@alchemy/cli 0.10.0 → 0.11.0

package/README.md

@@ -2,7 +2,7 @@
 
 Alchemy CLI is a command-line tool for querying blockchain data and managing Alchemy apps/configuration.
 It supports both human-friendly terminal output and JSON output for automation.
-You can use browser login, API keys, access keys, or x402 wallet auth depending on the command.
+You can use browser login, API keys, or x402 wallet auth depending on the command.
 
 ## Installation
 
@@ -67,7 +67,7 @@ Quick usage examples:
 alchemy
 
 # Agent/script-friendly command
-alchemy evm data balance 0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045 --json --no-interactive
+alchemy evm data balance 0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045 -n eth-mainnet --json --no-interactive
 
 # Agent checks whether a newer CLI version is available
 alchemy update-check --json --no-interactive
@@ -95,22 +95,22 @@ Use `alchemy help` or `alchemy help <command>` for generated command help.
 
 | Command | What it does | Example |
 |---|---|---|
-| `evm rpc <method> [params...]` | Makes raw Ethereum JSON-RPC calls | `alchemy evm rpc eth_blockNumber` |
-| `evm data balance [address]` | Gets native token balance for an address | `alchemy evm data balance 0x...` |
-| `evm data tokens balances [address]` | Lists ERC-20 balances for an address | `alchemy evm data tokens balances 0x...` |
-| `evm data nfts [address]` | Lists NFTs owned by an address | `alchemy evm data nfts 0x...` |
-| `evm data history [address]` | Gets transfer history (`alchemy_getAssetTransfers`) | `alchemy evm data history 0x... --category erc20,erc721` |
+| `evm rpc <method> [params...]` | Makes raw Ethereum JSON-RPC calls | `alchemy evm rpc eth_blockNumber -n eth-mainnet` |
+| `evm data balance [address]` | Gets native token balance for an address | `alchemy evm data balance 0x... -n eth-mainnet` |
+| `evm data tokens balances [address]` | Lists ERC-20 balances for an address | `alchemy evm data tokens balances 0x... -n eth-mainnet` |
+| `evm data nfts [address]` | Lists NFTs owned by an address | `alchemy evm data nfts 0x... -n eth-mainnet` |
+| `evm data history [address]` | Gets transfer history (`alchemy_getAssetTransfers`) | `alchemy evm data history 0x... --category erc20,erc721 -n eth-mainnet` |
 | `evm data price symbol <symbols>` | Gets current token prices by symbol | `alchemy evm data price symbol ETH,USDC` |
 | `evm data portfolio tokens --body <json>` | Gets token portfolio data | `alchemy evm data portfolio tokens --body '{...}'` |
-| `evm send <to> <amount>` | Sends native tokens or ERC-20 tokens | `alchemy evm send vitalik.eth 0.1 -n base-mainnet` |
-| `evm contract read/call` | Reads or writes smart contracts | `alchemy evm contract read 0x... "balanceOf(address)(uint256)" --args '["0x..."]'` |
-| `evm swap quote/execute` | Swaps tokens on the same chain | `alchemy evm swap quote --from 0xEeee... --to 0xA0b8... --amount 1` |
-| `evm approve <spender_address>` | Approves an ERC-20 token allowance | `alchemy evm approve 0x... --token-address 0x... --amount 10` |
-| `evm status [id]` | Checks transaction or operation status | `alchemy evm status 0x...` |
+| `evm send <to> <amount>` | Sends native tokens for `--network`, or ERC-20 tokens with `--token` | `alchemy evm send vitalik.eth 0.1 -n base-mainnet` |
+| `evm contract read/call` | Reads or writes smart contracts | `alchemy evm contract read 0x... "balanceOf(address)(uint256)" --args '["0x..."]' -n eth-mainnet` |
+| `evm swap quote/execute` | Swaps tokens on the same chain | `alchemy evm swap quote --from 0xEeee... --to 0xA0b8... --amount 1 -n eth-mainnet` |
+| `evm approve <spender_address>` | Approves an ERC-20 token allowance | `alchemy evm approve 0x... --token-address 0x... --amount 10 -n eth-mainnet` |
+| `evm status [id]` | Checks transaction or operation status | `alchemy evm status 0x... -n eth-mainnet` |
 | `evm network list` | Lists RPC network IDs for use with `--network` | `alchemy evm network list --search base` |
-| `evm tx/receipt/block/gas/logs` | Fetches common node resources | `alchemy evm block latest` |
-| `evm trace/debug` | Calls Trace and Debug API methods | `alchemy evm trace call '{"to":"0x..."}' '["trace"]' latest` |
-| `evm simulate *` | Calls simulation APIs | `alchemy evm simulate execution --tx '{"to":"0x..."}'` |
+| `evm tx/receipt/block/gas/logs` | Fetches common node resources | `alchemy evm block latest -n eth-mainnet` |
+| `evm trace/debug` | Calls Trace and Debug API methods | `alchemy evm trace call '{"to":"0x..."}' '["trace"]' latest -n eth-mainnet` |
+| `evm simulate *` | Calls simulation APIs | `alchemy evm simulate execution --tx '{"to":"0x..."}' -n eth-mainnet` |
 
 ### Wallets
 
@@ -134,14 +134,14 @@ Per-command override: pass `--signer <session\|local>` to `evm send`, `evm appro
 
 | Command | What it does | Example |
 |---|---|---|
-| `solana rpc <method> [params...]` | Calls Solana JSON-RPC methods | `alchemy solana rpc getBalance '"<pubkey>"'` |
-| `solana das <method> [params...]` | Calls Solana DAS methods | `alchemy solana das getAssetsByOwner '{"ownerAddress":"<pubkey>"}'` |
+| `solana rpc <method> [params...]` | Calls Solana JSON-RPC methods | `alchemy solana rpc getBalance '"<pubkey>"' -n solana-mainnet` |
+| `solana das <method> [params...]` | Calls Solana DAS methods | `alchemy solana das getAssetsByOwner '{"ownerAddress":"<pubkey>"}' -n solana-mainnet` |
 | `solana network list` | Lists networks from the Solana namespace | `alchemy solana network list --search solana` |
-| `solana send <to> <amount>` | Sends SOL or SPL tokens to an address | `alchemy solana send <pubkey> 0.1` |
-| `solana send <to> <amount> --token <mint>` | Sends an SPL token and creates the recipient ATA if needed | `alchemy solana send <pubkey> 10 --token <mint>` |
-| `solana program accounts/account/show` | Inspects Solana program accounts and account metadata | `alchemy solana program accounts <program-id>` |
-| `solana delegate approve/revoke` | Approves or revokes SPL token delegates | `alchemy solana delegate approve --token-account <addr> --mint <mint> --delegate <addr> --amount 1 --decimals 6` |
-| `solana status [id]` | Checks Solana transaction or operation status | `alchemy solana status <signature>` |
+| `solana send <to> <amount>` | Sends SOL or SPL tokens to an address | `alchemy solana send <pubkey> 0.1 -n solana-mainnet` |
+| `solana send <to> <amount> --token <mint>` | Sends an SPL token and creates the recipient ATA if needed | `alchemy solana send <pubkey> 10 --token <mint> -n solana-mainnet` |
+| `solana program accounts/account/show` | Inspects Solana program accounts and account metadata | `alchemy solana program accounts <program-id> -n solana-mainnet` |
+| `solana delegate approve/revoke` | Approves or revokes SPL token delegates | `alchemy solana delegate approve --token-account <addr> --mint <mint> --delegate <addr> --amount 1 --decimals 6 -n solana-mainnet` |
+| `solana status [id]` | Checks Solana transaction or operation status | `alchemy solana status <signature> -n solana-mainnet` |
 | `xchain bridge quote/execute` | Bridges tokens across chains | `alchemy xchain bridge quote --from 0xEeee... --to 0xEeee... --amount 0.1 --to-network base-mainnet -n eth-mainnet` |
 
 ### CLI Admin
@@ -175,7 +175,7 @@ Per-command override: pass `--signer <session\|local>` to `evm send`, `evm appro
 | `install skills` | Installs bundled Alchemy skills | `alchemy install skills --client cursor --dry-run` |
 | `update-check` | Checks whether a newer CLI version is available | `alchemy update-check --json --no-interactive` |
 | `config set ...` | Sets config values | `alchemy config set app <app-id>` |
-| `config get <key>` | Gets one config value | `alchemy config get network` |
+| `config get <key>` | Gets one config value | `alchemy config get verbose` |
 | `config list` | Lists all config values | `alchemy config list` |
 | `config reset [key]` | Resets one or all config values | `alchemy config reset --yes` |
 | `completions <shell>` | Generates shell completion scripts (bash/zsh/fish) | `eval "$(alchemy completions zsh)"` |
@@ -193,7 +193,7 @@ These apply to all commands.
 | Flag | Env var | Description |
 |---|---|---|
 | `--api-key <key>` | `ALCHEMY_API_KEY` | API key for blockchain query commands |
-| `-n, --network <network>` | `ALCHEMY_NETWORK` | Target network (default: `eth-mainnet`) |
+| `-n, --network <network>` | — | Target network for networked commands |
 | `--x402` | — | Enable x402 wallet-based gateway auth |
 | `--wallet-key-file <path>` | — | EVM wallet private key file for x402 auth and local signing |
 | `--solana-wallet-key-file <path>` | — | Solana wallet private key file for local signing |
@@ -221,7 +221,6 @@ Additional env vars:
 | Env var | Description |
 |---|---|
 | `ALCHEMY_CONFIG` | Custom path to config file |
-| `ALCHEMY_ACCESS_KEY` | Access key for Admin API operations |
 | `ALCHEMY_WALLET_KEY` | EVM wallet private key for x402 auth and local signing |
 | `ALCHEMY_SOLANA_WALLET_KEY` | Solana wallet private key |
 | `ALCHEMY_ACTIVE_SIGNER` | Active EVM signer override (`session` or `local`) |
@@ -245,7 +244,7 @@ Additional env vars:
 | `evm data price historical` | `--body <json>` (required) |
 | `evm data portfolio *` | `--body <json>` (required per subcommand) |
 | `evm simulate *` | `--tx <json>` or `--txs <json>` (required) |
-| `evm send` | `--token <address>`, `--gas-sponsored`, `--gas-policy-id <id>`, `--signer <session\|local>` |
+| `evm send` | `-n, --network <network>` (required), `--token <address>`, `--gas-sponsored`, `--gas-policy-id <id>`, `--signer <session\|local>` |
 | `evm contract call` | `--args <json>`, `--abi-file <path>`, `--abi <json>`, `--value <ether>`, `--gas-sponsored`, `--gas-policy-id <id>`, `--signer <session\|local>` |
 | `evm swap quote` | `--from <token_address>`, `--to <token_address>`, `--amount <number>`, `--slippage <percent>`, `--signer <session\|local>` |
 | `evm swap execute` | `--from <token_address>`, `--to <token_address>`, `--amount <number>`, `--slippage <percent>`, `--gas-sponsored`, `--gas-policy-id <id>`, `--signer <session\|local>` |

package/dist/{auth-KS6VPHHU.js → auth-5XFZB2BU.js}

@@ -11,8 +11,8 @@ import {
   prepareLogin,
   revokeToken,
   waitForCallback
-} from "./chunk-AMGGO36F.js";
-import "./chunk-CTTW4PA4.js";
+} from "./chunk-I6YQX7PF.js";
+import "./chunk-5BEJA752.js";
 export {
   AUTH_PORT,
   DEFAULT_EXPIRES_IN_SECONDS,

package/dist/auth-6X2DBBYQ.js

@@ -0,0 +1,16 @@
+#!/usr/bin/env node
+if(process.argv.includes("--no-color"))process.env.NO_COLOR="1";
+import {
+  registerAuth,
+  selectAppAfterAuth
+} from "./chunk-XZS6KZHN.js";
+import "./chunk-I6YQX7PF.js";
+import "./chunk-RPSHRYCZ.js";
+import "./chunk-B5KVL3ZR.js";
+import "./chunk-DXQAGBW6.js";
+import "./chunk-LANOFNO6.js";
+import "./chunk-5BEJA752.js";
+export {
+  registerAuth,
+  selectAppAfterAuth
+};

package/dist/{chunk-HRWD4V2P.js → chunk-4QSVWWSK.js}

@@ -2,10 +2,10 @@
 if(process.argv.includes("--no-color"))process.env.NO_COLOR="1";
 import {
   configPath
-} from "./chunk-GLKB4JM7.js";
+} from "./chunk-LANOFNO6.js";
 import {
   esc
-} from "./chunk-CTTW4PA4.js";
+} from "./chunk-5BEJA752.js";
 
 // src/lib/update-check.ts
 import { execFileSync } from "child_process";
@@ -53,7 +53,7 @@ function semverLT(a, b) {
   return false;
 }
 function currentVersion() {
-  return true ? "0.10.0" : "0.0.0";
+  return true ? "0.11.0" : "0.0.0";
 }
 function toUpdateStatus(latestVersion, checkedAt) {
   const current = currentVersion();

package/dist/{chunk-CTTW4PA4.js → chunk-5BEJA752.js}

@@ -113,9 +113,7 @@ async function fetchWithTimeout(url, init) {
 // src/lib/redact.ts
 var SENSITIVE_ERROR_CODES = /* @__PURE__ */ new Set([
   "AUTH_REQUIRED",
-  "INVALID_API_KEY",
-  "INVALID_ACCESS_KEY",
-  "ACCESS_KEY_REQUIRED"
+  "INVALID_API_KEY"
 ]);
 function getAlchemyKeyPathMarkers() {
   const domain = getBaseDomain();
@@ -293,8 +291,6 @@ var ErrorCode = {
   AUTH_REQUIRED: "AUTH_REQUIRED",
   INVALID_API_KEY: "INVALID_API_KEY",
   NETWORK_NOT_ENABLED: "NETWORK_NOT_ENABLED",
-  INVALID_ACCESS_KEY: "INVALID_ACCESS_KEY",
-  ACCESS_KEY_REQUIRED: "ACCESS_KEY_REQUIRED",
   APP_REQUIRED: "APP_REQUIRED",
   ADMIN_API_ERROR: "ADMIN_API_ERROR",
   NETWORK_ERROR: "NETWORK_ERROR",
@@ -315,8 +311,6 @@ var EXIT_CODES = {
   AUTH_REQUIRED: 3,
   INVALID_API_KEY: 3,
   NETWORK_NOT_ENABLED: 3,
-  INVALID_ACCESS_KEY: 3,
-  ACCESS_KEY_REQUIRED: 3,
   APP_REQUIRED: 3,
   INVALID_ARGS: 2,
   NOT_FOUND: 4,
@@ -368,13 +362,6 @@ function errAuthRequired() {
     "alchemy auth"
   );
 }
-function errAccessKeyRequired() {
-  return new CLIError(
-    ErrorCode.ACCESS_KEY_REQUIRED,
-    "Access key required. Set ALCHEMY_ACCESS_KEY or run 'alchemy config set access-key <key>'.",
-    "Get an access key: https://www.alchemy.com/docs/reference/admin-api/overview"
-  );
-}
 function errLoginRequired() {
   return new CLIError(
     ErrorCode.AUTH_REQUIRED,
@@ -406,6 +393,13 @@ function errNetwork(detail) {
     "Check your internet connection and try again."
   );
 }
+function errNetworkRequired(networkListCommand = "alchemy evm network list") {
+  return new CLIError(
+    ErrorCode.INVALID_ARGS,
+    "Network required. Pass -n/--network <network>.",
+    networkListCommand
+  );
+}
 var RPC_ERROR_HINTS = {
   [-32700]: "Parse error. The request JSON is malformed.",
   [-32600]: "Invalid request. Check the JSON-RPC request format.",
@@ -430,19 +424,12 @@ function errRateLimited() {
     "Consider upgrading your Alchemy plan for higher rate limits."
   );
 }
-function errInvalidAccessKey() {
-  return new CLIError(
-    ErrorCode.INVALID_ACCESS_KEY,
-    "Invalid access key. Check your key and try again.",
-    "Get an access key: https://www.alchemy.com/docs/reference/admin-api/overview"
-  );
-}
 function errAccessDenied(detail) {
-  const message = detail ? `Access denied: ${detail}` : "Access denied. Your access key may not have permission for this operation.";
+  const message = detail ? `Access denied: ${detail}` : "Access denied. Check that your Alchemy account has permission for this operation.";
   return new CLIError(
-    ErrorCode.INVALID_ACCESS_KEY,
+    ErrorCode.AUTH_REQUIRED,
     message,
-    "Check your account tier and feature access at https://dashboard.alchemy.com/"
+    "Run 'alchemy auth login' or check your account access at https://dashboard.alchemy.com/"
   );
 }
 function errAppRequired() {
@@ -455,10 +442,17 @@ function errAppRequired() {
 function errWalletKeyRequired() {
   return new CLIError(
     ErrorCode.AUTH_REQUIRED,
-    "Wallet key required for x402. Set ALCHEMY_WALLET_KEY, run 'alchemy wallet connect --mode local', or use --wallet-key-file.",
+    "No local wallet configured. Run 'alchemy wallet connect --mode local', set ALCHEMY_WALLET_KEY, or use --wallet-key-file.",
     "alchemy wallet connect --mode local"
   );
 }
+function errWalletRequired() {
+  return new CLIError(
+    ErrorCode.AUTH_REQUIRED,
+    "No wallet connected. Run 'alchemy wallet connect' to connect a session wallet, or run 'alchemy wallet connect --mode local' to use a local wallet.",
+    "alchemy wallet connect"
+  );
+}
 function errSessionExpired() {
   return new CLIError(
     ErrorCode.AUTH_REQUIRED,
@@ -548,19 +542,19 @@ export {
   EXIT_CODES,
   CLIError,
   errAuthRequired,
-  errAccessKeyRequired,
   errLoginRequired,
   errInvalidAPIKey,
   errNetworkNotEnabled,
   errNetwork,
+  errNetworkRequired,
   errRPC,
   errInvalidArgs,
   errNotFound,
   errRateLimited,
-  errInvalidAccessKey,
   errAccessDenied,
   errAppRequired,
   errWalletKeyRequired,
+  errWalletRequired,
   errSessionExpired,
   errNoActiveSession,
   errSolanaWalletKeyRequired,

package/dist/{chunk-ANONMDDZ.js → chunk-B5KVL3ZR.js}

@@ -4,22 +4,21 @@ import {
   configDir,
   load,
   save
-} from "./chunk-GLKB4JM7.js";
+} from "./chunk-LANOFNO6.js";
 import {
   CLIError,
   ErrorCode,
   debug,
   errAccessDenied,
-  errAccessKeyRequired,
   errAdminAPI,
   errAppRequired,
   errAuthRequired,
   errInvalidAPIKey,
-  errInvalidAccessKey,
   errInvalidArgs,
   errLoginRequired,
   errNetwork,
   errNetworkNotEnabled,
+  errNetworkRequired,
   errNotFound,
   errRPC,
   errRateLimited,
@@ -31,7 +30,7 @@ import {
   redactSensitiveText,
   timeout,
   verbose
-} from "./chunk-CTTW4PA4.js";
+} from "./chunk-5BEJA752.js";
 
 // src/lib/resolve.ts
 import { readFileSync as readFileSync2 } from "fs";
@@ -635,6 +634,9 @@ var Client = class _Client {
     }
     return null;
   }
+  isFetchFailureError(err) {
+    return err.status === void 0 && err.message.trim().toLowerCase() === "fetch failed";
+  }
   verboseLog(message) {
     if (verbose) {
       process.stderr.write(`[verbose] ${message}
@@ -671,6 +673,9 @@ var Client = class _Client {
         if (err.status !== void 0) {
           throw errNetwork(`HTTP ${err.status}: ${err.message}`);
         }
+        if (this.isFetchFailureError(err)) {
+          throw errNetwork(err.message);
+        }
         throw errRPC(err.code, err.message);
       }
       throw err;
@@ -945,17 +950,10 @@ var AdminClient = class _AdminClient {
   static ADMIN_API_BASE_URL_ENV = "ALCHEMY_ADMIN_API_BASE_URL";
   credential;
   constructor(credential) {
-    if (typeof credential === "string") {
-      this.validateAccessKey(credential);
-      this.credential = { type: "access_key", key: credential };
-    } else {
-      if (credential.type === "access_key") {
-        this.validateAccessKey(credential.key);
-      } else if (!credential.token.trim()) {
-        throw errAuthRequired();
-      }
-      this.credential = credential;
+    if (!credential.token.trim()) {
+      throw errLoginRequired();
     }
+    this.credential = credential;
   }
   baseURL() {
     const override = this.baseURLOverride();
@@ -976,11 +974,6 @@ var AdminClient = class _AdminClient {
       allowedHostnames: [STAGING_ADMIN_API_HOST]
     });
   }
-  validateAccessKey(accessKey) {
-    if (!accessKey.trim() || /\s/.test(accessKey)) {
-      throw errInvalidAccessKey();
-    }
-  }
   assertSafeRequestTarget(url) {
     let parsed;
     try {
@@ -1003,7 +996,7 @@ var AdminClient = class _AdminClient {
       method,
       redirect: "error",
       headers: {
-        Authorization: `Bearer ${this.credential.type === "access_key" ? this.credential.key : this.credential.token}`,
+        Authorization: `Bearer ${this.credential.token}`,
         "Content-Type": "application/json",
         Accept: "application/json"
       },
@@ -1011,7 +1004,7 @@ var AdminClient = class _AdminClient {
     });
     if (resp.status === 401) {
       debug(`401 Unauthorized from ${url}`);
-      throw errInvalidAccessKey();
+      throw errLoginRequired();
     }
     if (resp.status === 403) {
       const detail = await resp.text().catch(() => "");
@@ -1127,17 +1120,10 @@ var GasManagerClient = class _GasManagerClient {
   static BASE_URL_ENV = "ALCHEMY_GAS_MANAGER_BASE_URL";
   credential;
   constructor(credential) {
-    if (typeof credential === "string") {
-      this.validateAccessKey(credential);
-      this.credential = { type: "access_key", key: credential };
-    } else {
-      if (credential.type === "access_key") {
-        this.validateAccessKey(credential.key);
-      } else if (!credential.token.trim()) {
-        throw errAuthRequired();
-      }
-      this.credential = credential;
+    if (!credential.token.trim()) {
+      throw errLoginRequired();
     }
+    this.credential = credential;
   }
   baseURL() {
     const override = this.baseURLOverride();
@@ -1156,11 +1142,6 @@ var GasManagerClient = class _GasManagerClient {
   baseURLOverride() {
     return parseBaseURLOverride(_GasManagerClient.BASE_URL_ENV);
   }
-  validateAccessKey(accessKey) {
-    if (!accessKey.trim() || /\s/.test(accessKey)) {
-      throw errInvalidAccessKey();
-    }
-  }
   assertSafeRequestTarget(url) {
     let parsed;
     try {
@@ -1179,19 +1160,18 @@ var GasManagerClient = class _GasManagerClient {
     const url = `${this.baseURL()}${path}`;
     debug(`${method} ${url}`);
     this.assertSafeRequestTarget(url);
-    const token = this.credential.type === "access_key" ? this.credential.key : this.credential.token;
     const resp = await fetchWithTimeout(url, {
       method,
       redirect: "error",
       headers: {
-        Authorization: `Bearer ${token}`,
+        Authorization: `Bearer ${this.credential.token}`,
         "Content-Type": "application/json",
         Accept: "application/json"
       },
       ...body !== void 0 && { body: JSON.stringify(body) }
     });
     if (resp.status === 401) {
-      throw this.credential.type === "auth_token" ? errLoginRequired() : errInvalidAccessKey();
+      throw errLoginRequired();
     }
     if (resp.status === 403) {
       const detail = await resp.text().catch(() => "");
@@ -1202,15 +1182,12 @@ var GasManagerClient = class _GasManagerClient {
       } catch {
         reason = detail || void 0;
       }
-      if (this.credential.type === "auth_token") {
-        const tail = reason ? ` (${reason})` : "";
-        throw new CLIError(
-          ErrorCode.AUTH_REQUIRED,
-          `Access denied for this Alchemy account or app${tail}. Re-authenticate with 'alchemy auth login' or check that the default app is one you have permission to manage.`,
-          "alchemy auth login"
-        );
-      }
-      throw errAccessDenied(typeof reason === "string" ? reason : void 0);
+      const tail = reason ? ` (${reason})` : "";
+      throw new CLIError(
+        ErrorCode.AUTH_REQUIRED,
+        `Access denied for this Alchemy account or app${tail}. Re-authenticate with 'alchemy auth login' or check that the default app is one you have permission to manage.`,
+        "alchemy auth login"
+      );
     }
     if (resp.status === 404) {
       const text = await resp.text().catch(() => "");
@@ -1569,43 +1546,29 @@ function resolveAPIKey(program, cfg) {
   if (config.app?.apiKey) return config.app.apiKey;
   return void 0;
 }
-function resolveAccessKey(_program, cfg) {
-  if (process.env.ALCHEMY_ACCESS_KEY) return process.env.ALCHEMY_ACCESS_KEY;
-  const config = cfg ?? load();
-  if (config.access_key) return config.access_key;
-  return void 0;
-}
-function resolveNetwork(program, cfg, defaultNetwork) {
+function resolveOptionalNetwork(program) {
   const opts = getCommandOptions(program);
-  if (opts.network) return opts.network;
-  if (process.env.ALCHEMY_NETWORK) return process.env.ALCHEMY_NETWORK;
-  const config = cfg ?? load();
-  if (config.network) return config.network;
-  return defaultNetwork ?? "eth-mainnet";
+  return opts.network;
 }
-function resolveSolanaNetwork(program, cfg) {
-  const opts = getCommandOptions(program);
-  if (opts.network) {
-    if (!isSolanaNetwork(opts.network)) {
-      throw errInvalidArgs(
-        `Network '${opts.network}' is not a Solana network. Use a solana-* network with the solana namespace.`
-      );
-    }
-    return opts.network;
-  }
-  if (process.env.ALCHEMY_NETWORK) {
-    if (!isSolanaNetwork(process.env.ALCHEMY_NETWORK)) {
-      throw errInvalidArgs(
-        `ALCHEMY_NETWORK='${process.env.ALCHEMY_NETWORK}' is not a Solana network. Use a solana-* network with the solana namespace.`
-      );
-    }
-    return process.env.ALCHEMY_NETWORK;
+function resolveNetwork(program) {
+  const network = resolveOptionalNetwork(program);
+  if (network) return network;
+  throw errNetworkRequired();
+}
+function resolveRequiredNetwork(program) {
+  return resolveNetwork(program);
+}
+function resolveSolanaNetwork(program) {
+  const network = resolveOptionalNetwork(program);
+  if (!network) {
+    throw errNetworkRequired("alchemy solana network list");
   }
-  const config = cfg ?? load();
-  if (config.network && isSolanaNetwork(config.network)) {
-    return config.network;
+  if (!isSolanaNetwork(network)) {
+    throw errInvalidArgs(
+      `Network '${network}' is not a Solana network. Use a solana-* network with the solana namespace.`
+    );
   }
-  return "solana-mainnet";
+  return network;
 }
 function resolveAppId(program, cfg) {
   const opts = getCommandOptions(program);
@@ -1627,11 +1590,9 @@ function resolveAuthToken(cfg) {
 }
 function adminClientFromFlags(program) {
   const cfg = load();
-  const accessKey = resolveAccessKey(program, cfg);
-  if (accessKey) return new AdminClient(accessKey);
   const authToken = resolveAuthToken(cfg);
   if (authToken) return new AdminClient({ type: "auth_token", token: authToken });
-  throw errAccessKeyRequired();
+  throw errLoginRequired();
 }
 function hasAuthLoginToken(cfg) {
   return Boolean(resolveAuthToken(cfg));
@@ -1653,7 +1614,7 @@ function resolveX402Client(program) {
   if (!resolveX402(program, cfg)) return null;
   const walletKey = resolveWalletKey(program, cfg);
   if (!walletKey) return null;
-  return new X402Client(walletKey, resolveNetwork(program, cfg));
+  return new X402Client(walletKey, resolveNetwork(program));
 }
 function resolveWalletKey(program, cfg) {
   const opts = getCommandOptions(program);
@@ -1743,9 +1704,20 @@ function resolveActiveSigner(program, cfg) {
 function resolveDelegatedMode(program, cfg) {
   return resolveActiveSigner(program, cfg) === "session";
 }
+function resolveClientNetwork(program, opts) {
+  return opts?.forceNetwork ?? resolveNetwork(program);
+}
+function apiKeyClientFromFlags(program, opts) {
+  const cfg = load();
+  const network = resolveClientNetwork(program, opts);
+  debug(`using network=${network}`);
+  const apiKey = resolveAPIKey(program, cfg);
+  if (!apiKey) throw errAuthRequired();
+  return new Client(apiKey, network);
+}
 function clientFromFlags(program, opts) {
   const cfg = load();
-  const network = opts?.forceNetwork ?? resolveNetwork(program, cfg, opts?.defaultNetwork);
+  const network = resolveClientNetwork(program, opts);
   debug(`using network=${network}`);
   if (resolveX402(program, cfg)) {
     const walletKey = resolveWalletKey(program, cfg);
@@ -1807,8 +1779,9 @@ export {
   isSessionValid,
   getWalletSessionByChain,
   resolveAPIKey,
-  resolveAccessKey,
+  resolveOptionalNetwork,
   resolveNetwork,
+  resolveRequiredNetwork,
   resolveSolanaNetwork,
   resolveAppId,
   resolveAuthToken,
@@ -1825,6 +1798,7 @@ export {
   resolveSolanaFeePolicyId,
   resolveActiveSigner,
   resolveDelegatedMode,
+  apiKeyClientFromFlags,
   clientFromFlags,
   resolveConfiguredNetworkSlugs,
   resolveWalletSession,

package/dist/{chunk-VN5JUWHO.js → chunk-CSBYGYG6.js}

@@ -2,11 +2,11 @@
 if(process.argv.includes("--no-color"))process.env.NO_COLOR="1";
 import {
   isInteractiveAllowed
-} from "./chunk-3GBDYROJ.js";
+} from "./chunk-RPSHRYCZ.js";
 import {
   resolveAuthToken,
   resolveWalletSession
-} from "./chunk-ANONMDDZ.js";
+} from "./chunk-B5KVL3ZR.js";
 
 // src/lib/onboarding.ts
 var SETUP_CAPABILITY_ORDER = [
@@ -26,9 +26,6 @@ var SETUP_CAPABILITY_LABELS = {
 function hasAPIKey(cfg) {
   return Boolean(cfg.api_key?.trim());
 }
-function hasAccessKeyAndApp(cfg) {
-  return Boolean(cfg.access_key?.trim() && cfg.app?.id && cfg.app.apiKey);
-}
 function hasX402Wallet(cfg) {
   return cfg.x402 === true && Boolean(cfg.wallet_key_file?.trim());
 }
@@ -40,7 +37,7 @@ function capabilityStatus(args) {
 }
 function getSetupCapabilities(cfg) {
   const hasConfiguredAPIKey = hasAPIKey(cfg) || Boolean(cfg.app?.apiKey?.trim());
-  const hasAdminAuth = Boolean(cfg.access_key?.trim()) || hasAuthToken(cfg);
+  const hasAdminAuth = hasAuthToken(cfg);
   const hasNotifyAuth = Boolean(
     cfg.webhook_api_key?.trim() || cfg.app?.webhookApiKey?.trim()
   );
@@ -58,9 +55,9 @@ function getSetupCapabilities(cfg) {
     }),
     admin_api: capabilityStatus({
       complete: hasAdminAuth,
-      satisfiedBy: cfg.access_key?.trim() ? "access_key" : hasAuthToken(cfg) ? "auth_token" : null,
-      missing: hasAdminAuth ? [] : ["access-key or auth token"],
-      nextCommands: hasAdminAuth ? [] : ["alchemy auth", "alchemy config set access-key <key>"]
+      satisfiedBy: hasAdminAuth ? "auth_token" : null,
+      missing: hasAdminAuth ? [] : ["auth token"],
+      nextCommands: hasAdminAuth ? [] : ["alchemy auth"]
     }),
     notify_webhooks: capabilityStatus({
       complete: hasNotifyAuth,
@@ -87,7 +84,6 @@ function getSetupCapabilities(cfg) {
 }
 function getSetupMethod(cfg) {
   if (hasAPIKey(cfg)) return "api_key";
-  if (hasAccessKeyAndApp(cfg)) return "access_key_app";
   if (hasX402Wallet(cfg)) return "x402_wallet";
   if (hasAuthToken(cfg)) return "auth_token";
   return null;
@@ -110,11 +106,10 @@ function getSetupStatus(cfg) {
   return {
     complete: false,
     satisfiedBy: null,
-    missing: ["Provide one auth path: alchemy auth OR api-key OR ALCHEMY_ACCESS_KEY+app OR SIWx wallet"],
+    missing: ["Provide one auth path: alchemy auth OR api-key OR SIWx wallet"],
     nextCommands: [
       "alchemy auth",
       "alchemy config set app",
-      "alchemy config set access-key <key> && alchemy config set app <app-id>",
       "alchemy wallet connect --mode local && alchemy config set x402 true"
     ],
     capabilities

package/dist/{chunk-PMNRIXJI.js → chunk-DXQAGBW6.js}

@@ -5,7 +5,7 @@ import {
   isJSONMode,
   quiet,
   rgb
-} from "./chunk-CTTW4PA4.js";
+} from "./chunk-5BEJA752.js";
 
 // src/lib/terminal-ui.ts
 import * as readline from "readline";