@coinfello/agent-cli 0.1.12 → 0.1.14

package/README.md

@@ -101,6 +101,23 @@ Transaction submitted successfully.
 Transaction ID: <txn_hash_>
 ```
 
+### 6. signer-daemon
+
+Manages the Secure Enclave signing daemon. Without the daemon, each signing operation (account creation, sign-in, delegation signing) triggers a separate Touch ID / password prompt. Starting the daemon authenticates once and caches the authorization for subsequent operations.
+
+```bash
+# Start the daemon (prompts Touch ID / password once)
+node dist/index.js signer-daemon start
+
+# Check if the daemon is running
+node dist/index.js signer-daemon status
+
+# Stop the daemon
+node dist/index.js signer-daemon stop
+```
+
+If the daemon is not running, all signing operations fall back to direct Secure Enclave binary execution (which prompts Touch ID each time).
+
 ### Help
 
 View all commands and options:
@@ -109,4 +126,5 @@ View all commands and options:
 node dist/index.js --help
 node dist/index.js create_account --help
 node dist/index.js send_prompt --help
+node dist/index.js signer-daemon --help
 ```

package/dist/index.js

@@ -5,24 +5,141 @@ import { privateKeyToAccount, generatePrivateKey } from "viem/accounts";
 import { toWebAuthnAccount } from "viem/account-abstraction";
 import * as chains from "viem/chains";
 import { createHash, randomBytes } from "node:crypto";
-import { execFile } from "node:child_process";
+import { execFile, spawn } from "node:child_process";
 import { promisify } from "node:util";
 import { dirname, join } from "node:path";
 import { fileURLToPath } from "node:url";
-import { platform, homedir } from "node:os";
-import { readFile, mkdir, writeFile } from "node:fs/promises";
+import { userInfo, platform, homedir } from "node:os";
+import { readFile, unlink, mkdir, writeFile } from "node:fs/promises";
+import { createConnection } from "node:net";
 import { http, createPublicClient as createPublicClient$1, serializeErc6492Signature } from "viem";
 import { createSiweMessage } from "viem/siwe";
 const execFileAsync = promisify(execFile);
 const __filename$1 = fileURLToPath(import.meta.url);
 const __dirname$1 = dirname(__filename$1);
 function getBinaryPath() {
-  return join(__dirname$1, "secure-enclave-signer.app", "Contents", "MacOS", "secure-enclave-signer");
+  const bundlePath = join(
+    __dirname$1,
+    "secure-enclave-signer.app",
+    "Contents",
+    "MacOS",
+    "secure-enclave-signer"
+  );
+  if (__dirname$1.includes("/src/")) {
+    const projectRoot = __dirname$1.split("/src/")[0];
+    return join(
+      projectRoot,
+      "dist",
+      "secure-enclave-signer.app",
+      "Contents",
+      "MacOS",
+      "secure-enclave-signer"
+    );
+  }
+  return bundlePath;
 }
+const SOCKET_PATH = `/tmp/coinfello-se-signer-${userInfo().username}.sock`;
+const PID_PATH = `/tmp/coinfello-se-signer-${userInfo().username}.pid`;
 function isSecureEnclaveAvailable() {
   return platform() === "darwin";
 }
-async function runCommand(args) {
+async function sendDaemonRequest(request) {
+  return new Promise((resolve, reject) => {
+    const client = createConnection({ path: SOCKET_PATH }, () => {
+      const data = JSON.stringify(request);
+      client.end(data);
+    });
+    let response = "";
+    client.on("data", (chunk) => {
+      response += chunk.toString();
+    });
+    client.on("end", () => {
+      try {
+        const parsed = JSON.parse(response.trim());
+        if (parsed.success) {
+          resolve(parsed.result);
+        } else {
+          reject(new Error(`SecureEnclave [${parsed.error}]: ${parsed.message}`));
+        }
+      } catch {
+        reject(new Error(`Invalid daemon response: ${response}`));
+      }
+    });
+    client.on("error", (err) => {
+      reject(err);
+    });
+    client.setTimeout(3e4, () => {
+      client.destroy();
+      reject(new Error("Daemon request timed out"));
+    });
+  });
+}
+async function isDaemonRunning() {
+  try {
+    await sendDaemonRequest({ command: "ping" });
+    return true;
+  } catch {
+    return false;
+  }
+}
+async function startDaemon() {
+  const binaryPath = getBinaryPath();
+  const child = spawn(binaryPath, ["daemon"], {
+    detached: true,
+    stdio: ["ignore", "pipe", "pipe"]
+  });
+  child.unref();
+  return new Promise((resolve, reject) => {
+    let stdout = "";
+    let stderr = "";
+    child.stdout.on("data", (chunk) => {
+      stdout += chunk.toString();
+      try {
+        const ready = JSON.parse(stdout.trim());
+        if (ready.status === "ready") {
+          child.stdout.removeAllListeners();
+          child.stderr.removeAllListeners();
+          resolve({ pid: ready.pid, socket: ready.socket });
+        }
+      } catch {
+      }
+    });
+    child.stderr.on("data", (chunk) => {
+      stderr += chunk.toString();
+    });
+    child.on("error", (err) => {
+      reject(new Error(`Failed to start daemon: ${err.message}`));
+    });
+    child.on("exit", (code) => {
+      if (code !== 0) {
+        try {
+          const parsed = JSON.parse(stderr.trim());
+          reject(new Error(`Daemon exited: [${parsed.error}] ${parsed.message}`));
+        } catch {
+          reject(new Error(`Daemon exited with code ${code}: ${stderr}`));
+        }
+      }
+    });
+    setTimeout(() => reject(new Error("Daemon startup timed out")), 15e3);
+  });
+}
+async function stopDaemon() {
+  try {
+    const pidStr = await readFile(PID_PATH, "utf-8");
+    const pid = parseInt(pidStr.trim(), 10);
+    process.kill(pid, "SIGTERM");
+  } catch {
+    try {
+      await unlink(SOCKET_PATH);
+    } catch {
+    }
+    try {
+      await unlink(PID_PATH);
+    } catch {
+    }
+  }
+}
+async function runCommandDirect(args) {
   const binaryPath = getBinaryPath();
   try {
     const { stdout } = await execFileAsync(binaryPath, args, {
@@ -45,6 +162,24 @@ async function runCommand(args) {
     throw new Error(`SecureEnclave command failed: ${error.message ?? "Unknown error"}`);
   }
 }
+async function runCommand(args) {
+  try {
+    const command = args[0];
+    const request = { command };
+    if (command === "sign") {
+      const tagIdx = args.indexOf("--tag");
+      const payloadIdx = args.indexOf("--payload");
+      if (tagIdx >= 0 && tagIdx + 1 < args.length) request.tag = args[tagIdx + 1];
+      if (payloadIdx >= 0 && payloadIdx + 1 < args.length) request.payload = args[payloadIdx + 1];
+    } else if (command === "get-public-key") {
+      const tagIdx = args.indexOf("--tag");
+      if (tagIdx >= 0 && tagIdx + 1 < args.length) request.tag = args[tagIdx + 1];
+    }
+    return await sendDaemonRequest(request);
+  } catch {
+    return await runCommandDirect(args);
+  }
+}
 async function generateKey() {
   const result = await runCommand(["generate"]);
   return {
@@ -3220,22 +3355,26 @@ program.command("send_prompt").description("Send a prompt to CoinFello, creating
       delegateAddress,
       scope
     });
-    console.log("Signing subdelegation...");
+    console.log("Signing subdelegation... ", JSON.stringify(subdelegation, null, 4));
     const signature = await smartAccount.signDelegation({
       delegation: subdelegation
     });
+    console.log("Signed subdelegation");
     let sig = signature;
     const chain = resolveChainInput(config.chain);
     const publicClient = createPublicClient(chain);
+    console.log("Getting code...");
     const code = await publicClient.getCode({ address: smartAccount.address });
     const isDeployed = !!(code && code !== "0x");
     if (!isDeployed) {
+      console.log("Getting factory args...");
       const factoryArgs = await smartAccount.getFactoryArgs();
       sig = serializeErc6492Signature({
         signature,
         address: factoryArgs.factory,
         data: factoryArgs.factoryData
       });
+      console.log("Serialized 6492 sig");
     }
     const signedSubdelegation = { ...subdelegation, signature: sig };
     console.log("Sending signed delegation...");
@@ -3257,4 +3396,44 @@ program.command("send_prompt").description("Send a prompt to CoinFello, creating
     process.exit(1);
   }
 });
+const signerDaemon = program.command("signer-daemon").description("Manage the Secure Enclave signing daemon");
+signerDaemon.command("start").description("Start the signing daemon (authenticates via Touch ID / password once)").action(async () => {
+  try {
+    const running = await isDaemonRunning();
+    if (running) {
+      console.log("Signing daemon is already running.");
+      return;
+    }
+    console.log("Starting signing daemon (authenticate when prompted)...");
+    const { pid, socket } = await startDaemon();
+    console.log(`Signing daemon started.`);
+    console.log(`PID: ${pid}`);
+    console.log(`Socket: ${socket}`);
+  } catch (err) {
+    console.error(`Failed to start daemon: ${err.message}`);
+    process.exit(1);
+  }
+});
+signerDaemon.command("stop").description("Stop the signing daemon").action(async () => {
+  try {
+    const running = await isDaemonRunning();
+    if (!running) {
+      console.log("Signing daemon is not running.");
+      return;
+    }
+    await stopDaemon();
+    console.log("Signing daemon stopped.");
+  } catch (err) {
+    console.error(`Failed to stop daemon: ${err.message}`);
+    process.exit(1);
+  }
+});
+signerDaemon.command("status").description("Check if the signing daemon is running").action(async () => {
+  const running = await isDaemonRunning();
+  if (running) {
+    console.log("Signing daemon is running.");
+  } else {
+    console.log("Signing daemon is not running.");
+  }
+});
 program.parse();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@coinfello/agent-cli",
-  "version": "0.1.12",
+  "version": "0.1.14",
   "description": "",
   "type": "module",
   "main": "dist/index.js",