@agentsquared/cli 1.0.0

package/lib/runtime/executor.mjs

@@ -0,0 +1,380 @@
+import { extractInboundText } from '../routing/agent_router.mjs'
+import { normalizeConversationControl } from '../conversation/policy.mjs'
+import { createHostRuntimeAdapter } from '../../adapters/index.mjs'
+
+function clean(value) {
+  return `${value ?? ''}`.trim()
+}
+
+function buildTextMessageResult(text, metadata = {}) {
+  return {
+    message: {
+      kind: 'message',
+      role: 'agent',
+      parts: [{ kind: 'text', text: clean(text) }]
+    },
+    metadata
+  }
+}
+
+function excerpt(text, maxLength = 180) {
+  const compact = clean(text).replace(/\s+/g, ' ').trim()
+  if (!compact) {
+    return ''
+  }
+  return compact.length > maxLength ? `${compact.slice(0, maxLength - 3)}...` : compact
+}
+
+function normalizePeerResponse(value, metadata = {}) {
+  if (typeof value === 'string') {
+    return buildTextMessageResult(value, metadata)
+  }
+  if (value && typeof value === 'object') {
+    return {
+      ...value,
+      metadata: {
+        ...(value.metadata ?? {}),
+        ...metadata
+      }
+    }
+  }
+  return null
+}
+
+export function normalizeExecutionResult(raw, {
+  selectedSkill,
+  mailboxKey
+} = {}) {
+  const baseMetadata = {
+    selectedSkill: clean(selectedSkill),
+    mailboxKey: clean(mailboxKey)
+  }
+
+  if (typeof raw === 'string') {
+    const conversation = normalizeConversationControl({}, {
+      defaultTurnIndex: 1,
+      defaultDecision: 'done',
+      defaultStopReason: 'single-turn',
+      defaultFinalize: true
+    })
+    return {
+      peerResponse: buildTextMessageResult(raw, {
+        ...baseMetadata,
+        turnIndex: conversation.turnIndex,
+        decision: conversation.decision,
+        stopReason: conversation.stopReason,
+        finalize: conversation.finalize
+      }),
+      ownerReport: null
+    }
+  }
+
+  if (!raw || typeof raw !== 'object') {
+    throw new Error('local runtime executor returned an invalid result')
+  }
+
+  if (raw.reject && typeof raw.reject === 'object') {
+    return {
+      reject: {
+        code: Number.parseInt(`${raw.reject.code ?? 500}`, 10) || 500,
+        message: clean(raw.reject.message) || 'local runtime rejected the inbound request'
+      }
+    }
+  }
+
+  const directPeerResponse = normalizePeerResponse(raw.peerResponse, baseMetadata)
+  if (directPeerResponse) {
+    const conversation = normalizeConversationControl({
+      ...(raw.peerResponse?.metadata ?? {}),
+      ...(raw ?? {})
+    }, {
+      defaultTurnIndex: 1,
+      defaultDecision: 'done',
+      defaultStopReason: '',
+      defaultFinalize: true
+    })
+    return {
+      peerResponse: {
+        ...directPeerResponse,
+        metadata: {
+          ...(directPeerResponse.metadata ?? {}),
+          turnIndex: conversation.turnIndex,
+          decision: conversation.decision,
+          stopReason: conversation.stopReason,
+          finalize: conversation.finalize
+        }
+      },
+      ownerReport: raw.ownerReport ?? null
+    }
+  }
+
+  const shorthandPeerResponse = normalizePeerResponse(
+    raw.message || raw.result || (raw.parts ? { message: raw } : null),
+    baseMetadata
+  )
+  if (shorthandPeerResponse) {
+    const conversation = normalizeConversationControl(raw, {
+      defaultTurnIndex: 1,
+      defaultDecision: 'done',
+      defaultStopReason: '',
+      defaultFinalize: true
+    })
+    return {
+      peerResponse: {
+        ...shorthandPeerResponse,
+        metadata: {
+          ...(shorthandPeerResponse.metadata ?? {}),
+          turnIndex: conversation.turnIndex,
+          decision: conversation.decision,
+          stopReason: conversation.stopReason,
+          finalize: conversation.finalize
+        }
+      },
+      ownerReport: raw.ownerReport ?? null
+    }
+  }
+
+  throw new Error('local runtime executor did not provide peerResponse or reject')
+}
+
+export function createLocalRuntimeExecutor({
+  agentId,
+  mode = 'none',
+  hostRuntime = 'none',
+  conversationStore = null,
+  openclawStateDir = '',
+  openclawCommand = 'openclaw',
+  openclawCwd = '',
+  openclawConfigPath = '',
+  openclawAgent = '',
+  openclawSessionPrefix = 'agentsquared:',
+  openclawTimeoutMs = 180000,
+  openclawGatewayUrl = '',
+  openclawGatewayToken = '',
+  openclawGatewayPassword = ''
+} = {}) {
+  const normalizedMode = clean(mode).toLowerCase() || 'none'
+  const normalizedHostRuntime = clean(hostRuntime).toLowerCase() || 'none'
+  const hostAdapter = normalizedMode === 'host'
+    ? createHostRuntimeAdapter({
+        hostRuntime: normalizedHostRuntime || 'openclaw',
+        localAgentId: agentId,
+        openclaw: {
+          conversationStore,
+          stateDir: openclawStateDir,
+          openclawAgent,
+          command: openclawCommand,
+          cwd: openclawCwd,
+          configPath: openclawConfigPath,
+          sessionPrefix: openclawSessionPrefix,
+          timeoutMs: openclawTimeoutMs,
+          gatewayUrl: openclawGatewayUrl,
+          gatewayToken: openclawGatewayToken,
+          gatewayPassword: openclawGatewayPassword
+        }
+      })
+    : null
+
+  async function executeViaHost(context) {
+    if (!hostAdapter) {
+      throw new Error('host runtime adapter was not configured')
+    }
+    return normalizeExecutionResult(
+      await hostAdapter.executeInbound(context),
+      context
+    )
+  }
+
+  async function rejectExecution() {
+    return {
+      reject: {
+        code: 503,
+        message: 'no local agent runtime adapter is configured; inbound request cannot be handled yet'
+      }
+    }
+  }
+
+  const execute = normalizedMode === 'host'
+    ? executeViaHost
+    : rejectExecution
+
+  execute.mode = normalizedMode
+  execute.preflight = async () => {
+    if (!hostAdapter?.preflight) {
+      return { ok: normalizedMode !== 'host', mode: normalizedMode }
+    }
+    return hostAdapter.preflight()
+  }
+  return execute
+}
+
+export function createOwnerNotifier({
+  agentId,
+  mode = 'inbox',
+  hostRuntime = 'none',
+  inbox = null,
+  openclawStateDir = '',
+  openclawCommand = 'openclaw',
+  openclawCwd = '',
+  openclawConfigPath = '',
+  openclawAgent = '',
+  openclawSessionPrefix = 'agentsquared:',
+  openclawTimeoutMs = 180000,
+  openclawGatewayUrl = '',
+  openclawGatewayToken = '',
+  openclawGatewayPassword = ''
+} = {}) {
+  const normalizedMode = clean(mode).toLowerCase() || 'inbox'
+  const normalizedHostRuntime = clean(hostRuntime).toLowerCase() || 'none'
+  const hostAdapter = normalizedMode === 'host'
+    ? createHostRuntimeAdapter({
+        hostRuntime: normalizedHostRuntime || 'openclaw',
+        localAgentId: agentId,
+        openclaw: {
+          stateDir: openclawStateDir,
+          openclawAgent,
+          command: openclawCommand,
+          cwd: openclawCwd,
+          configPath: openclawConfigPath,
+          sessionPrefix: openclawSessionPrefix,
+          timeoutMs: openclawTimeoutMs,
+          gatewayUrl: openclawGatewayUrl,
+          gatewayToken: openclawGatewayToken,
+          gatewayPassword: openclawGatewayPassword
+        }
+      })
+    : null
+  const deliveredFinalConversationKeys = new Set()
+  const pendingFinalConversationKeys = new Set()
+
+  async function notifyViaInbox(context) {
+    if (!inbox?.appendEntry) {
+      throw new Error('inbox store is required when AgentSquared falls back to local audit-only owner reporting')
+    }
+    const value = inbox.appendEntry({
+      agentId,
+      selectedSkill: context.selectedSkill,
+      mailboxKey: context.mailboxKey,
+      item: context.item,
+      ownerReport: context.ownerReport,
+      peerResponse: context.peerResponse ?? null,
+      ownerDelivery: {
+        mode: 'inbox',
+        attempted: false,
+        delivered: false,
+        reason: context.notifyOwnerNow ? 'inbox-only' : 'conversation-intermediate'
+      }
+    })
+    return {
+      delivered: true,
+      mode: 'inbox',
+      entryId: value.entry.id,
+      totalCount: value.index.totalCount
+    }
+  }
+
+  async function notifyViaHost(context) {
+    let ownerResult
+    const shouldDeliverToOwner = context.notifyOwnerNow !== false
+    const finalConversationKey = clean(context?.ownerReport?.conversationKey)
+    const duplicateDeliveredFinal = shouldDeliverToOwner && finalConversationKey
+      ? pendingFinalConversationKeys.has(finalConversationKey)
+        || deliveredFinalConversationKeys.has(finalConversationKey)
+        || inbox?.findDeliveredFinalConversationReport?.(finalConversationKey)
+      : null
+    if (duplicateDeliveredFinal) {
+      ownerResult = {
+        delivered: false,
+        attempted: false,
+        mode: normalizedHostRuntime || 'host',
+        reason: 'duplicate-final-report-suppressed'
+      }
+    } else if (!shouldDeliverToOwner) {
+      ownerResult = {
+        delivered: false,
+        attempted: false,
+        mode: normalizedHostRuntime || 'host',
+        reason: 'conversation-intermediate'
+      }
+    } else if (!hostAdapter) {
+      ownerResult = {
+        delivered: false,
+        attempted: false,
+        mode: normalizedHostRuntime || 'host',
+        reason: 'adapter-not-configured'
+      }
+    } else {
+      try {
+        if (finalConversationKey && context?.ownerReport?.finalize) {
+          pendingFinalConversationKeys.add(finalConversationKey)
+        }
+        ownerResult = await hostAdapter.pushOwnerReport({
+          item: context.item,
+          selectedSkill: context.selectedSkill,
+          ownerReport: context.ownerReport
+        })
+      } catch (error) {
+        ownerResult = {
+          delivered: false,
+          attempted: true,
+          mode: 'openclaw',
+          reason: clean(error?.message) || 'owner-push-failed'
+        }
+      } finally {
+        if (finalConversationKey && context?.ownerReport?.finalize) {
+          pendingFinalConversationKeys.delete(finalConversationKey)
+        }
+      }
+    }
+    const value = inbox.appendEntry({
+      agentId,
+      selectedSkill: context.selectedSkill,
+      mailboxKey: context.mailboxKey,
+      item: context.item,
+      ownerReport: context.ownerReport,
+      peerResponse: context.peerResponse ?? null,
+      ownerDelivery: {
+        attempted: Boolean(ownerResult?.attempted ?? true),
+        delivered: Boolean(ownerResult?.delivered),
+        mode: clean(ownerResult?.mode) || 'openclaw',
+        reason: clean(ownerResult?.reason),
+        stdout: ownerResult?.stdout ?? ''
+      }
+    })
+    if (finalConversationKey && Boolean(ownerResult?.delivered) && context?.ownerReport?.finalize) {
+      deliveredFinalConversationKeys.add(finalConversationKey)
+    }
+    return {
+      delivered: true,
+      mode: 'openclaw',
+      entryId: value.entry.id,
+      totalCount: value.index.totalCount,
+      deliveredToOwner: Boolean(ownerResult?.delivered),
+      ownerDelivery: ownerResult
+    }
+  }
+
+  const notify = normalizedMode === 'host'
+    ? notifyViaHost
+    : notifyViaInbox
+
+  notify.mode = normalizedMode
+  notify.preflight = async () => ({ ok: true, mode: normalizedMode })
+  return notify
+}
+
+function buildOwnerSummary(context) {
+  const remoteAgentId = clean(context?.item?.remoteAgentId) || 'unknown'
+  const selectedSkill = clean(context?.selectedSkill) || 'friend-im'
+  const incoming = excerpt(extractInboundText(context?.item))
+  if (selectedSkill === 'agent-mutual-learning') {
+    if (incoming) {
+      return `${remoteAgentId} sent a mutual-learning request: ${incoming}`
+    }
+    return `${remoteAgentId} opened a mutual-learning request.`
+  }
+  if (incoming) {
+    return `${remoteAgentId} sent a message: ${incoming}`
+  }
+  return `${remoteAgentId} opened an inbound ${selectedSkill} request.`
+}

package/lib/runtime/keys.mjs

@@ -0,0 +1,85 @@
+import crypto from 'node:crypto'
+import fs from 'node:fs'
+import path from 'node:path'
+import { resolveUserPath } from '../shared/paths.mjs'
+
+function toBase64Url(buffer) {
+  return Buffer.from(buffer).toString('base64url')
+}
+
+export function loadRuntimeKeyBundle(keyFile) {
+  return JSON.parse(fs.readFileSync(resolveUserPath(keyFile), 'utf8'))
+}
+
+function createPrivateKey(privateKeyPem) {
+  return crypto.createPrivateKey(privateKeyPem)
+}
+
+export function signText(bundle, message) {
+  const key = createPrivateKey(bundle.privateKeyPem)
+  const payload = Buffer.from(message, 'utf8')
+  if (bundle.keyType === 2) {
+    return toBase64Url(crypto.sign(null, payload, key))
+  }
+  if (bundle.keyType === 3) {
+    return toBase64Url(crypto.sign('sha256', payload, key))
+  }
+  throw new Error(`Unsupported keyType: ${bundle.keyType}`)
+}
+
+export function publicKeyFingerprint(bundle) {
+  const digest = crypto.createHash('sha256').update(String(bundle.publicKey)).digest('hex')
+  return `sha256:${digest.slice(0, 16)}`
+}
+
+export function buildEd25519Bundle() {
+  const { publicKey, privateKey } = crypto.generateKeyPairSync('ed25519')
+  const publicJwk = publicKey.export({ format: 'jwk' })
+  const privatePem = privateKey.export({ type: 'pkcs8', format: 'pem' })
+  const publicBytes = Buffer.from(publicJwk.x, 'base64url')
+  return {
+    keyType: 2,
+    keyTypeName: 'agent_runtime_ed25519',
+    publicKey: publicJwk.x,
+    publicKeyEncoding: 'base64url-raw-32',
+    publicKeyHex: publicBytes.toString('hex'),
+    privateKeyPem: privatePem.toString(),
+    privateKeyEncoding: 'pkcs8-pem',
+    signingAlgorithm: 'ed25519'
+  }
+}
+
+export function buildSecp256k1Bundle() {
+  const { publicKey, privateKey } = crypto.generateKeyPairSync('ec', { namedCurve: 'secp256k1' })
+  const publicJwk = publicKey.export({ format: 'jwk' })
+  const privatePem = privateKey.export({ type: 'pkcs8', format: 'pem' })
+  const x = Buffer.from(publicJwk.x, 'base64url')
+  const y = Buffer.from(publicJwk.y, 'base64url')
+  const prefix = (y[y.length - 1] & 1) === 0 ? 0x02 : 0x03
+  const compressed = Buffer.concat([Buffer.from([prefix]), x])
+  return {
+    keyType: 3,
+    keyTypeName: 'agent_runtime_secp256k1',
+    publicKey: compressed.toString('hex'),
+    publicKeyEncoding: 'hex-compressed-33',
+    publicKeyHex: compressed.toString('hex'),
+    privateKeyPem: privatePem.toString(),
+    privateKeyEncoding: 'pkcs8-pem',
+    signingAlgorithm: 'ecdsa-secp256k1-sha256'
+  }
+}
+
+export function writeRuntimeKeyBundle(outFile, bundle) {
+  const outPath = resolveUserPath(outFile)
+  fs.mkdirSync(path.dirname(outPath), { recursive: true })
+  fs.writeFileSync(outPath, `${JSON.stringify(bundle, null, 2)}\n`, { mode: 0o600 })
+  fs.chmodSync(outPath, 0o600)
+  return outPath
+}
+
+export function generateRuntimeKeyBundle(keyType = 'ed25519') {
+  const normalized = `${keyType}`.trim()
+  const bundle = normalized === 'secp256k1' ? buildSecp256k1Bundle() : buildEd25519Bundle()
+  bundle.generatedAt = new Date().toISOString()
+  return bundle
+}