@clawnet/template-minimal 0.0.1

package/tests/middleware/sigma-auth.test.ts

@@ -0,0 +1,198 @@
+import { PrivateKey } from "@bsv/sdk";
+import { getAuthToken } from "bitcoin-auth";
+import { Hono } from "hono";
+import { afterAll, beforeAll, describe, expect, test, vi } from "vitest";
+import { getOwnerPubkey, sigmaAuth } from "../../src/middleware/sigma-auth";
+
+describe("Sigma Auth Middleware", () => {
+	let ownerWif: string;
+	let otherWif: string;
+	let app: Hono;
+
+	beforeAll(() => {
+		// Generate test WIFs
+		ownerWif = PrivateKey.fromRandom().toWif();
+		otherWif = PrivateKey.fromRandom().toWif();
+
+		// Set owner WIF in env
+		process.env.SIGMA_MEMBER_WIF = ownerWif;
+
+		// Create test app with middleware
+		app = new Hono();
+		app.use("/protected/*", sigmaAuth);
+		app.get("/protected/test", (c) => c.json({ message: "success" }));
+		app.post("/protected/test", async (c) => {
+			const body = await c.req.json();
+			return c.json({ message: "success", received: body });
+		});
+	});
+
+	afterAll(() => {
+		// Clean up env
+		delete process.env.SIGMA_MEMBER_WIF;
+	});
+
+	test("getOwnerPubkey derives and caches public key", () => {
+		const pubkey1 = getOwnerPubkey();
+		const pubkey2 = getOwnerPubkey();
+
+		// Should return same instance (cached)
+		expect(pubkey1).toBe(pubkey2);
+
+		// Should match expected public key
+		const expectedPubkey = PrivateKey.fromWif(ownerWif)
+			.toPublicKey()
+			.toString();
+		expect(pubkey1).toBe(expectedPubkey);
+	});
+
+	test("allows valid owner token without body", async () => {
+		const requestPath = "/protected/test";
+		const token = getAuthToken({
+			privateKeyWif: ownerWif,
+			requestPath,
+		});
+
+		const response = await app.request(`http://localhost${requestPath}`, {
+			headers: {
+				Authorization: `Bearer ${token}`,
+			},
+		});
+
+		expect(response.status).toBe(200);
+		const data = await response.json();
+		expect(data).toEqual({ message: "success" });
+	});
+
+	test("allows valid owner token with body", async () => {
+		const requestPath = "/protected/test";
+		const body = JSON.stringify({ key: "value" });
+		const token = getAuthToken({
+			privateKeyWif: ownerWif,
+			requestPath,
+			body,
+		});
+
+		const response = await app.request(`http://localhost${requestPath}`, {
+			method: "POST",
+			headers: {
+				Authorization: `Bearer ${token}`,
+				"Content-Type": "application/json",
+			},
+			body,
+		});
+
+		expect(response.status).toBe(200);
+		const data = await response.json();
+		expect(data.message).toBe("success");
+		expect(data.received).toEqual({ key: "value" });
+	});
+
+	test("rejects missing Authorization header", async () => {
+		const requestPath = "/protected/test";
+
+		const response = await app.request(`http://localhost${requestPath}`);
+
+		expect(response.status).toBe(401);
+		const data = await response.json();
+		expect(data.error).toBe("Missing or invalid Authorization header");
+	});
+
+	test("rejects malformed token", async () => {
+		const requestPath = "/protected/test";
+
+		const response = await app.request(`http://localhost${requestPath}`, {
+			headers: {
+				Authorization: "Bearer random-invalid-string",
+			},
+		});
+
+		expect(response.status).toBe(401);
+		const data = await response.json();
+		expect(data.error).toBe("Invalid token format");
+	});
+
+	test("rejects valid token from wrong identity", async () => {
+		const requestPath = "/protected/test";
+		const token = getAuthToken({
+			privateKeyWif: otherWif, // Different identity
+			requestPath,
+		});
+
+		const response = await app.request(`http://localhost${requestPath}`, {
+			headers: {
+				Authorization: `Bearer ${token}`,
+			},
+		});
+
+		expect(response.status).toBe(403);
+		const data = await response.json();
+		expect(data.error).toBe("Forbidden: Identity mismatch");
+	});
+
+	test("rejects expired token", async () => {
+		const requestPath = "/protected/test";
+		// Create token with timestamp 10 minutes in the past
+		const oldTimestamp = new Date(Date.now() - 10 * 60 * 1000).toISOString();
+		const token = getAuthToken({
+			privateKeyWif: ownerWif,
+			requestPath,
+			timestamp: oldTimestamp,
+		});
+
+		const response = await app.request(`http://localhost${requestPath}`, {
+			headers: {
+				Authorization: `Bearer ${token}`,
+			},
+		});
+
+		expect(response.status).toBe(401);
+		const data = await response.json();
+		expect(data.error).toBe("Invalid or expired token");
+	});
+
+	test("returns 500 when parseAuthToken throws", async () => {
+		const parseSpy = vi.spyOn(await import("bitcoin-auth"), "parseAuthToken");
+		parseSpy.mockImplementation(() => {
+			throw new Error("parse explosion");
+		});
+
+		const requestPath = "/protected/test";
+		const response = await app.request(`http://localhost${requestPath}`, {
+			headers: {
+				Authorization: "Bearer some-token-value",
+			},
+		});
+
+		expect(response.status).toBe(500);
+		const data = await response.json();
+		expect(data.error).toBe("Authentication processing error");
+
+		parseSpy.mockRestore();
+	});
+
+	test("returns 500 when verifyAuthToken throws", async () => {
+		const verifySpy = vi.spyOn(await import("bitcoin-auth"), "verifyAuthToken");
+		verifySpy.mockImplementation(() => {
+			throw new Error("verify explosion");
+		});
+
+		const requestPath = "/protected/test";
+		const token = getAuthToken({
+			privateKeyWif: ownerWif,
+			requestPath,
+		});
+
+		const response = await app.request(`http://localhost${requestPath}`, {
+			headers: {
+				Authorization: `Bearer ${token}`,
+			},
+		});
+
+		expect(response.status).toBe(500);
+		const data = await response.json();
+		expect(data.error).toBe("Authentication processing error");
+
+		verifySpy.mockRestore();
+	});
+});

package/tests/runs.test.ts

@@ -0,0 +1,56 @@
+import { describe, expect, it } from "vitest";
+import { createRun, getRun, updateRun } from "../src/runs";
+
+describe("run store", () => {
+	it("createRun returns a RunState with pending status", () => {
+		const run = createRun("conversation");
+		expect(run.id).toBeDefined();
+		expect(run.status).toBe("pending");
+		expect(run.trigger).toBe("conversation");
+		expect(run.createdAt).toBeDefined();
+	});
+
+	it("getRun finds a created run", () => {
+		const run = createRun("heartbeat");
+		const found = getRun(run.id);
+		expect(found).toBeDefined();
+		expect(found?.id).toBe(run.id);
+	});
+
+	it("getRun returns undefined for missing id", () => {
+		expect(getRun("nonexistent-id")).toBeUndefined();
+	});
+
+	it("updateRun changes status and result", () => {
+		const run = createRun("manual");
+		updateRun(run.id, {
+			status: "completed",
+			result: { success: true, summary: "Done", actions: [] },
+		});
+		const updated = getRun(run.id);
+		expect(updated?.status).toBe("completed");
+		expect(updated?.result?.summary).toBe("Done");
+		expect(updated?.completedAt).toBeDefined();
+	});
+
+	it("updateRun sets completedAt on failure", () => {
+		const run = createRun("conversation");
+		updateRun(run.id, { status: "failed" });
+		const updated = getRun(run.id);
+		expect(updated?.status).toBe("failed");
+		expect(updated?.completedAt).toBeDefined();
+	});
+
+	it("pruning removes runs older than 1 hour", () => {
+		const old = createRun("conversation");
+		// Manually backdate the createdAt
+		const run = getRun(old.id);
+		if (run) {
+			run.createdAt = new Date(Date.now() - 2 * 60 * 60 * 1000).toISOString();
+		}
+		// Creating a new run triggers pruning
+		const fresh = createRun("conversation");
+		expect(getRun(old.id)).toBeUndefined();
+		expect(getRun(fresh.id)).toBeDefined();
+	});
+});

package/tests/skill.test.ts

@@ -0,0 +1,71 @@
+import { readFileSync } from "node:fs";
+import { resolve } from "node:path";
+import { describe, expect, it } from "vitest";
+
+function parseFrontmatter(content: string): Record<string, unknown> {
+	const match = content.match(/^---\n([\s\S]*?)\n---/);
+	if (!match) throw new Error("No frontmatter found");
+	const yaml = match[1];
+	const result: Record<string, unknown> = {};
+	for (const line of yaml.split("\n")) {
+		const colonIdx = line.indexOf(":");
+		if (colonIdx === -1) continue;
+		const key = line.slice(0, colonIdx).trim();
+		let value: unknown = line.slice(colonIdx + 1).trim();
+		if (typeof value === "string" && value.startsWith("{")) {
+			value = JSON.parse(value);
+		}
+		result[key] = value;
+	}
+	return result;
+}
+
+describe("SKILL.md", () => {
+	const skillPath = resolve("skills/clawbook/SKILL.md");
+	const content = readFileSync(skillPath, "utf-8");
+	const frontmatter = parseFrontmatter(content);
+
+	it("has required name field", () => {
+		expect(frontmatter.name).toBe("clawbook");
+	});
+
+	it("has description", () => {
+		expect(typeof frontmatter.description).toBe("string");
+		expect((frontmatter.description as string).length).toBeGreaterThan(10);
+	});
+
+	it("has homepage", () => {
+		expect(frontmatter.homepage).toBe("https://clawbook.network");
+	});
+
+	it("has openclaw metadata with env requirements", () => {
+		const metadata = frontmatter.metadata as Record<string, unknown>;
+		expect(metadata).toBeDefined();
+		const openclaw = (metadata as Record<string, unknown>).openclaw as Record<
+			string,
+			unknown
+		>;
+		expect(openclaw).toBeDefined();
+		const requires = openclaw.requires as Record<string, unknown>;
+		expect(requires.env).toContain("CLAWBOOK_API_URL");
+		expect(requires.env).toContain("SIGMA_MEMBER_WIF");
+	});
+});
+
+describe("HEARTBEAT.md", () => {
+	const heartbeatPath = resolve("skills/clawbook/HEARTBEAT.md");
+	const content = readFileSync(heartbeatPath, "utf-8");
+	const frontmatter = parseFrontmatter(content);
+
+	it("has name field", () => {
+		expect(frontmatter.name).toBe("clawbook-heartbeat");
+	});
+
+	it("has description", () => {
+		expect(typeof frontmatter.description).toBe("string");
+	});
+
+	it("is not user-invocable", () => {
+		expect(frontmatter["user-invocable"]).toBe("false");
+	});
+});

package/tsconfig.json

@@ -0,0 +1,14 @@
+{
+	"compilerOptions": {
+		"target": "ES2022",
+		"module": "ESNext",
+		"moduleResolution": "bundler",
+		"strict": true,
+		"esModuleInterop": true,
+		"skipLibCheck": true,
+		"forceConsistentCasingInFileNames": true,
+		"outDir": "./dist",
+		"rootDir": "./src"
+	},
+	"include": ["src/**/*"]
+}

package/vercel.json

@@ -0,0 +1,9 @@
+{
+	"$schema": "https://openapi.vercel.sh/vercel.json",
+	"bunVersion": "1.x",
+	"functions": {
+		"src/index.ts": {
+			"runtime": "bun"
+		}
+	}
+}