@alchemy/cli 0.5.1 → 0.6.0

package/dist/index.js

@@ -2,64 +2,72 @@
 if(process.argv.includes("--no-color"))process.env.NO_COLOR="1";
 import {
   registerAuth
-} from "./chunk-LYUW7O6X.js";
-import "./chunk-IGD4NIK7.js";
-import {
-  readStdinArg,
-  readStdinLines,
-  registerConfig,
-  registerWallet,
-  resolveAddress,
-  splitCommaList,
-  validateAddress,
-  validateTxHash
-} from "./chunk-44OGGLN4.js";
+} from "./chunk-UMKDYHMO.js";
+import "./chunk-FFMNT74F.js";
 import {
   getRPCNetworks,
   getSetupStatus,
   isSetupComplete,
   nativeTokenSymbol,
   shouldRunOnboarding
-} from "./chunk-5X6YRTPU.js";
+} from "./chunk-T5Z2GJUX.js";
+import {
+  isInteractiveAllowed
+} from "./chunk-KDMIWPZH.js";
+import {
+  AdminClient,
+  adminClientFromFlags,
+  clientFromFlags,
+  resolveAPIKey,
+  resolveAppId,
+  resolveNetwork,
+  resolveWalletKey,
+  resolveX402Client
+} from "./chunk-ATX65U7J.js";
+import "./chunk-JQRGILIS.js";
 import {
   getAvailableUpdate,
   getUpdateStatus,
   printUpdateNotice
-} from "./chunk-Z7J64GJJ.js";
+} from "./chunk-3W4ICF67.js";
 import {
-  adminClientFromFlags,
   bold,
   brand,
   brandedHelp,
-  clientFromFlags,
   dim,
   emptyState,
   etherscanTxURL,
   failBadge,
   green,
-  isInteractiveAllowed,
-  load,
-  maskIf,
   printKeyValueBox,
   printSyntaxJSON,
   printTable,
+  promptAutocomplete,
   promptConfirm,
+  promptMultiselect,
   promptSelect,
+  promptText,
   red,
-  resolveAPIKey,
-  resolveAppId,
-  resolveNetwork,
-  resolveX402Client,
-  save,
   successBadge,
   timeAgo,
   weiToEth,
-  withSpinner
-} from "./chunk-T2XSNZE3.js";
+  withSpinner,
+  yellow
+} from "./chunk-NBDWF4ZQ.js";
+import {
+  KEY_MAP,
+  configDir,
+  get,
+  load,
+  maskIf,
+  save,
+  toMap
+} from "./chunk-BAAQ7ELR.js";
 import {
   EXIT_CODES,
   ErrorCode,
   debug,
+  errAccessKeyRequired,
   errAppRequired,
   errAuthRequired,
   errInvalidAPIKey,
@@ -68,6 +76,7 @@ import {
   errNotFound,
   errRateLimited,
   errSetupRequired,
+  errWalletKeyRequired,
   esc,
   exitWithError,
   fetchWithTimeout,
@@ -87,6 +96,557 @@ import {
 // src/index.ts
 import { Command, Help } from "commander";
 
+// src/lib/ens.ts
+import { keccak_256 } from "@noble/hashes/sha3.js";
+var UNIVERSAL_RESOLVER = "0xeEeEEEeE14D718C2B47D9923Deab1335E144EeEe";
+var RESOLVE_SELECTOR = "9061b923";
+var ADDR_SELECTOR = "3b3b57de";
+function bytesToHex(bytes) {
+  return Array.from(bytes).map((b) => b.toString(16).padStart(2, "0")).join("");
+}
+function pad32(hex) {
+  return hex.padStart(64, "0");
+}
+function namehash(name) {
+  let node = new Uint8Array(32);
+  if (!name) return node;
+  const labels = name.split(".");
+  for (let i = labels.length - 1; i >= 0; i--) {
+    const labelHash = keccak_256(new TextEncoder().encode(labels[i]));
+    const combined = new Uint8Array(64);
+    combined.set(node, 0);
+    combined.set(labelHash, 32);
+    node = keccak_256(combined);
+  }
+  return node;
+}
+function dnsEncode(name) {
+  const labels = name.split(".");
+  const parts = [];
+  for (const label of labels) {
+    const encoded = new TextEncoder().encode(label);
+    parts.push(encoded.length);
+    parts.push(...encoded);
+  }
+  parts.push(0);
+  return new Uint8Array(parts);
+}
+function buildResolveCalldata(name) {
+  const dnsName = dnsEncode(name);
+  const node = namehash(name);
+  const innerHex = ADDR_SELECTOR + bytesToHex(node);
+  const innerLen = 36;
+  const dnsHex = bytesToHex(dnsName);
+  const nameLen = dnsName.length;
+  const namePad = Math.ceil(nameLen / 32) * 32;
+  const innerPad = Math.ceil(innerLen / 32) * 32;
+  const nameOffset = 64;
+  const dataOffset = nameOffset + 32 + namePad;
+  let hex = RESOLVE_SELECTOR;
+  hex += pad32(nameOffset.toString(16));
+  hex += pad32(dataOffset.toString(16));
+  hex += pad32(nameLen.toString(16));
+  hex += dnsHex.padEnd(namePad * 2, "0");
+  hex += pad32(innerLen.toString(16));
+  hex += innerHex.padEnd(innerPad * 2, "0");
+  return "0x" + hex;
+}
+function isENSName(value) {
+  return value.endsWith(".eth") && value.length > 4 && !value.startsWith("0x");
+}
+async function resolveENS(name, client) {
+  if (!client.network.startsWith("eth-")) {
+    throw errInvalidArgs(
+      `ENS resolution is only supported on Ethereum networks. Current network: ${client.network}`
+    );
+  }
+  const calldata = buildResolveCalldata(name.toLowerCase());
+  const result = await client.call("eth_call", [
+    { to: UNIVERSAL_RESOLVER, data: calldata },
+    "latest"
+  ]);
+  if (!result || result === "0x" || result.length < 130) {
+    throw errInvalidArgs(`ENS name "${name}" could not be resolved.`);
+  }
+  const raw = result.slice(2);
+  const dataOffset = parseInt(raw.slice(0, 64), 16) * 2;
+  const dataLen = parseInt(raw.slice(dataOffset, dataOffset + 64), 16);
+  const dataHex = raw.slice(dataOffset + 64, dataOffset + 64 + dataLen * 2);
+  if (dataHex.length < 64) {
+    throw errInvalidArgs(`ENS name "${name}" could not be resolved.`);
+  }
+  const address = "0x" + dataHex.slice(24, 64);
+  if (address === "0x0000000000000000000000000000000000000000") {
+    throw errInvalidArgs(`ENS name "${name}" is not registered or has no address set.`);
+  }
+  return address;
+}
+
+// src/lib/validators.ts
+function splitCommaList(input) {
+  return input.split(",").map((s) => s.trim()).filter(Boolean);
+}
+var ADDRESS_RE = /^0x[0-9a-fA-F]{40}$/;
+var TX_HASH_RE = /^0x[0-9a-fA-F]{64}$/;
+async function readStdinArg(name) {
+  if (process.stdin.isTTY) {
+    throw errInvalidArgs(`Missing <${name}>. Provide it as an argument or pipe via stdin.`);
+  }
+  process.stdin.setEncoding("utf-8");
+  let input = "";
+  for await (const chunk of process.stdin) {
+    input += chunk;
+  }
+  const data = input.trim().split("\n")[0]?.trim() ?? "";
+  if (!data) {
+    throw errInvalidArgs(`No <${name}> received on stdin.`);
+  }
+  return data;
+}
+async function readStdinLines(name) {
+  if (process.stdin.isTTY) {
+    throw errInvalidArgs(`Missing <${name}>. Provide it as an argument or pipe via stdin.`);
+  }
+  process.stdin.setEncoding("utf-8");
+  let input = "";
+  for await (const chunk of process.stdin) {
+    input += chunk;
+  }
+  const lines = input.split("\n").map((line) => line.trim()).filter((line) => line.length > 0);
+  if (lines.length === 0) {
+    throw errInvalidArgs(`No <${name}> received on stdin.`);
+  }
+  return lines;
+}
+function validateAddress(address) {
+  if (!ADDRESS_RE.test(address)) {
+    throw errInvalidArgs(
+      `Invalid address "${address}". Expected 0x-prefixed 40-hex-character address.`
+    );
+  }
+}
+async function resolveAddress(input, client) {
+  if (isENSName(input)) {
+    return resolveENS(input, client);
+  }
+  validateAddress(input);
+  return input;
+}
+function validateTxHash(hash) {
+  if (!TX_HASH_RE.test(hash)) {
+    throw errInvalidArgs(
+      `Invalid transaction hash "${hash}". Expected 0x-prefixed 64-hex-character hash.`
+    );
+  }
+}
+
+// src/commands/config.ts
+var RESET_KEY_MAP = { ...KEY_MAP, app: "app" };
+var APP_SEARCH_THRESHOLD = 15;
+async function saveAppWithPrompt(app) {
+  const cfg = load();
+  const updated = {
+    ...cfg,
+    api_key: app.apiKey,
+    app: { id: app.id, name: app.name, apiKey: app.apiKey, webhookApiKey: app.webhookApiKey }
+  };
+  if (cfg.api_key) {
+    const replace = await promptConfirm({
+      message: "You already have an API key configured. Use the app's API key instead?",
+      initialValue: true,
+      cancelMessage: "Cancelled default app update."
+    });
+    if (replace === null) {
+      return false;
+    }
+    if (!replace) {
+      updated.api_key = cfg.api_key;
+    }
+  }
+  save(updated);
+  return true;
+}
+async function selectOrCreateApp(admin) {
+  let apps;
+  try {
+    const result = await withSpinner(
+      "Fetching apps\u2026",
+      "Apps fetched",
+      () => admin.listAllApps()
+    );
+    apps = result.apps;
+  } catch {
+    console.log(
+      `  ${dim("Could not fetch apps. Skipping app selection.")}`
+    );
+    return;
+  }
+  if (apps.length > 0) {
+    const CREATE_NEW = "__create_new__";
+    const options = [
+      ...apps.map((a) => ({
+        label: `${a.name} (${a.id})`,
+        value: a.id
+      })),
+      { label: "Create a new app", value: CREATE_NEW }
+    ];
+    const selected = apps.length > APP_SEARCH_THRESHOLD ? await promptAutocomplete({
+      message: "Select default app",
+      placeholder: "Type app name or id",
+      options,
+      cancelMessage: "Cancelled app selection.",
+      commitLabel: null
+    }) : await promptSelect({
+      message: "Select default app",
+      options,
+      cancelMessage: "Cancelled app selection.",
+      commitLabel: null
+    });
+    if (selected === null) {
+      return;
+    }
+    if (selected !== CREATE_NEW) {
+      const app = apps.find((a) => a.id === selected);
+      const saved = await saveAppWithPrompt(app);
+      if (saved) {
+        console.log(`
+  ${green("\u2713")} Default app set to ${app.name} (${app.id})`);
+      } else {
+        console.log(`  ${dim("Skipped setting default app.")}`);
+      }
+      return;
+    }
+  } else {
+    console.log(`  ${dim("No apps found. Let's create one.")}`);
+  }
+  const name = await promptText({
+    message: "App name",
+    cancelMessage: "Cancelled app creation."
+  });
+  if (name === null) {
+    return;
+  }
+  if (!name.trim()) {
+    console.log(`  ${dim("Skipped app creation.")}`);
+    return;
+  }
+  let chainChoices = [];
+  try {
+    const chains = await withSpinner(
+      "Fetching chains\u2026",
+      "Chains fetched",
+      () => admin.listChains()
+    );
+    chainChoices = chains.filter((c) => c.availability === "public" && !c.isTestnet).map((c) => ({ label: `${c.name} (${c.id})`, value: c.id }));
+  } catch {
+  }
+  let networks;
+  if (chainChoices.length > 0) {
+    const selectedNetworks = await promptMultiselect({
+      message: "Select networks",
+      options: chainChoices,
+      required: true,
+      cancelMessage: "Cancelled network selection."
+    });
+    if (selectedNetworks === null) {
+      return;
+    }
+    networks = selectedNetworks;
+  } else {
+    const raw = await promptText({
+      message: "Network IDs (comma-separated)",
+      cancelMessage: "Cancelled network selection."
+    });
+    if (raw === null) {
+      return;
+    }
+    networks = splitCommaList(raw);
+  }
+  if (networks.length === 0) {
+    console.log(`  ${dim("No networks selected. Skipped app creation.")}`);
+    return;
+  }
+  try {
+    const app = await withSpinner(
+      "Creating app\u2026",
+      "App created",
+      () => admin.createApp({ name: name.trim(), networks })
+    );
+    console.log(`  ${green("\u2713")} Created app ${app.name} (${app.id})`);
+    const setDefault = await promptConfirm({
+      message: "Set as default app?",
+      initialValue: true,
+      cancelMessage: "Cancelled default app selection."
+    });
+    if (setDefault === null) {
+      return;
+    }
+    if (setDefault) {
+      const saved = await saveAppWithPrompt(app);
+      if (saved) {
+        console.log(`
+  ${green("\u2713")} Default app set to ${app.name} (${app.id})`);
+      } else {
+        console.log(`  ${dim("Skipped setting default app.")}`);
+      }
+    }
+  } catch (err) {
+    exitWithError(err);
+  }
+}
+function registerConfig(program2) {
+  const cmd = program2.command("config").description("Manage CLI configuration");
+  const setCmd = cmd.command("set").description("Set a config value");
+  setCmd.command("api-key <key>").description("Set the Alchemy API key for RPC requests").action((key) => {
+    try {
+      const cfg = load();
+      save({ ...cfg, api_key: key });
+      printHuman(`${green("\u2713")} Set api-key
+`, { key: "api-key", status: "set" });
+      if (!isJSONMode() && cfg.app?.apiKey && cfg.app.apiKey !== key) {
+        console.log(
+          `  ${yellow("\u25C6")} ${dim("Warning: api-key differs from the selected app key. RPC commands use api-key; run 'alchemy config set app <app-id>' to resync.")}`
+        );
+      }
+    } catch (err) {
+      exitWithError(err);
+    }
+  });
+  setCmd.command("access-key <key>").description("Set the Alchemy access key for Admin API operations").action(async (key) => {
+    try {
+      const cfg = load();
+      save({ ...cfg, access_key: key });
+      printHuman(`${green("\u2713")} Set access-key
+`, { key: "access-key", status: "set" });
+      if (isInteractiveAllowed(program2)) {
+        await selectOrCreateApp(new AdminClient(key));
+      }
+    } catch (err) {
+      exitWithError(err);
+    }
+  });
+  setCmd.command("webhook-api-key <key>").description("Set the Alchemy webhook API key for Notify operations").action((key) => {
+    try {
+      const cfg = load();
+      save({ ...cfg, webhook_api_key: key });
+      printHuman(`${green("\u2713")} Set webhook-api-key
+`, { key: "webhook-api-key", status: "set" });
+    } catch (err) {
+      exitWithError(err);
+    }
+  });
+  setCmd.command("app [app-id]").description("Select the default app (interactive) or set by ID").action(async (appId) => {
+    try {
+      const cfg = load();
+      const accessKey = program2.opts().accessKey || process.env.ALCHEMY_ACCESS_KEY || cfg.access_key;
+      if (!accessKey) throw errAccessKeyRequired();
+      if (appId) {
+        const admin = new AdminClient(accessKey);
+        const app = await withSpinner(
+          "Fetching app\u2026",
+          "App fetched",
+          () => admin.getApp(appId)
+        );
+        const updated = {
+          ...cfg,
+          api_key: app.apiKey,
+          app: { id: app.id, name: app.name, apiKey: app.apiKey, webhookApiKey: app.webhookApiKey }
+        };
+        save(updated);
+        printHuman(
+          `${green("\u2713")} Default app set to ${app.name} (${app.id})
+`,
+          { app: { id: app.id, name: app.name }, status: "set" }
+        );
+        return;
+      }
+      if (!isInteractiveAllowed(program2)) {
+        exitWithError(
+          new Error("Interactive app selection requires an interactive terminal. Use 'config set app <app-id>' or 'alchemy apps list' to find app IDs.")
+        );
+      }
+      await selectOrCreateApp(new AdminClient(accessKey));
+    } catch (err) {
+      exitWithError(err);
+    }
+  });
+  setCmd.command("network <network>").description("Set the default network (e.g. eth-mainnet, polygon-mainnet)").action((network) => {
+    try {
+      const cfg = load();
+      save({ ...cfg, network });
+      printHuman(`${green("\u2713")} Set network to ${network}
+`, { key: "network", value: network, status: "set" });
+    } catch (err) {
+      exitWithError(err);
+    }
+  });
+  setCmd.command("verbose <enabled>").description("Set default verbose output (true|false)").action((enabled) => {
+    try {
+      const normalized = enabled.trim().toLowerCase();
+      if (normalized !== "true" && normalized !== "false") {
+        throw errInvalidArgs("verbose must be 'true' or 'false'");
+      }
+      const verbose2 = normalized === "true";
+      const cfg = load();
+      save({ ...cfg, verbose: verbose2 });
+      printHuman(
+        `${green("\u2713")} Set verbose default to ${verbose2}
+`,
+        { key: "verbose", value: String(verbose2), status: "set" }
+      );
+    } catch (err) {
+      exitWithError(err);
+    }
+  });
+  setCmd.command("wallet-key-file <path>").description("Set the path to a wallet private key file for x402").action((path) => {
+    try {
+      const cfg = load();
+      save({ ...cfg, wallet_key_file: path });
+      printHuman(`${green("\u2713")} Set wallet-key-file
+`, { key: "wallet-key-file", status: "set" });
+    } catch (err) {
+      exitWithError(err);
+    }
+  });
+  setCmd.command("x402 <enabled>").description("Enable or disable x402 wallet-based auth by default (true|false)").action((enabled) => {
+    try {
+      const normalized = enabled.trim().toLowerCase();
+      if (normalized !== "true" && normalized !== "false") {
+        throw errInvalidArgs("x402 must be 'true' or 'false'");
+      }
+      const x402 = normalized === "true";
+      const cfg = load();
+      save({ ...cfg, x402 });
+      printHuman(
+        `${green("\u2713")} Set x402 default to ${x402}
+`,
+        { key: "x402", value: String(x402), status: "set" }
+      );
+    } catch (err) {
+      exitWithError(err);
+    }
+  });
+  cmd.command("get <key>").description("Get a config value (api-key, access-key, app, network, verbose, wallet-key-file, x402)").action((key) => {
+    const cfg = load();
+    let value = get(cfg, key);
+    let isDefault = false;
+    if (value === void 0) {
+      const defaults = {
+        network: "eth-mainnet",
+        verbose: "false",
+        x402: "false"
+      };
+      const normalizedKey = KEY_MAP[key] ?? key;
+      const defaultValue = defaults[normalizedKey] ?? defaults[key];
+      if (defaultValue !== void 0) {
+        value = defaultValue;
+        isDefault = true;
+      }
+    }
+    if (value === void 0) {
+      exitWithError(errNotFound(`config key '${key}'`));
+    }
+    const isSecret = key === "api-key" || key === "api_key" || key === "access-key" || key === "access_key";
+    const display = isSecret ? maskIf(value) : value;
+    const humanDisplay = isDefault ? `${display} ${dim("(default)")}` : display;
+    printHuman(humanDisplay + "\n", { key, value: display, ...isDefault && { default: true } });
+  });
+  cmd.command("list").description("List all config values").action(async () => {
+    const cfg = load();
+    const hasApiKeyMismatch = Boolean(
+      cfg.api_key && cfg.app?.apiKey && cfg.api_key !== cfg.app.apiKey
+    );
+    if (isJSONMode()) {
+      printJSON(toMap(cfg));
+      return;
+    }
+    const { resolveAuthToken } = await import("./resolve-HXKHDOJZ.js");
+    const { getCredentials, getStorageBackend } = await import("./credential-storage-T6FFW7DG.js");
+    const validToken = await resolveAuthToken(cfg);
+    const creds = await getCredentials();
+    const hasToken = creds?.auth_token || cfg.auth_token;
+    const expiresAt = creds?.auth_token_expires_at || cfg.auth_token_expires_at;
+    const backend = await getStorageBackend();
+    const storageName = creds?.auth_token ? backend : cfg.auth_token ? "config (legacy)" : "";
+    const authStatus = hasToken ? validToken ? `${green("\u2713")} authenticated${expiresAt ? ` ${dim(`(expires ${expiresAt})`)}` : ""}${storageName ? ` ${dim(`[${storageName}]`)}` : ""}` : `${yellow("\u25C6")} expired${expiresAt ? ` ${dim(`(${expiresAt})`)}` : ""}` : dim("(not set) \u2014 run 'alchemy auth' to log in");
+    const pairs = [
+      ["auth", authStatus],
+      [
+        "api-key",
+        cfg.api_key ? `${hasApiKeyMismatch ? `${yellow("\u25C6")} ` : ""}${maskIf(cfg.api_key)}` : dim("(not set)")
+      ],
+      ["access-key", cfg.access_key ? maskIf(cfg.access_key) : dim("(not set)")],
+      ["webhook-api-key", cfg.webhook_api_key ? maskIf(cfg.webhook_api_key) : dim("(not set)")],
+      [
+        "app",
+        cfg.app ? `${cfg.app.name} ${dim(`(${cfg.app.id})`)}` : dim("(not set) \u2014 set automatically via 'alchemy auth' or 'config set app'")
+      ],
+      ["network", cfg.network || dim("(not set, defaults to eth-mainnet)")],
+      [
+        "verbose",
+        cfg.verbose !== void 0 ? String(cfg.verbose) : dim("(not set, defaults to false)")
+      ],
+      ["wallet-key-file", cfg.wallet_key_file || dim("(not set)")],
+      ["wallet-address", cfg.wallet_address || dim("(not set)")],
+      [
+        "x402",
+        cfg.x402 !== void 0 ? String(cfg.x402) : dim("(not set, defaults to false)")
+      ]
+    ];
+    printKeyValueBox(pairs);
+    if (hasApiKeyMismatch) {
+      console.log("");
+      console.log(
+        `  ${yellow("\u25C6")} ${dim("Warning: api-key differs from the selected app key. RPC commands use api-key; run 'alchemy config set app <app-id>' to resync.")}`
+      );
+    }
+  });
+  cmd.command("reset [key]").description("Reset config values (all or a specific key)").option("-y, --yes", "Skip confirmation prompt for full reset").action(async (key, options) => {
+    try {
+      if (key) {
+        const mapped = RESET_KEY_MAP[key];
+        if (!mapped) {
+          throw errInvalidArgs(
+            `invalid reset key '${key}' (valid: api-key, access-key, app, network, verbose, wallet-key-file, x402)`
+          );
+        }
+        const cfg = load();
+        const updated = { ...cfg };
+        delete updated[mapped];
+        save(updated);
+        printHuman(`${green("\u2713")} Reset ${key}
+`, {
+          status: "reset",
+          key
+        });
+        return;
+      }
+      if (!options.yes && isInteractiveAllowed(program2)) {
+        const proceed = await promptConfirm({
+          message: "Reset all saved config values?",
+          initialValue: false,
+          cancelMessage: "Cancelled config reset."
+        });
+        if (proceed === null) {
+          return;
+        }
+        if (!proceed) {
+          console.log(`  ${dim("Skipped config reset.")}`);
+          return;
+        }
+      }
+      save({});
+      printHuman(`${green("\u2713")} Reset all config values
+`, {
+        status: "reset",
+        scope: "all"
+      });
+    } catch (err) {
+      exitWithError(err);
+    }
+  });
+}
+
 // src/commands/rpc.ts
 function registerRPC(program2) {
   program2.command("rpc").argument("<method>", "JSON-RPC method name (e.g. eth_blockNumber)").argument("[params...]", "Method parameters as JSON values").description("Make a raw JSON-RPC call").addHelpText(
@@ -962,7 +1522,7 @@ function registerApps(program2) {
   const cmd = program2.command("apps").description("Manage Alchemy apps");
   cmd.command("list").description("List all apps").option("--cursor <cursor>", "Pagination cursor").option("--limit <n>", "Max results per page", parseInt).option("--all", "Fetch all pages").option("--search <query>", "Search apps by name or id (client-side)").option("--id <appId>", "Filter by exact app id (client-side)").action(async (opts) => {
     try {
-      const admin = adminClientFromFlags(program2);
+      const admin = await adminClientFromFlags(program2);
       const fetchAll = Boolean(opts.all);
       const hasSearch = typeof opts.search === "string";
       const hasId = typeof opts.id === "string";
@@ -1089,7 +1649,7 @@ function registerApps(program2) {
   });
   cmd.command("get <id>").description("Get app details").action(async (id) => {
     try {
-      const admin = adminClientFromFlags(program2);
+      const admin = await adminClientFromFlags(program2);
       const app = await withSpinner(
         "Fetching app\u2026",
         "App fetched",
@@ -1123,7 +1683,7 @@ function registerApps(program2) {
         ...products && { products }
       };
       if (handleDryRun(opts, "create", payload, `Would create app "${opts.name}" on networks: ${networks.join(", ")}`)) return;
-      const admin = adminClientFromFlags(program2);
+      const admin = await adminClientFromFlags(program2);
       const app = await withSpinner(
         "Creating app\u2026",
         "App created",
@@ -1162,7 +1722,7 @@ function registerApps(program2) {
           return;
         }
       }
-      const admin = adminClientFromFlags(program2);
+      const admin = await adminClientFromFlags(program2);
       await withSpinner(
         "Deleting app\u2026",
         "App deleted",
@@ -1188,7 +1748,7 @@ function registerApps(program2) {
         ...opts.description && { description: opts.description }
       };
       if (handleDryRun(opts, "update", payload, `Would update app ${id}`)) return;
-      const admin = adminClientFromFlags(program2);
+      const admin = await adminClientFromFlags(program2);
       const app = await withSpinner(
         "Updating app\u2026",
         "App updated",
@@ -1210,7 +1770,7 @@ function registerApps(program2) {
     try {
       const networks = splitCommaList(opts.networks);
       if (handleDryRun(opts, "networks", { id, networks }, `Would update networks for app ${id}: ${networks.join(", ")}`)) return;
-      const admin = adminClientFromFlags(program2);
+      const admin = await adminClientFromFlags(program2);
       const app = await withSpinner(
         "Updating networks\u2026",
         "Networks updated",
@@ -1231,7 +1791,7 @@ function registerApps(program2) {
     try {
       const entries = splitCommaList(opts.addresses).map((s) => ({ value: s }));
       if (handleDryRun(opts, "address-allowlist", { id, addresses: entries }, `Would update address allowlist for app ${id}`)) return;
-      const admin = adminClientFromFlags(program2);
+      const admin = await adminClientFromFlags(program2);
       const app = await withSpinner(
         "Updating address allowlist\u2026",
         "Address allowlist updated",
@@ -1252,7 +1812,7 @@ function registerApps(program2) {
     try {
       const entries = splitCommaList(opts.origins).map((s) => ({ value: s }));
       if (handleDryRun(opts, "origin-allowlist", { id, origins: entries }, `Would update origin allowlist for app ${id}`)) return;
-      const admin = adminClientFromFlags(program2);
+      const admin = await adminClientFromFlags(program2);
       const app = await withSpinner(
         "Updating origin allowlist\u2026",
         "Origin allowlist updated",
@@ -1273,7 +1833,7 @@ function registerApps(program2) {
     try {
       const entries = splitCommaList(opts.ips).map((s) => ({ value: s }));
       if (handleDryRun(opts, "ip-allowlist", { id, ips: entries }, `Would update IP allowlist for app ${id}`)) return;
-      const admin = adminClientFromFlags(program2);
+      const admin = await adminClientFromFlags(program2);
       const app = await withSpinner(
         "Updating IP allowlist\u2026",
         "IP allowlist updated",
@@ -1292,7 +1852,7 @@ function registerApps(program2) {
   });
   cmd.command("configured-networks").description("List RPC network slugs configured for an app").option("--app-id <id>", "App ID (overrides saved app)").action(async (opts) => {
     try {
-      const admin = adminClientFromFlags(program2);
+      const admin = await adminClientFromFlags(program2);
       const appId = opts.appId || resolveAppId(program2);
       if (!appId) throw errAppRequired();
       const app = await withSpinner(
@@ -1323,7 +1883,7 @@ function registerApps(program2) {
   });
   cmd.command("select [id]").description("Select an app to use as the default").action(async (id) => {
     try {
-      const admin = adminClientFromFlags(program2);
+      const admin = await adminClientFromFlags(program2);
       let selected;
       if (id) {
         selected = await withSpinner(
@@ -1381,7 +1941,7 @@ function registerApps(program2) {
   });
   cmd.command("chains").description("List Admin API chain identifiers for app configuration (e.g. ETH_MAINNET)").action(async () => {
     try {
-      const admin = adminClientFromFlags(program2);
+      const admin = await adminClientFromFlags(program2);
       const chains = await withSpinner(
         "Fetching chains\u2026",
         "Chains fetched",
@@ -1420,6 +1980,99 @@ function registerApps(program2) {
   });
 }
 
+// src/commands/wallet.ts
+import { readFileSync, writeFileSync, mkdirSync } from "fs";
+import { join, dirname } from "path";
+import { randomUUID } from "crypto";
+import { generateWallet, getWalletAddress } from "@alchemy/x402";
+var WALLET_KEYS_DIR = "wallet-keys";
+var UUID_SLICE_LEN = 8;
+var ADDRESS_SLICE_LEN = 12;
+function walletKeysDirPath() {
+  return join(configDir(), WALLET_KEYS_DIR);
+}
+function walletKeyPath(address) {
+  const addr = address.trim().toLowerCase().replace(/^0x/, "").replace(/[^a-z0-9]/g, "").slice(0, ADDRESS_SLICE_LEN);
+  const addressTag = addr || "unknown";
+  const fileName = `wallet-key-${addressTag}-${Date.now()}-${randomUUID().slice(0, UUID_SLICE_LEN)}.txt`;
+  return join(walletKeysDirPath(), fileName);
+}
+function persistWalletKey(privateKey, address) {
+  const keyPath = walletKeyPath(address);
+  mkdirSync(dirname(keyPath), { recursive: true, mode: 493 });
+  writeFileSync(keyPath, privateKey + "\n", { mode: 384, flag: "wx" });
+  return keyPath;
+}
+function generateAndPersistWallet() {
+  const wallet = generateWallet();
+  const keyPath = persistWalletKey(wallet.privateKey, wallet.address);
+  const cfg = load();
+  save({ ...cfg, wallet_key_file: keyPath, wallet_address: wallet.address });
+  return { address: wallet.address, keyFile: keyPath };
+}
+function importAndPersistWallet(path) {
+  let key;
+  try {
+    key = readFileSync(path, "utf-8").trim();
+  } catch {
+    throw errInvalidArgs(`Could not read key file: ${path}`);
+  }
+  const address = getWalletAddress(key);
+  const keyPath = persistWalletKey(key, address);
+  const cfg = load();
+  save({ ...cfg, wallet_key_file: keyPath, wallet_address: address });
+  return { address, keyFile: keyPath };
+}
+function registerWallet(program2) {
+  const cmd = program2.command("wallet").description("Manage x402 wallet");
+  cmd.command("generate").description("Generate a new wallet for x402 authentication").action(() => {
+    try {
+      const wallet = generateAndPersistWallet();
+      if (isJSONMode()) {
+        printJSON(wallet);
+      } else {
+        printKeyValueBox([
+          ["Address", green(wallet.address)],
+          ["Key file", wallet.keyFile]
+        ]);
+        console.log(`  ${green("\u2713")} Wallet generated and saved to config`);
+      }
+    } catch (err) {
+      exitWithError(err);
+    }
+  });
+  cmd.command("import").argument("<path>", "Path to private key file").description("Import a wallet from a private key file").action((path) => {
+    try {
+      const wallet = importAndPersistWallet(path);
+      if (isJSONMode()) {
+        printJSON(wallet);
+      } else {
+        printKeyValueBox([
+          ["Address", green(wallet.address)],
+          ["Key file", wallet.keyFile]
+        ]);
+        console.log(`  ${green("\u2713")} Wallet imported and saved to config`);
+      }
+    } catch (err) {
+      exitWithError(err);
+    }
+  });
+  cmd.command("address").description("Display the address of the configured wallet").action(() => {
+    try {
+      const key = resolveWalletKey(program2);
+      if (!key) throw errWalletKeyRequired();
+      const address = getWalletAddress(key);
+      printHuman(
+        `${address}
+`,
+        { address }
+      );
+    } catch (err) {
+      exitWithError(err);
+    }
+  });
+}
+
 // src/commands/setup.ts
 function registerSetup(program2) {
   const cmd = program2.command("setup").description("Setup and onboarding utilities");
@@ -1429,9 +2082,15 @@ function registerSetup(program2) {
       printJSON(status);
       return;
     }
+    const methodLabels = {
+      api_key: "API key",
+      access_key_app: "Access key + app",
+      x402_wallet: "SIWx wallet",
+      auth_token: "Browser login + app"
+    };
     printKeyValueBox([
       ["Complete", status.complete ? "yes" : "no"],
-      ["Satisfied by", status.satisfiedBy ?? dim("(none)")]
+      ["Satisfied by", status.satisfiedBy ? methodLabels[status.satisfiedBy] ?? status.satisfiedBy : dim("(none)")]
     ]);
     if (status.missing.length > 0) {
       console.log("");
@@ -2537,7 +3196,7 @@ function buildAgentPrompt(program2) {
         envVar: "ALCHEMY_ACCESS_KEY",
         flag: "--access-key <key>",
         configKey: "access-key",
-        commandFamilies: ["apps", "network list --configured"]
+        commandFamilies: ["apps", "apps configured-networks"]
       },
       {
         method: "Webhook API key",
@@ -2738,7 +3397,7 @@ function resetUpdateNoticeState() {
 }
 program.name("alchemy").description(
   "The Alchemy CLI lets you query blockchain data, call JSON-RPC methods, and manage your Alchemy configuration."
-).version("0.5.1", "-v, --version", "display CLI version").option("--api-key <key>", "Alchemy API key (env: ALCHEMY_API_KEY)").option("--access-key <key>", "Alchemy access key (env: ALCHEMY_ACCESS_KEY)").option(
+).version("0.6.0", "-v, --version", "display CLI version").option("--api-key <key>", "Alchemy API key (env: ALCHEMY_API_KEY)").option("--access-key <key>", "Alchemy access key (env: ALCHEMY_ACCESS_KEY)").option(
   "-n, --network <network>",
   "Target network (default: eth-mainnet) (env: ALCHEMY_NETWORK)"
 ).option("--x402", "Use x402 wallet-based gateway auth").option("--wallet-key-file <path>", "Path to wallet private key file for x402").option("--json", "Force JSON output (auto-enabled when piped)").option("-q, --quiet", "Suppress non-essential output").option("--verbose", "Enable verbose output").option("--no-color", "Disable color output").option("--reveal", "Show secrets in plain text").option("--timeout <ms>", "Request timeout in milliseconds (default: none)", parseInt).option("--debug", "Enable debug diagnostics").option("--no-interactive", "Disable REPL and prompt-driven interactions").addHelpCommand(false).allowExcessArguments(true).exitOverride((err) => {
@@ -2881,7 +3540,7 @@ ${styledLine}`;
     `  ${hDim("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500")}`,
     `  ${hDim("Docs:")} ${hBrand("https://www.alchemy.com/docs")}`
   ].join("\n");
-}).hook("preAction", () => {
+}).hook("preAction", async (thisCommand, actionCommand) => {
   const opts = program.opts();
   if (opts.color === false) setNoColor(true);
   const cfg = load();
@@ -2893,6 +3552,29 @@ ${styledLine}`;
     reveal: Boolean(opts.reveal),
     timeout: opts.timeout
   });
+  const cmdName = actionCommand.name();
+  const skipAppPrompt = [
+    "auth",
+    "config",
+    "setup",
+    "help",
+    "version",
+    "completions",
+    "agent-prompt",
+    "update-check",
+    "wallet"
+  ];
+  if (!skipAppPrompt.includes(cmdName) && isInteractiveAllowed(program) && !opts.apiKey && !process.env.ALCHEMY_API_KEY) {
+    const { resolveAuthToken } = await import("./resolve-HXKHDOJZ.js");
+    const authToken = await resolveAuthToken(cfg);
+    const hasApiKey = Boolean(cfg.api_key?.trim() || cfg.app?.apiKey);
+    if (authToken && !hasApiKey) {
+      const { selectAppAfterAuth } = await import("./auth-QB3BA7AN.js");
+      console.log("");
+      console.log(`  No app selected. Please select an app to continue.`);
+      await selectAppAfterAuth(authToken);
+    }
+  }
 }).hook("postAction", () => {
   if (!isJSONMode() && !quiet) {
     console.log("");
@@ -2918,7 +3600,7 @@ ${styledLine}`;
   if (isInteractiveAllowed(program)) {
     let latestForInteractiveStartup = null;
     if (shouldRunOnboarding(program, cfg)) {
-      const { runOnboarding } = await import("./onboarding-CWCVWSUG.js");
+      const { runOnboarding } = await import("./onboarding-S3GAP4OV.js");
       const latest = getAvailableUpdateOnce();
       const completed = await runOnboarding(program, latest);
       updateShownDuringInteractiveStartup = Boolean(latest);
@@ -2930,7 +3612,7 @@ ${styledLine}`;
       latestForInteractiveStartup = getAvailableUpdateOnce();
       updateShownDuringInteractiveStartup = Boolean(latestForInteractiveStartup);
     }
-    const { startREPL } = await import("./interactive-G4ON47AR.js");
+    const { startREPL } = await import("./interactive-OM476LBG.js");
     program.exitOverride();
     program.configureOutput({
       writeErr: () => {