@arcpaylabs/arbitrum-cli 0.1.0

package/README.md

@@ -0,0 +1,40 @@
+# ArcPay Arbitrum CLI
+
+Developer CLI for ArcPay Arbitrum. It prints deployed contract addresses, derives IDs used by the contracts, returns integration guides, and generates MCP config.
+
+## Install
+
+```bash
+npm install -g @arcpaylabs/arbitrum-cli
+```
+
+## Commands
+
+```bash
+arcpay-arbitrum contracts
+arcpay-arbitrum wallet
+arcpay-arbitrum agent-id research-agent
+arcpay-arbitrum invoice-id inv_001
+arcpay-arbitrum claim-hash claim-research-agent-001
+arcpay-arbitrum privacy-commit "invoice-secret"
+arcpay-arbitrum privacy-guide
+arcpay-arbitrum invoice-guide
+arcpay-arbitrum x402-guide
+arcpay-arbitrum execution-handoff
+arcpay-arbitrum gmx-plan
+arcpay-arbitrum zerodev-policy
+arcpay-arbitrum dune-spec
+arcpay-arbitrum fhenix-boundary
+arcpay-arbitrum demo-path
+arcpay-arbitrum smoke
+arcpay-arbitrum mcp-config
+```
+
+## Live Surfaces
+
+- App: https://arcpay-arbitrum.vercel.app
+- Docs: https://arcpay-arbitrum.vercel.app/docs/overview
+- x402: https://arcpay-arbitrum.vercel.app/api
+- OpenAPI: https://arcpay-arbitrum.vercel.app/openapi.json
+
+The CLI is a developer helper. It does not hold private keys or sign treasury transactions.

package/arcpay-arbitrum.mjs

@@ -0,0 +1,271 @@
+#!/usr/bin/env node
+import fs from "node:fs";
+import path from "node:path";
+import { fileURLToPath } from "node:url";
+import { id, keccak256, toUtf8Bytes } from "ethers";
+
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const repoDeploymentPath = path.join(process.cwd(), "deployments", "arbitrum-sepolia.json");
+const packageDeploymentPath = path.join(__dirname, "deployment.json");
+
+function deployment() {
+  const file = fs.existsSync(repoDeploymentPath) ? repoDeploymentPath : packageDeploymentPath;
+  return JSON.parse(fs.readFileSync(file, "utf8"));
+}
+
+function usage() {
+  console.log(`ArcPay Arbitrum CLI
+
+Commands:
+  arcpay-arbitrum contracts              Print deployed Arbitrum addresses
+  arcpay-arbitrum wallet                 Print network wallet instructions
+  arcpay-arbitrum agent-id <slug>        Derive bytes32 agent id
+  arcpay-arbitrum invoice-id <publicId>  Derive bytes32 invoice id
+  arcpay-arbitrum claim-hash <code>      Derive claim-code hash
+  arcpay-arbitrum privacy-commit <text>  Derive Privacy Intent commitment/nullifier
+  arcpay-arbitrum privacy-abi            Print Privacy Intent contract ABI
+  arcpay-arbitrum privacy-guide          Print builder integration guide
+  arcpay-arbitrum invoice-guide          Print invoice settlement guide
+  arcpay-arbitrum x402-guide             Print x402 HTTP payment gate guide
+  arcpay-arbitrum execution-handoff      Print Arbitrum execution payload template
+  arcpay-arbitrum gmx-plan               Print GMX execution plan template
+  arcpay-arbitrum zerodev-policy         Print ZeroDev session policy template
+  arcpay-arbitrum dune-spec              Print Dune analytics proof schema
+  arcpay-arbitrum fhenix-boundary        Print Fhenix privacy boundary
+  arcpay-arbitrum demo-path              Print operator demo steps
+  arcpay-arbitrum smoke                  Print smoke-test commands
+  arcpay-arbitrum mcp-config             Print MCP host config
+`);
+}
+
+const [, , command, ...args] = process.argv;
+
+try {
+  if (!command || command === "help" || command === "--help") {
+    usage();
+  } else if (command === "contracts") {
+    console.log(JSON.stringify(deployment().contracts, null, 2));
+  } else if (command === "wallet") {
+    console.log("Add Arbitrum Sepolia to an EVM wallet:");
+    console.log("Chain ID: 421614 / 0x66eee");
+    console.log("RPC: https://sepolia-rollup.arbitrum.io/rpc");
+    console.log("Currency: ETH");
+    console.log("Explorer: https://sepolia.arbiscan.io");
+  } else if (command === "agent-id") {
+    console.log(id(args.join(" ") || "agent"));
+  } else if (command === "invoice-id") {
+    console.log(keccak256(toUtf8Bytes(args.join(" ") || "invoice")));
+  } else if (command === "claim-hash") {
+    console.log(keccak256(toUtf8Bytes(args.join(" "))));
+  } else if (command === "privacy-commit") {
+    console.log(keccak256(toUtf8Bytes(args.join(" "))));
+  } else if (command === "privacy-abi") {
+    console.log(JSON.stringify([
+      "function createNativeIntent(bytes32 commitment,string encryptedMemoUri) payable",
+      "function createTokenIntent(bytes32 commitment,address token,uint256 amount,string encryptedMemoUri)",
+      "function releaseIntent(bytes32 commitment,bytes32 nullifier,address recipient)",
+      "function cancelIntent(bytes32 commitment)",
+      "function intents(bytes32 commitment) view returns (address operator,address token,uint256 amount,string encryptedMemoUri,bool released,bool cancelled,uint256 createdAt)",
+    ], null, 2));
+  } else if (command === "privacy-guide") {
+    const info = deployment();
+    console.log([
+      "ArcPay Privacy Intents for Arbitrum",
+      "",
+      `Vault: ${info.contracts.ArbitrumPrivacyVault}`,
+      `USDC: ${info.usdcToken}`,
+      "",
+      "1. commitment = keccak256(secret)",
+      "2. nullifier = keccak256(releaseSecret)",
+      "3. approve USDC to the vault for token intents",
+      "4. call createTokenIntent(commitment, USDC, amount, encryptedMemoUri)",
+      "5. later call releaseIntent(commitment, nullifier, recipient)",
+      "",
+      "Privacy boundary: metadata and recipient are hidden during intent phase; release transfer is public.",
+    ].join("\n"));
+  } else if (command === "invoice-guide") {
+    const info = deployment();
+    console.log([
+      "ArcPay Arbitrum Invoices",
+      "",
+      `InvoiceBook: ${info.contracts.AgentInvoiceBook}`,
+      `USDC: ${info.usdcToken}`,
+      "",
+      "1. invoiceId = keccak256(publicInvoiceId).",
+      "2. ETH invoice: createInvoice(invoiceId, payerOrZero, address(0), amountWei, metadataUri).",
+      "3. USDC invoice: createInvoice(invoiceId, payerOrZero, USDC, amountBaseUnits, metadataUri).",
+      "4. Payer signs payNativeInvoice(invoiceId) with exact msg.value or approves USDC then payTokenInvoice(invoiceId).",
+      "5. Issuer can cancel unpaid invoices with cancelInvoice(invoiceId).",
+      "",
+      "Proof command: npm run smoke:live",
+    ].join("\n"));
+  } else if (command === "x402-guide") {
+    const info = deployment();
+    console.log([
+      "ArcPay Arbitrum x402",
+      "",
+      `Registry: ${info.contracts.AgentRegistry}`,
+      `OrderBook: ${info.contracts.AgentOrderBook}`,
+      "",
+      "1. Register an agent slug in AgentRegistry.",
+      "2. GET https://arcpay-arbitrum.vercel.app/api/agent/:slug/work returns HTTP 402 requirements.",
+      "3. Payer calls AgentOrderBook.createOrder(agentId, requestUri) with quoted msg.value.",
+      "4. Provider fulfills the order.",
+      "5. GET /agent/:slug/work?orderId=... unlocks only after Fulfilled or Settled.",
+      "",
+      "Proof command: npm run smoke:x402",
+    ].join("\n"));
+  } else if (command === "execution-handoff") {
+    const info = deployment();
+    const strategyName = args[0] || "arcpay-arbitrum-cfo";
+    const agentSlug = args[1] || "treasury-router";
+    const budgetEth = args[2] || "0.02";
+    const adapter = args[3] || "GMX execution intent";
+    console.log(JSON.stringify({
+      protocol: "arcpay-arbitrum-execution-handoff",
+      chain: "arbitrum-sepolia",
+      chainId: 421614,
+      adapter,
+      executionAddress: "set-after-wallet-or-smart-account-connection",
+      primaryVenue: "GMX",
+      strategyName,
+      agentSlug,
+      objective: "Execute only policy-approved Arbitrum treasury work through ArcPay x402, escrow, privacy, invoice, reputation, and audit modules.",
+      constraints: {
+        maxBudgetEth: budgetEth,
+        allowedAssets: ["ETH", "USDC", "WETH"],
+        allowedVenues: ["GMX", "Stylus policy module", "ZeroDev smart account", "Dune evidence", "Manual signer"],
+        requireArcPayPolicy: true,
+        requireOperatorApprovalForLeverage: true,
+        requireExecutionEvidence: true,
+        requireArbiscanTxHashForCompletion: true,
+        noCompletionWithoutTxHashOrOrderEvidence: true,
+      },
+      endpoints: {
+        x402Gateway: "https://arcpay-arbitrum.vercel.app/api",
+        protectedResource: `https://arcpay-arbitrum.vercel.app/api/agent/${encodeURIComponent(agentSlug)}/work`,
+        status: "https://arcpay-arbitrum.vercel.app/api/status",
+        openapi: "https://arcpay-arbitrum.vercel.app/openapi.json",
+      },
+      contracts: {
+        registry: info.contracts.AgentRegistry,
+        orderBook: info.contracts.AgentOrderBook,
+        policy: info.contracts.TreasuryPolicy,
+        privacyVault: info.contracts.ArbitrumPrivacyVault,
+        reputation: info.contracts.AgentReputationBook,
+        identity8004: info.contracts.AgentIdentity8004,
+        executionRouter: info.contracts.ArbitrumExecutionRouter,
+      },
+      setup: [
+        "Register or select an ArcPay agent identity.",
+        "Choose an execution adapter: GMX intent, Stylus policy check, ZeroDev smart account, Dune evidence, or manual signer.",
+        "Create the x402 quote or escrow order before work starts.",
+        "Execute only after policy approval and budget checks.",
+        "Attach Arbiscan tx hash, x402 verification, Dune query link, or signed result evidence before marking the work complete.",
+      ],
+    }, null, 2));
+  } else if (command === "gmx-plan") {
+    const info = deployment();
+    console.log(JSON.stringify({
+      protocol: "arcpay-gmx-execution-plan",
+      chain: "arbitrum-sepolia",
+      venue: "GMX",
+      market: args[0] || "ETH/USD",
+      collateral: args[1] || "USDC",
+      sizeUsd: args[2] || "25",
+      maxLeverage: args[3] || "1.2x",
+      controls: {
+        requireArcPayPolicy: true,
+        requireExecutionRouterIntent: true,
+        requireOperatorApprovalForLeverage: true,
+        requireArbiscanTxHash: true,
+        requireDuneEvidenceLink: true,
+      },
+      contracts: {
+        executionRouter: info.contracts.ArbitrumExecutionRouter,
+        policy: info.contracts.TreasuryPolicy,
+        orderBook: info.contracts.AgentOrderBook,
+      },
+    }, null, 2));
+  } else if (command === "zerodev-policy") {
+    const info = deployment();
+    console.log(JSON.stringify({
+      protocol: "arcpay-zerodev-session-policy",
+      chain: "arbitrum-sepolia",
+      agentSlug: args[0] || "treasury-router",
+      accountAbstraction: "ZeroDev",
+      sessionScope: {
+        allowedContracts: [
+          info.contracts.AgentOrderBook,
+          info.contracts.TreasuryPolicy,
+          info.contracts.ArbitrumExecutionRouter,
+          info.contracts.ArbitrumPrivacyVault,
+        ],
+        maxBudgetEth: args[1] || "0.02",
+        expiresInMinutes: Number(args[2] || 60),
+        blockedActions: ["unbounded leverage", "unknown target contract", "execution without evidence URI"],
+      },
+    }, null, 2));
+  } else if (command === "dune-spec") {
+    console.log(JSON.stringify({
+      protocol: "arcpay-dune-evidence",
+      chain: "arbitrum-sepolia",
+      eventFamilies: [
+        "AgentIdentityRegistered",
+        "AgentRegistered",
+        "OrderCreated/OrderStatusChanged/OrderFulfilled",
+        "ExecutionIntentProposed/Approved/Executed",
+        "SpendRecorded",
+        "Privacy intent events",
+        "ReputationRecorded",
+      ],
+      dashboardCards: ["active agents", "x402 order volume", "execution intents by adapter", "policy approvals", "privacy intent lifecycle", "reputation scores"],
+    }, null, 2));
+  } else if (command === "fhenix-boundary") {
+    console.log(JSON.stringify({
+      protocol: "arcpay-fhenix-privacy-boundary",
+      chain: "arbitrum",
+      privateInputs: ["counterparty notes", "agent prompt fragments", "risk memo", "invoice memo", "treasury strategy rationale"],
+      publicOutputs: ["commitment", "nullifier", "evidence URI", "execution intent id", "Arbiscan tx hash"],
+      boundary: "ArcPay PrivacyVault handles commitment/nullifier settlement; Fhenix is the confidential-compute adapter for encrypted policy and risk computation.",
+    }, null, 2));
+  } else if (command === "demo-path") {
+    console.log([
+      "1. Connect wallet and switch to Arbitrum Sepolia.",
+      "2. Register a provider on /agents.",
+      "3. Set policy and allowlist the agent on /policies.",
+      "4. Create an escrowed order on /orders.",
+      "5. Move order through accept -> processing -> fulfill -> settle or fail/refund.",
+      "6. Create claim codes and webhook circuit breakers on /operator.",
+      "7. Request risk scoring on /oracle.",
+      "8. Create and release encrypted Privacy Intents on /privacy.",
+      "9. Create, pay, cancel, and sync ETH/USDC invoices on /invoices.",
+      "10. Show /audit, /status, and /proofs.",
+    ].join("\n"));
+  } else if (command === "smoke") {
+    console.log([
+      "Run local + live verification:",
+      "npm run build:frontend",
+      "npm test",
+      "npm run check:worker",
+      "npm run check:x402",
+      "npm run smoke:auth",
+      "npm run smoke:live",
+      "npm run smoke:x402",
+    ].join("\n"));
+  } else if (command === "mcp-config") {
+    console.log(JSON.stringify({
+      mcpServers: {
+        "arcpay-arbitrum": {
+          command: "arcpay-arbitrum-mcp",
+        },
+      },
+    }, null, 2));
+  } else {
+    usage();
+    process.exitCode = 1;
+  }
+} catch (error) {
+  console.error(error instanceof Error ? error.message : error);
+  process.exitCode = 1;
+}

package/deployment.json

@@ -0,0 +1,25 @@
+{
+  "network": "arbitrum-sepolia",
+  "chainId": 421614,
+  "deployer": "0xB883e76A4f6841E72cAF1C28ba00f78df974f448",
+  "deployedAt": "2026-05-30T14:05:55.746Z",
+  "contracts": {
+    "AgentRegistry": "0x5F5b8109c832BB6609178F0bb2e6A597387dA17E",
+    "TreasuryPolicy": "0x3F8bc2b46E7b71632CdADd1f00d4FD6BB11d8283",
+    "AgentTreasury": "0xe472A6367ab66C271aa47cA5882E919c0DEA0ff2",
+    "AgentOrderBook": "0x3587fd962d40433165d5f2a3dFc60636ebD11e59",
+    "OperatorControls": "0x0cbafFF48ac25178bd10D1cE851C04CCa4Fe387e",
+    "ArbitrumAgentRiskOracle": "0x176018C6C8c445807FE3688f463487E4b01C8ae3",
+    "AgentSpendCardVault": "0x7C7304bC2D7bB39800eFE7Cdd9c79C7Afd04acF0",
+    "ArbitrumPrivacyVault": "0xCBa6Fa24a02F11fE0cd9F16B50e883fE1B4D40Eb",
+    "AgentInvoiceBook": "0x487CbD73e298721a83ff460Eb56645C61BEb0f79",
+    "AgentReputationBook": "0xDdbe6aD2652BD5d0Ab4D8a6D2ab8798Cf294D9dD",
+    "AgentIdentity8004": "0xA6c4C9c5479553450F60663E5D8046f9E2CBF37D",
+    "ArbitrumExecutionRouter": "0x463152158F32aFeedCe58a6BbD19F8ECfA702d8e",
+    "MockUSDC": "0xd4Ae4c23A308024e2F2d7531cF395365eF67dE20",
+    "MockArbitrumAgentPlatform": "0x2D8bb0EBAa850626d2cEFA15bB3A7761B7F86196"
+  },
+  "arbitrumAgentPlatform": "0x2D8bb0EBAa850626d2cEFA15bB3A7761B7F86196",
+  "arbitrumRiskAgentId": "13174292974160097713",
+  "usdcToken": "0x75faf114eafb1BDbe2F0316DF893fd58CE46AA4d"
+}

package/package.json

@@ -0,0 +1,36 @@
+{
+  "name": "@arcpaylabs/arbitrum-cli",
+  "version": "0.1.0",
+  "private": false,
+  "description": "Developer CLI for ArcPay Arbitrum contracts, x402, invoices, privacy intents, and MCP setup.",
+  "type": "module",
+  "license": "MIT",
+  "author": "Henry Sam Marfo <jasonneil4040@gmail.com>",
+  "homepage": "https://arcpay-arbitrum.vercel.app/docs/cli",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/ArcPayLabs/arcpay-arbitrum.git",
+    "directory": "apps/cli"
+  },
+  "bin": {
+    "arcpay-arbitrum": "arcpay-arbitrum.mjs"
+  },
+  "files": [
+    "README.md",
+    "arcpay-arbitrum.mjs",
+    "deployment.json"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "scripts": {
+    "start": "node arcpay-arbitrum.mjs",
+    "pack:dry": "npm pack --dry-run"
+  },
+  "dependencies": {
+    "ethers": "^6.13.5"
+  },
+  "overrides": {
+    "ws": "^8.20.1"
+  }
+}