@aomi-labs/client 0.1.12 → 0.1.14

package/README.md

@@ -63,30 +63,30 @@ new Session(clientOptions: AomiClientOptions, sessionOptions?: SessionOptions)
 new Session(client: AomiClient, sessionOptions?: SessionOptions)
 ```
 
-| Option | Default | Description |
-|--------|---------|-------------|
-| `sessionId` | `crypto.randomUUID()` | Thread/session ID |
-| `namespace` | `"default"` | Backend namespace |
-| `publicKey` | — | Wallet address |
-| `apiKey` | — | API key for private namespaces |
-| `userState` | — | Arbitrary user state sent with requests |
-| `pollIntervalMs` | `500` | Polling interval in ms |
-| `logger` | — | Pass `console` for debug output |
+| Option           | Default               | Description                             |
+| ---------------- | --------------------- | --------------------------------------- |
+| `sessionId`      | `crypto.randomUUID()` | Thread/session ID                       |
+| `namespace`      | `"default"`           | Backend namespace                       |
+| `publicKey`      | —                     | Wallet address                          |
+| `apiKey`         | —                     | API key for private namespaces          |
+| `userState`      | —                     | Arbitrary user state sent with requests |
+| `pollIntervalMs` | `500`                 | Polling interval in ms                  |
+| `logger`         | —                     | Pass `console` for debug output         |
 
 #### Methods
 
-| Method | Description |
-|--------|-------------|
-| `send(message)` | Send a message, wait for completion, return `{ messages, title }` |
-| `sendAsync(message)` | Send without waiting — poll in background, listen via events |
-| `resolve(id, result)` | Resolve a pending wallet request |
-| `reject(id, reason?)` | Reject a pending wallet request |
-| `interrupt()` | Cancel current processing |
-| `close()` | Stop polling, unsubscribe SSE, clean up |
-| `getMessages()` | Current messages |
-| `getTitle()` | Current session title |
-| `getPendingRequests()` | Pending wallet requests |
-| `getIsProcessing()` | Whether the agent is processing |
+| Method                 | Description                                                       |
+| ---------------------- | ----------------------------------------------------------------- |
+| `send(message)`        | Send a message, wait for completion, return `{ messages, title }` |
+| `sendAsync(message)`   | Send without waiting — poll in background, listen via events      |
+| `resolve(id, result)`  | Resolve a pending wallet request                                  |
+| `reject(id, reason?)`  | Reject a pending wallet request                                   |
+| `interrupt()`          | Cancel current processing                                         |
+| `close()`              | Stop polling, unsubscribe SSE, clean up                           |
+| `getMessages()`        | Current messages                                                  |
+| `getTitle()`           | Current session title                                             |
+| `getPendingRequests()` | Pending wallet requests                                           |
+| `getIsProcessing()`    | Whether the agent is processing                                   |
 
 #### Events
 
@@ -119,11 +119,15 @@ When installed globally or in a project, the executable name is `aomi`.
 For one-off usage, run commands via `npx @aomi-labs/client ...`.
 
 ```bash
+npx @aomi-labs/client --version                         # print installed CLI version
 npx @aomi-labs/client chat "swap 1 ETH for USDC"        # talk to the agent
 npx @aomi-labs/client chat "swap 1 ETH for USDC" --model claude-sonnet-4
 npx @aomi-labs/client chat "swap 1 ETH" --verbose        # stream tool calls + responses live
-npx @aomi-labs/client models                             # list available models
+npx @aomi-labs/client app list                           # list available apps
+npx @aomi-labs/client model list                         # list available models
 npx @aomi-labs/client model set claude-sonnet-4          # switch the current session model
+npx @aomi-labs/client secret list                        # list configured secret handles
+npx @aomi-labs/client --secret ALCHEMY_API_KEY=...       # ingest a secret for the active session
 npx @aomi-labs/client log                                # show full conversation history
 npx @aomi-labs/client tx                                 # list pending + signed txs
 npx @aomi-labs/client sign tx-1                          # sign a specific pending tx
@@ -150,7 +154,7 @@ session don't need it again.
 The CLI can discover and switch backend models for the active session:
 
 ```bash
-$ npx @aomi-labs/client models
+$ npx @aomi-labs/client model list
 claude-sonnet-4
 gpt-5
 
@@ -164,6 +168,29 @@ $ npx @aomi-labs/client chat "hello" --model claude-sonnet-4
 successful backend update. `aomi chat --model ...` applies the requested model
 before sending the message and updates that persisted state as well.
 
+### Secret management
+
+The CLI supports per-session secret ingestion. This lets the backend use opaque
+handles instead of raw secret values:
+
+```bash
+$ npx @aomi-labs/client --secret ALCHEMY_API_KEY=sk_live_123
+Configured 1 secret for session 7f8a...
+ALCHEMY_API_KEY  $SECRET:ALCHEMY_API_KEY
+
+$ npx @aomi-labs/client --secret ALCHEMY_API_KEY=sk_live_123 chat "simulate a swap on Base"
+```
+
+You can inspect or clear the current session's secret handles:
+
+```bash
+$ npx @aomi-labs/client secret list
+ALCHEMY_API_KEY  $SECRET:ALCHEMY_API_KEY
+
+$ npx @aomi-labs/client secret clear
+Cleared all secrets for the active session.
+```
+
 ### Transaction flow
 
 The backend builds transactions; the CLI persists and signs them:
@@ -252,17 +279,19 @@ $ npx @aomi-labs/client log
 
 All config can be passed as flags (which take priority over env vars):
 
-| Flag | Env Variable | Default | Description |
-|------|-------------|---------|-------------|
-| `--backend-url` | `AOMI_BASE_URL` | `https://api.aomi.dev` | Backend URL |
-| `--api-key` | `AOMI_API_KEY` | — | API key for non-default apps |
-| `--app` | `AOMI_APP` | `default` | App |
-| `--model` | `AOMI_MODEL` | — | Model rig to apply before chat |
-| `--public-key` | `AOMI_PUBLIC_KEY` | — | Wallet address (tells agent your wallet) |
-| `--private-key` | `PRIVATE_KEY` | — | Hex private key for `aomi sign` |
-| `--rpc-url` | `CHAIN_RPC_URL` | — | RPC URL for transaction submission |
-| `--chain` | `AOMI_CHAIN_ID` | `1` | Chain ID (1, 137, 42161, 8453, 10, 11155111) |
-| `--verbose`, `-v` | — | — | Stream tool calls and agent responses live |
+| Flag                    | Env Variable      | Default                | Description                                  |
+| ----------------------- | ----------------- | ---------------------- | -------------------------------------------- |
+| `--backend-url`         | `AOMI_BASE_URL`   | `https://api.aomi.dev` | Backend URL                                  |
+| `--api-key`             | `AOMI_API_KEY`    | —                      | API key for non-default apps                 |
+| `--app`                 | `AOMI_APP`        | `default`              | App                                          |
+| `--model`               | `AOMI_MODEL`      | —                      | Model rig to apply before chat               |
+| `--secret <NAME=value>` | —                 | —                      | Ingest secret values for the active session  |
+| `--public-key`          | `AOMI_PUBLIC_KEY` | —                      | Wallet address (tells agent your wallet)     |
+| `--private-key`         | `PRIVATE_KEY`     | —                      | Hex private key for `aomi sign`              |
+| `--rpc-url`             | `CHAIN_RPC_URL`   | —                      | RPC URL for transaction submission           |
+| `--chain`               | `AOMI_CHAIN_ID`   | `1`                    | Chain ID (1, 137, 42161, 8453, 10, 11155111) |
+| `--verbose`, `-v`       | —                 | —                      | Stream tool calls and agent responses live   |
+| `--version`, `-V`       | —                 | —                      | Print the installed CLI version              |
 
 ```bash
 # Use a custom backend
@@ -293,14 +322,16 @@ The CLI is **not** a long-running process — each command starts, runs, and
 exits. Conversation history lives on the backend. Between invocations, the CLI
 persists local state under `AOMI_STATE_DIR` or `~/.aomi` by default:
 
-| Field | Purpose |
-|-------|---------|
-| `sessionId` | Which conversation to continue |
-| `model` | Last successfully applied model for the session |
-| `publicKey` | Wallet address (from `--public-key`) |
-| `chainId` | Active chain ID (from `--chain`) |
-| `pendingTxs` | Unsigned transactions waiting for `aomi sign <id>` |
-| `signedTxs` | Completed transactions with hashes/signatures |
+| Field           | Purpose                                                |
+| --------------- | ------------------------------------------------------ |
+| `sessionId`     | Which conversation to continue                         |
+| `clientId`      | Stable client identity used for session secret handles |
+| `model`         | Last successfully applied model for the session        |
+| `publicKey`     | Wallet address (from `--public-key`)                   |
+| `chainId`       | Active chain ID (from `--chain`)                       |
+| `secretHandles` | Opaque handles returned for ingested secrets           |
+| `pendingTxs`    | Unsigned transactions waiting for `aomi sign <id>`     |
+| `signedTxs`     | Completed transactions with hashes/signatures          |
 
 ```
 $ npx @aomi-labs/client chat "hello"           # creates session, saves sessionId

package/dist/cli.js

@@ -19,6 +19,46 @@ var __spreadValues = (a, b) => {
 };
 var __spreadProps = (a, b) => __defProps(a, __getOwnPropDescs(b));
 
+// package.json
+var package_default = {
+  name: "@aomi-labs/client",
+  version: "0.1.14",
+  description: "Platform-agnostic TypeScript client for the Aomi backend API",
+  type: "module",
+  main: "./dist/index.cjs",
+  module: "./dist/index.js",
+  types: "./dist/index.d.ts",
+  bin: {
+    aomi: "./dist/cli.js"
+  },
+  exports: {
+    ".": {
+      import: {
+        types: "./dist/index.d.ts",
+        default: "./dist/index.js"
+      },
+      require: {
+        types: "./dist/index.d.cts",
+        default: "./dist/index.cjs"
+      }
+    }
+  },
+  files: [
+    "dist",
+    "skills",
+    "README.md"
+  ],
+  scripts: {
+    build: "tsup",
+    "clean:dist": "rm -rf dist"
+  },
+  dependencies: {
+    "@getpara/aa-alchemy": "2.18.0",
+    "@getpara/aa-pimlico": "2.18.0",
+    viem: "^2.40.3"
+  }
+};
+
 // src/cli/errors.ts
 var CliExit = class extends Error {
   constructor(code) {
@@ -95,7 +135,7 @@ function parseAAMode(value) {
 }
 function parseArgs(argv) {
   const raw = argv.slice(2);
-  const command = raw[0] && !raw[0].startsWith("--") ? raw[0] : void 0;
+  const command = raw[0] && !raw[0].startsWith("-") ? raw[0] : void 0;
   const rest = command ? raw.slice(1) : raw;
   const positional = [];
   const flags = {};
@@ -792,9 +832,10 @@ var AomiClient = class {
   /**
    * Fetch current session state (messages, processing status, title).
    */
-  async fetchState(sessionId, userState) {
+  async fetchState(sessionId, userState, clientId) {
     const url = buildApiUrl(this.baseUrl, "/api/state", {
-      user_state: userState ? JSON.stringify(userState) : void 0
+      user_state: userState ? JSON.stringify(userState) : void 0,
+      client_id: clientId
     });
     const response = await fetch(url, {
       headers: withSessionHeader(sessionId)
@@ -818,6 +859,9 @@ var AomiClient = class {
     if (options == null ? void 0 : options.userState) {
       payload.user_state = JSON.stringify(options.userState);
     }
+    if (options == null ? void 0 : options.clientId) {
+      payload.client_id = options.clientId;
+    }
     return postState(
       this.baseUrl,
       "/api/chat",
@@ -849,6 +893,40 @@ var AomiClient = class {
     );
   }
   // ===========================================================================
+  // Secrets
+  // ===========================================================================
+  /**
+   * Ingest secrets for a client. Returns opaque `$SECRET:<name>` handles.
+   * Call this once at page load (or when secrets change) with a stable
+   * client_id for the browser tab. The same client_id should be passed
+   * to `sendMessage` / `fetchState` so sessions get associated.
+   */
+  async ingestSecrets(clientId, secrets) {
+    const url = joinApiPath(this.baseUrl, "/api/secrets");
+    const response = await fetch(url, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ client_id: clientId, secrets })
+    });
+    if (!response.ok) {
+      throw new Error(`HTTP ${response.status}: ${response.statusText}`);
+    }
+    return await response.json();
+  }
+  /**
+   * Clear all secrets for a client (e.g. on page unload or logout).
+   */
+  async clearSecrets(clientId) {
+    const url = buildApiUrl(this.baseUrl, "/api/secrets", {
+      client_id: clientId
+    });
+    const response = await fetch(url, { method: "DELETE" });
+    if (!response.ok) {
+      throw new Error(`HTTP ${response.status}: ${response.statusText}`);
+    }
+    return await response.json();
+  }
+  // ===========================================================================
   // SSE (Real-time Updates)
   // ===========================================================================
   /**
@@ -3627,6 +3705,7 @@ async function signCommand(runtime) {
 }
 
 // src/cli/main.ts
+var CLI_VERSION = package_default.version;
 function printUsage() {
   console.log(`
 aomi \u2014 CLI client for Aomi on-chain agent
@@ -3653,6 +3732,7 @@ Usage:
   aomi status           Show current session state
   aomi events           List system events
   aomi close            Close the current session
+  aomi --version        Print the installed CLI version
 
 Options:
   --backend-url <url>   Backend URL (default: https://api.aomi.dev)
@@ -3663,6 +3743,7 @@ Options:
   --private-key <key>   Hex private key for signing
   --rpc-url <url>       RPC URL for transaction submission
   --verbose, -v         Show tool calls and streaming output (for chat)
+  --version, -V         Print the installed CLI version
 
 Sign options:
   aomi sign <tx-id> --eoa
@@ -3696,8 +3777,8 @@ Environment (overridden by flags):
 `.trim());
 }
 async function main(runtime) {
-  var _a3;
-  const command = (_a3 = runtime.parsed.command) != null ? _a3 : runtime.parsed.flags["help"] || runtime.parsed.flags["h"] ? "help" : void 0;
+  var _a3, _b;
+  const command = (_b = (_a3 = runtime.parsed.command) != null ? _a3 : runtime.parsed.flags["version"] || runtime.parsed.flags["V"] ? "version" : void 0) != null ? _b : runtime.parsed.flags["help"] || runtime.parsed.flags["h"] ? "help" : void 0;
   switch (command) {
     case "chat":
       await chatCommand(runtime);
@@ -3732,6 +3813,9 @@ async function main(runtime) {
     case "close":
       closeCommand(runtime);
       break;
+    case "version":
+      console.log(CLI_VERSION);
+      break;
     case "help":
       printUsage();
       break;

package/dist/index.cjs

@@ -317,9 +317,10 @@ var AomiClient = class {
   /**
    * Fetch current session state (messages, processing status, title).
    */
-  async fetchState(sessionId, userState) {
+  async fetchState(sessionId, userState, clientId) {
     const url = buildApiUrl(this.baseUrl, "/api/state", {
-      user_state: userState ? JSON.stringify(userState) : void 0
+      user_state: userState ? JSON.stringify(userState) : void 0,
+      client_id: clientId
     });
     const response = await fetch(url, {
       headers: withSessionHeader(sessionId)
@@ -343,6 +344,9 @@ var AomiClient = class {
     if (options == null ? void 0 : options.userState) {
       payload.user_state = JSON.stringify(options.userState);
     }
+    if (options == null ? void 0 : options.clientId) {
+      payload.client_id = options.clientId;
+    }
     return postState(
       this.baseUrl,
       "/api/chat",
@@ -374,6 +378,40 @@ var AomiClient = class {
     );
   }
   // ===========================================================================
+  // Secrets
+  // ===========================================================================
+  /**
+   * Ingest secrets for a client. Returns opaque `$SECRET:<name>` handles.
+   * Call this once at page load (or when secrets change) with a stable
+   * client_id for the browser tab. The same client_id should be passed
+   * to `sendMessage` / `fetchState` so sessions get associated.
+   */
+  async ingestSecrets(clientId, secrets) {
+    const url = joinApiPath(this.baseUrl, "/api/secrets");
+    const response = await fetch(url, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ client_id: clientId, secrets })
+    });
+    if (!response.ok) {
+      throw new Error(`HTTP ${response.status}: ${response.statusText}`);
+    }
+    return await response.json();
+  }
+  /**
+   * Clear all secrets for a client (e.g. on page unload or logout).
+   */
+  async clearSecrets(clientId) {
+    const url = buildApiUrl(this.baseUrl, "/api/secrets", {
+      client_id: clientId
+    });
+    const response = await fetch(url, { method: "DELETE" });
+    if (!response.ok) {
+      throw new Error(`HTTP ${response.status}: ${response.statusText}`);
+    }
+    return await response.json();
+  }
+  // ===========================================================================
   // SSE (Real-time Updates)
   // ===========================================================================
   /**