jup.sh 1.0.0 Release Notes

v1.0.0 is the first real payment execution release for jup-sh.

It keeps the original safety boundary: the hosted site and local transaction request server do not custody keys or sign for users. Real execution happens in two usable paths:

• Solana Pay transaction requests return a real unsigned Jupiter swap transaction for wallet signing.
• jup-sh intent execute signs and submits from the user’s machine when the user explicitly provides a local Solana keypair.

What Changed

• Jupiter ExactOut quotes are preserved as executable quote responses.
• Intents can include recipientTokenAccount for USDC settlement delivery.
• POST /api/transaction-requests/:intentId calls Jupiter Swap and returns { transaction, message } for wallet authorization.
• jup-sh intent execute <intent_id> --keypair ... builds the Jupiter swap transaction, signs locally, submits through the configured Solana RPC, waits for confirmation, and writes a receipt.
• Transaction request preflight now distinguishes policy gates from execution prerequisites such as missing executable quotes or recipient token accounts.
• Release checks cover transaction request generation and local signing.

Real Execution Example

jup-sh pay \
  --agent deepseek \
  --token SOL \
  --amount 6 \
  --settle USDC \
  --recipient api.vendor.example \
  --recipient-token-account <RECIPIENT_USDC_TOKEN_ACCOUNT> \
  --quote-provider jupiter \
  --json

jup-sh intent execute intent_xxx \
  --keypair ~/.config/solana/id.json \
  --rpc-url https://api.mainnet-beta.solana.com \
  --json

Boundary

This release does not add hosted custody, hosted private-key handling, or server-side signing. A server can create a transaction request; a wallet or the local CLI must authorize it.