@arc402/sdk 0.6.3 → 0.6.6

package/src/daemon.ts

@@ -0,0 +1,280 @@
+import { existsSync, readFileSync } from "fs";
+import os from "os";
+import path from "path";
+
+export const DEFAULT_DAEMON_HTTP_URL = "http://127.0.0.1:4402";
+export const DEFAULT_DAEMON_API_URL = "http://127.0.0.1:4403";
+export const DEFAULT_DAEMON_TOKEN_PATH = path.join(os.homedir(), ".arc402", "daemon.token");
+export const DEFAULT_DAEMON_CONFIG_PATH = path.join(os.homedir(), ".arc402", "daemon.toml");
+
+export interface DaemonHealthStatus {
+  ok: boolean;
+  wallet: string;
+}
+
+export interface DaemonWalletStatus {
+  ok: boolean;
+  wallet: string;
+  daemonId: string;
+  chainId: number;
+  rpcUrl: string;
+  policyEngineAddress: string;
+}
+
+export interface DaemonWorkroomStatus {
+  ok: boolean;
+  status: string;
+}
+
+export interface DaemonAgreementRecord {
+  id: string;
+  agreement_id: string | null;
+  hirer_address: string;
+  capability: string;
+  price_eth: string;
+  deadline_unix: number;
+  spec_hash: string;
+  task_description: string | null;
+  status: string;
+  created_at: number;
+  updated_at: number;
+  reject_reason: string | null;
+}
+
+export interface DaemonAgreementsResponse {
+  ok: boolean;
+  agreements: DaemonAgreementRecord[];
+}
+
+export interface AuthChallengeResponse {
+  challengeId: string;
+  challenge: string;
+  daemonId: string;
+  wallet: string;
+  chainId: number;
+  scope: string;
+  expiresAt: number;
+  issuedAt: number;
+}
+
+export interface AuthSessionResponse {
+  ok: true;
+  token: string;
+  wallets: string[];
+  wallet: string;
+  scope: string;
+  expiresAt: number;
+}
+
+export interface RevokeSessionsResponse {
+  ok: boolean;
+  revoked: string;
+}
+
+export interface DaemonNodeClientOptions {
+  /** Split daemon API base URL. Defaults to http://127.0.0.1:4403. */
+  apiUrl?: string;
+  /** Alias for apiUrl to match older docs/examples. */
+  baseUrl?: string;
+  /** Local daemon token. Defaults to ~/.arc402/daemon.token when present. */
+  token?: string;
+  /** Explicit path to daemon.token if you don't want the default. */
+  tokenPath?: string;
+  /** Explicit path to daemon.toml if you want port inference from a non-default location. */
+  configPath?: string;
+  /** Custom fetch implementation for testing or non-standard runtimes. */
+  fetchImpl?: typeof fetch;
+}
+
+export class DaemonClientError extends Error {
+  constructor(
+    message: string,
+    public readonly statusCode?: number,
+    public readonly details?: unknown,
+  ) {
+    super(message);
+    this.name = "DaemonClientError";
+  }
+}
+
+function trimTrailingSlash(input: string): string {
+  return input.replace(/\/$/, "");
+}
+
+function readTomlInteger(contents: string, key: string): number | undefined {
+  const match = contents.match(new RegExp(`^\\s*${key}\\s*=\\s*(\\d+)\\s*$`, "m"));
+  if (!match) return undefined;
+  const parsed = Number.parseInt(match[1], 10);
+  return Number.isFinite(parsed) ? parsed : undefined;
+}
+
+export function loadLocalDaemonToken(tokenPath = DEFAULT_DAEMON_TOKEN_PATH): string | undefined {
+  try {
+    const token = readFileSync(tokenPath, "utf-8").trim();
+    return token.length > 0 ? token : undefined;
+  } catch {
+    return undefined;
+  }
+}
+
+export function resolveDaemonHttpBaseUrl(configPath = DEFAULT_DAEMON_CONFIG_PATH): string {
+  try {
+    if (existsSync(configPath)) {
+      const config = readFileSync(configPath, "utf-8");
+      const port = readTomlInteger(config, "listen_port") ?? 4402;
+      return `http://127.0.0.1:${port}`;
+    }
+  } catch {
+    // Fall through to default.
+  }
+  return DEFAULT_DAEMON_HTTP_URL;
+}
+
+export function resolveDaemonApiBaseUrl(options: Pick<DaemonNodeClientOptions, "apiUrl" | "baseUrl" | "configPath"> = {}): string {
+  const explicit = options.apiUrl ?? options.baseUrl;
+  if (explicit && explicit.trim().length > 0) {
+    return trimTrailingSlash(explicit.trim());
+  }
+
+  const httpBase = resolveDaemonHttpBaseUrl(options.configPath ?? DEFAULT_DAEMON_CONFIG_PATH);
+
+  try {
+    const url = new URL(httpBase);
+    const httpPort = url.port ? Number.parseInt(url.port, 10) : (url.protocol === "https:" ? 443 : 80);
+    if (Number.isFinite(httpPort)) {
+      url.port = String(httpPort + 1);
+      return trimTrailingSlash(url.toString());
+    }
+  } catch {
+    // Fall through to default.
+  }
+
+  return DEFAULT_DAEMON_API_URL;
+}
+
+function safeJsonParse(value: string): unknown {
+  try {
+    return JSON.parse(value);
+  } catch {
+    return value;
+  }
+}
+
+/**
+ * Thin typed client for the split ARC-402 node API (`arc402-api`).
+ *
+ * This surface is for operator-side reads and auth against the host daemon/node process:
+ * - `/health`
+ * - `/auth/challenge`
+ * - `/auth/session`
+ * - `/auth/revoke`
+ * - `/wallet/status`
+ * - `/workroom/status`
+ * - `/agreements`
+ *
+ * The delivery plane still lives on the host daemon HTTP port (usually `:4402`)
+ * and is wrapped separately by `DeliveryClient`.
+ */
+export class DaemonNodeClient {
+  readonly apiUrl: string;
+  private readonly options: DaemonNodeClientOptions;
+  private readonly fetchImpl: typeof fetch;
+
+  constructor(options: DaemonNodeClientOptions = {}) {
+    this.options = options;
+    this.apiUrl = resolveDaemonApiBaseUrl(options);
+    this.fetchImpl = options.fetchImpl ?? fetch;
+  }
+
+  private async request<T>(
+    method: "GET" | "POST",
+    urlPath: string,
+    body?: unknown,
+    useSession = false,
+  ): Promise<T> {
+    const token = this.options.token ?? loadLocalDaemonToken(this.options.tokenPath ?? DEFAULT_DAEMON_TOKEN_PATH);
+    const headers: Record<string, string> = {};
+
+    if (body !== undefined) {
+      headers["Content-Type"] = "application/json";
+    }
+    if (useSession) {
+      if (!token) {
+        throw new DaemonClientError("No daemon session token available");
+      }
+      headers.Authorization = `Bearer ${token}`;
+    }
+
+    const response = await this.fetchImpl(`${this.apiUrl}${urlPath}`, {
+      method,
+      headers,
+      body: body !== undefined ? JSON.stringify(body) : undefined,
+    });
+
+    const text = await response.text();
+    const payload = text.length > 0 ? safeJsonParse(text) : undefined;
+
+    if (!response.ok) {
+      const message =
+        typeof payload === "object" &&
+        payload !== null &&
+        "error" in payload &&
+        typeof (payload as { error?: unknown }).error === "string"
+          ? (payload as { error: string }).error
+          : text || `Daemon request failed (${response.status})`;
+      throw new DaemonClientError(message, response.status, payload ?? text);
+    }
+
+    return (payload ?? {}) as T;
+  }
+
+  async getHealth(): Promise<DaemonHealthStatus> {
+    return this.request<DaemonHealthStatus>("GET", "/health");
+  }
+
+  async requestAuthChallenge(wallet: string, requestedScope = "operator"): Promise<AuthChallengeResponse> {
+    return this.request<AuthChallengeResponse>("POST", "/auth/challenge", { wallet, requestedScope });
+  }
+
+  async health(): Promise<DaemonHealthStatus> {
+    return this.getHealth();
+  }
+
+  async createSession(challengeId: string, signature: string): Promise<AuthSessionResponse> {
+    return this.request<AuthSessionResponse>("POST", "/auth/session", { challengeId, signature });
+  }
+
+  async revokeSessions(): Promise<RevokeSessionsResponse> {
+    return this.request<RevokeSessionsResponse>("POST", "/auth/revoke", undefined, true);
+  }
+
+  async revokeSession(): Promise<RevokeSessionsResponse> {
+    return this.revokeSessions();
+  }
+
+  async getWalletStatus(): Promise<DaemonWalletStatus> {
+    return this.request<DaemonWalletStatus>("GET", "/wallet/status", undefined, true);
+  }
+
+  async walletStatus(): Promise<DaemonWalletStatus> {
+    return this.getWalletStatus();
+  }
+
+  async getWorkroomStatus(): Promise<DaemonWorkroomStatus> {
+    return this.request<DaemonWorkroomStatus>("GET", "/workroom/status", undefined, true);
+  }
+
+  async workroomStatus(): Promise<DaemonWorkroomStatus> {
+    return this.getWorkroomStatus();
+  }
+
+  async listAgreements(): Promise<DaemonAgreementsResponse> {
+    return this.request<DaemonAgreementsResponse>("GET", "/agreements", undefined, true);
+  }
+
+  async agreements(): Promise<DaemonAgreementsResponse> {
+    return this.listAgreements();
+  }
+}
+
+export { DaemonNodeClient as DaemonClient };

package/src/index.ts

@@ -31,10 +31,14 @@ export { ColdStartClient } from "./coldstart";
 export { ComputeAgreementClient } from "./compute";
 export type { ComputeSession, ComputeUsageReport } from "./compute";
 export { MigrationClient } from "./migration";
+export { ArenaClient, ARENA_ADDRESSES } from "./arena";
+export type { ArenaRound, ArenaSquad, ArenaBriefing, ArenaArtifact, ArenaStatus, ArenaNewsletter, ArenaArtifactParams } from "./arena";
 export { resolveEndpoint, notifyEndpoint, notifyHire, notifyHandshake, notifyHireAccepted, notifyDelivery, notifyDeliveryAccepted, notifyDispute, notifyMessage, DEFAULT_REGISTRY_ADDRESS } from "./endpoint";
 export type { EndpointNotifyResult } from "./endpoint";
 export { DeliveryClient, DEFAULT_DAEMON_URL } from "./delivery";
 export type { DeliveryFile, DeliveryManifest, DeliveryClientOptions } from "./delivery";
+export { DaemonClient, DaemonNodeClient, DaemonClientError, DEFAULT_DAEMON_HTTP_URL, DEFAULT_DAEMON_API_URL, DEFAULT_DAEMON_TOKEN_PATH, DEFAULT_DAEMON_CONFIG_PATH, resolveDaemonHttpBaseUrl, resolveDaemonApiBaseUrl, loadLocalDaemonToken } from "./daemon";
+export type { DaemonNodeClientOptions, DaemonHealthStatus, DaemonWalletStatus, DaemonWorkroomStatus, DaemonAgreementRecord, DaemonAgreementsResponse, AuthChallengeResponse, AuthSessionResponse, RevokeSessionsResponse } from "./daemon";
 
 // Base Mainnet contract addresses
 export const COMPUTE_AGREEMENT_ADDRESS = "0xf898A8A2cF9900A588B174d9f96349BBA95e57F3";

package/test/daemon-client.test.js

@@ -0,0 +1,82 @@
+const test = require('node:test');
+const assert = require('node:assert/strict');
+const fs = require('node:fs');
+const os = require('node:os');
+const path = require('node:path');
+
+const {
+  DaemonClient,
+  DaemonNodeClient,
+  loadLocalDaemonToken,
+  resolveDaemonHttpBaseUrl,
+  resolveDaemonApiBaseUrl,
+  DEFAULT_DAEMON_HTTP_URL,
+  DEFAULT_DAEMON_API_URL,
+} = require('../dist');
+
+test('daemon URL helpers infer split ports from daemon.toml', () => {
+  const tmp = fs.mkdtempSync(path.join(os.tmpdir(), 'arc402-sdk-daemon-'));
+  const configPath = path.join(tmp, 'daemon.toml');
+  fs.writeFileSync(configPath, '[relay]\nlisten_port = 5510\n');
+
+  assert.equal(resolveDaemonHttpBaseUrl(configPath), 'http://127.0.0.1:5510');
+  assert.equal(resolveDaemonApiBaseUrl({ configPath }), 'http://127.0.0.1:5511');
+  assert.equal(resolveDaemonApiBaseUrl({ baseUrl: 'https://node.example.com/' }), 'https://node.example.com');
+});
+
+test('daemon token loader trims file contents and tolerates missing file', () => {
+  const tmp = fs.mkdtempSync(path.join(os.tmpdir(), 'arc402-sdk-token-'));
+  const tokenPath = path.join(tmp, 'daemon.token');
+  fs.writeFileSync(tokenPath, 'secret-token\n');
+
+  assert.equal(loadLocalDaemonToken(tokenPath), 'secret-token');
+  assert.equal(loadLocalDaemonToken(path.join(tmp, 'missing.token')), undefined);
+});
+
+test('daemon client reads split API endpoints and keeps compatibility aliases', async () => {
+  const calls = [];
+  const originalFetch = global.fetch;
+  global.fetch = async (url, init = {}) => {
+    calls.push({ url, init });
+    const pathname = new URL(url).pathname;
+    const payloads = {
+      '/health': { ok: true, wallet: '0xabc' },
+      '/wallet/status': { ok: true, wallet: '0xabc', daemonId: '0xabc', chainId: 8453, rpcUrl: 'http://rpc', policyEngineAddress: '0xdef' },
+      '/workroom/status': { ok: true, status: 'running' },
+      '/agreements': { ok: true, agreements: [{ agreement_id: '1' }] },
+      '/auth/challenge': { challengeId: 'cid', challenge: 'sign me', daemonId: '0xabc', wallet: '0xabc', chainId: 8453, scope: 'operator', expiresAt: 1, issuedAt: 1 },
+      '/auth/session': { ok: true, token: 'tok', wallets: ['0xabc'], wallet: '0xabc', scope: 'operator', expiresAt: 2 },
+      '/auth/revoke': { ok: true },
+    };
+    return new Response(JSON.stringify(payloads[pathname]), {
+      status: 200,
+      headers: { 'content-type': 'application/json' },
+    });
+  };
+
+  try {
+    const client = new DaemonClient({ baseUrl: 'http://127.0.0.1:6603', token: 'daemon-token' });
+    const aliasClient = new DaemonNodeClient({ apiUrl: 'http://127.0.0.1:6603', token: 'daemon-token' });
+
+    assert.equal(client.apiUrl, 'http://127.0.0.1:6603');
+    assert.equal(aliasClient.apiUrl, 'http://127.0.0.1:6603');
+    assert.equal(DEFAULT_DAEMON_HTTP_URL, 'http://127.0.0.1:4402');
+    assert.equal(DEFAULT_DAEMON_API_URL, 'http://127.0.0.1:4403');
+
+    assert.deepEqual(await client.health(), { ok: true, wallet: '0xabc' });
+    assert.equal((await client.walletStatus()).chainId, 8453);
+    assert.equal((await client.workroomStatus()).status, 'running');
+    assert.equal((await client.agreements()).agreements.length, 1);
+    assert.equal((await client.requestAuthChallenge('0xabc')).challengeId, 'cid');
+    assert.equal((await client.createSession('cid', '0xsig')).ok, true);
+    assert.equal((await client.revokeSession()).ok, true);
+    assert.deepEqual(await aliasClient.getHealth(), { ok: true, wallet: '0xabc' });
+
+    const challengeCall = calls.find((entry) => new URL(entry.url).pathname === '/auth/challenge');
+    assert.equal(challengeCall.init.method, 'POST');
+    assert.equal(challengeCall.init.headers.Authorization, undefined);
+    assert.match(challengeCall.init.body, /"wallet":"0xabc"/);
+  } finally {
+    global.fetch = originalFetch;
+  }
+});

package/test/daemon.test.js

@@ -0,0 +1,103 @@
+const test = require('node:test');
+const assert = require('node:assert/strict');
+const fs = require('node:fs');
+const os = require('node:os');
+const path = require('node:path');
+
+const {
+  DaemonClient,
+  DaemonClientError,
+  resolveDaemonApiBaseUrl,
+  loadLocalDaemonToken,
+} = require('../dist');
+
+test('resolveDaemonApiBaseUrl prefers explicit value and trims trailing slashes', () => {
+  assert.equal(resolveDaemonApiBaseUrl(), 'http://127.0.0.1:4403');
+  assert.equal(resolveDaemonApiBaseUrl({ apiUrl: 'http://example.com:1234/' }), 'http://example.com:1234');
+});
+
+test('loadLocalDaemonToken reads trimmed token values', async () => {
+  const dir = await fs.promises.mkdtemp(path.join(os.tmpdir(), 'arc402-sdk-daemon-'));
+  const tokenPath = path.join(dir, 'daemon.token');
+  await fs.promises.writeFile(tokenPath, 'secret-token\n', 'utf8');
+  assert.equal(loadLocalDaemonToken(tokenPath), 'secret-token');
+});
+
+test('DaemonClient sends bearer token to authenticated endpoints', async () => {
+  const calls = [];
+  const daemon = new DaemonClient({
+    apiUrl: 'http://127.0.0.1:4403',
+    token: 'token-123',
+    fetchImpl: async (url, init) => {
+      calls.push({ url, init });
+      return new Response(JSON.stringify({ ok: true, status: 'running' }), {
+        status: 200,
+        headers: { 'Content-Type': 'application/json' },
+      });
+    },
+  });
+
+  const result = await daemon.getWorkroomStatus();
+  assert.deepEqual(result, { ok: true, status: 'running' });
+  assert.equal(calls[0].url, 'http://127.0.0.1:4403/workroom/status');
+  assert.equal(calls[0].init.headers.Authorization, 'Bearer token-123');
+});
+
+test('DaemonClient exposes auth challenge and session endpoints without bearer auth', async () => {
+  const seen = [];
+  const daemon = new DaemonClient({
+    apiUrl: 'http://node.example.com',
+    fetchImpl: async (url, init) => {
+      seen.push({ url, init });
+      if (url.endsWith('/auth/challenge')) {
+        return new Response(JSON.stringify({
+          challengeId: 'abc',
+          challenge: 'ARC-402 Remote Auth\nChallenge: 0x123',
+          daemonId: '0x0000000000000000000000000000000000000001',
+          wallet: '0x0000000000000000000000000000000000000002',
+          chainId: 8453,
+          scope: 'operator',
+          expiresAt: 123,
+          issuedAt: 100,
+        }), { status: 200, headers: { 'Content-Type': 'application/json' } });
+      }
+
+      return new Response(JSON.stringify({
+        ok: true,
+        token: 'session-token',
+        wallets: ['0x0000000000000000000000000000000000000002'],
+        wallet: '0x0000000000000000000000000000000000000002',
+        scope: 'operator',
+        expiresAt: 999,
+      }), { status: 200, headers: { 'Content-Type': 'application/json' } });
+    },
+  });
+
+  const challenge = await daemon.requestAuthChallenge('0x0000000000000000000000000000000000000002');
+  const session = await daemon.createSession('abc', '0xsig');
+
+  assert.equal(challenge.challengeId, 'abc');
+  assert.equal(session.token, 'session-token');
+  assert.equal(seen[0].init.headers.Authorization, undefined);
+  assert.equal(seen[1].init.headers.Authorization, undefined);
+});
+
+test('DaemonClient throws typed errors for HTTP failures', async () => {
+  const daemon = new DaemonClient({
+    token: 'token-123',
+    fetchImpl: async () => new Response(JSON.stringify({ error: 'invalid_session' }), {
+      status: 401,
+      headers: { 'Content-Type': 'application/json' },
+    }),
+  });
+
+  await assert.rejects(
+    daemon.getWalletStatus(),
+    (error) => {
+      assert.ok(error instanceof DaemonClientError);
+      assert.equal(error.message, 'invalid_session');
+      assert.equal(error.statusCode, 401);
+      return true;
+    }
+  );
+});