@agentwonderland/mcp 0.1.23 → 0.1.25

package/src/tools/wallet.ts

@@ -1,22 +1,34 @@
 import type { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import { z } from "zod";
-import { getWallets, getCardConfig, setCardConfig, addWallet } from "../core/config.js";
+import {
+  getWallets,
+  getCardConfig,
+  setCardConfig,
+  addWallet,
+  getPendingCardSetupToken,
+  getSpendPolicy,
+  setSpendPolicy,
+} from "../core/config.js";
 import { getWalletAddress } from "../core/payments.js";
-import { initiateCardSetup, pollCardSetup } from "../core/card-setup.js";
+import {
+  getOrCreatePendingCardSetup,
+  formatCardSetupBlocks,
+  getCardCapabilities,
+  pollCardSetup,
+} from "../core/card-setup.js";
 import {
   isOwsAvailable,
   createOwsWallet,
   importKeyToOws,
   listOwsWallets,
+  listOwsWalletsByChain,
 } from "../core/ows-adapter.js";
+import { ensureConsumerPrincipal, getConsumerPrincipal } from "../core/principal.js";
 
 function text(t: string) {
   return { content: [{ type: "text" as const, text: t }] };
 }
 
-// Pending card setup — stored between the QR display call and the confirmation poll
-let pendingCardSetup: { token: string } | null = null;
-
 export function registerWalletTools(server: McpServer): void {
   // ── wallet_status (extracted from check_wallet) ─────────────────
   server.tool(
@@ -26,8 +38,10 @@ export function registerWalletTools(server: McpServer): void {
     async () => {
       const wallets = getWallets();
       const card = getCardConfig();
+      const pendingCardSetupToken = getPendingCardSetupToken();
+      const consumerPrincipal = await getConsumerPrincipal();
 
-      if (wallets.length === 0 && !card) {
+      if (wallets.length === 0 && !card && !pendingCardSetupToken) {
         return text(
           "No payment methods configured.\nUse wallet_setup to create or import a wallet.",
         );
@@ -36,17 +50,38 @@ export function registerWalletTools(server: McpServer): void {
       const lines = ["Payment methods:"];
 
       for (const w of wallets) {
-        const addr = await getWalletAddress(w.id);
         const label = w.label ? ` (${w.label})` : "";
         const storage =
           w.keyType === "ows" ? " [encrypted]" : " [plaintext]";
+        const chainAddresses = await Promise.all(
+          w.chains.map(async (chainName) => {
+            const addr = await getWalletAddress(chainName);
+            return `${chainName}: ${addr ?? "unknown"}`;
+          }),
+        );
         lines.push(
-          `  ${w.id}${label}${storage}: ${w.chains.join(", ")} \u2014 ${addr ?? "unknown"}`,
+          `  ${w.id}${label}${storage}: ${chainAddresses.join(" | ")}`,
         );
       }
 
       if (card) {
         lines.push(`  Card: ${card.brand} ****${card.last4}`);
+        const capabilities = await getCardCapabilities();
+        if (capabilities.spt_status === "enabled") {
+          lines.push("  Card MPP: ready");
+        } else if (capabilities.spt_status === "unavailable") {
+          lines.push(`  Card MPP: unavailable — ${capabilities.message ?? "Stripe Shared Payment Token access is not enabled."}`);
+        } else {
+          lines.push(`  Card MPP: unknown — ${capabilities.message ?? "Could not determine card payment readiness."}`);
+        }
+      }
+
+      if (pendingCardSetupToken) {
+        lines.push("  Card setup: pending confirmation");
+      }
+
+      if (consumerPrincipal) {
+        lines.push("", `Consumer principal: ${consumerPrincipal}`);
       }
 
       return text(lines.join("\n"));
@@ -72,7 +107,7 @@ export function registerWalletTools(server: McpServer): void {
           "Private key hex string (required for 'import', ignored for 'create')",
         ),
       chain: z.enum(["tempo", "base", "solana"]).optional()
-        .describe("Primary chain (default: tempo). Solana support is via Stripe deposit mode."),
+        .describe("Primary chain (default: tempo). Solana uses an OWS wallet plus Stripe deposit-mode USDC."),
     },
     async ({ action, name, key, chain }) => {
       // ── Card setup flow ──────────────────────────────────────
@@ -82,53 +117,37 @@ export function registerWalletTools(server: McpServer): void {
           return text(`Card already connected: ${existing.brand} ****${existing.last4}\n\nTo replace it, remove the current card first.`);
         }
 
+        const pendingToken = getPendingCardSetupToken();
+
         // Check if there's a pending setup to complete (user said they're done)
-        if (pendingCardSetup) {
-          const pendingToken = pendingCardSetup.token;
-          const result = await pollCardSetup(pendingToken, 120_000);
-          pendingCardSetup = null;
+        if (pendingToken) {
+          const result = await pollCardSetup(pendingToken, 250);
 
           if (result) {
-            return text(`Connected! ${result.brand} ****${result.last4} is ready for payments.`);
+            const principal = await ensureConsumerPrincipal();
+            return text(
+              `Connected! ${result.brand} ****${result.last4} is ready for payments.\n\n` +
+              `Consumer principal: ${principal}`,
+            );
           }
-          return text("Card setup timed out. Run wallet_setup({ action: \"add-card\" }) to try again.");
-        }
-
-        // Create new card setup session with QR code, then auto-poll
-        try {
-          const { qr, url, token } = await initiateCardSetup();
-
-          // Auto-poll for up to 90 seconds — if the user enters their card
-          // quickly, the tool returns success without a second call
-          const result = await pollCardSetup(token, 90_000);
 
-          if (result) {
+          try {
+            const { url } = await getOrCreatePendingCardSetup();
+            const blocks = formatCardSetupBlocks(url);
             return {
-              content: [
-                { type: "text" as const, text: "\n" + qr.trim() },
-                { type: "text" as const, text: [
-                  `Open to connect a card: ${url}`,
-                  "",
-                  `Connected! ${result.brand} ****${result.last4} is ready for payments.`,
-                ].join("\n") },
-              ],
+              content: blocks.map((t) => ({ type: "text" as const, text: t })),
             };
+          } catch {
+            return text("Card setup timed out. Run wallet_setup({ action: \"add-card\" }) to try again.");
           }
+        }
 
-          // Timed out — save token for manual follow-up
-          pendingCardSetup = { token };
+        // Create new card setup session and return immediately so clients
+        // don't appear hung while the user is still in the browser flow.
+        try {
+          const { url } = await getOrCreatePendingCardSetup();
           return {
-            content: [
-              { type: "text" as const, text: "\n" + qr.trim() },
-              { type: "text" as const, text: [
-                `IMPORTANT: Present this link to the user to connect a payment card:`,
-                "",
-                url,
-                "",
-                `Tell the user: "Scan the QR code above or open this link to connect your card. Let me know when you're done."`,
-                `After they confirm, call wallet_setup({ action: "add-card" }) to complete setup.`,
-              ].join("\n") },
-            ],
+            content: formatCardSetupBlocks(url).map((t) => ({ type: "text" as const, text: t })),
           };
         } catch {
           return text("Error: Could not create card setup session. Try again later.");
@@ -155,18 +174,23 @@ export function registerWalletTools(server: McpServer): void {
 
       const selectedChains = chain === "solana" ? ["solana"] : ["tempo", "base"];
       const defaultCh = chain ?? "tempo";
+      const preferredOwsChain = defaultCh === "solana" ? "solana" : "evm";
 
       const owsReady = await isOwsAvailable();
 
       if (action === "create") {
         // Check for existing OWS wallets first
         if (owsReady) {
-          const existing = await listOwsWallets();
+          const existing = preferredOwsChain === "solana"
+            ? await listOwsWalletsByChain("solana")
+            : await listOwsWallets();
           if (existing.length > 0) {
             const w = existing[0];
             // Check if already in config
             const wallets = getWallets();
-            const alreadyLinked = wallets.find(wl => wl.owsWalletId === w.id);
+            const alreadyLinked = wallets.find((wl) => wl.owsWalletId === w.id);
+            let chainStatus = "Linked to Agent Wonderland.";
+
             if (!alreadyLinked) {
               addWallet({
                 id: w.name,
@@ -176,15 +200,28 @@ export function registerWalletTools(server: McpServer): void {
                 defaultChain: defaultCh,
                 label: w.name,
               });
+            } else {
+              const mergedChains = [...new Set([...alreadyLinked.chains, ...selectedChains])];
+              if (mergedChains.length !== alreadyLinked.chains.length) {
+                addWallet({
+                  ...alreadyLinked,
+                  chains: mergedChains,
+                });
+                chainStatus = `Updated linked chains: ${mergedChains.join(", ")}.`;
+              } else {
+                chainStatus = "Already linked to Agent Wonderland.";
+              }
             }
+            const principal = await ensureConsumerPrincipal();
             return text([
               "Found existing OWS wallet:",
               `  Name: ${w.name}`,
               `  Address: ${w.address}`,
               `  Chains: ${selectedChains.join(", ")}`,
               `  Storage: ~/.ows/ (encrypted)`,
+              `  Consumer principal: ${principal}`,
               "",
-              alreadyLinked ? "Already linked to Agent Wonderland." : "Linked to Agent Wonderland.",
+              chainStatus,
               "",
               `Fund this address with USDC on ${defaultCh === "solana" ? "Solana" : "Tempo"} to start using agents.`,
             ].join("\n"));
@@ -195,12 +232,14 @@ export function registerWalletTools(server: McpServer): void {
           return text(
             "Cannot create wallet: OWS (Open Wallet Standard) is not installed.\n" +
               "Install with: npm install -g @open-wallet-standard/core\n\n" +
-              "Alternatively, use action 'import' with an existing private key.",
+              (defaultCh === "solana"
+                ? "Solana wallets currently require OWS-managed encrypted storage."
+                : "Alternatively, use action 'import' with an existing private key."),
           );
         }
 
         const walletName = name ?? `aw-${Date.now()}`;
-        const result = await createOwsWallet(walletName);
+        const result = await createOwsWallet(walletName, preferredOwsChain);
 
         // Persist to config so payment flows can find it
         addWallet({
@@ -211,6 +250,7 @@ export function registerWalletTools(server: McpServer): void {
           defaultChain: defaultCh,
           label: walletName,
         });
+        const principal = await ensureConsumerPrincipal();
 
         return text(
           [
@@ -220,6 +260,7 @@ export function registerWalletTools(server: McpServer): void {
             `  Name: ${walletName}`,
             `  Chains: ${selectedChains.join(", ")}`,
             `  Storage: ~/.ows/ (AES-256-GCM encrypted)`,
+            `  Consumer principal: ${principal}`,
             "",
             `Fund this address with USDC on ${defaultCh === "solana" ? "Solana" : "Tempo"} to start using agents.`,
             "For testnet: npx mppx account fund",
@@ -230,7 +271,7 @@ export function registerWalletTools(server: McpServer): void {
       // action === "import"
       if (owsReady) {
         const walletName = name ?? `imported-${Date.now()}`;
-        const result = await importKeyToOws(key!, walletName);
+        const result = await importKeyToOws(key!, walletName, preferredOwsChain);
 
         addWallet({
           id: walletName,
@@ -240,6 +281,7 @@ export function registerWalletTools(server: McpServer): void {
           defaultChain: defaultCh,
           label: walletName,
         });
+        const principal = await ensureConsumerPrincipal();
 
         return text(
           [
@@ -248,10 +290,18 @@ export function registerWalletTools(server: McpServer): void {
             `  Address: ${result.address}`,
             `  Name: ${walletName}`,
             `  Chains: ${selectedChains.join(", ")}`,
+            `  Consumer principal: ${principal}`,
           ].join("\n"),
         );
       }
 
+      if (defaultCh === "solana") {
+        return text(
+          "Solana key import currently requires OWS (Open Wallet Standard) so the ed25519 key can be stored safely.\n" +
+          "Install with: npm install -g @open-wallet-standard/core",
+        );
+      }
+
       // No OWS — store plaintext
       try {
         const { privateKeyToAccount } = await import("viem/accounts");
@@ -269,6 +319,7 @@ export function registerWalletTools(server: McpServer): void {
           defaultChain: defaultCh,
           label: walletName,
         });
+        const principal = await ensureConsumerPrincipal();
 
         return text(
           [
@@ -276,6 +327,7 @@ export function registerWalletTools(server: McpServer): void {
             `  Address: ${account.address}`,
             `  Name: ${walletName}`,
             `  Chains: ${selectedChains.join(", ")}`,
+            `  Consumer principal: ${principal}`,
             "",
             "Install OWS for encrypted storage: npm install -g @open-wallet-standard/core",
           ].join("\n"),
@@ -302,8 +354,13 @@ export function registerWalletTools(server: McpServer): void {
         .positive()
         .optional()
         .describe("Maximum USD per day across all transactions"),
+      require_confirmation_above: z
+        .number()
+        .positive()
+        .optional()
+        .describe("Require manual confirmation above this USD amount even when auto-spend is enabled"),
     },
-    async ({ wallet_id, max_per_tx, max_per_day }) => {
+    async ({ wallet_id, max_per_tx, max_per_day, require_confirmation_above }) => {
       const wallets = getWallets();
       const wallet = wallets.find((w) => w.id === wallet_id);
 
@@ -314,23 +371,36 @@ export function registerWalletTools(server: McpServer): void {
         );
       }
 
-      if (max_per_tx == null && max_per_day == null) {
+      if (
+        max_per_tx == null &&
+        max_per_day == null &&
+        require_confirmation_above == null
+      ) {
         return text(
-          "No policy changes specified. Provide max_per_tx and/or max_per_day.",
+          "No policy changes specified. Provide at least one policy field.",
         );
       }
 
+      const existing = getSpendPolicy(wallet_id) ?? {};
+      const nextPolicy = {
+        ...existing,
+        ...(max_per_tx != null ? { maxPerTxUsd: max_per_tx } : {}),
+        ...(max_per_day != null ? { maxPerDayUsd: max_per_day } : {}),
+        ...(require_confirmation_above != null ? { requireConfirmationAboveUsd: require_confirmation_above } : {}),
+      };
+      setSpendPolicy(wallet_id, nextPolicy);
+
       // Build policy summary
       const policies: string[] = [];
-      if (max_per_tx != null) {
-        policies.push(`Max per transaction: $${max_per_tx.toFixed(2)}`);
+      if (nextPolicy.maxPerTxUsd != null) {
+        policies.push(`Max per transaction: $${nextPolicy.maxPerTxUsd.toFixed(2)}`);
       }
-      if (max_per_day != null) {
-        policies.push(`Max per day: $${max_per_day.toFixed(2)}`);
+      if (nextPolicy.maxPerDayUsd != null) {
+        policies.push(`Max per day: $${nextPolicy.maxPerDayUsd.toFixed(2)}`);
+      }
+      if (nextPolicy.requireConfirmationAboveUsd != null) {
+        policies.push(`Require confirmation above: $${nextPolicy.requireConfirmationAboveUsd.toFixed(2)}`);
       }
-
-      // Note: actual persistence depends on the config module supporting policy fields.
-      // For now, we report what would be set. The core/config module will handle storage.
       return text(
         [
           `Spending policy set for wallet "${wallet_id}":`,