376,6 +3592,10 @@ packages:
     resolution: {integrity: sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==}
     engines: {node: '>=0.10.0'}
 
+  require-from-string@2.0.2:
+    resolution: {integrity: sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==}
+    engines: {node: '>=0.10.0'}
+
   require-like@0.1.2:
     resolution: {integrity: sha512-oyrU88skkMtDdauHDuKVrgR+zuItqr6/c//FXzvmxRGMexSDc6hNvJInGW3LL46n+8b50RykrvwSUIIQH2LQ5A==}
 
@@ -3444,6 +3664,10 @@ packages:
     resolution: {integrity: sha512-CdASjNJPvRa7roO6Ra/gLYBTzYzzPyyBXxIMdGW3USQLyjWEls2RgW5UBTXaQVp+OrpeCK3bLem8smtmheoRuw==}
     engines: {node: '>= 0.4'}
 
+  safe-stable-stringify@2.5.0:
+    resolution: {integrity: sha512-b3rppTKm9T+PsVCBEOUR46GWI7fdOs00VKZ1+9c1EWDaDMvjQc6tUwuFyIprgGgTcWoVHSKrU8H31ZHA2e0RHA==}
+    engines: {node: '>=10'}
+
   safer-buffer@2.1.2:
     resolution: {integrity: sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==}
 
@@ -3514,6 +3738,9 @@ packages:
     resolution: {integrity: sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==}
     engines: {node: '>=8'}
 
+  sonic-boom@3.8.1:
+    resolution: {integrity: sha512-y4Z8LCDBuum+PBP3lSV7RHrXscqksve/bi0as7mhwVnBW+/wUqKT/2Kb7um8yqcFy0duYbbPxzt89Zy2nOCaxg==}
+
   source-map-js@1.2.1:
     resolution: {integrity: sha512-UXWMKhLOwVKb728IUtQPXxfYU+usdybtUrK/8uGE8CQMvrhOpwvzDBwj0QhSL7MQc7vIsISBG8VQ8+IDQxpfQA==}
     engines: {node: '>=0.10.0'}
@@ -3547,10 +3774,18 @@ packages:
   spdx-license-ids@3.0.20:
     resolution: {integrity: sha512-jg25NiDV/1fLtSgEgyvVyDunvaNHbuwF9lfNV17gSmPFAlYzdfNBlLtLzXTevwkPj7DhGbmN9VnmJIgLnhvaBw==}
 
+  split2@4.2.0:
+    resolution: {integrity: sha512-UcjcJOWknrNkF6PLX83qcHM6KHgVKNkV62Y8a5uYDVv9ydGQVwAHMKqHdJje1VTWpljG0WYpCDhrCdAOYH4TWg==}
+    engines: {node: '>= 10.x'}
+
   ssri@10.0.6:
     resolution: {integrity: sha512-MGrFH9Z4NP9Iyhqn16sDtBpRRNJ0Y2hNa6D65h736fVSaPCHr4DM4sWUNvVaSuC+0OBGhwsrydQwmgfg5LncqQ==}
     engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0}
 
+  statuses@1.5.0:
+    resolution: {integrity: sha512-OpZ3zP+jT1PI7I8nemJX4AKmAX070ZkYPVWV/AaKTJl+tXCTGyVdC1a4SL8RUQYEwk/f34ZX8UTykN68FwrqAA==}
+    engines: {node: '>= 0.6'}
+
   statuses@2.0.1:
     resolution: {integrity: sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==}
     engines: {node: '>= 0.8'}
@@ -3622,6 +3857,13 @@ packages:
   strnum@1.0.5:
     resolution: {integrity: sha512-J8bbNyKKXl5qYcR36TIO8W3mVGVHrmmxsd5PAItGkmyzwJvybiw2IVq5nqd0i4LSNSkB/sx9VHllbfFdr9k1JA==}
 
+  structured-headers@0.5.0:
+    resolution: {integrity: sha512-oLnmXSsjhud+LxRJpvokwP8ImEB2wTg8sg30buwfVViKMuluTv3BlOJHUX9VW9pJ2nQOxmx87Z0kB86O4cphag==}
+
+  structured-headers@1.0.1:
+    resolution: {integrity: sha512-QYBxdBtA4Tl5rFPuqmbmdrS9kbtren74RTJTcs0VSQNVV5iRhJD4QlYTLD0+81SBwUQctjEQzjTRI3WG4DzICA==}
+    engines: {node: '>= 14', npm: '>=6'}
+
   style-to-object@0.4.4:
     resolution: {integrity: sha512-HYNoHZa2GorYNyqiCaBgsxvcJIn7OHq6inEga+E6Ke3m5JkoqpQbnFssk4jwe+K7AhGa2fcha4wSOf1Kn01dMg==}
 
@@ -3672,6 +3914,9 @@ packages:
   thenify@3.3.1:
     resolution: {integrity: sha512-RVZSIV5IG10Hk3enotrhvz0T9em6cyHBLkH/YAZuKqd8hRkKhSfCGIcP2KUY0EPxndzANBmNllzWPwak+bheSw==}
 
+  thread-stream@2.7.0:
+    resolution: {integrity: sha512-qQiRWsU/wvNolI6tbbCKd9iKaTnCXsTwVxhhKM6nctPdujTyztjlbUkUTUymidWcMnZ5pWR0ej4a0tjsW021vw==}
+
   through2@2.0.5:
     resolution: {integrity: sha512-/mrRod8xqpA+IHSLyGCQ2s8SPHiCDEeQJSep1jqLYeEUClOFG2Qsh+4FU6G9VeqpZnGW/Su8LQGc4YKni5rYSQ==}
 
@@ -3712,6 +3957,9 @@ packages:
   ts-interface-checker@0.1.13:
     resolution: {integrity: sha512-Y/arvbn+rrz3JCKl9C4kVNfTfSm2/mEp5FSz5EsZSANGPSlQrpRI5M4PKF+mJnE52jOO90PnPSc3Ur3bTQw0gA==}
 
+  ts-log@2.2.7:
+    resolution: {integrity: sha512-320x5Ggei84AxzlXp91QkIGSw5wgaLT6GeAH0KsqDmRZdVWW2OiSeVvElVoatk3f7nicwXlElXsoFkARiGE2yg==}
+
   ts-node@10.9.2:
     resolution: {integrity: sha512-f0FFpIdcHgn8zcPSbf1dRevwt047YMnaiJM3u2w2RewrB+fob/zePZcrOyQoLMMO7aBIddLcQIEK5dYjkLnGrQ==}
     hasBin: true
@@ -3750,6 +3998,10 @@ packages:
   tslib@2.8.1:
     resolution: {integrity: sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==}
 
+  tsscmp@1.0.6:
+    resolution: {integrity: sha512-LxhtAkPDTkVCMQjt2h6eBVY28KCjikZqZfMcC15YBeNjkgUpdCfBu5HoiOTDu86v6smE8yOjyEktJ8hlbANHQA==}
+    engines: {node: '>=0.6.x'}
+
   tsx@4.19.2:
     resolution: {integrity: sha512-pOUl6Vo2LUq/bSa8S5q7b91cgNSjctn9ugq/+Mvow99qW6x/UZYwzxy/3NmqoT66eHYfCVvFvACC58UBPFf28g==}
     engines: {node: '>=18.0.0'}
@@ -3808,6 +4060,10 @@ packages:
   ufo@1.5.4:
     resolution: {integrity: sha512-UsUk3byDzKd04EyoZ7U4DOlxQaD14JUKQl6/P7wiX4FNvUfm3XL246n9W5AmqwW5RSFJ27NAuM0iLscAOYUiGQ==}
 
+  uid-safe@2.1.5:
+    resolution: {integrity: sha512-KPHm4VL5dDXKz01UuEd88Df+KzynaohSL9fBh096KWAxSKZQDI2uBrVqtvRM4rwrIrRRKsdLNML/lnaaVSRioA==}
+    engines: {node: '>= 0.8'}
+
   unbox-primitive@1.0.2:
     resolution: {integrity: sha512-61pPlCD9h51VoreyJ0BReideM3MDKMKnh6+V9L08331ipq6Q8OFXZYiqP6n/tbHx4s5I9uRhcye6BrbkizkBDw==}
 
@@ -4056,6 +4312,10 @@ packages:
     resolution: {integrity: sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==}
     engines: {node: '>=12'}
 
+  ylru@1.4.0:
+    resolution: {integrity: sha512-2OQsPNEmBCvXuFlIni/a+Rn+R2pHW9INm0BxXJ4hVDA8TirqMj+J/Rp9ItLatT/5pZqWwefVrTQcHpixsxnVlA==}
+    engines: {node: '>= 4.0.0'}
+
   yn@3.1.1:
     resolution: {integrity: sha512-Ux4ygGWsu2c7isFWe8Yu1YluJmqVhxqK2cLXNQA5AcC3QfbGNpM7fu0Y8b/z16pXLnFxZYvWhd3fhBY9DLmC6Q==}
     engines: {node: '>=6'}
@@ -4079,6 +4339,12 @@ snapshots:
       '@jridgewell/gen-mapping': 0.3.5
       '@jridgewell/trace-mapping': 0.3.25
 
+  '@apidevtools/json-schema-ref-parser@11.7.2':
+    dependencies:
+      '@jsdevtools/ono': 7.1.3
+      '@types/json-schema': 7.0.15
+      js-yaml: 4.1.0
+
   '@aws-crypto/crc32@5.2.0':
     dependencies:
       '@aws-crypto/util': 5.2.0
@@ -4907,6 +5173,39 @@ snapshots:
 
   '@humanwhocodes/object-schema@2.0.3': {}
 
+  '@interledger/http-signature-utils@2.0.2':
+    dependencies:
+      http-message-signatures: 1.0.4
+      httpbis-digest-headers: 1.0.0
+      jose: 4.15.9
+      uuid: 9.0.1
+
+  '@interledger/open-payments@6.13.2':
+    dependencies:
+      '@interledger/http-signature-utils': 2.0.2
+      '@interledger/openapi': 2.0.2
+      base64url: 3.0.1
+      http-message-signatures: 0.1.2
+      ky: 1.7.2
+      pino: 8.21.0
+      uuid: 9.0.1
+    transitivePeerDependencies:
+      - supports-color
+
+  '@interledger/openapi@2.0.2':
+    dependencies:
+      '@apidevtools/json-schema-ref-parser': 11.7.2
+      ajv: 8.17.1
+      ajv-formats: 2.1.1(ajv@8.17.1)
+      koa: 2.15.3
+      openapi-default-setter: 12.1.3
+      openapi-request-coercer: 12.1.3
+      openapi-request-validator: 12.1.3
+      openapi-response-validator: 12.1.3
+      openapi-types: 12.1.3
+    transitivePeerDependencies:
+      - supports-color
+
   '@isaacs/cliui@8.0.2':
     dependencies:
       string-width: 5.1.2
@@ -4938,6 +5237,8 @@ snapshots:
       '@jridgewell/resolve-uri': 3.1.2
       '@jridgewell/sourcemap-codec': 1.5.0
 
+  '@jsdevtools/ono@7.1.3': {}
+
   '@jspm/core@2.1.0': {}
 
   '@mdx-js/mdx@2.3.0':
@@ -4962,6 +5263,8 @@ snapshots:
     transitivePeerDependencies:
       - supports-color
 
+  '@noble/hashes@1.6.1': {}
+
   '@nodelib/fs.scandir@2.1.5':
     dependencies:
       '@nodelib/fs.stat': 2.0.5
@@ -5007,6 +5310,10 @@ snapshots:
     dependencies:
       which: 3.0.1
 
+  '@paralleldrive/cuid2@2.2.2':
+    dependencies:
+      '@noble/hashes': 1.6.1
+
   '@pkgjs/parseargs@0.11.0':
     optional: true
 
@@ -5109,6 +5416,18 @@ snapshots:
     optionalDependencies:
       typescript: 5.1.6
 
+  '@remix-run/node@2.14.0(typescript@5.6.3)':
+    dependencies:
+      '@remix-run/server-runtime': 2.14.0(typescript@5.6.3)
+      '@remix-run/web-fetch': 4.4.2
+      '@web3-storage/multipart-parser': 1.0.0
+      cookie-signature: 1.2.2
+      source-map-support: 0.5.21
+      stream-slice: 0.1.2
+      undici: 6.20.1
+    optionalDependencies:
+      typescript: 5.6.3
+
   '@remix-run/react@2.14.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(typescript@5.1.6)':
     dependencies:
       '@remix-run/router': 1.21.0
@@ -5149,6 +5468,18 @@ snapshots:
     optionalDependencies:
       typescript: 5.1.6
 
+  '@remix-run/server-runtime@2.14.0(typescript@5.6.3)':
+    dependencies:
+      '@remix-run/router': 1.21.0
+      '@types/cookie': 0.6.0
+      '@web3-storage/multipart-parser': 1.0.0
+      cookie: 0.6.0
+      set-cookie-parser: 2.7.1
+      source-map: 0.7.4
+      turbo-stream: 2.4.0
+    optionalDependencies:
+      typescript: 5.6.3
+
   '@remix-run/web-blob@3.1.0':
     dependencies:
       '@remix-run/web-stream': 1.1.0
@@ -5631,6 +5962,10 @@ snapshots:
       '@types/range-parser': 1.2.7
       '@types/send': 0.17.4
 
+  '@types/express-session@1.18.1':
+    dependencies:
+      '@types/express': 4.17.21
+
   '@types/express@4.17.21':
     dependencies:
       '@types/body-parser': 1.19.5
@@ -5646,6 +5981,8 @@ snapshots:
 
   '@types/http-errors@2.0.4': {}
 
+  '@types/json-schema@7.0.15': {}
+
   '@types/json5@0.0.29': {}
 
   '@types/mdast@3.0.15':
@@ -5866,6 +6203,10 @@ snapshots:
       clean-stack: 2.2.0
       indent-string: 4.0.0
 
+  ajv-formats@2.1.1(ajv@8.17.1):
+    optionalDependencies:
+      ajv: 8.17.1
+
   ajv@6.12.6:
     dependencies:
       fast-deep-equal: 3.1.3
@@ -5873,6 +6214,13 @@ snapshots:
       json-schema-traverse: 0.4.1
       uri-js: 4.4.1
 
+  ajv@8.17.1:
+    dependencies:
+      fast-deep-equal: 3.1.3
+      fast-uri: 3.0.3
+      json-schema-traverse: 1.0.0
+      require-from-string: 2.0.2
+
   ansi-regex@5.0.1: {}
 
   ansi-regex@6.1.0: {}
@@ -5969,6 +6317,8 @@ snapshots:
 
   asynckit@0.4.0: {}
 
+  atomic-sleep@1.0.0: {}
+
   autoprefixer@10.4.20(postcss@8.4.49):
     dependencies:
       browserslist: 4.24.2
@@ -5997,6 +6347,8 @@ snapshots:
 
   base64-js@1.5.1: {}
 
+  base64url@3.0.1: {}
+
   basic-auth@2.0.1:
     dependencies:
       safe-buffer: 5.1.2
@@ -6059,6 +6411,11 @@ snapshots:
       base64-js: 1.5.1
       ieee754: 1.2.1
 
+  buffer@6.0.3:
+    dependencies:
+      base64-js: 1.5.1
+      ieee754: 1.2.1
+
   bytes@3.1.2: {}
 
   cac@6.7.14: {}
@@ -6078,6 +6435,11 @@ snapshots:
       tar: 6.2.1
       unique-filename: 3.0.0
 
+  cache-content-type@1.0.1:
+    dependencies:
+      mime-types: 2.1.35
+      ylru: 1.4.0
+
   call-bind@1.0.7:
     dependencies:
       es-define-property: 1.0.0
@@ -6147,6 +6509,8 @@ snapshots:
 
   clsx@2.0.0: {}
 
+  co@4.6.0: {}
+
   color-convert@2.0.1:
     dependencies:
       color-name: 1.1.4
@@ -6203,14 +6567,28 @@ snapshots:
 
   convert-source-map@2.0.0: {}
 
+  cookie-parser@1.4.7:
+    dependencies:
+      cookie: 0.7.2
+      cookie-signature: 1.0.6
+
   cookie-signature@1.0.6: {}
 
+  cookie-signature@1.0.7: {}
+
   cookie-signature@1.2.2: {}
 
   cookie@0.6.0: {}
 
   cookie@0.7.1: {}
 
+  cookie@0.7.2: {}
+
+  cookies@0.9.1:
+    dependencies:
+      depd: 2.0.0
+      keygrip: 1.1.0
+
   core-util-is@1.0.3: {}
 
   create-require@1.1.1: {}
@@ -6277,6 +6655,8 @@ snapshots:
 
   dedent@1.5.3: {}
 
+  deep-equal@1.0.1: {}
+
   deep-is@0.1.4: {}
 
   deep-object-diff@1.1.9: {}
@@ -6301,6 +6681,10 @@ snapshots:
 
   delayed-stream@1.0.0: {}
 
+  delegates@1.0.0: {}
+
+  depd@1.1.2: {}
+
   depd@2.0.0: {}
 
   dequal@2.0.3: {}
@@ -6689,6 +7073,8 @@ snapshots:
 
   event-target-shim@5.0.1: {}
 
+  events@3.3.0: {}
+
   execa@5.1.1:
     dependencies:
       cross-spawn: 7.0.5
@@ -6703,6 +7089,19 @@ snapshots:
 
   exit-hook@2.2.1: {}
 
+  express-session@1.18.1:
+    dependencies:
+      cookie: 0.7.2
+      cookie-signature: 1.0.7
+      debug: 2.6.9
+      depd: 2.0.0
+      on-headers: 1.0.2
+      parseurl: 1.3.3
+      safe-buffer: 5.2.1
+      uid-safe: 2.1.5
+    transitivePeerDependencies:
+      - supports-color
+
   express@4.21.1:
     dependencies:
       accepts: 1.3.8
@@ -6755,6 +7154,10 @@ snapshots:
 
   fast-levenshtein@2.0.6: {}
 
+  fast-redact@3.5.0: {}
+
+  fast-uri@3.0.3: {}
+
   fast-xml-parser@4.4.1:
     dependencies:
       strnum: 1.0.5
@@ -7011,6 +7414,19 @@ snapshots:
       domutils: 3.2.2
       entities: 4.5.0
 
+  http-assert@1.5.0:
+    dependencies:
+      deep-equal: 1.0.1
+      http-errors: 1.8.1
+
+  http-errors@1.8.1:
+    dependencies:
+      depd: 1.1.2
+      inherits: 2.0.4
+      setprototypeof: 1.2.0
+      statuses: 1.5.0
+      toidentifier: 1.0.1
+
   http-errors@2.0.0:
     dependencies:
       depd: 2.0.0
@@ -7019,6 +7435,16 @@ snapshots:
       statuses: 2.0.1
       toidentifier: 1.0.1
 
+  http-message-signatures@0.1.2: {}
+
+  http-message-signatures@1.0.4:
+    dependencies:
+      structured-headers: 1.0.1
+
+  httpbis-digest-headers@1.0.0:
+    dependencies:
+      structured-headers: 0.5.0
+
   human-signals@2.1.0: {}
 
   iconv-lite@0.4.24:
@@ -7223,6 +7649,8 @@ snapshots:
 
   jiti@1.21.6: {}
 
+  jose@4.15.9: {}
+
   js-tokens@4.0.0: {}
 
   js-yaml@4.1.0:
@@ -7237,6 +7665,8 @@ snapshots:
 
   json-schema-traverse@0.4.1: {}
 
+  json-schema-traverse@1.0.0: {}
+
   json-stable-stringify-without-jsonify@1.0.1: {}
 
   json5@1.0.2:
@@ -7258,12 +7688,53 @@ snapshots:
       object.assign: 4.1.5
       object.values: 1.2.0
 
+  keygrip@1.1.0:
+    dependencies:
+      tsscmp: 1.0.6
+
   keyv@4.5.4:
     dependencies:
       json-buffer: 3.0.1
 
   kleur@4.1.5: {}
 
+  koa-compose@4.1.0: {}
+
+  koa-convert@2.0.0:
+    dependencies:
+      co: 4.6.0
+      koa-compose: 4.1.0
+
+  koa@2.15.3:
+    dependencies:
+      accepts: 1.3.8
+      cache-content-type: 1.0.1
+      content-disposition: 0.5.4
+      content-type: 1.0.5
+      cookies: 0.9.1
+      debug: 4.3.7(supports-color@5.5.0)
+      delegates: 1.0.0
+      depd: 2.0.0
+      destroy: 1.2.0
+      encodeurl: 1.0.2
+      escape-html: 1.0.3
+      fresh: 0.5.2
+      http-assert: 1.5.0
+      http-errors: 1.8.1
+      is-generator-function: 1.0.10
+      koa-compose: 4.1.0
+      koa-convert: 2.0.0
+      on-finished: 2.4.1
+      only: 0.0.2
+      parseurl: 1.3.3
+      statuses: 1.5.0
+      type-is: 1.6.18
+      vary: 1.1.2
+    transitivePeerDependencies:
+      - supports-color
+
+  ky@1.7.2: {}
+
   levn@0.4.1:
     dependencies:
       prelude-ls: 1.2.1
@@ -7844,6 +8315,8 @@ snapshots:
       define-properties: 1.2.1
       es-object-atoms: 1.0.0
 
+  on-exit-leak-free@2.1.2: {}
+
   on-finished@2.3.0:
     dependencies:
       ee-first: 1.1.1
@@ -7862,6 +8335,37 @@ snapshots:
     dependencies:
       mimic-fn: 2.1.0
 
+  only@0.0.2: {}
+
+  openapi-default-setter@12.1.3:
+    dependencies:
+      openapi-types: 12.1.3
+
+  openapi-jsonschema-parameters@12.1.3:
+    dependencies:
+      openapi-types: 12.1.3
+
+  openapi-request-coercer@12.1.3:
+    dependencies:
+      openapi-types: 12.1.3
+      ts-log: 2.2.7
+
+  openapi-request-validator@12.1.3:
+    dependencies:
+      ajv: 8.17.1
+      ajv-formats: 2.1.1(ajv@8.17.1)
+      content-type: 1.0.5
+      openapi-jsonschema-parameters: 12.1.3
+      openapi-types: 12.1.3
+      ts-log: 2.2.7
+
+  openapi-response-validator@12.1.3:
+    dependencies:
+      ajv: 8.17.1
+      openapi-types: 12.1.3
+
+  openapi-types@12.1.3: {}
+
   optionator@0.9.4:
     dependencies:
       deep-is: 0.1.4
@@ -7961,6 +8465,27 @@ snapshots:
 
   pify@2.3.0: {}
 
+  pino-abstract-transport@1.2.0:
+    dependencies:
+      readable-stream: 4.5.2
+      split2: 4.2.0
+
+  pino-std-serializers@6.2.2: {}
+
+  pino@8.21.0:
+    dependencies:
+      atomic-sleep: 1.0.0
+      fast-redact: 3.5.0
+      on-exit-leak-free: 2.1.2
+      pino-abstract-transport: 1.2.0
+      pino-std-serializers: 6.2.2
+      process-warning: 3.0.0
+      quick-format-unescaped: 4.0.4
+      real-require: 0.2.0
+      safe-stable-stringify: 2.5.0
+      sonic-boom: 3.8.1
+      thread-stream: 2.7.0
+
   pirates@4.0.6: {}
 
   pkg-types@1.2.1:
@@ -8069,6 +8594,10 @@ snapshots:
 
   process-nextick-args@2.0.1: {}
 
+  process-warning@3.0.0: {}
+
+  process@0.11.10: {}
+
   promise-inflight@1.0.1: {}
 
   promise-retry@2.0.1:
@@ -8119,6 +8648,10 @@ snapshots:
 
   queue-microtask@1.2.3: {}
 
+  quick-format-unescaped@4.0.4: {}
+
+  random-bytes@1.0.0: {}
+
   range-parser@1.2.1: {}
 
   raw-body@2.5.2:
@@ -8184,10 +8717,20 @@ snapshots:
       string_decoder: 1.3.0
       util-deprecate: 1.0.2
 
+  readable-stream@4.5.2:
+    dependencies:
+      abort-controller: 3.0.0
+      buffer: 6.0.3
+      events: 3.3.0
+      process: 0.11.10
+      string_decoder: 1.3.0
+
   readdirp@3.6.0:
     dependencies:
       picomatch: 2.3.1
 
+  real-require@0.2.0: {}
+
   reflect.getprototypeof@1.0.6:
     dependencies:
       call-bind: 1.0.7
@@ -8245,6 +8788,8 @@ snapshots:
 
   require-directory@2.1.1: {}
 
+  require-from-string@2.0.2: {}
+
   require-like@0.1.2: {}
 
   resolve-from@4.0.0: {}
@@ -8331,6 +8876,8 @@ snapshots:
       es-errors: 1.3.0
       is-regex: 1.1.4
 
+  safe-stable-stringify@2.5.0: {}
+
   safer-buffer@2.1.2: {}
 
   sanitize-html@2.14.0:
@@ -8422,6 +8969,10 @@ snapshots:
 
   slash@3.0.0: {}
 
+  sonic-boom@3.8.1:
+    dependencies:
+      atomic-sleep: 1.0.0
+
   source-map-js@1.2.1: {}
 
   source-map-support@0.5.21:
@@ -8451,10 +9002,14 @@ snapshots:
 
   spdx-license-ids@3.0.20: {}
 
+  split2@4.2.0: {}
+
   ssri@10.0.6:
     dependencies:
       minipass: 7.1.2
 
+  statuses@1.5.0: {}
+
   statuses@2.0.1: {}
 
   stream-shift@1.0.3: {}
@@ -8543,6 +9098,10 @@ snapshots:
 
   strnum@1.0.5: {}
 
+  structured-headers@0.5.0: {}
+
+  structured-headers@1.0.1: {}
+
   style-to-object@0.4.4:
     dependencies:
       inline-style-parser: 0.1.1
@@ -8632,6 +9191,10 @@ snapshots:
     dependencies:
       any-promise: 1.3.0
 
+  thread-stream@2.7.0:
+    dependencies:
+      real-require: 0.2.0
+
   through2@2.0.5:
     dependencies:
       readable-stream: 2.3.8
@@ -8663,6 +9226,8 @@ snapshots:
 
   ts-interface-checker@0.1.13: {}
 
+  ts-log@2.2.7: {}
+
   ts-node@10.9.2(@types/node@20.17.5)(typescript@5.6.3):
     dependencies:
       '@cspotcode/source-map-support': 0.8.1
@@ -8728,6 +9293,8 @@ snapshots:
 
   tslib@2.8.1: {}
 
+  tsscmp@1.0.6: {}
+
   tsx@4.19.2:
     dependencies:
       esbuild: 0.23.1
@@ -8797,6 +9364,10 @@ snapshots:
 
   ufo@1.5.4: {}
 
+  uid-safe@2.1.5:
+    dependencies:
+      random-bytes: 1.0.0
+
   unbox-primitive@1.0.2:
     dependencies:
       call-bind: 1.0.7
@@ -9062,6 +9633,8 @@ snapshots:
       y18n: 5.0.8
       yargs-parser: 21.1.1
 
+  ylru@1.4.0: {}
+
   yn@3.1.1: {}
 
   yocto-queue@0.1.0: {}