@chest-gate/cli 0.2.0 → 0.4.0

package/dist/commands/login.d.ts

@@ -0,0 +1,3 @@
+import { Command } from "commander";
+export declare const loginCommand: Command;
+//# sourceMappingURL=login.d.ts.map

package/dist/commands/login.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../src/commands/login.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AA2BpC,eAAO,MAAM,YAAY,SAwGrB,CAAC"}

package/dist/commands/login.js

@@ -0,0 +1,228 @@
+import { Command } from "commander";
+import chalk from "chalk";
+import { createServer } from "node:http";
+import { createHash, randomBytes } from "node:crypto";
+import { hostname } from "node:os";
+import { createInterface } from "node:readline/promises";
+import { stdin, stdout } from "node:process";
+import open from "open";
+import { loadCredentials, saveCredentials, getDefaultGateUrl, getDefaultWebUrl, } from "../credentials.js";
+const LOGIN_TIMEOUT_MS = 5 * 60 * 1000;
+export const loginCommand = new Command("login")
+    .description("Sign in to Chest. Opens a browser, returns a CLI token to this device.")
+    .option("--web-url <url>", "Override chest.sh URL", getDefaultWebUrl())
+    .option("--gate-url <url>", "Override gate.chest.sh URL", getDefaultGateUrl())
+    .option("--port <port>", "Loopback port (default: random)")
+    .option("-f, --force", "Skip the 'already logged in' prompt")
+    .option("--no-browser", "Print the URL instead of opening a browser")
+    .action(async (opts) => {
+    console.log(chalk.bold("\n  ⚡ Chest Login\n"));
+    const existing = await loadCredentials();
+    if (existing && existing.source === "file" && !opts.force) {
+        if (!stdin.isTTY) {
+            console.error(chalk.red("  Already logged in. Pass --force to mint a new token, or set CHEST_TOKEN env var.\n"));
+            process.exit(1);
+        }
+        console.log(chalk.gray(`  Already logged in as `) +
+            chalk.cyan(existing.ownerWallet || existing.label) +
+            chalk.gray(`.`));
+        console.log(chalk.gray("  Re-running mints a new token; the old one stays valid until revoked."));
+        const rl = createInterface({ input: stdin, output: stdout });
+        const answer = await rl.question(chalk.gray("  Continue? (y/N) "));
+        rl.close();
+        if (answer.trim().toLowerCase() !== "y") {
+            console.log(chalk.gray("\n  Cancelled.\n"));
+            return;
+        }
+        console.log();
+    }
+    if (!stdin.isTTY && !process.env.CI_ALLOW_NON_TTY_LOGIN) {
+        console.error(chalk.red("  Non-interactive shell detected. Set CHEST_TOKEN instead of running `login`.\n"));
+        process.exit(1);
+    }
+    const webUrl = (opts.webUrl || getDefaultWebUrl()).replace(/\/$/, "");
+    const gateUrl = (opts.gateUrl || getDefaultGateUrl()).replace(/\/$/, "");
+    const verifier = base64url(randomBytes(32));
+    const challenge = base64url(createHash("sha256").update(verifier).digest());
+    const state = base64url(randomBytes(24));
+    const host = hostname() || "unknown";
+    const portArg = opts.port ? parseInt(opts.port, 10) : 0;
+    if (opts.port && (!Number.isFinite(portArg) || portArg < 0 || portArg > 65535)) {
+        console.error(chalk.red(`  Invalid --port: ${opts.port}`));
+        process.exit(1);
+    }
+    const result = await runLoopbackFlow({
+        webUrl,
+        state,
+        challenge,
+        hostname: host,
+        desiredPort: portArg,
+        openBrowser: opts.noBrowser !== true,
+    });
+    if (result.kind === "error") {
+        console.error(chalk.red(`  ✗ ${result.message}\n`));
+        process.exit(1);
+    }
+    process.stdout.write(chalk.gray("  Exchanging code… "));
+    const exchanged = await exchangeCode({
+        gateUrl,
+        code: result.code,
+        verifier,
+    });
+    if (!exchanged.ok) {
+        console.log(chalk.red("failed"));
+        console.error(chalk.red(`\n  ✗ ${exchanged.error}\n`));
+        process.exit(1);
+    }
+    console.log(chalk.green("done"));
+    const creds = {
+        version: 1,
+        token: exchanged.token,
+        ownerWallet: exchanged.ownerWallet,
+        tokenId: exchanged.tokenId,
+        label: exchanged.label,
+        gateUrl,
+        createdAt: new Date().toISOString(),
+    };
+    const path = await saveCredentials(creds);
+    console.log();
+    console.log(chalk.green("  ✓ Logged in as ") + chalk.cyan(exchanged.ownerWallet));
+    console.log(chalk.gray(`    Token label: `) + chalk.white(exchanged.label));
+    console.log(chalk.gray(`    Saved to:    `) + chalk.white(path));
+    console.log();
+    console.log(chalk.gray("  Manage tokens at ") + chalk.cyan(`${webUrl}/dashboard/agent-wallet`));
+    console.log();
+});
+function runLoopbackFlow(args) {
+    return new Promise((resolve) => {
+        let settled = false;
+        const finish = (r) => {
+            if (settled)
+                return;
+            settled = true;
+            try {
+                server.close();
+            }
+            catch { }
+            clearTimeout(timer);
+            resolve(r);
+        };
+        const server = createServer((req, res) => {
+            const url = new URL(req.url || "/", `http://127.0.0.1`);
+            if (url.pathname !== "/callback") {
+                res.writeHead(404, { "content-type": "text/plain" });
+                res.end("not found");
+                return;
+            }
+            const recvState = url.searchParams.get("state");
+            const code = url.searchParams.get("code");
+            const error = url.searchParams.get("error");
+            if (error) {
+                res.writeHead(400, { "content-type": "text/html; charset=utf-8" });
+                res.end(htmlPage("Login failed", error, false));
+                finish({ kind: "error", message: `Browser returned error: ${error}` });
+                return;
+            }
+            if (!recvState || recvState !== args.state) {
+                res.writeHead(400, { "content-type": "text/html; charset=utf-8" });
+                res.end(htmlPage("Invalid state", "State mismatch. Try again.", false));
+                finish({ kind: "error", message: "State mismatch on callback (possible CSRF)." });
+                return;
+            }
+            if (!code) {
+                res.writeHead(400, { "content-type": "text/html; charset=utf-8" });
+                res.end(htmlPage("Missing code", "No authorization code on the callback.", false));
+                finish({ kind: "error", message: "Callback missing code parameter." });
+                return;
+            }
+            res.writeHead(200, { "content-type": "text/html; charset=utf-8" });
+            res.end(htmlPage("You're signed in", "You can close this tab and return to the terminal.", true));
+            finish({ kind: "ok", code });
+        });
+        server.on("error", (err) => {
+            finish({ kind: "error", message: `Loopback server failed: ${err.message}` });
+        });
+        server.listen(args.desiredPort, "127.0.0.1", () => {
+            const addr = server.address();
+            if (!addr || typeof addr === "string") {
+                finish({ kind: "error", message: "Could not bind loopback server." });
+                return;
+            }
+            const port = addr.port;
+            const params = new URLSearchParams({
+                state: args.state,
+                challenge: args.challenge,
+                port: String(port),
+                hostname: args.hostname,
+            });
+            const loginUrl = `${args.webUrl}/cli/login?${params.toString()}`;
+            console.log(chalk.gray("  Opening browser to authorize this device…"));
+            console.log(chalk.gray("  If it doesn't open, visit:"));
+            console.log(chalk.cyan(`    ${loginUrl}`));
+            console.log();
+            console.log(chalk.gray(`  Listening on http://127.0.0.1:${port}/callback`));
+            console.log();
+            if (args.openBrowser) {
+                open(loginUrl).catch(() => {
+                    // Non-fatal; the user can still copy the URL.
+                });
+            }
+        });
+        const timer = setTimeout(() => {
+            finish({ kind: "error", message: "Timed out waiting for browser sign-in (5 min)." });
+        }, LOGIN_TIMEOUT_MS);
+    });
+}
+async function exchangeCode(args) {
+    let res;
+    try {
+        res = await fetch(`${args.gateUrl}/v1/cli/exchange`, {
+            method: "POST",
+            headers: { "content-type": "application/json" },
+            body: JSON.stringify({ code: args.code, verifier: args.verifier }),
+        });
+    }
+    catch (err) {
+        return { ok: false, error: `Network error: ${err.message}` };
+    }
+    if (!res.ok) {
+        let msg = `${res.status} ${res.statusText}`;
+        try {
+            const body = (await res.json());
+            msg = body.error || body.message || msg;
+        }
+        catch { }
+        return { ok: false, error: msg };
+    }
+    const body = (await res.json());
+    if (!body.token || !body.ownerWallet || !body.tokenId) {
+        return { ok: false, error: "Malformed response from gate." };
+    }
+    return {
+        ok: true,
+        token: body.token,
+        ownerWallet: body.ownerWallet,
+        tokenId: body.tokenId,
+        label: body.label || "CLI",
+    };
+}
+function base64url(buf) {
+    return buf.toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+}
+function htmlPage(title, body, ok) {
+    const accent = ok ? "#10b981" : "#ef4444";
+    return `<!doctype html>
+<html><head><meta charset="utf-8"><title>${title}</title>
+<style>
+  body { margin:0; min-height:100vh; display:grid; place-items:center;
+         font:15px/1.5 -apple-system,BlinkMacSystemFont,sans-serif; background:#0b0b0d; color:#e5e5e5; }
+  .card { background:#141418; border:1px solid #26262c; border-radius:12px;
+          padding:32px 36px; max-width:420px; }
+  .dot { display:inline-block; width:10px; height:10px; border-radius:50%;
+         background:${accent}; margin-right:10px; vertical-align:middle; }
+  h1 { margin:0 0 8px; font-size:18px; font-weight:600; }
+  p  { margin:0; color:#a3a3aa; }
+</style></head>
+<body><div class="card"><h1><span class="dot"></span>${title}</h1><p>${body}</p></div></body></html>`;
+}
+//# sourceMappingURL=login.js.map

package/dist/commands/login.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.js","sourceRoot":"","sources":["../../src/commands/login.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,YAAY,EAA6C,MAAM,WAAW,CAAC;AACpF,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AACtD,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACnC,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAC7C,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EACL,eAAe,EACf,eAAe,EAEf,iBAAiB,EACjB,gBAAgB,GAEjB,MAAM,mBAAmB,CAAC;AAU3B,MAAM,gBAAgB,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;AAEvC,MAAM,CAAC,MAAM,YAAY,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC;KAC7C,WAAW,CAAC,wEAAwE,CAAC;KACrF,MAAM,CAAC,iBAAiB,EAAE,uBAAuB,EAAE,gBAAgB,EAAE,CAAC;KACtE,MAAM,CAAC,kBAAkB,EAAE,4BAA4B,EAAE,iBAAiB,EAAE,CAAC;KAC7E,MAAM,CAAC,eAAe,EAAE,iCAAiC,CAAC;KAC1D,MAAM,CAAC,aAAa,EAAE,qCAAqC,CAAC;KAC5D,MAAM,CAAC,cAAc,EAAE,4CAA4C,CAAC;KACpE,MAAM,CAAC,KAAK,EAAE,IAAkB,EAAE,EAAE;IACnC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC;IAE/C,MAAM,QAAQ,GAAG,MAAM,eAAe,EAAE,CAAC;IACzC,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,MAAM,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;QAC1D,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YACjB,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,GAAG,CAAC,sFAAsF,CAAC,CAClG,CAAC;YACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,IAAI,CAAC,yBAAyB,CAAC;YACnC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,IAAI,QAAQ,CAAC,KAAK,CAAC;YAClD,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAClB,CAAC;QACF,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,IAAI,CAAC,wEAAwE,CAAC,CACrF,CAAC;QACF,MAAM,EAAE,GAAG,eAAe,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;QAC7D,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,CAAC;QACnE,EAAE,CAAC,KAAK,EAAE,CAAC;QACX,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,KAAK,GAAG,EAAE,CAAC;YACxC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC;YAC5C,OAAO;QACT,CAAC;QACD,OAAO,CAAC,GAAG,EAAE,CAAC;IAChB,CAAC;IAED,IAAI,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,sBAAsB,EAAE,CAAC;QACxD,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,GAAG,CAAC,iFAAiF,CAAC,CAC7F,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,MAAM,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,gBAAgB,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACtE,MAAM,OAAO,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,iBAAiB,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAEzE,MAAM,QAAQ,GAAG,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5C,MAAM,SAAS,GAAG,SAAS,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IAC5E,MAAM,KAAK,GAAG,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IACzC,MAAM,IAAI,GAAG,QAAQ,EAAE,IAAI,SAAS,CAAC;IAErC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACxD,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,OAAO,GAAG,CAAC,IAAI,OAAO,GAAG,KAAK,CAAC,EAAE,CAAC;QAC/E,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,qBAAqB,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QAC3D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC;QACnC,MAAM;QACN,KAAK;QACL,SAAS;QACT,QAAQ,EAAE,IAAI;QACd,WAAW,EAAE,OAAO;QACpB,WAAW,EAAE,IAAI,CAAC,SAAS,KAAK,IAAI;KACrC,CAAC,CAAC;IAEH,IAAI,MAAM,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;QAC5B,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,MAAM,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC;QACpD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC;IACxD,MAAM,SAAS,GAAG,MAAM,YAAY,CAAC;QACnC,OAAO;QACP,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,QAAQ;KACT,CAAC,CAAC;IAEH,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,CAAC;QAClB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC;QACjC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,SAAS,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC;QACvD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;IAEjC,MAAM,KAAK,GAAgB;QACzB,OAAO,EAAE,CAAC;QACV,KAAK,EAAE,SAAS,CAAC,KAAK;QACtB,WAAW,EAAE,SAAS,CAAC,WAAW;QAClC,OAAO,EAAE,SAAS,CAAC,OAAO;QAC1B,KAAK,EAAE,SAAS,CAAC,KAAK;QACtB,OAAO;QACP,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;IACF,MAAM,IAAI,GAAG,MAAM,eAAe,CAAC,KAAK,CAAC,CAAC;IAE1C,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,CAAC;IAClF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;IAC5E,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;IACjE,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,MAAM,yBAAyB,CAAC,CAAC,CAAC;IAChG,OAAO,CAAC,GAAG,EAAE,CAAC;AAChB,CAAC,CAAC,CAAC;AAeL,SAAS,eAAe,CAAC,IAAkB;IACzC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,IAAI,OAAO,GAAG,KAAK,CAAC;QACpB,MAAM,MAAM,GAAG,CAAC,CAAiB,EAAE,EAAE;YACnC,IAAI,OAAO;gBAAE,OAAO;YACpB,OAAO,GAAG,IAAI,CAAC;YACf,IAAI,CAAC;gBACH,MAAM,CAAC,KAAK,EAAE,CAAC;YACjB,CAAC;YAAC,MAAM,CAAC,CAAA,CAAC;YACV,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,OAAO,CAAC,CAAC,CAAC,CAAC;QACb,CAAC,CAAC;QAEF,MAAM,MAAM,GAAG,YAAY,CAAC,CAAC,GAAoB,EAAE,GAAmB,EAAE,EAAE;YACxE,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,EAAE,kBAAkB,CAAC,CAAC;YACxD,IAAI,GAAG,CAAC,QAAQ,KAAK,WAAW,EAAE,CAAC;gBACjC,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,YAAY,EAAE,CAAC,CAAC;gBACrD,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;gBACrB,OAAO;YACT,CAAC;YACD,MAAM,SAAS,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAChD,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YAC1C,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAE5C,IAAI,KAAK,EAAE,CAAC;gBACV,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,0BAA0B,EAAE,CAAC,CAAC;gBACnE,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,cAAc,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;gBAChD,MAAM,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,2BAA2B,KAAK,EAAE,EAAE,CAAC,CAAC;gBACvE,OAAO;YACT,CAAC;YACD,IAAI,CAAC,SAAS,IAAI,SAAS,KAAK,IAAI,CAAC,KAAK,EAAE,CAAC;gBAC3C,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,0BAA0B,EAAE,CAAC,CAAC;gBACnE,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,eAAe,EAAE,4BAA4B,EAAE,KAAK,CAAC,CAAC,CAAC;gBACxE,MAAM,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,6CAA6C,EAAE,CAAC,CAAC;gBAClF,OAAO;YACT,CAAC;YACD,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,0BAA0B,EAAE,CAAC,CAAC;gBACnE,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,cAAc,EAAE,wCAAwC,EAAE,KAAK,CAAC,CAAC,CAAC;gBACnF,MAAM,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,kCAAkC,EAAE,CAAC,CAAC;gBACvE,OAAO;YACT,CAAC;YACD,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,0BAA0B,EAAE,CAAC,CAAC;YACnE,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,kBAAkB,EAAE,oDAAoD,EAAE,IAAI,CAAC,CAAC,CAAC;YAClG,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QAC/B,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;YACzB,MAAM,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,2BAA2B,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAC/E,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,EAAE,GAAG,EAAE;YAChD,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;YAC9B,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACtC,MAAM,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,iCAAiC,EAAE,CAAC,CAAC;gBACtE,OAAO;YACT,CAAC;YACD,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC;YACvB,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;gBACjC,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC;gBAClB,QAAQ,EAAE,IAAI,CAAC,QAAQ;aACxB,CAAC,CAAC;YACH,MAAM,QAAQ,GAAG,GAAG,IAAI,CAAC,MAAM,cAAc,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;YAEjE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC,CAAC;YACvE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC,CAAC;YACxD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,QAAQ,EAAE,CAAC,CAAC,CAAC;YAC3C,OAAO,CAAC,GAAG,EAAE,CAAC;YACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,mCAAmC,IAAI,WAAW,CAAC,CAAC,CAAC;YAC5E,OAAO,CAAC,GAAG,EAAE,CAAC;YAEd,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;gBACrB,IAAI,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;oBACxB,8CAA8C;gBAChD,CAAC,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;YAC5B,MAAM,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,gDAAgD,EAAE,CAAC,CAAC;QACvF,CAAC,EAAE,gBAAgB,CAAC,CAAC;IACvB,CAAC,CAAC,CAAC;AACL,CAAC;AAkBD,KAAK,UAAU,YAAY,CAAC,IAAkB;IAC5C,IAAI,GAAa,CAAC;IAClB,IAAI,CAAC;QACH,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,kBAAkB,EAAE;YACnD,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC;SACnE,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,kBAAmB,GAAa,CAAC,OAAO,EAAE,EAAE,CAAC;IAC1E,CAAC;IAED,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,IAAI,GAAG,GAAG,GAAG,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC;QAC5C,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAyC,CAAC;YACxE,GAAG,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,OAAO,IAAI,GAAG,CAAC;QAC1C,CAAC;QAAC,MAAM,CAAC,CAAA,CAAC;QACV,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;IACnC,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAK7B,CAAC;IACF,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,IAAI,CAAC,WAAW,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;QACtD,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,+BAA+B,EAAE,CAAC;IAC/D,CAAC;IACD,OAAO;QACL,EAAE,EAAE,IAAI;QACR,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,KAAK;KAC3B,CAAC;AACJ,CAAC;AAED,SAAS,SAAS,CAAC,GAAW;IAC5B,OAAO,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AAC3F,CAAC;AAED,SAAS,QAAQ,CAAC,KAAa,EAAE,IAAY,EAAE,EAAW;IACxD,MAAM,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;IAC1C,OAAO;2CACkC,KAAK;;;;;;;sBAO1B,MAAM;;;;uDAI2B,KAAK,WAAW,IAAI,0BAA0B,CAAC;AACtG,CAAC"}

package/dist/commands/logout.d.ts

@@ -0,0 +1,3 @@
+import { Command } from "commander";
+export declare const logoutCommand: Command;
+//# sourceMappingURL=logout.d.ts.map

package/dist/commands/logout.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"logout.d.ts","sourceRoot":"","sources":["../../src/commands/logout.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAIpC,eAAO,MAAM,aAAa,SA+CtB,CAAC"}

package/dist/commands/logout.js

@@ -0,0 +1,49 @@
+import { Command } from "commander";
+import chalk from "chalk";
+import { loadCredentials, deleteCredentials, getCredentialsPath } from "../credentials.js";
+export const logoutCommand = new Command("logout")
+    .description("Sign out: revoke the CLI token and remove local credentials.")
+    .option("--keep-remote", "Delete local credentials but don't revoke the token on the server")
+    .action(async (opts) => {
+    console.log(chalk.bold("\n  ⚡ Chest Logout\n"));
+    const creds = await loadCredentials();
+    if (!creds) {
+        console.log(chalk.gray("  Not logged in.\n"));
+        return;
+    }
+    if (creds.source === "env") {
+        console.log(chalk.yellow("  CHEST_TOKEN env var is set; logout doesn't unset env vars.\n"));
+        return;
+    }
+    if (!opts.keepRemote && creds.tokenId && creds.gateUrl) {
+        process.stdout.write(chalk.gray("  Revoking token on server… "));
+        try {
+            const res = await fetch(`${creds.gateUrl}/v1/cli/revoke`, {
+                method: "POST",
+                headers: {
+                    "content-type": "application/json",
+                    authorization: `Bearer ${creds.token}`,
+                },
+                body: JSON.stringify({ tokenId: creds.tokenId }),
+            });
+            if (res.ok) {
+                console.log(chalk.green("done"));
+            }
+            else {
+                console.log(chalk.yellow(`skipped (${res.status})`));
+            }
+        }
+        catch (err) {
+            console.log(chalk.yellow(`skipped (${err.message})`));
+        }
+    }
+    const removed = await deleteCredentials();
+    if (removed) {
+        console.log(chalk.green(`  ✓ Removed ${getCredentialsPath()}`));
+    }
+    else {
+        console.log(chalk.gray(`  No credentials file at ${getCredentialsPath()}`));
+    }
+    console.log();
+});
+//# sourceMappingURL=logout.js.map

package/dist/commands/logout.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logout.js","sourceRoot":"","sources":["../../src/commands/logout.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,eAAe,EAAE,iBAAiB,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AAE3F,MAAM,CAAC,MAAM,aAAa,GAAG,IAAI,OAAO,CAAC,QAAQ,CAAC;KAC/C,WAAW,CAAC,8DAA8D,CAAC;KAC3E,MAAM,CAAC,eAAe,EAAE,mEAAmE,CAAC;KAC5F,MAAM,CAAC,KAAK,EAAE,IAA8B,EAAE,EAAE;IAC/C,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,CAAC;IAEhD,MAAM,KAAK,GAAG,MAAM,eAAe,EAAE,CAAC;IACtC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,CAAC;QAC9C,OAAO;IACT,CAAC;IAED,IAAI,KAAK,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;QAC3B,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,MAAM,CAAC,gEAAgE,CAAC,CAC/E,CAAC;QACF,OAAO;IACT,CAAC;IAED,IAAI,CAAC,IAAI,CAAC,UAAU,IAAI,KAAK,CAAC,OAAO,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;QACvD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC,CAAC;QACjE,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,KAAK,CAAC,OAAO,gBAAgB,EAAE;gBACxD,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,aAAa,EAAE,UAAU,KAAK,CAAC,KAAK,EAAE;iBACvC;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC;aACjD,CAAC,CAAC;YACH,IAAI,GAAG,CAAC,EAAE,EAAE,CAAC;gBACX,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;YACnC,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,YAAY,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YACvD,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,YAAa,GAAa,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC;QACnE,CAAC;IACH,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,iBAAiB,EAAE,CAAC;IAC1C,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,eAAe,kBAAkB,EAAE,EAAE,CAAC,CAAC,CAAC;IAClE,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,4BAA4B,kBAAkB,EAAE,EAAE,CAAC,CAAC,CAAC;IAC9E,CAAC;IACD,OAAO,CAAC,GAAG,EAAE,CAAC;AAChB,CAAC,CAAC,CAAC"}

package/dist/commands/whoami.d.ts

@@ -0,0 +1,3 @@
+import { Command } from "commander";
+export declare const whoamiCommand: Command;
+//# sourceMappingURL=whoami.d.ts.map

package/dist/commands/whoami.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"whoami.d.ts","sourceRoot":"","sources":["../../src/commands/whoami.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAIpC,eAAO,MAAM,aAAa,SAyCtB,CAAC"}

package/dist/commands/whoami.js

@@ -0,0 +1,57 @@
+import { Command } from "commander";
+import chalk from "chalk";
+import { loadCredentials } from "../credentials.js";
+export const whoamiCommand = new Command("whoami")
+    .description("Show the wallet and CLI token currently signed in on this device.")
+    .action(async () => {
+    const creds = await loadCredentials();
+    if (!creds) {
+        console.log(chalk.gray("\n  Not logged in. Run ") + chalk.white("chest-gate login") + chalk.gray(".\n"));
+        process.exit(1);
+    }
+    if (creds.source === "env") {
+        console.log();
+        console.log(chalk.gray("  Source: ") + chalk.white("CHEST_TOKEN env var"));
+        console.log(chalk.gray("  Gate:   ") + chalk.white(creds.gateUrl));
+        console.log();
+        // Best-effort resolve via /v1/cli/session.
+        const session = await fetchSession(creds.gateUrl, creds.token);
+        if (session) {
+            console.log(chalk.green("  ✓ ") + chalk.cyan(session.ownerWallet));
+            console.log(chalk.gray("    Token label: ") + chalk.white(session.label));
+            if (session.lastUsedAt) {
+                console.log(chalk.gray("    Last used:   ") + chalk.white(session.lastUsedAt));
+            }
+        }
+        else {
+            console.log(chalk.yellow("  Could not verify token with the gate."));
+        }
+        console.log();
+        return;
+    }
+    console.log();
+    console.log(chalk.green("  ✓ ") + chalk.cyan(creds.ownerWallet));
+    console.log(chalk.gray("    Token label: ") + chalk.white(creds.label));
+    console.log(chalk.gray("    Token id:    ") + chalk.white(creds.tokenId));
+    console.log(chalk.gray("    Gate:        ") + chalk.white(creds.gateUrl));
+    console.log(chalk.gray("    Logged in:   ") + chalk.white(creds.createdAt));
+    const session = await fetchSession(creds.gateUrl, creds.token);
+    if (session?.lastUsedAt) {
+        console.log(chalk.gray("    Last used:   ") + chalk.white(session.lastUsedAt));
+    }
+    console.log();
+});
+async function fetchSession(gateUrl, token) {
+    try {
+        const res = await fetch(`${gateUrl}/v1/cli/session`, {
+            headers: { authorization: `Bearer ${token}` },
+        });
+        if (!res.ok)
+            return null;
+        return (await res.json());
+    }
+    catch {
+        return null;
+    }
+}
+//# sourceMappingURL=whoami.js.map

package/dist/commands/whoami.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"whoami.js","sourceRoot":"","sources":["../../src/commands/whoami.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAEpD,MAAM,CAAC,MAAM,aAAa,GAAG,IAAI,OAAO,CAAC,QAAQ,CAAC;KAC/C,WAAW,CAAC,mEAAmE,CAAC;KAChF,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,KAAK,GAAG,MAAM,eAAe,EAAE,CAAC;IACtC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,yBAAyB,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,kBAAkB,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;QACzG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,KAAK,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;QAC3B,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC;QAC3E,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;QACnE,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,2CAA2C;QAC3C,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;QAC/D,IAAI,OAAO,EAAE,CAAC;YACZ,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC;YACnE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;YAC1E,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC;YACjF,CAAC;QACH,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,yCAAyC,CAAC,CAAC,CAAC;QACvE,CAAC;QACD,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC;IACjE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC;IACxE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;IAC1E,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;IAC1E,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;IAE5E,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;IAC/D,IAAI,OAAO,EAAE,UAAU,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC;IACjF,CAAC;IACD,OAAO,CAAC,GAAG,EAAE,CAAC;AAChB,CAAC,CAAC,CAAC;AASL,KAAK,UAAU,YAAY,CAAC,OAAe,EAAE,KAAa;IACxD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,OAAO,iBAAiB,EAAE;YACnD,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,KAAK,EAAE,EAAE;SAC9C,CAAC,CAAC;QACH,IAAI,CAAC,GAAG,CAAC,EAAE;YAAE,OAAO,IAAI,CAAC;QACzB,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAoB,CAAC;IAC/C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}

package/dist/credentials.d.ts

@@ -0,0 +1,24 @@
+export interface Credentials {
+    version: 1;
+    token: string;
+    ownerWallet: string;
+    tokenId: string;
+    label: string;
+    gateUrl: string;
+    createdAt: string;
+}
+export interface ResolvedCredentials extends Credentials {
+    source: "env" | "file";
+}
+/**
+ * Load credentials, preferring CHEST_TOKEN env over the on-disk file.
+ * Returns null if neither is present.
+ */
+export declare function loadCredentials(): Promise<ResolvedCredentials | null>;
+export declare function requireCredentials(): Promise<ResolvedCredentials>;
+export declare function saveCredentials(creds: Credentials): Promise<string>;
+export declare function deleteCredentials(): Promise<boolean>;
+export declare function getCredentialsPath(): string;
+export declare function getDefaultGateUrl(): string;
+export declare function getDefaultWebUrl(): string;
+//# sourceMappingURL=credentials.d.ts.map

package/dist/credentials.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"credentials.d.ts","sourceRoot":"","sources":["../src/credentials.ts"],"names":[],"mappings":"AAUA,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,CAAC,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,mBAAoB,SAAQ,WAAW;IACtD,MAAM,EAAE,KAAK,GAAG,MAAM,CAAC;CACxB;AAED;;;GAGG;AACH,wBAAsB,eAAe,IAAI,OAAO,CAAC,mBAAmB,GAAG,IAAI,CAAC,CAoB3E;AAED,wBAAsB,kBAAkB,IAAI,OAAO,CAAC,mBAAmB,CAAC,CAMvE;AAED,wBAAsB,eAAe,CAAC,KAAK,EAAE,WAAW,GAAG,OAAO,CAAC,MAAM,CAAC,CAMzE;AAED,wBAAsB,iBAAiB,IAAI,OAAO,CAAC,OAAO,CAAC,CAI1D;AAED,wBAAgB,kBAAkB,IAAI,MAAM,CAE3C;AAED,wBAAgB,iBAAiB,IAAI,MAAM,CAE1C;AAED,wBAAgB,gBAAgB,IAAI,MAAM,CAEzC"}

package/dist/credentials.js

@@ -0,0 +1,61 @@
+import { readFile, writeFile, mkdir, chmod, unlink } from "node:fs/promises";
+import { existsSync } from "node:fs";
+import { homedir } from "node:os";
+import { join } from "node:path";
+const CHEST_DIR = join(homedir(), ".chest");
+const CREDENTIALS_PATH = join(CHEST_DIR, "credentials.json");
+const DEFAULT_GATE_URL = "https://gate.chest.sh";
+/**
+ * Load credentials, preferring CHEST_TOKEN env over the on-disk file.
+ * Returns null if neither is present.
+ */
+export async function loadCredentials() {
+    const envToken = process.env.CHEST_TOKEN?.trim();
+    if (envToken) {
+        return {
+            version: 1,
+            token: envToken,
+            ownerWallet: "",
+            tokenId: "",
+            label: "CHEST_TOKEN env",
+            gateUrl: process.env.CHEST_GATE_URL?.trim() || DEFAULT_GATE_URL,
+            createdAt: "",
+            source: "env",
+        };
+    }
+    if (!existsSync(CREDENTIALS_PATH))
+        return null;
+    const raw = await readFile(CREDENTIALS_PATH, "utf-8");
+    const parsed = JSON.parse(raw);
+    return { ...parsed, source: "file" };
+}
+export async function requireCredentials() {
+    const creds = await loadCredentials();
+    if (!creds) {
+        throw new Error("Not logged in. Run `chest-gate login` first.");
+    }
+    return creds;
+}
+export async function saveCredentials(creds) {
+    await mkdir(CHEST_DIR, { recursive: true, mode: 0o700 });
+    await chmod(CHEST_DIR, 0o700).catch(() => { });
+    await writeFile(CREDENTIALS_PATH, JSON.stringify(creds, null, 2), { mode: 0o600 });
+    await chmod(CREDENTIALS_PATH, 0o600).catch(() => { });
+    return CREDENTIALS_PATH;
+}
+export async function deleteCredentials() {
+    if (!existsSync(CREDENTIALS_PATH))
+        return false;
+    await unlink(CREDENTIALS_PATH);
+    return true;
+}
+export function getCredentialsPath() {
+    return CREDENTIALS_PATH;
+}
+export function getDefaultGateUrl() {
+    return process.env.CHEST_GATE_URL?.trim() || DEFAULT_GATE_URL;
+}
+export function getDefaultWebUrl() {
+    return process.env.CHEST_WEB_URL?.trim() || "https://chest.sh";
+}
+//# sourceMappingURL=credentials.js.map

package/dist/credentials.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"credentials.js","sourceRoot":"","sources":["../src/credentials.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAC7E,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAEjC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,QAAQ,CAAC,CAAC;AAC5C,MAAM,gBAAgB,GAAG,IAAI,CAAC,SAAS,EAAE,kBAAkB,CAAC,CAAC;AAE7D,MAAM,gBAAgB,GAAG,uBAAuB,CAAC;AAgBjD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe;IACnC,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,EAAE,CAAC;IACjD,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO;YACL,OAAO,EAAE,CAAC;YACV,KAAK,EAAE,QAAQ;YACf,WAAW,EAAE,EAAE;YACf,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,iBAAiB;YACxB,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,EAAE,IAAI,gBAAgB;YAC/D,SAAS,EAAE,EAAE;YACb,MAAM,EAAE,KAAK;SACd,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,UAAU,CAAC,gBAAgB,CAAC;QAAE,OAAO,IAAI,CAAC;IAE/C,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,gBAAgB,EAAE,OAAO,CAAC,CAAC;IACtD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAgB,CAAC;IAC9C,OAAO,EAAE,GAAG,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AACvC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB;IACtC,MAAM,KAAK,GAAG,MAAM,eAAe,EAAE,CAAC;IACtC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAClE,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,KAAkB;IACtD,MAAM,KAAK,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACzD,MAAM,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IAC9C,MAAM,SAAS,CAAC,gBAAgB,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACnF,MAAM,KAAK,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IACrD,OAAO,gBAAgB,CAAC;AAC1B,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB;IACrC,IAAI,CAAC,UAAU,CAAC,gBAAgB,CAAC;QAAE,OAAO,KAAK,CAAC;IAChD,MAAM,MAAM,CAAC,gBAAgB,CAAC,CAAC;IAC/B,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,kBAAkB;IAChC,OAAO,gBAAgB,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC/B,OAAO,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,EAAE,IAAI,gBAAgB,CAAC;AAChE,CAAC;AAED,MAAM,UAAU,gBAAgB;IAC9B,OAAO,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,EAAE,IAAI,kBAAkB,CAAC;AACjE,CAAC"}

package/dist/dashboard-sig.d.ts

@@ -0,0 +1,25 @@
+/**
+ * Sign dashboard-bound API actions (archive, unlist, etc.) with the local
+ * deployer / author keypair. Mirrors `signDashboardMessage` in
+ * server-auth/dashboard-auth.ts byte-for-byte so the server's
+ * `verifyDashboardSignature` accepts the result.
+ *
+ * Canonical message (utf-8):
+ *   "chest-dashboard:{wallet}:{action}:{resourceId}:{windowTs}"
+ *
+ *   wallet     = base58 Solana pubkey of the signer
+ *   action     = e.g. "deployment:archive", "app:unlist"
+ *   resourceId = the slug (or "-" when unused)
+ *   windowTs   = Math.floor(Date.now() / 300_000), 5-minute window
+ *
+ * Output: ed25519 signature, base64-encoded, sent in the X-Dashboard-Sig
+ * header.
+ */
+export type DashboardAction = "deployment:archive" | "deployment:unlist" | "app:archive" | "app:unlist";
+export interface DashboardSignatureInput {
+    wallet: string;
+    action: DashboardAction;
+    resourceId: string;
+}
+export declare function signDashboardMessage(input: DashboardSignatureInput, secretKey: Uint8Array): string;
+//# sourceMappingURL=dashboard-sig.d.ts.map

package/dist/dashboard-sig.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dashboard-sig.d.ts","sourceRoot":"","sources":["../src/dashboard-sig.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAIH,MAAM,MAAM,eAAe,GACvB,oBAAoB,GACpB,mBAAmB,GACnB,aAAa,GACb,YAAY,CAAC;AAEjB,MAAM,WAAW,uBAAuB;IACtC,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,eAAe,CAAC;IACxB,UAAU,EAAE,MAAM,CAAC;CACpB;AAID,wBAAgB,oBAAoB,CAClC,KAAK,EAAE,uBAAuB,EAC9B,SAAS,EAAE,UAAU,GACpB,MAAM,CAOR"}

package/dist/dashboard-sig.js

@@ -0,0 +1,26 @@
+/**
+ * Sign dashboard-bound API actions (archive, unlist, etc.) with the local
+ * deployer / author keypair. Mirrors `signDashboardMessage` in
+ * server-auth/dashboard-auth.ts byte-for-byte so the server's
+ * `verifyDashboardSignature` accepts the result.
+ *
+ * Canonical message (utf-8):
+ *   "chest-dashboard:{wallet}:{action}:{resourceId}:{windowTs}"
+ *
+ *   wallet     = base58 Solana pubkey of the signer
+ *   action     = e.g. "deployment:archive", "app:unlist"
+ *   resourceId = the slug (or "-" when unused)
+ *   windowTs   = Math.floor(Date.now() / 300_000), 5-minute window
+ *
+ * Output: ed25519 signature, base64-encoded, sent in the X-Dashboard-Sig
+ * header.
+ */
+import { ed25519 } from "@noble/curves/ed25519";
+const WINDOW_MS = 300_000;
+export function signDashboardMessage(input, secretKey) {
+    const seed = secretKey.length === 64 ? secretKey.slice(0, 32) : secretKey;
+    const windowTs = Math.floor(Date.now() / WINDOW_MS);
+    const msg = new TextEncoder().encode(`chest-dashboard:${input.wallet}:${input.action}:${input.resourceId}:${windowTs}`);
+    return Buffer.from(ed25519.sign(msg, seed)).toString("base64");
+}
+//# sourceMappingURL=dashboard-sig.js.map

package/dist/dashboard-sig.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"dashboard-sig.js","sourceRoot":"","sources":["../src/dashboard-sig.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAchD,MAAM,SAAS,GAAG,OAAO,CAAC;AAE1B,MAAM,UAAU,oBAAoB,CAClC,KAA8B,EAC9B,SAAqB;IAErB,MAAM,IAAI,GAAG,SAAS,CAAC,MAAM,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAC1E,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,CAAC;IACpD,MAAM,GAAG,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAClC,mBAAmB,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,UAAU,IAAI,QAAQ,EAAE,CAClF,CAAC;IACF,OAAO,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACjE,CAAC"}

package/dist/index.js

@@ -7,6 +7,9 @@ import { statusCommand } from "./commands/status.js";
 import { keypairCommand } from "./commands/keypair.js";
 import { splitCommand } from "./commands/split.js";
 import { appCommand } from "./commands/app.js";
+import { loginCommand } from "./commands/login.js";
+import { logoutCommand } from "./commands/logout.js";
+import { whoamiCommand } from "./commands/whoami.js";
 const program = new Command();
 program
     .name("chest-gate")
@@ -19,5 +22,8 @@ program.addCommand(statusCommand);
 program.addCommand(keypairCommand);
 program.addCommand(splitCommand);
 program.addCommand(appCommand);
+program.addCommand(loginCommand);
+program.addCommand(logoutCommand);
+program.addCommand(whoamiCommand);
 program.parse();
 //# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAE/C,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,YAAY,CAAC;KAClB,WAAW,CAAC,qDAAqD,CAAC;KAClE,OAAO,CAAC,OAAO,CAAC,CAAC;AAEpB,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;AAChC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;AAClC,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;AAChC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;AAClC,OAAO,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;AACnC,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;AACjC,OAAO,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;AAE/B,OAAO,CAAC,KAAK,EAAE,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAErD,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,YAAY,CAAC;KAClB,WAAW,CAAC,qDAAqD,CAAC;KAClE,OAAO,CAAC,OAAO,CAAC,CAAC;AAEpB,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;AAChC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;AAClC,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;AAChC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;AAClC,OAAO,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;AACnC,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;AACjC,OAAO,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;AAC/B,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;AACjC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;AAClC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;AAElC,OAAO,CAAC,KAAK,EAAE,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@chest-gate/cli",
-  "version": "0.2.0",
+  "version": "0.4.0",
   "description": "Chest Gate CLI. One command to monetise any API with x402 on Solana.",
   "keywords": [
     "x402",
@@ -37,6 +37,7 @@
   "dependencies": {
     "@chest-gate/proxy": "^0.1.0",
     "@coral-xyz/anchor": "^0.32.1",
+    "@noble/curves": "^1.0.0",
     "@solana/kit": "^5.5.0",
     "@solana/spl-token": "^0.4.14",
     "@solana/web3.js": "^1.98.4",
@@ -46,6 +47,7 @@
     "ed25519-hd-key": "^1.3.0",
     "gray-matter": "^4.0.3",
     "inquirer": "^12.0.0",
+    "open": "^11.0.0",
     "yaml": "^2.7.0"
   },
   "devDependencies": {