@cogcoin/client 1.1.6 → 1.1.8

package/dist/wallet/tx/reputation.js

@@ -3,15 +3,15 @@ import { encodeSentence } from "@cogcoin/scoring";
 import { getBalance, lookupDomain, } from "@cogcoin/indexer/queries";
 import { attachOrStartManagedBitcoindService } from "../../bitcoind/service.js";
 import { createRpcClient } from "../../bitcoind/node.js";
-import { acquireFileLock } from "../fs/lock.js";
-import { resolveWalletRuntimePathsForTesting } from "../runtime.js";
-import { createDefaultWalletSecretProvider, } from "../state/provider.js";
+import {} from "../runtime.js";
+import {} from "../state/provider.js";
 import { serializeRepCommit, serializeRepRevoke, validateDomainName, } from "../cogop/index.js";
 import { openWalletReadContext } from "../read/index.js";
-import { assertFixedInputPrefixMatches, assertFundingInputsAfterFixedPrefix, assertWalletMutationContextReady, buildWalletMutationTransactionWithReserveFallback, createBuiltWalletMutationFeeSummary, createFundingMutationSender, createWalletMutationFeeMetadata, formatCogAmount, getDecodedInputScriptPubKeyHex, isLocalWalletScript, isAlreadyAcceptedError, isBroadcastUnknownError, mergeFixedWalletInputs, outpointKey, pauseMiningForWalletMutation, resolvePendingMutationReuseDecision, resolveWalletMutationFeeSelection, saveWalletStatePreservingUnlock, unlockTemporaryBuilderLocks, updateMutationRecord, } from "./common.js";
+import { assertFixedInputPrefixMatches, assertFundingInputsAfterFixedPrefix, assertWalletMutationContextReady, buildWalletMutationTransactionWithReserveFallback, createFundingMutationSender, createWalletMutationFeeMetadata, formatCogAmount, getDecodedInputScriptPubKeyHex, isLocalWalletScript, mergeFixedWalletInputs, outpointKey, unlockTemporaryBuilderLocks, updateMutationRecord, } from "./common.js";
 import { confirmTypedAcknowledgement as confirmSharedTypedAcknowledgement, confirmYesNo as confirmSharedYesNo, } from "./confirm.js";
+import { executeWalletMutationOperation, persistWalletMutationState, publishWalletMutation, resolveExistingWalletMutation, } from "./executor.js";
 import { getCanonicalIdentitySelector } from "./identity-selector.js";
-import { findPendingMutationByIntent, upsertPendingMutation } from "./journal.js";
+import { upsertPendingMutation } from "./journal.js";
 function normalizeDomainName(domainName, errorCode) {
     const normalized = domainName.trim().toLowerCase();
     if (normalized.length === 0) {
@@ -215,18 +215,7 @@ function createDraftMutation(options) {
     };
 }
 async function saveUpdatedMutationState(options) {
-    const nextState = {
-        ...options.state,
-        stateRevision: options.state.stateRevision + 1,
-        lastWrittenAtUnixMs: options.nowUnixMs,
-    };
-    await saveWalletStatePreservingUnlock({
-        state: nextState,
-        provider: options.provider,
-        nowUnixMs: options.nowUnixMs,
-        paths: options.paths,
-    });
-    return nextState;
+    return persistWalletMutationState(options);
 }
 function mutationNeedsRepair(mutation, context) {
     if (context.snapshot === null || mutation.recipientDomainName == null) {
@@ -381,75 +370,6 @@ async function encodeReviewText(reviewText, errorPrefix) {
         throw new Error(error instanceof Error ? `${errorPrefix}_invalid_review_${error.message}` : `${errorPrefix}_invalid_review`);
     });
 }
-async function sendBuiltTransaction(options) {
-    let nextState = options.state;
-    const broadcasting = updateMutationRecord(options.mutation, "broadcasting", options.nowUnixMs, {
-        attemptedTxid: options.built.txid,
-        attemptedWtxid: options.built.wtxid,
-        temporaryBuilderLockedOutpoints: options.built.temporaryBuilderLockedOutpoints,
-    });
-    nextState = upsertPendingMutation(nextState, broadcasting);
-    nextState = await saveUpdatedMutationState({
-        state: nextState,
-        provider: options.provider,
-        nowUnixMs: options.nowUnixMs,
-        paths: options.paths,
-    });
-    if (options.snapshotHeight !== null && options.snapshotHeight !== (await options.rpc.getBlockchainInfo()).blocks) {
-        await unlockTemporaryBuilderLocks(options.rpc, options.walletName, options.built.temporaryBuilderLockedOutpoints);
-        throw new Error(`${options.errorPrefix}_tip_mismatch`);
-    }
-    try {
-        await options.rpc.sendRawTransaction(options.built.rawHex);
-    }
-    catch (error) {
-        if (!isAlreadyAcceptedError(error)) {
-            if (isBroadcastUnknownError(error)) {
-                const unknown = updateMutationRecord(broadcasting, "broadcast-unknown", options.nowUnixMs, {
-                    attemptedTxid: options.built.txid,
-                    attemptedWtxid: options.built.wtxid,
-                    temporaryBuilderLockedOutpoints: options.built.temporaryBuilderLockedOutpoints,
-                });
-                nextState = upsertPendingMutation(nextState, unknown);
-                nextState = await saveUpdatedMutationState({
-                    state: nextState,
-                    provider: options.provider,
-                    nowUnixMs: options.nowUnixMs,
-                    paths: options.paths,
-                });
-                throw new Error(`${options.errorPrefix}_broadcast_unknown`);
-            }
-            await unlockTemporaryBuilderLocks(options.rpc, options.walletName, options.built.temporaryBuilderLockedOutpoints);
-            const canceled = updateMutationRecord(broadcasting, "canceled", options.nowUnixMs, {
-                attemptedTxid: options.built.txid,
-                attemptedWtxid: options.built.wtxid,
-                temporaryBuilderLockedOutpoints: [],
-            });
-            nextState = upsertPendingMutation(nextState, canceled);
-            nextState = await saveUpdatedMutationState({
-                state: nextState,
-                provider: options.provider,
-                nowUnixMs: options.nowUnixMs,
-                paths: options.paths,
-            });
-            throw error;
-        }
-    }
-    await unlockTemporaryBuilderLocks(options.rpc, options.walletName, options.built.temporaryBuilderLockedOutpoints);
-    const live = updateMutationRecord(broadcasting, "live", options.nowUnixMs, {
-        attemptedTxid: options.built.txid,
-        attemptedWtxid: options.built.wtxid,
-        temporaryBuilderLockedOutpoints: [],
-    });
-    nextState = upsertPendingMutation(nextState, live);
-    nextState = await saveUpdatedMutationState({
-        state: nextState,
-        provider: options.provider,
-        nowUnixMs: options.nowUnixMs,
-        paths: options.paths,
-    });
-    return { state: nextState, mutation: live };
-}
 async function submitReputationMutation(options) {
     if (!options.prompter.isInteractive && options.assumeYes !== true) {
         throw new Error(`${options.errorPrefix}_requires_tty`);
@@ -457,26 +377,11 @@ async function submitReputationMutation(options) {
     if (options.amountCogtoshi <= 0n) {
         throw new Error(`${options.errorPrefix}_invalid_amount`);
     }
-    const provider = options.provider ?? createDefaultWalletSecretProvider();
-    const nowUnixMs = options.nowUnixMs ?? Date.now();
-    const paths = options.paths ?? resolveWalletRuntimePathsForTesting();
-    const controlLock = await acquireFileLock(paths.walletControlLockPath, {
-        purpose: options.errorPrefix,
-        walletRootId: null,
-    });
-    try {
-        const miningPreemption = await pauseMiningForWalletMutation({
-            paths,
-            reason: options.errorPrefix,
-        });
-        const readContext = await (options.openReadContext ?? openWalletReadContext)({
-            dataDir: options.dataDir,
-            databasePath: options.databasePath,
-            secretProvider: provider,
-            walletControlLockHeld: true,
-            paths,
-        });
-        try {
+    const execution = await executeWalletMutationOperation({
+        ...options,
+        controlLockPurpose: options.errorPrefix,
+        preemptionReason: options.errorPrefix,
+        async resolveOperation(readContext) {
             const normalizedSourceDomainName = normalizeDomainName(options.sourceDomainName, `${options.errorPrefix}_missing_source_domain`);
             const normalizedTargetDomainName = normalizeDomainName(options.targetDomainName, `${options.errorPrefix}_missing_target_domain`);
             const operation = resolveReputationOperation(readContext, normalizedSourceDomainName, normalizedTargetDomainName, options.errorPrefix);
@@ -493,159 +398,147 @@ async function submitReputationMutation(options) {
             }
             const review = await encodeReviewText(options.reviewText, options.errorPrefix);
             const selfStake = operation.sourceDomain.domainId === operation.targetDomain.domainId;
-            const resolved = createResolvedReputationSummary({
-                kind: options.kind === "rep-give" ? "give" : "revoke",
-                sender: operation.sender,
-                senderSelector: operation.senderSelector,
-                amountCogtoshi: options.amountCogtoshi,
+            return {
+                ...operation,
+                normalizedSourceDomainName,
+                normalizedTargetDomainName,
                 review,
-                selfStake,
-            });
-            const intentFingerprintHex = createIntentFingerprint([
+                resolved: createResolvedReputationSummary({
+                    kind: options.kind === "rep-give" ? "give" : "revoke",
+                    sender: operation.sender,
+                    senderSelector: operation.senderSelector,
+                    amountCogtoshi: options.amountCogtoshi,
+                    review,
+                    selfStake,
+                }),
+            };
+        },
+        createIntentFingerprint(operation) {
+            return createIntentFingerprint([
                 options.kind,
                 operation.state.walletRootId,
                 operation.sourceDomain.name,
                 operation.targetDomain.name,
                 options.amountCogtoshi,
-                review.payloadHex ?? "",
+                operation.review.payloadHex ?? "",
             ]);
-            const node = await (options.attachService ?? attachOrStartManagedBitcoindService)({
-                dataDir: options.dataDir,
-                chain: "main",
-                startHeight: 0,
-                walletRootId: operation.state.walletRootId,
-            });
-            const rpc = (options.rpcFactory ?? createRpcClient)(node.rpc);
-            const walletName = operation.state.managedCoreWallet.walletName;
-            const feeSelection = await resolveWalletMutationFeeSelection({
-                rpc,
-                feeRateSatVb: options.feeRateSatVb ?? null,
-            });
-            const existingMutation = findPendingMutationByIntent(operation.state, intentFingerprintHex);
-            let workingState = operation.state;
-            let replacementFixedInputs = null;
-            if (existingMutation !== null) {
-                const reconciled = await reconcilePendingReputationMutation({
+        },
+        async resolveExistingMutation({ operation, existingMutation, execution }) {
+            if (existingMutation === null) {
+                return {
                     state: operation.state,
-                    mutation: existingMutation,
-                    provider,
-                    nowUnixMs,
-                    paths,
-                    rpc,
-                    walletName,
-                    context: readContext,
-                });
-                workingState = reconciled.state;
-                if (reconciled.resolution === "confirmed" || reconciled.resolution === "live") {
-                    const reuse = await resolvePendingMutationReuseDecision({
-                        rpc,
-                        walletName,
-                        mutation: reconciled.mutation,
-                        nextFeeSelection: feeSelection,
-                    });
-                    if (reuse.reuseExisting) {
-                        return {
-                            kind: options.kind === "rep-give" ? "give" : "revoke",
-                            sourceDomainName: normalizedSourceDomainName,
-                            targetDomainName: normalizedTargetDomainName,
-                            amountCogtoshi: options.amountCogtoshi,
-                            txid: reconciled.mutation.attemptedTxid ?? "unknown",
-                            status: reconciled.resolution,
-                            reusedExisting: true,
-                            reviewIncluded: review.payloadHex !== null,
-                            resolved,
-                            fees: reuse.fees,
-                        };
-                    }
-                    replacementFixedInputs = reuse.replacementFixedInputs;
-                }
-                if (reconciled.resolution === "repair-required") {
-                    throw new Error(`${options.errorPrefix}_repair_required`);
-                }
+                    replacementFixedInputs: null,
+                    result: null,
+                };
             }
+            return resolveExistingWalletMutation({
+                existingMutation,
+                execution,
+                repairRequiredErrorCode: `${options.errorPrefix}_repair_required`,
+                reconcileExistingMutation: (mutation) => reconcilePendingReputationMutation({
+                    state: operation.state,
+                    mutation,
+                    provider: execution.provider,
+                    nowUnixMs: execution.nowUnixMs,
+                    paths: execution.paths,
+                    rpc: execution.rpc,
+                    walletName: execution.walletName,
+                    context: execution.readContext,
+                }),
+                createReuseResult: ({ mutation, resolution, fees }) => ({
+                    kind: options.kind === "rep-give" ? "give" : "revoke",
+                    sourceDomainName: operation.normalizedSourceDomainName,
+                    targetDomainName: operation.normalizedTargetDomainName,
+                    amountCogtoshi: options.amountCogtoshi,
+                    txid: mutation.attemptedTxid ?? "unknown",
+                    status: resolution,
+                    reusedExisting: true,
+                    reviewIncluded: operation.review.payloadHex !== null,
+                    resolved: operation.resolved,
+                    fees,
+                }),
+            });
+        },
+        async confirm({ operation }) {
             await confirmReputationMutation(options.prompter, {
                 kind: options.kind === "rep-give" ? "give" : "revoke",
-                sourceDomainName: normalizedSourceDomainName,
-                targetDomainName: normalizedTargetDomainName,
+                sourceDomainName: operation.normalizedSourceDomainName,
+                targetDomainName: operation.normalizedTargetDomainName,
                 amountCogtoshi: options.amountCogtoshi,
-                reviewText: review.text,
-                resolved,
+                reviewText: operation.review.text,
+                resolved: operation.resolved,
                 assumeYes: options.assumeYes,
             });
-            let nextState = upsertPendingMutation(workingState, createDraftMutation({
-                kind: options.kind,
-                sourceDomainName: normalizedSourceDomainName,
-                targetDomainName: normalizedTargetDomainName,
-                amountCogtoshi: options.amountCogtoshi,
-                sender: operation.sender,
-                intentFingerprintHex,
-                nowUnixMs,
-                reviewPayloadHex: review.payloadHex,
-                feeSelection,
-                existing: existingMutation,
-            }));
-            nextState = await saveUpdatedMutationState({
-                state: nextState,
-                provider,
-                nowUnixMs,
-                paths,
-            });
+        },
+        createDraftMutation({ operation, existingMutation, execution, intentFingerprintHex }) {
+            return {
+                mutation: createDraftMutation({
+                    kind: options.kind,
+                    sourceDomainName: operation.normalizedSourceDomainName,
+                    targetDomainName: operation.normalizedTargetDomainName,
+                    amountCogtoshi: options.amountCogtoshi,
+                    sender: operation.sender,
+                    intentFingerprintHex,
+                    nowUnixMs: execution.nowUnixMs,
+                    reviewPayloadHex: operation.review.payloadHex,
+                    feeSelection: execution.feeSelection,
+                    existing: existingMutation,
+                }),
+                prepared: null,
+            };
+        },
+        async build({ operation, state, execution, replacementFixedInputs }) {
             const opReturnData = options.kind === "rep-give"
-                ? serializeRepCommit(operation.sourceDomain.domainId, operation.targetDomain.domainId, options.amountCogtoshi, review.payload).opReturnData
-                : serializeRepRevoke(operation.sourceDomain.domainId, operation.targetDomain.domainId, options.amountCogtoshi, review.payload).opReturnData;
+                ? serializeRepCommit(operation.sourceDomain.domainId, operation.targetDomain.domainId, options.amountCogtoshi, operation.review.payload).opReturnData
+                : serializeRepRevoke(operation.sourceDomain.domainId, operation.targetDomain.domainId, options.amountCogtoshi, operation.review.payload).opReturnData;
             const reputationPlan = buildPlanForReputationOperation({
-                state: nextState,
-                allUtxos: await rpc.listUnspent(walletName, 1),
+                state,
+                allUtxos: await execution.rpc.listUnspent(execution.walletName, 1),
                 sender: operation.sender,
                 opReturnData,
                 errorPrefix: options.errorPrefix,
             });
-            const built = await buildTransaction({
-                rpc,
-                walletName,
-                state: nextState,
+            return buildTransaction({
+                rpc: execution.rpc,
+                walletName: execution.walletName,
+                state,
                 plan: {
                     ...reputationPlan,
                     fixedInputs: mergeFixedWalletInputs(reputationPlan.fixedInputs, replacementFixedInputs),
                 },
-                feeRateSatVb: feeSelection.feeRateSatVb,
+                feeRateSatVb: execution.feeSelection.feeRateSatVb,
             });
-            const final = await sendBuiltTransaction({
-                rpc,
-                walletName,
-                snapshotHeight: readContext.snapshot?.tip?.height ?? null,
+        },
+        publish({ state, execution, built, mutation }) {
+            return publishWalletMutation({
+                rpc: execution.rpc,
+                walletName: execution.walletName,
+                snapshotHeight: execution.readContext.snapshot?.tip?.height ?? null,
                 built,
-                mutation: nextState.pendingMutations.find((mutation) => mutation.intentFingerprintHex === intentFingerprintHex),
-                state: nextState,
-                provider,
-                nowUnixMs,
-                paths,
+                mutation,
+                state,
+                provider: execution.provider,
+                nowUnixMs: execution.nowUnixMs,
+                paths: execution.paths,
                 errorPrefix: options.errorPrefix,
             });
+        },
+        createResult({ operation, mutation, built, status, reusedExisting, fees }) {
             return {
                 kind: options.kind === "rep-give" ? "give" : "revoke",
-                sourceDomainName: normalizedSourceDomainName,
-                targetDomainName: normalizedTargetDomainName,
+                sourceDomainName: operation.normalizedSourceDomainName,
+                targetDomainName: operation.normalizedTargetDomainName,
                 amountCogtoshi: options.amountCogtoshi,
-                txid: final.mutation.attemptedTxid ?? built.txid,
-                status: "live",
-                reusedExisting: false,
-                reviewIncluded: review.payloadHex !== null,
-                resolved,
-                fees: createBuiltWalletMutationFeeSummary({
-                    selection: feeSelection,
-                    built,
-                }),
+                txid: mutation.attemptedTxid ?? built?.txid ?? "unknown",
+                status: status,
+                reusedExisting,
+                reviewIncluded: operation.review.payloadHex !== null,
+                resolved: operation.resolved,
+                fees,
             };
-        }
-        finally {
-            await readContext.close();
-            await miningPreemption.release();
-        }
-    }
-    finally {
-        await controlLock.release();
-    }
+        },
+    });
+    return execution.result;
 }
 export async function giveReputation(options) {
     return submitReputationMutation({

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@cogcoin/client",
-  "version": "1.1.6",
+  "version": "1.1.8",
   "description": "Store-backed Cogcoin client with wallet flows, SQLite persistence, and managed Bitcoin Core integration.",
   "license": "MIT",
   "type": "module",

package/dist/wallet/mining/worker-main.d.ts

@@ -1 +0,0 @@
-export {};

package/dist/wallet/mining/worker-main.js

@@ -1,17 +0,0 @@
-import { runBackgroundMiningWorker } from "./runner.js";
-function readFlag(name) {
-    const prefix = `--${name}=`;
-    const match = process.argv.find((entry) => entry.startsWith(prefix));
-    return match === undefined ? null : match.slice(prefix.length);
-}
-const dataDir = readFlag("data-dir");
-const databasePath = readFlag("database-path");
-const runId = readFlag("run-id");
-if (dataDir === null || databasePath === null || runId === null) {
-    throw new Error("mining_worker_missing_args");
-}
-await runBackgroundMiningWorker({
-    dataDir,
-    databasePath,
-    runId,
-});

package/dist/wallet/state/client-password-agent.d.ts

@@ -1 +0,0 @@
-export {};

package/dist/wallet/state/client-password-agent.js

@@ -1,211 +0,0 @@
-import { createCipheriv, createDecipheriv, randomBytes } from "node:crypto";
-import net from "node:net";
-import { rm } from "node:fs/promises";
-function shouldRemoveAgentEndpointPath(endpoint) {
-    return !endpoint.startsWith("\\\\.\\pipe\\");
-}
-function zeroizeBuffer(buffer) {
-    if (buffer != null) {
-        buffer.fill(0);
-    }
-}
-function createAgentError(message) {
-    return JSON.stringify({
-        ok: false,
-        error: message,
-    });
-}
-async function readBootstrapConfig() {
-    const endpoint = process.argv[2] ?? "";
-    const unlockUntilUnixMs = Number(process.argv[3] ?? "");
-    if (endpoint.length === 0 || !Number.isFinite(unlockUntilUnixMs)) {
-        throw new Error("wallet_client_password_agent_bootstrap_invalid");
-    }
-    const raw = await new Promise((resolve, reject) => {
-        let received = "";
-        const onData = (chunk) => {
-            received += chunk.toString("utf8");
-            const newlineIndex = received.indexOf("\n");
-            if (newlineIndex !== -1) {
-                cleanup();
-                resolve(received.slice(0, newlineIndex));
-            }
-        };
-        const onEnd = () => {
-            cleanup();
-            reject(new Error("wallet_client_password_agent_bootstrap_missing"));
-        };
-        const onError = (error) => {
-            cleanup();
-            reject(error);
-        };
-        const cleanup = () => {
-            process.stdin.off("data", onData);
-            process.stdin.off("end", onEnd);
-            process.stdin.off("error", onError);
-        };
-        process.stdin.on("data", onData);
-        process.stdin.on("end", onEnd);
-        process.stdin.on("error", onError);
-    });
-    const parsed = JSON.parse(raw);
-    if (typeof parsed.derivedKeyBase64 !== "string") {
-        throw new Error("wallet_client_password_agent_bootstrap_invalid");
-    }
-    return {
-        endpoint,
-        unlockUntilUnixMs,
-        derivedKey: Buffer.from(parsed.derivedKeyBase64, "base64"),
-    };
-}
-async function main() {
-    const bootstrap = await readBootstrapConfig();
-    let key = bootstrap.derivedKey;
-    let unlockUntilUnixMs = bootstrap.unlockUntilUnixMs;
-    let expiryTimer = null;
-    const cleanupAndExit = async () => {
-        if (expiryTimer !== null) {
-            clearTimeout(expiryTimer);
-            expiryTimer = null;
-        }
-        zeroizeBuffer(key);
-        key = Buffer.alloc(0);
-        if (shouldRemoveAgentEndpointPath(bootstrap.endpoint)) {
-            await rm(bootstrap.endpoint, { force: true }).catch(() => undefined);
-        }
-        process.exit(0);
-    };
-    const refreshExpiry = () => {
-        if (expiryTimer !== null) {
-            clearTimeout(expiryTimer);
-        }
-        const remainingMs = Math.max(0, unlockUntilUnixMs - Date.now());
-        expiryTimer = setTimeout(() => {
-            void cleanupAndExit();
-        }, remainingMs);
-        expiryTimer.unref();
-    };
-    const encryptSecret = (secretBase64) => {
-        const nonce = randomBytes(12);
-        const cipher = createCipheriv("aes-256-gcm", key, nonce);
-        const ciphertext = Buffer.concat([
-            cipher.update(Buffer.from(secretBase64, "base64")),
-            cipher.final(),
-        ]);
-        const tag = cipher.getAuthTag();
-        return {
-            nonce: nonce.toString("base64"),
-            tag: tag.toString("base64"),
-            ciphertext: ciphertext.toString("base64"),
-        };
-    };
-    const decryptSecret = (options) => {
-        const decipher = createDecipheriv("aes-256-gcm", key, Buffer.from(options.nonce, "base64"));
-        decipher.setAuthTag(Buffer.from(options.tag, "base64"));
-        return Buffer.concat([
-            decipher.update(Buffer.from(options.ciphertext, "base64")),
-            decipher.final(),
-        ]).toString("base64");
-    };
-    const server = net.createServer((socket) => {
-        let received = "";
-        const send = (payload) => {
-            socket.end(`${JSON.stringify(payload)}\n`);
-        };
-        socket.on("data", (chunk) => {
-            received += chunk.toString("utf8");
-            const newlineIndex = received.indexOf("\n");
-            if (newlineIndex === -1) {
-                return;
-            }
-            let parsed;
-            try {
-                parsed = JSON.parse(received.slice(0, newlineIndex));
-            }
-            catch {
-                send({ ok: false, error: "wallet_client_password_agent_protocol_error" });
-                return;
-            }
-            try {
-                switch (parsed.command) {
-                    case "status":
-                        send({ ok: true, unlockUntilUnixMs });
-                        return;
-                    case "lock":
-                        send({ ok: true, unlockUntilUnixMs: null });
-                        setImmediate(() => {
-                            void cleanupAndExit();
-                        });
-                        return;
-                    case "refresh":
-                        if (!Number.isFinite(parsed.unlockUntilUnixMs)) {
-                            send({ ok: false, error: "wallet_client_password_agent_protocol_error" });
-                            return;
-                        }
-                        unlockUntilUnixMs = Number(parsed.unlockUntilUnixMs);
-                        refreshExpiry();
-                        send({ ok: true, unlockUntilUnixMs });
-                        return;
-                    case "encrypt":
-                        if (typeof parsed.secretBase64 !== "string") {
-                            send({ ok: false, error: "wallet_client_password_agent_protocol_error" });
-                            return;
-                        }
-                        send({
-                            ok: true,
-                            unlockUntilUnixMs,
-                            envelope: encryptSecret(parsed.secretBase64),
-                        });
-                        return;
-                    case "decrypt":
-                        if (typeof parsed.envelope?.nonce !== "string"
-                            || typeof parsed.envelope?.tag !== "string"
-                            || typeof parsed.envelope?.ciphertext !== "string") {
-                            send({ ok: false, error: "wallet_client_password_agent_protocol_error" });
-                            return;
-                        }
-                        send({
-                            ok: true,
-                            unlockUntilUnixMs,
-                            secretBase64: decryptSecret({
-                                nonce: parsed.envelope.nonce,
-                                tag: parsed.envelope.tag,
-                                ciphertext: parsed.envelope.ciphertext,
-                            }),
-                        });
-                        return;
-                    default:
-                        send({ ok: false, error: "wallet_client_password_agent_protocol_error" });
-                }
-            }
-            catch (error) {
-                send({
-                    ok: false,
-                    error: error instanceof Error ? error.message : String(error),
-                });
-            }
-        });
-    });
-    process.on("SIGTERM", () => {
-        void cleanupAndExit();
-    });
-    process.on("SIGINT", () => {
-        void cleanupAndExit();
-    });
-    process.on("exit", () => {
-        zeroizeBuffer(key);
-    });
-    refreshExpiry();
-    await new Promise((resolve, reject) => {
-        server.once("error", reject);
-        server.listen(bootstrap.endpoint, () => {
-            server.off("error", reject);
-            resolve();
-        });
-    });
-    process.stdout.write("ready\n");
-}
-void main().catch((error) => {
-    process.stderr.write(`${createAgentError(error instanceof Error ? error.message : String(error))}\n`);
-    process.exit(1);
-});