@aixyz/cli 0.6.0 → 0.8.0

package/register/utils/transaction.ts

@@ -0,0 +1,94 @@
+import { createPublicClient, http, type Chain, type Log } from "viem";
+import { startSpinner } from "./spinner";
+import { getExplorerUrl } from "./chain";
+import type { SignTransactionResult } from "../wallet/sign";
+import chalk from "chalk";
+import boxen from "boxen";
+
+export function label(text: string): string {
+  return chalk.dim(text.padEnd(14));
+}
+
+export function truncateUri(uri: string, maxLength = 80): string {
+  if (uri.length <= maxLength) return uri;
+  return uri.slice(0, maxLength) + "...";
+}
+
+export interface BroadcastAndConfirmParams {
+  result: SignTransactionResult;
+  chain: Chain;
+  rpcUrl?: string;
+}
+
+export interface BroadcastAndConfirmResult {
+  hash: `0x${string}`;
+  receipt: {
+    blockNumber: bigint;
+    gasUsed: bigint;
+    effectiveGasPrice: bigint;
+    logs: Log[];
+  };
+  timestamp: bigint;
+}
+
+export async function broadcastAndConfirm({
+  result,
+  chain,
+  rpcUrl,
+}: BroadcastAndConfirmParams): Promise<BroadcastAndConfirmResult> {
+  const transport = rpcUrl ? http(rpcUrl) : http();
+  const publicClient = createPublicClient({ chain, transport });
+
+  let hash: `0x${string}`;
+  if (result.kind === "sent") {
+    hash = result.txHash;
+  } else {
+    const broadcastSpinner = startSpinner("Broadcasting transaction...");
+    try {
+      hash = await publicClient.sendRawTransaction({ serializedTransaction: result.raw });
+    } catch (err) {
+      broadcastSpinner.stop();
+      throw err;
+    }
+    broadcastSpinner.stop(`${chalk.green("\u2713")} Transaction broadcast`);
+  }
+
+  printTxHashBox(chain, hash);
+
+  const confirmSpinner = startSpinner("Waiting for confirmation...");
+  let receipt;
+  try {
+    receipt = await publicClient.waitForTransactionReceipt({ hash });
+  } catch (err) {
+    confirmSpinner.stop();
+    throw err;
+  }
+  confirmSpinner.stop(`${chalk.green("\u2713")} Confirmed in block ${chalk.bold(receipt.blockNumber.toString())}`);
+
+  const block = await publicClient.getBlock({ blockNumber: receipt.blockNumber });
+
+  return { hash, receipt, timestamp: block.timestamp };
+}
+
+function printTxHashBox(chain: Chain, hash: `0x${string}`): void {
+  const lines = [`${label("Tx Hash")}${hash}`];
+  const explorerUrl = getExplorerUrl(chain, hash);
+  if (explorerUrl) {
+    lines.push(`${label("Explorer")}${chalk.cyan(explorerUrl)}`);
+  }
+  console.log(
+    boxen(lines.join("\n"), {
+      padding: { left: 1, right: 1, top: 0, bottom: 0 },
+      borderStyle: "round",
+      borderColor: "cyan",
+    }),
+  );
+}
+
+export function logSignResult(walletType: string, result: SignTransactionResult): void {
+  if (result.kind === "signed") {
+    console.log(`${chalk.green("\u2713")} Transaction signed ${chalk.dim(`(${walletType} \u00b7 ${result.address})`)}`);
+  } else {
+    console.log(`${chalk.green("\u2713")} Transaction signed ${chalk.dim(`(${walletType})`)}`);
+  }
+}

package/register/utils.test.ts

@@ -0,0 +1,154 @@
+import { describe, expect, test, afterAll, beforeAll } from "bun:test";
+import { rmSync } from "fs";
+import { mkdir } from "node:fs/promises";
+import { validatePrivateKey, CliError, resolveUri } from "./utils";
+import { join } from "path";
+
+describe("validatePrivateKey", () => {
+  test("accepts valid 64-char hex key with 0x prefix", () => {
+    const key = "0x0000000000000000000000000000000000000000000000000000000000000001";
+    const result = validatePrivateKey(key);
+    expect(result).toStrictEqual(key);
+  });
+
+  test("accepts valid 64-char hex key without 0x prefix", () => {
+    const key = "0000000000000000000000000000000000000000000000000000000000000001";
+    const result = validatePrivateKey(key);
+    expect(result).toStrictEqual(`0x${key}`);
+  });
+
+  test("accepts mixed case hex characters", () => {
+    const key = "0xaAbBcCdDeEfF0000000000000000000000000000000000000000000000000001";
+    const result = validatePrivateKey(key);
+    expect(result).toStrictEqual(key);
+  });
+
+  test("rejects key that is too short", () => {
+    const key = "0x1234";
+    expect(() => validatePrivateKey(key)).toThrow(CliError);
+    expect(() => validatePrivateKey(key)).toThrow("Invalid private key format");
+  });
+
+  test("rejects key that is too long", () => {
+    const key = "0x00000000000000000000000000000000000000000000000000000000000000001";
+    expect(() => validatePrivateKey(key)).toThrow(CliError);
+  });
+
+  test("rejects key with invalid characters", () => {
+    const key = "0xGGGG000000000000000000000000000000000000000000000000000000000001";
+    expect(() => validatePrivateKey(key)).toThrow(CliError);
+  });
+
+  test("rejects empty string", () => {
+    expect(() => validatePrivateKey("")).toThrow(CliError);
+  });
+
+  test("rejects random string", () => {
+    expect(() => validatePrivateKey("not-a-key")).toThrow(CliError);
+  });
+});
+
+describe("CliError", () => {
+  test("is an instance of Error", () => {
+    const error = new CliError("test message");
+    expect(error).toBeInstanceOf(Error);
+  });
+
+  test("has correct name property", () => {
+    const error = new CliError("test message");
+    expect(error.name).toStrictEqual("CliError");
+  });
+
+  test("has correct message property", () => {
+    const error = new CliError("test message");
+    expect(error.message).toStrictEqual("test message");
+  });
+
+  test("can be caught as Error", () => {
+    let caught = false;
+    try {
+      throw new CliError("test");
+    } catch (e) {
+      if (e instanceof Error) {
+        caught = true;
+      }
+    }
+    expect(caught).toStrictEqual(true);
+  });
+});
+
+describe("resolveUri", () => {
+  const testDir = join(import.meta.dir, "__test_fixtures__");
+  const testJsonPath = join(testDir, "test-metadata.json");
+  const testMetadata = { name: "Test Agent", description: "A test agent" };
+
+  beforeAll(() => {
+    // ensure test directory exists
+    mkdir(testDir, { recursive: true });
+  });
+
+  afterAll(() => {
+    // clean up test directory
+    rmSync(testDir, { recursive: true, force: true });
+  });
+
+  test("returns ipfs:// URIs unchanged", () => {
+    const uri = "ipfs://QmTest123";
+    expect(resolveUri(uri)).toStrictEqual(uri);
+  });
+
+  test("returns https:// URIs unchanged", () => {
+    const uri = "https://example.com/metadata.json";
+    expect(resolveUri(uri)).toStrictEqual(uri);
+  });
+
+  test("returns http:// URIs unchanged", () => {
+    const uri = "http://example.com/metadata.json";
+    expect(resolveUri(uri)).toStrictEqual(uri);
+  });
+
+  test("converts .json file to base64 data URI", async () => {
+    await Bun.write(testJsonPath, JSON.stringify(testMetadata));
+
+    try {
+      const result = resolveUri(testJsonPath);
+      expect(result.startsWith("data:application/json;base64,")).toStrictEqual(true);
+
+      // Decode and verify content
+      const base64 = result.replace("data:application/json;base64,", "");
+      const decoded = JSON.parse(Buffer.from(base64, "base64").toString("utf-8"));
+      expect(decoded).toStrictEqual(testMetadata);
+    } finally {
+      await Bun.file(testJsonPath).unlink();
+    }
+  });
+
+  test("throws for directory path", async () => {
+    await mkdir(testDir, { recursive: true });
+    const dirWithJsonSuffix = join(testDir, "not-a-file.json");
+    await mkdir(dirWithJsonSuffix, { recursive: true });
+
+    try {
+      expect(() => resolveUri(dirWithJsonSuffix)).toThrow(CliError);
+      expect(() => resolveUri(dirWithJsonSuffix)).toThrow("Not a file");
+    } finally {
+      rmSync(dirWithJsonSuffix, { recursive: true, force: true });
+    }
+  });
+
+  test("throws for non-existent .json file", () => {
+    expect(() => resolveUri("./non-existent.json")).toThrow(CliError);
+    expect(() => resolveUri("./non-existent.json")).toThrow("File not found");
+  });
+
+  test("throws for invalid JSON content", async () => {
+    await Bun.write(testJsonPath, "not valid json {{{");
+
+    try {
+      expect(() => resolveUri(testJsonPath)).toThrow(CliError);
+      expect(() => resolveUri(testJsonPath)).toThrow("Invalid JSON");
+    } finally {
+      await Bun.file(testJsonPath).unlink();
+    }
+  });
+});

package/register/utils.ts

@@ -0,0 +1,55 @@
+import { existsSync, readFileSync, statSync } from "node:fs";
+import { resolve } from "node:path";
+
+export function resolveUri(uri: string): string {
+  // Return as-is for URLs (ipfs://, https://, data:, etc.)
+  if (uri.startsWith("http://") || uri.startsWith("https://") || uri.startsWith("ipfs://") || uri.startsWith("data:")) {
+    return uri;
+  }
+
+  // Check if it's a file path (ends with .json or exists as a file)
+  if (uri.endsWith(".json") || existsSync(uri)) {
+    const filePath = resolve(uri);
+
+    if (!existsSync(filePath)) {
+      throw new CliError(`File not found: ${filePath}`);
+    }
+
+    if (!statSync(filePath).isFile()) {
+      throw new CliError(`Not a file: ${filePath}`);
+    }
+
+    const content = readFileSync(filePath, "utf-8");
+
+    // Validate it's valid JSON
+    try {
+      JSON.parse(content);
+    } catch {
+      throw new CliError(`Invalid JSON in file: ${filePath}`);
+    }
+
+    // Convert to base64 data URI
+    const base64 = Buffer.from(content).toString("base64");
+    return `data:application/json;base64,${base64}`;
+  }
+
+  // Return as-is for other URIs
+  return uri;
+}
+
+export function validatePrivateKey(key: string): `0x${string}` {
+  const normalizedKey = key.startsWith("0x") ? key : `0x${key}`;
+
+  if (!/^0x[0-9a-fA-F]{64}$/.test(normalizedKey)) {
+    throw new CliError("Invalid private key format. Expected 64 hex characters (with or without 0x prefix).");
+  }
+
+  return normalizedKey as `0x${string}`;
+}
+
+export class CliError extends Error {
+  constructor(message: string) {
+    super(message);
+    this.name = "CliError";
+  }
+}

package/register/wallet/browser.test.ts

@@ -0,0 +1,106 @@
+import { describe, expect, test } from "bun:test";
+import { escapeHtml, safeJsonEmbed, buildHtml } from "./browser";
+
+describe("escapeHtml", () => {
+  test("escapes ampersand", () => {
+    expect(escapeHtml("a&b")).toBe("a&b");
+  });
+
+  test("escapes less-than", () => {
+    expect(escapeHtml("a<b")).toBe("a&lt;b");
+  });
+
+  test("escapes greater-than", () => {
+    expect(escapeHtml("a>b")).toBe("a&gt;b");
+  });
+
+  test("escapes double quote", () => {
+    expect(escapeHtml('a"b')).toBe("a&quot;b");
+  });
+
+  test("escapes single quote", () => {
+    expect(escapeHtml("a'b")).toBe("a&#039;b");
+  });
+
+  test("escapes combined XSS string", () => {
+    expect(escapeHtml('<script>alert("xss")</script>')).toBe("&lt;script&gt;alert(&quot;xss&quot;)&lt;/script&gt;");
+  });
+
+  test("returns empty string unchanged", () => {
+    expect(escapeHtml("")).toBe("");
+  });
+
+  test("returns plain string unchanged", () => {
+    expect(escapeHtml("hello world")).toBe("hello world");
+  });
+});
+
+describe("safeJsonEmbed", () => {
+  test("escapes </script> in strings", () => {
+    const result = safeJsonEmbed("</script>");
+    expect(result).not.toContain("<");
+    expect(result).toContain("\\u003c");
+  });
+
+  test("encodes a simple string", () => {
+    expect(safeJsonEmbed("hello")).toBe('"hello"');
+  });
+
+  test("encodes an object", () => {
+    const result = safeJsonEmbed({ key: "value" });
+    expect(JSON.parse(result)).toEqual({ key: "value" });
+  });
+
+  test("escapes strings containing <", () => {
+    const result = safeJsonEmbed("a < b");
+    expect(result).not.toContain("<");
+    expect(result).toContain("\\u003c");
+  });
+});
+
+describe("buildHtml", () => {
+  const baseParams = {
+    registryAddress: "0x1234567890abcdef1234567890abcdef12345678",
+    calldata: "0xdeadbeef",
+    chainId: 11155111,
+    chainName: "sepolia",
+    nonce: "test-nonce-123",
+  };
+
+  test("returns valid HTML document", () => {
+    const html = buildHtml(baseParams);
+    expect(html).toStartWith("<!DOCTYPE html>");
+    expect(html).toContain("<html");
+    expect(html).toContain("</html>");
+  });
+
+  test("embeds chain name and ID", () => {
+    const html = buildHtml(baseParams);
+    expect(html).toContain("sepolia");
+    expect(html).toContain("11155111");
+  });
+
+  test("embeds registry address", () => {
+    const html = buildHtml(baseParams);
+    expect(html).toContain(baseParams.registryAddress);
+  });
+
+  test("embeds nonce in result endpoint", () => {
+    const html = buildHtml(baseParams);
+    expect(html).toContain("test-nonce-123");
+  });
+
+  test("displays URI when provided", () => {
+    const html = buildHtml({ ...baseParams, uri: "https://example.com/agent" });
+    expect(html).toContain("https://example.com/agent");
+  });
+
+  test("escapes user-provided values in HTML", () => {
+    const html = buildHtml({
+      ...baseParams,
+      chainName: '<script>alert("xss")</script>',
+    });
+    expect(html).not.toContain('<script>alert("xss")</script>');
+    expect(html).toContain("&lt;script&gt;");
+  });
+});