@btc-vision/cli 1.0.0

package/src/commands/VerifyCommand.ts

@@ -0,0 +1,228 @@
+/**
+ * Verify command - Verify .opnet binary signature
+ *
+ * @module commands/VerifyCommand
+ */
+
+import * as fs from 'fs';
+import * as crypto from 'crypto';
+import { BaseCommand } from './BaseCommand.js';
+import { formatFileSize, parseOpnetBinary, verifyChecksum } from '../lib/binary.js';
+import { CLIWallet } from '../lib/wallet.js';
+import { CLIMldsaLevel } from '../types/index.js';
+
+interface VerifyOptions {
+    verbose?: boolean;
+    json?: boolean;
+}
+
+export class VerifyCommand extends BaseCommand {
+    constructor() {
+        super('verify', 'Verify a .opnet binary signature and integrity');
+    }
+
+    protected configure(): void {
+        this.command
+            .argument('<file>', 'Path to .opnet file')
+            .option('-v, --verbose', 'Show detailed information')
+            .option('--json', 'Output as JSON')
+            .action((file: string, options: VerifyOptions) => this.execute(file, options));
+    }
+
+    private execute(file: string, options: VerifyOptions): void {
+        try {
+            if (!fs.existsSync(file)) {
+                if (options.json) {
+                    this.logger.log(
+                        JSON.stringify({ valid: false, error: `File not found: ${file}` }),
+                    );
+                    process.exit(1);
+                }
+                this.exitWithError(`File not found: ${file}`);
+            }
+
+            const data = fs.readFileSync(file);
+            const fileSize = data.length;
+
+            // Parse binary
+            let parsed;
+            try {
+                parsed = parseOpnetBinary(data);
+            } catch (error) {
+                if (options.json) {
+                    this.logger.log(
+                        JSON.stringify({
+                            valid: false,
+                            error: `Parse error: ${error instanceof Error ? error.message : String(error)}`,
+                        }),
+                    );
+                    process.exit(1);
+                }
+                this.exitWithError(
+                    `Parse error: ${error instanceof Error ? error.message : String(error)}`,
+                );
+            }
+
+            // Get MLDSA level from binary
+            const mldsaLevel = ([44, 65, 87] as const)[parsed.mldsaLevel] as CLIMldsaLevel;
+
+            // Verify checksum
+            const checksumValid = verifyChecksum(parsed);
+
+            // Verify signature
+            let signatureValid = false;
+            let signatureError: string | undefined;
+
+            // Check if public key is all zeros (unsigned)
+            const isUnsigned = parsed.publicKey.every((b) => b === 0);
+
+            if (isUnsigned) {
+                signatureError = 'Binary is unsigned (public key is empty)';
+            } else {
+                try {
+                    signatureValid = CLIWallet.verifyMLDSA(
+                        parsed.checksum,
+                        parsed.signature,
+                        parsed.publicKey,
+                        mldsaLevel,
+                    );
+                } catch (error) {
+                    signatureError = error instanceof Error ? error.message : String(error);
+                }
+            }
+
+            const isValid = checksumValid && signatureValid;
+
+            if (options.json) {
+                const output = {
+                    valid: isValid,
+                    file,
+                    fileSize,
+                    formatVersion: parsed.formatVersion,
+                    mldsaLevel,
+                    checksumValid,
+                    signatureValid,
+                    signatureError,
+                    isUnsigned,
+                    metadata: parsed.metadata,
+                    publicKeyHash: crypto
+                        .createHash('sha256')
+                        .update(parsed.publicKey)
+                        .digest('hex'),
+                    bytecodeSize: parsed.bytecode.length,
+                    protoSize: parsed.proto?.length ?? 0,
+                };
+                this.logger.log(JSON.stringify(output, null, 2));
+                process.exit(isValid ? 0 : 1);
+            }
+
+            // Display results
+            this.logger.info('\nOPNet Binary Verification\n');
+            this.logger.log('─'.repeat(60));
+
+            // File info
+            this.logger.log(`File:            ${file}`);
+            this.logger.log(`Size:            ${formatFileSize(fileSize)}`);
+            this.logger.log(`Format Version:  ${parsed.formatVersion}`);
+            this.logger.log('');
+
+            // Plugin info
+            this.logger.log('Plugin:');
+            this.logger.log(`  Name:           ${parsed.metadata.name}`);
+            this.logger.log(`  Version:        ${parsed.metadata.version}`);
+            this.logger.log(`  Type:           ${parsed.metadata.pluginType}`);
+            this.logger.log(`  OPNet Version:  ${parsed.metadata.opnetVersion}`);
+            this.logger.log('');
+
+            // Cryptographic info
+            this.logger.log('Cryptography:');
+            this.logger.log(`  MLDSA Level:    MLDSA-${mldsaLevel}`);
+            this.logger.log(`  Public Key:     ${formatFileSize(parsed.publicKey.length)}`);
+            this.logger.log(`  Signature:      ${formatFileSize(parsed.signature.length)}`);
+
+            if (!isUnsigned) {
+                const pkHash = crypto.createHash('sha256').update(parsed.publicKey).digest('hex');
+                this.logger.log(`  PubKey Hash:    ${pkHash.substring(0, 16)}...`);
+            }
+            this.logger.log('');
+
+            // Verification results
+            this.logger.log('Verification:');
+            this.logger.log(`  Checksum:       ${checksumValid ? 'VALID' : 'INVALID'}`);
+
+            if (isUnsigned) {
+                this.logger.log(`  Signature:      UNSIGNED`);
+            } else if (signatureError) {
+                this.logger.log(`  Signature:      ERROR - ${signatureError}`);
+            } else {
+                this.logger.log(`  Signature:      ${signatureValid ? 'VALID' : 'INVALID'}`);
+            }
+
+            this.logger.log('');
+            this.logger.log('─'.repeat(60));
+
+            if (isUnsigned) {
+                this.logger.warn('WARNING: This binary is unsigned and cannot be published.');
+                this.logger.warn('Use `opnet sign` to sign it.');
+            } else if (isValid) {
+                this.logger.success('VERIFIED: Binary is valid and properly signed.');
+            } else {
+                this.logger.fail('FAILED: Binary verification failed.');
+                if (!checksumValid) {
+                    this.logger.error('  - Checksum mismatch (binary may be corrupted)');
+                }
+                if (!signatureValid && !signatureError) {
+                    this.logger.error('  - Signature invalid (binary may be tampered)');
+                }
+            }
+            this.logger.log('');
+
+            // Verbose output
+            if (options.verbose) {
+                this.logger.log('Sizes:');
+                this.logger.log(`  Metadata:       ${formatFileSize(parsed.rawMetadata.length)}`);
+                this.logger.log(`  Bytecode:       ${formatFileSize(parsed.bytecode.length)}`);
+                this.logger.log(`  Proto:          ${formatFileSize(parsed.proto?.length ?? 0)}`);
+                this.logger.log('');
+
+                this.logger.log('Checksums:');
+                this.logger.log(`  Stored:         ${parsed.checksum.toString('hex')}`);
+                this.logger.log('');
+
+                this.logger.log('Author:');
+                this.logger.log(`  Name:           ${parsed.metadata.author.name}`);
+                if (parsed.metadata.author.email) {
+                    this.logger.log(`  Email:          ${parsed.metadata.author.email}`);
+                }
+                this.logger.log('');
+
+                this.logger.log('Permissions:');
+                const perms = parsed.metadata.permissions;
+                if (perms) {
+                    this.logger.log(`  Database:       ${perms.database?.enabled ? 'Yes' : 'No'}`);
+                    this.logger.log(
+                        `  Block Hooks:    ${perms.blocks?.preProcess || perms.blocks?.postProcess || perms.blocks?.onChange ? 'Yes' : 'No'}`,
+                    );
+                    this.logger.log(
+                        `  Epoch Hooks:    ${perms.epochs?.onChange || perms.epochs?.onFinalized ? 'Yes' : 'No'}`,
+                    );
+                    this.logger.log(`  Mempool Feed:   ${perms.mempool?.txFeed ? 'Yes' : 'No'}`);
+                    this.logger.log(`  API Endpoints:  ${perms.api?.addEndpoints ? 'Yes' : 'No'}`);
+                    this.logger.log(`  Websocket:      ${perms.api?.addWebsocket ? 'Yes' : 'No'}`);
+                    this.logger.log(
+                        `  Filesystem:     ${perms.filesystem?.configDir || perms.filesystem?.tempDir ? 'Yes' : 'No'}`,
+                    );
+                } else {
+                    this.logger.log('  (none configured)');
+                }
+                this.logger.log('');
+            }
+
+            process.exit(isValid ? 0 : 1);
+        } catch (error) {
+            this.exitWithError(this.formatError(error));
+        }
+    }
+}
+
+export const verifyCommand = new VerifyCommand().getCommand();

package/src/commands/WhoamiCommand.ts

@@ -0,0 +1,113 @@
+/**
+ * Whoami command - Display current identity
+ *
+ * @module commands/WhoamiCommand
+ */
+
+import { BaseCommand } from './BaseCommand.js';
+import {
+    getCredentialSource,
+    hasCredentials,
+    loadCredentials,
+    maskSensitive,
+} from '../lib/credentials.js';
+import { CLIWallet } from '../lib/wallet.js';
+
+interface WhoamiOptions {
+    verbose?: boolean;
+    publicKey?: boolean;
+}
+
+export class WhoamiCommand extends BaseCommand {
+    constructor() {
+        super('whoami', 'Display current wallet identity and configuration');
+    }
+
+    protected configure(): void {
+        this.command
+            .option('-v, --verbose', 'Show detailed information')
+            .option('--public-key', 'Show full MLDSA public key')
+            .action((options: WhoamiOptions) => this.execute(options));
+    }
+
+    private execute(options: WhoamiOptions): void {
+        try {
+            if (!hasCredentials()) {
+                this.logger.warn('Not logged in.');
+                this.logger.info('Run `opnet login` to configure your wallet.');
+                return;
+            }
+
+            const credentials = loadCredentials();
+            if (!credentials) {
+                this.logger.warn('No credentials found.');
+                return;
+            }
+
+            const source = getCredentialSource();
+
+            this.logger.info('\nOPNet Identity\n');
+            this.logger.log('─'.repeat(50));
+
+            this.logger.log(`Network:        ${credentials.network}`);
+            this.logger.log(`MLDSA Level:    ${credentials.mldsaLevel}`);
+            this.logger.log(`Auth Source:    ${source}`);
+
+            try {
+                const wallet = CLIWallet.fromCredentials(credentials);
+
+                this.logger.log('');
+                this.logger.log(`P2TR Address:   ${wallet.p2trAddress}`);
+                this.logger.log(`MLDSA PubKey Hash: ${wallet.mldsaPublicKeyHash}`);
+
+                if (options.publicKey) {
+                    this.logger.log('');
+                    this.logger.log('MLDSA Public Key:');
+                    this.logger.log(wallet.mldsaPublicKey.toString('hex'));
+                }
+
+                if (options.verbose) {
+                    this.logger.log('');
+                    this.logger.log('─'.repeat(50));
+                    this.logger.log('Details:');
+                    this.logger.log(`  Security Level: MLDSA-${credentials.mldsaLevel}`);
+                    this.logger.log(`  Public Key Size: ${wallet.mldsaPublicKey.length} bytes`);
+
+                    if (credentials.mnemonic) {
+                        this.logger.log('  Auth Method: BIP-39 Mnemonic');
+                        this.logger.log(`  Mnemonic: ${maskSensitive(credentials.mnemonic, 8)}`);
+                    } else {
+                        this.logger.log('  Auth Method: WIF + MLDSA Keys');
+                        if (credentials.wif) {
+                            this.logger.log(`  WIF: ${maskSensitive(credentials.wif, 4)}`);
+                        }
+                    }
+                }
+            } catch (error) {
+                this.logger.log('');
+                this.logger.warn('Could not load wallet details.');
+                if (options.verbose) {
+                    this.logger.debug(`  Error: ${this.formatError(error)}`);
+                }
+
+                this.logger.log('');
+                if (credentials.mnemonic) {
+                    this.logger.log(`Auth Method:    BIP-39 Mnemonic`);
+                    if (options.verbose) {
+                        this.logger.log(
+                            `Mnemonic:       ${maskSensitive(credentials.mnemonic, 8)}`,
+                        );
+                    }
+                } else {
+                    this.logger.log(`Auth Method:    WIF + MLDSA Keys`);
+                }
+            }
+
+            this.logger.log('');
+        } catch (error) {
+            this.exitWithError(this.formatError(error));
+        }
+    }
+}
+
+export const whoamiCommand = new WhoamiCommand().getCommand();

package/src/index.ts

@@ -0,0 +1,86 @@
+#!/usr/bin/env node
+/**
+ * OPNet CLI - Command Line Interface for OPNet Plugin Ecosystem
+ *
+ * @module @btc-vision/cli
+ */
+
+import { Command } from 'commander';
+import { Logger } from '@btc-vision/logger';
+
+// Commands
+import { configCommand } from './commands/ConfigCommand.js';
+import { loginCommand } from './commands/LoginCommand.js';
+import { logoutCommand } from './commands/LogoutCommand.js';
+import { whoamiCommand } from './commands/WhoamiCommand.js';
+import { keygenCommand } from './commands/KeygenCommand.js';
+import { initCommand } from './commands/InitCommand.js';
+import { compileCommand } from './commands/CompileCommand.js';
+import { verifyCommand } from './commands/VerifyCommand.js';
+import { infoCommand } from './commands/InfoCommand.js';
+import { signCommand } from './commands/SignCommand.js';
+import { publishCommand } from './commands/PublishCommand.js';
+import { deprecateCommand } from './commands/DeprecateCommand.js';
+import { undeprecateCommand } from './commands/UndeprecateCommand.js';
+import { transferCommand } from './commands/TransferCommand.js';
+import { acceptCommand } from './commands/AcceptCommand.js';
+import { installCommand } from './commands/InstallCommand.js';
+import { updateCommand } from './commands/UpdateCommand.js';
+import { listCommand } from './commands/ListCommand.js';
+import { searchCommand } from './commands/SearchCommand.js';
+
+const logger = new Logger();
+const program = new Command();
+
+program
+    .name('opnet')
+    .description('OPNet CLI - Build, sign, and publish plugins for the OPNet ecosystem')
+    .version('1.0.0');
+
+// Configuration commands
+program.addCommand(configCommand);
+program.addCommand(loginCommand);
+program.addCommand(logoutCommand);
+program.addCommand(whoamiCommand);
+program.addCommand(keygenCommand);
+
+// Plugin development commands
+program.addCommand(initCommand);
+program.addCommand(compileCommand);
+program.addCommand(verifyCommand);
+program.addCommand(infoCommand);
+program.addCommand(signCommand);
+
+// Registry commands
+program.addCommand(publishCommand);
+program.addCommand(deprecateCommand);
+program.addCommand(undeprecateCommand);
+program.addCommand(transferCommand);
+program.addCommand(acceptCommand);
+program.addCommand(installCommand);
+program.addCommand(updateCommand);
+program.addCommand(listCommand);
+program.addCommand(searchCommand);
+
+// Error handling
+program.showHelpAfterError();
+program.showSuggestionAfterError();
+
+// Custom error handling
+program.exitOverride((err) => {
+    if (err.code === 'commander.help') {
+        process.exit(0);
+    }
+    if (err.code === 'commander.version') {
+        process.exit(0);
+    }
+    logger.error(`Error: ${err.message}`);
+    process.exit(1);
+});
+
+// Parse command line arguments
+program.parseAsync(process.argv).catch((error: unknown) => {
+    const message = error instanceof Error ? error.message : String(error);
+    logger.error(`Error: ${message}`);
+    process.exit(1);
+});