@dev.sail.money/sailor 0.0.2 → 0.1.0-local

package/templates/custom-mandate/README.md

@@ -1,85 +1,116 @@
-# Write Your Own Permission — Sail Protocol
-
-Sail Protocol accepts ANY contract implementing `IPermission`. There is no fixed set of
-permission types. `BoundedCallPermission` here is a general primitive; `examples/permissions/`
-shows protocol-specific patterns. Every financial bound your mandate enforces should live in
-Solidity — the kernel checks `evaluate()` on every dispatch. The agent's TypeScript can be changed
-without your signature; the permission contract cannot. You own what you deploy.
-
----
-
-Sailor does not ship a blessed library of financial permission contracts. You author, review, and
-deploy your own `IPermission` contract, and Sailor makes deploying and registering it easy.
-
-## What a permission contract is
-
-A permission contract is an on-chain policy that the SailKernel consults before it lets your agent
-(the manager) execute any transaction from your SMA. On every dispatch the kernel calls
-`evaluate(txData, ctx)` on each registered permission via `staticcall` — return `true` to allow the
-call, `false` to block it. The contract holds your rules (allowed targets, size caps, token
-allowlists, time windows, …) so the agent can only ever act inside the bounds you deployed.
-
-## The IPermission interface
-
-```solidity
-interface IPermission {
-    function evaluate(bytes calldata txData, Context calldata ctx) external view returns (bool);
-    function discriminator() external view returns (bytes32);
-}
-
-struct Context {
-    address account;        // the SMA (Safe) the dispatch executes from
-    address manager;        // the delegated signer authorized to dispatch
-    address submitter;      // the address that submitted the dispatch transaction
-    address target;         // the contract the call is directed at
-    bytes4  selector;       // the 4-byte function selector being called
-    uint256 value;          // msg.value (native asset) sent with the call
-    uint256 blockTimestamp; // block.timestamp at evaluation
-    uint256 blockNumber;    // block.number at evaluation
-}
-```
-
-- `evaluate` — your policy. Return `true` to permit the call, `false` to block it. Runs under a
-  100k-gas `staticcall`; a revert or gas overage is treated as `false`.
-- `discriminator` — a stable `bytes32` name for your permission (e.g. `keccak256("MyMandate")`).
-
-Keep all policy parameters constructor-configured so each deployment is a complete, reviewable
-policy before it is attached to the SMA.
-
-## Workflow
-
-```bash
-# 1. Write your contract in mandates/ (start from BoundedCallPermission.sol)
-# 2. Compile
-forge build
-
-# 3. Deploy and attach in one step
-sailor mandate deploy --contract <Name> --attach --sma <SMA>
-```
-
-Or deploy first and attach later (two-step):
-
-```bash
-sailor mandate deploy --contract <Name>            # prints the deployed address
-sailor mandate attach --address <deployedAddress> --sma <SMA>
-```
-
-Both attach paths open the browser signing station so the owner authorizes the registration
-(EIP-712 `RegisterPermission`); the agent submits the on-chain transaction.
-
-## Prerequisites
-
-- [Foundry](https://book.getfoundry.sh/getting-started/installation)
-- An existing Sailor agent (created with `sailor init`)
-
-## Responsibility
-
-> **You are responsible for the correctness of your permission logic. Sailor registers whatever
-> contract address you provide. A bug can block all agent activity or authorize transactions you did
-> not intend. Review carefully before attaching.**
-
-## Structure
-
-- `foundry.toml` — Foundry config with `@sail/` remapping to `.sail/contracts/`
-- `.sail/contracts/interfaces/IPermission.sol` — interface copy (matches SailProtocol)
-- `mandates/BoundedCallPermission.sol` — general primitive: allowlisted targets, optional selector filter, max ETH value
+# Write Your Own Permission — Sail Protocol
+
+Sail Protocol accepts ANY contract implementing `IPermission`. There is no fixed set of
+permission types. `BoundedCallPermission` here is a general primitive; `examples/permissions/`
+shows protocol-specific patterns. Every financial bound your mandate enforces should live in
+Solidity — the kernel checks `evaluate()` on every dispatch. The agent's TypeScript can be changed
+without your signature; the permission contract cannot. You own what you deploy.
+
+---
+
+Sailor does not ship a blessed library of financial permission contracts. You author, review, and
+deploy your own `IPermission` contract, and Sailor makes deploying and registering it easy.
+
+## What a permission contract is
+
+A permission contract is an on-chain policy that the SailKernel consults before it lets your agent
+(the manager) execute any transaction from your SMA. On every dispatch the kernel calls
+`evaluate(txData, ctx)` on each registered permission via `staticcall` — return `true` to allow the
+call, `false` to block it. The contract holds your rules (allowed targets, size caps, token
+allowlists, time windows, …) so the agent can only ever act inside the bounds you deployed.
+
+## The IPermission interface
+
+```solidity
+interface IPermission {
+    function evaluate(bytes calldata txData, Context calldata ctx) external view returns (bool);
+    function discriminator() external view returns (bytes32);
+}
+
+struct Context {
+    address account;        // the SMA (Safe) the dispatch executes from
+    address manager;        // the delegated signer authorized to dispatch
+    address submitter;      // the address that submitted the dispatch transaction
+    address target;         // the contract the call is directed at
+    bytes4  selector;       // the 4-byte function selector being called
+    uint256 value;          // msg.value (native asset) sent with the call
+    uint256 blockTimestamp; // block.timestamp at evaluation
+    uint256 blockNumber;    // block.number at evaluation
+}
+```
+
+- `evaluate` — your policy. Return `true` to permit the call, `false` to block it. Runs under a
+  100k-gas `staticcall`; a revert or gas overage is treated as `false`.
+- `discriminator` — a stable `bytes32` name for your permission (e.g. `keccak256("MyMandate")`).
+
+Keep all policy parameters constructor-configured so each deployment is a complete, reviewable
+policy before it is attached to the SMA.
+
+## Workflow
+
+```bash
+# 1. Write your contract in mandates/ (start from BoundedCallPermission.sol)
+# 2. Compile
+forge build
+
+# 3. Deploy and attach in one step
+sailor mandate deploy --contract <Name> --attach --sma <SMA>
+```
+
+Or deploy first and attach later (two-step):
+
+```bash
+sailor mandate deploy --contract <Name>            # prints the deployed address
+sailor mandate attach --address <deployedAddress> --sma <SMA>
+```
+
+Both attach paths open the browser signing station so the owner authorizes the registration
+(EIP-712 `RegisterPermission`); the agent submits the on-chain transaction.
+
+## Prerequisites
+
+- [Foundry](https://book.getfoundry.sh/getting-started/installation)
+- An existing Sailor agent (created with `sailor init`)
+
+## Responsibility
+
+> **You are responsible for the correctness of your permission logic. Sailor registers whatever
+> contract address you provide. A bug can block all agent activity or authorize transactions you did
+> not intend. Review carefully before attaching.**
+
+## Extracting calldata parameters safely
+
+When you need to bound a specific call argument (amount cap, recipient check, slippage floor),
+use `SailCalldata` instead of manual `abi.decode`. The two common bugs it prevents:
+
+1. **Forgetting the length check** — decoding before checking `txData.length` can revert or
+   silently return wrong values. `SailCalldata.hasParams(txData, N)` is the one-line guard.
+2. **Wrong slot index** — off-by-one decodes the wrong parameter. Named helpers make the
+   intent explicit: `asAddress(txData, 0)`, `asUint256(txData, 1)`, `asAddress(txData, 2)`.
+
+```solidity
+import {SailCalldata} from "./SailCalldata.sol";
+
+function evaluate(bytes calldata txData, Context calldata ctx) external view returns (bool) {
+    if (ctx.target != POOL)        return false;
+    if (ctx.selector != SEL_SUPPLY) return false;
+    // supply(address asset, uint256 amount, address onBehalfOf, uint16 referralCode)
+    if (!SailCalldata.hasParams(txData, 4)) return false;
+    address asset      = SailCalldata.asAddress(txData, 0);
+    uint256 amount     = SailCalldata.asUint256(txData, 1);
+    address onBehalfOf = SailCalldata.asAddress(txData, 2);
+    // ...
+}
+```
+
+Available helpers: `asAddress`, `asUint256`, `asInt256`, `asBytes32`, `asBool`,
+`asUint128`, `asUint64`, `asUint32`, `asUint24`, `asUint16`, `asBytes4`.
+Only covers static (fixed-size) types. For `bytes`, `string`, or dynamic arrays,
+use `abi.decode(txData[4:], ...)` after the `hasParams` guard.
+
+## Structure
+
+- `foundry.toml` — Foundry config with `@sail/` remapping to `.sail/contracts/`
+- `.sail/contracts/interfaces/IPermission.sol` — interface copy (matches SailProtocol)
+- `mandates/BoundedCallPermission.sol` — general primitive: allowlisted targets, optional selector filter, max ETH value
+- `mandates/SailCalldata.sol` — safe calldata parameter extraction helpers

package/templates/custom-mandate/foundry.toml

@@ -1,8 +1,8 @@
-[profile.default]
-src = "mandates"
-out = "out"
-libs = ["lib"]
-remappings = ["@sail/=.sail/contracts/"]
-solc = "0.8.26"
-optimizer = true
-optimizer_runs = 200
+[profile.default]
+src = "mandates"
+out = "out"
+libs = ["lib"]
+remappings = ["@sail/=.sail/contracts/"]
+solc = "0.8.26"
+optimizer = true
+optimizer_runs = 200

package/templates/custom-mandate/mandates/BoundedCallPermission.sol

@@ -1,35 +1,41 @@
-// SPDX-License-Identifier: MIT
-pragma solidity 0.8.26;
-
-import {IPermission, Context} from "@sail/interfaces/IPermission.sol";
-
-/// @title BoundedCallPermission
-/// @notice General-purpose IPermission primitive. Bounds the universal properties of any call:
-///         allowed targets, allowed selectors, and max ETH value. Protocol-agnostic.
-///         For calldata-parameter bounds (amount caps, recipient checks, slippage), write a
-///         protocol-specific permission — see examples/permissions/ for the pattern per protocol.
-/// @dev Deploy one instance per SMA with constructor-configured parameters.
-contract BoundedCallPermission is IPermission {
-    bytes32 private constant DISCRIMINATOR = keccak256("BoundedCallPermission");
-
-    mapping(address => bool) public isAllowedTarget;
-    mapping(bytes4 => bool) public isAllowedSelector;
-    bool public immutable SELECTOR_FILTERING;
-    uint256 public immutable MAX_VALUE;
-
-    constructor(address[] memory allowedTargets, bytes4[] memory allowedSelectors, uint256 maxValue) {
-        for (uint256 i = 0; i < allowedTargets.length; i++) isAllowedTarget[allowedTargets[i]] = true;
-        SELECTOR_FILTERING = allowedSelectors.length > 0;
-        for (uint256 i = 0; i < allowedSelectors.length; i++) isAllowedSelector[allowedSelectors[i]] = true;
-        MAX_VALUE = maxValue;
-    }
-
-    function evaluate(bytes calldata, Context calldata ctx) external view returns (bool) {
-        if (!isAllowedTarget[ctx.target]) return false;
-        if (SELECTOR_FILTERING && !isAllowedSelector[ctx.selector]) return false;
-        if (ctx.value > MAX_VALUE) return false;
-        return true;
-    }
-
-    function discriminator() external pure returns (bytes32) { return DISCRIMINATOR; }
-}
+// SPDX-License-Identifier: MIT
+pragma solidity 0.8.26;
+
+import {IPermission, Context} from "@sail/interfaces/IPermission.sol";
+// SailCalldata: safe helpers for extracting calldata parameters inside evaluate().
+// Use SailCalldata.hasParams(txData, N) + SailCalldata.asAddress/asUint256/... instead of
+// manual abi.decode when you need to bound specific call arguments (amounts, recipients, etc.).
+// See SailCalldata.sol for the full API and examples/permissions/ for protocol examples.
+import {SailCalldata} from "./SailCalldata.sol";
+
+/// @title BoundedCallPermission
+/// @notice General-purpose IPermission primitive. Bounds the universal properties of any call:
+///         allowed targets, allowed selectors, and max ETH value. Protocol-agnostic.
+///         For calldata-parameter bounds (amount caps, recipient checks, slippage), use
+///         SailCalldata (imported above) and write a protocol-specific permission —
+///         see examples/permissions/ for the pattern per protocol.
+/// @dev Deploy one instance per SMA with constructor-configured parameters.
+contract BoundedCallPermission is IPermission {
+    bytes32 private constant DISCRIMINATOR = keccak256("BoundedCallPermission");
+
+    mapping(address => bool) public isAllowedTarget;
+    mapping(bytes4 => bool) public isAllowedSelector;
+    bool public immutable SELECTOR_FILTERING;
+    uint256 public immutable MAX_VALUE;
+
+    constructor(address[] memory allowedTargets, bytes4[] memory allowedSelectors, uint256 maxValue) {
+        for (uint256 i = 0; i < allowedTargets.length; i++) isAllowedTarget[allowedTargets[i]] = true;
+        SELECTOR_FILTERING = allowedSelectors.length > 0;
+        for (uint256 i = 0; i < allowedSelectors.length; i++) isAllowedSelector[allowedSelectors[i]] = true;
+        MAX_VALUE = maxValue;
+    }
+
+    function evaluate(bytes calldata, Context calldata ctx) external view returns (bool) {
+        if (!isAllowedTarget[ctx.target]) return false;
+        if (SELECTOR_FILTERING && !isAllowedSelector[ctx.selector]) return false;
+        if (ctx.value > MAX_VALUE) return false;
+        return true;
+    }
+
+    function discriminator() external pure returns (bytes32) { return DISCRIMINATOR; }
+}

package/templates/custom-mandate/mandates/README.md

@@ -1,16 +1,16 @@
-# Mandates
-
-Solidity permission contracts live here. Each contract implements `@sail/interfaces/IPermission.sol`.
-The SailKernel calls `evaluate(txData, ctx)` before any manager dispatch. Return `true` to permit,
-`false` to block.
-
-## Workflow
-
-```bash
-forge build
-sailor mandate prepare
-sailor ui
-```
-
-Keep all policy parameters constructor-configured so each deployment has a complete, reviewable
-policy before it is attached to the SMA.
+# Mandates
+
+Solidity permission contracts live here. Each contract implements `@sail/interfaces/IPermission.sol`.
+The SailKernel calls `evaluate(txData, ctx)` before any manager dispatch. Return `true` to permit,
+`false` to block.
+
+## Workflow
+
+```bash
+forge build
+sailor mandate prepare
+sailor ui
+```
+
+Keep all policy parameters constructor-configured so each deployment has a complete, reviewable
+policy before it is attached to the SMA.

package/templates/custom-mandate/mandates/SailCalldata.sol

@@ -0,0 +1,118 @@
+// SPDX-License-Identifier: MIT
+pragma solidity 0.8.26;
+
+// ─────────────────────────────────────────────────────────────────────────────
+// SailCalldata — safe static-parameter extraction for IPermission.evaluate()
+//
+// PROBLEM
+//   evaluate(bytes calldata txData, Context calldata ctx) receives raw ABI-
+//   encoded calldata. Extracting parameters by hand is the most dangerous part
+//   of permission writing:
+//     • Forgetting the length check before decoding → silent wrong value or
+//       revert instead of clean `return false`.
+//     • Wrong slot index → decoding the wrong parameter (type-checks, still wrong).
+//     • Truncation bugs when casting uint256 slots to address (padding bits).
+//
+// SOLUTION
+//   This library centralises the three operations into named helpers:
+//     1. hasParams()  — explicit length guard (call once, at the top of evaluate)
+//     2. asAddress()  — extract + mask to 20 bytes
+//     3. asUint256(), asInt256(), asBytes32(), asBool(), asUint128() — typed slots
+//
+//   All helpers are view/pure and add zero gas overhead beyond the slice itself.
+//
+// USAGE (replace abi.decode pattern)
+//
+//   // Before:
+//   if (txData.length < 4 + 3 * 32) return false;
+//   (address asset, uint256 amount, address onBehalfOf) =
+//       abi.decode(txData[4:], (address, uint256, address));
+//
+//   // After:
+//   if (!SailCalldata.hasParams(txData, 3)) return false;
+//   address  asset      = SailCalldata.asAddress(txData, 0);
+//   uint256  amount     = SailCalldata.asUint256(txData, 1);
+//   address  onBehalfOf = SailCalldata.asAddress(txData, 2);
+//
+// LIMITATIONS
+//   Only covers static (fixed-size) ABI types. Dynamic types (bytes, string,
+//   arrays) use pointer indirection — decode them with abi.decode(txData[4:], ...)
+//   after the hasParams() guard, or write a dedicated extractor.
+//
+// SLOT INDEXING
+//   Slots are 0-indexed from the first constructor parameter (after the 4-byte
+//   selector). Slot 0 = bytes [4..35], slot 1 = bytes [36..67], etc.
+// ─────────────────────────────────────────────────────────────────────────────
+
+library SailCalldata {
+    // ── Guards ────────────────────────────────────────────────────────────────
+
+    /// @notice Returns true when txData is long enough to hold `params` static
+    ///         32-byte ABI slots after the 4-byte selector.
+    /// @dev    Call this once at the top of evaluate() before any slot access.
+    ///         Returns false (not revert) so evaluate() can return false cleanly.
+    function hasParams(bytes calldata txData, uint256 params) internal pure returns (bool) {
+        return txData.length >= 4 + params * 32;
+    }
+
+    // ── Static-type extractors ────────────────────────────────────────────────
+    // All assume hasParams() has already been checked for the relevant slot.
+    // Accessing an out-of-bounds slot will cause the calldata slice to revert —
+    // always guard with hasParams() first.
+
+    /// @notice Extract an address from ABI slot `i` (0-indexed after selector).
+    ///         Masks to 20 bytes, discarding the ABI zero-padding in the upper 12.
+    function asAddress(bytes calldata txData, uint256 i) internal pure returns (address) {
+        return address(uint160(uint256(bytes32(txData[4 + i * 32 : 4 + (i + 1) * 32]))));
+    }
+
+    /// @notice Extract a uint256 from ABI slot `i`.
+    function asUint256(bytes calldata txData, uint256 i) internal pure returns (uint256) {
+        return uint256(bytes32(txData[4 + i * 32 : 4 + (i + 1) * 32]));
+    }
+
+    /// @notice Extract an int256 from ABI slot `i`.
+    function asInt256(bytes calldata txData, uint256 i) internal pure returns (int256) {
+        return int256(uint256(bytes32(txData[4 + i * 32 : 4 + (i + 1) * 32])));
+    }
+
+    /// @notice Extract a bytes32 from ABI slot `i`.
+    function asBytes32(bytes calldata txData, uint256 i) internal pure returns (bytes32) {
+        return bytes32(txData[4 + i * 32 : 4 + (i + 1) * 32]);
+    }
+
+    /// @notice Extract a bool from ABI slot `i` (true when slot value is non-zero).
+    function asBool(bytes calldata txData, uint256 i) internal pure returns (bool) {
+        return asUint256(txData, i) != 0;
+    }
+
+    /// @notice Extract a uint128 from ABI slot `i` (lower 128 bits of the slot).
+    function asUint128(bytes calldata txData, uint256 i) internal pure returns (uint128) {
+        return uint128(asUint256(txData, i));
+    }
+
+    /// @notice Extract a uint64 from ABI slot `i`.
+    function asUint64(bytes calldata txData, uint256 i) internal pure returns (uint64) {
+        return uint64(asUint256(txData, i));
+    }
+
+    /// @notice Extract a uint32 from ABI slot `i`.
+    function asUint32(bytes calldata txData, uint256 i) internal pure returns (uint32) {
+        return uint32(asUint256(txData, i));
+    }
+
+    /// @notice Extract a uint24 from ABI slot `i` (e.g. Uniswap fee tier).
+    function asUint24(bytes calldata txData, uint256 i) internal pure returns (uint24) {
+        return uint24(asUint256(txData, i));
+    }
+
+    /// @notice Extract a uint16 from ABI slot `i` (e.g. Aave referral code).
+    function asUint16(bytes calldata txData, uint256 i) internal pure returns (uint16) {
+        return uint16(asUint256(txData, i));
+    }
+
+    /// @notice Extract bytes4 (a function selector) from ABI slot `i`.
+    function asBytes4(bytes calldata txData, uint256 i) internal pure returns (bytes4) {
+        return bytes4(asBytes32(txData, i));
+    }
+}

package/templates/{dca-rebalancer → default}/.cursor/rules

@@ -1,25 +1,25 @@
-# Sail Agent Project
-
-You are an AI assistant helping the user set up and operate a Sail Protocol SMA (Separately Managed Account) using the Sailor toolkit.
-
-**Read `AGENTS.md` first.** It is the canonical guide — voice, stage-by-stage workflow, permission authoring, deployment, and automation.
-
-## Quick reference
-
-| File | Purpose |
-|------|---------|
-| `AGENTS.md` | Full operator guide — start here |
-| `.sail/config.json` | Project config (chain, contracts) |
-| `.sail/account.json` | Active SMA address |
-| `.sail/.env.local` | RPC URL and passphrase — never commit |
-| `.sail/keys/manager.json` | Encrypted agent key |
-| `.sail/activity.jsonl` | Agent decision journal |
-| `mandates/` | Solidity permission contracts |
-| `examples/permissions/` | Protocol-specific permission patterns |
-| `docs/PERMISSION_MODEL.md` | Conjunctive vs selective kernel deep-dive |
-
-## Rules
-- Work through AGENTS.md stages in order — never skip
-- Always ask before any action that costs gas or moves funds
-- The browser UI at localhost:3333 is required for mandate signing and monitoring
-- `SAIL_PASSPHRASE` unlocks the manager key headlessly for `sailor run`
+# Sail Agent Project
+
+You are an AI assistant helping the user set up and operate a Sail Protocol SMA (Separately Managed Account) using the Sailor toolkit.
+
+**Read `AGENTS.md` first.** It is the canonical guide — voice, stage-by-stage workflow, permission authoring, deployment, and automation.
+
+## Quick reference
+
+| File | Purpose |
+|------|---------|
+| `AGENTS.md` | Full operator guide — start here |
+| `.sail/config.json` | Project config (chain, contracts) |
+| `.sail/account.json` | Active SMA address |
+| `.sail/.env.local` | RPC URL and passphrase — never commit |
+| `.sail/keys/manager.json` | Encrypted agent key |
+| `.sail/activity.jsonl` | Agent decision journal |
+| `mandates/` | Solidity permission contracts |
+| `examples/permissions/` | Protocol-specific permission patterns |
+| `docs/PERMISSION_MODEL.md` | Conjunctive vs selective kernel deep-dive |
+
+## Rules
+- Work through AGENTS.md stages in order — never skip
+- Always ask before any action that costs gas or moves funds
+- The browser UI at localhost:3333 is required for mandate signing and monitoring
+- `SAIL_PASSPHRASE` unlocks the manager key headlessly for `sailor run`

package/templates/default/.env.example

@@ -0,0 +1,20 @@
+# Sailor agent environment
+#
+# RPC configuration — two patterns, pick one:
+#
+# Option A: single active chain (simplest)
+RPC_URL=https://your-rpc-endpoint
+CHAIN_ID=8453
+#
+# Option B: per-chain endpoints (multi-chain projects, or if you prefer explicit names)
+# Set CHAIN_ID to the chain sailor run uses; omit RPC_URL if all chains have a specific var.
+# CHAIN_ID=8453
+# BASE_RPC_URL=https://your-base-endpoint
+# ARBITRUM_RPC_URL=https://your-arbitrum-endpoint
+# UNICHAIN_RPC_URL=https://your-unichain-endpoint
+# ETH_MAINNET_RPC_URL=https://your-mainnet-endpoint
+# BASE_SEPOLIA_RPC_URL=https://your-base-sepolia-endpoint
+# SEPOLIA_RPC_URL=https://your-sepolia-endpoint
+
+# Optional: non-interactive passphrase (CI, GitHub Actions, launchd, systemd)
+# SAIL_PASSPHRASE=change-me-to-a-strong-passphrase

package/templates/{dca-rebalancer → default}/.github/workflows/agent-tick.yml

@@ -1,32 +1,33 @@
-name: Agent Tick
-
-on:
-  schedule:
-    # Every Monday at 09:00 UTC
-    - cron: "0 9 * * 1"
-  workflow_dispatch:
-
-jobs:
-  tick:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-
-      - uses: pnpm/action-setup@v4
-        with:
-          version: 9
-
-      - uses: actions/setup-node@v4
-        with:
-          node-version: 20
-          cache: "pnpm"
-
-      - name: Install dependencies
-        run: pnpm install --frozen-lockfile
-
-      - name: Run agent tick
-        env:
-          RPC_URL: ${{ secrets.RPC_URL }}
-          MANAGER_KEY: ${{ secrets.MANAGER_KEY }}
-          CHAIN_ID: ${{ vars.CHAIN_ID || '8453' }}
-        run: npx sailor run --once
+name: Agent Tick
+
+on:
+  schedule:
+    # Every Monday at 09:00 UTC
+    - cron: "0 9 * * 1"
+  workflow_dispatch:
+
+jobs:
+  tick:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: "npm"
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Copy keystore to expected path
+        run: |
+          mkdir -p .sail/keys
+          cp ci-keystore.json .sail/keys/manager.json
+
+      - name: Run agent tick
+        env:
+          RPC_URL: ${{ secrets.RPC_URL }}
+          SAIL_PASSPHRASE: ${{ secrets.SAIL_PASSPHRASE }}
+          CHAIN_ID: ${{ vars.CHAIN_ID || '8453' }}
+        run: npx sailor run --once

package/templates/{dca-rebalancer → default}/.sail/README.md

@@ -1,13 +1,13 @@
-# Sailor Project Workspace
-
-This folder is the local workspace for one Sailor agent deployment.
-
-## Layout
-
-- `config.json` is the project manifest: name, chain, and state location.
-- `keys/` stores encrypted local signing keys. Never commit these files.
-- `runtime/` is for local UI and signing handoff state.
-- `state/` is for persistent agent state, audit logs, and tx history.
-
-AI coding agents should read the project's `AGENTS.md` and this folder's `config.json`
-before changing strategy code or running commands that touch funds.
+# Sailor Project Workspace
+
+This folder is the local workspace for one Sailor agent deployment.
+
+## Layout
+
+- `config.json` is the project manifest: name, chain, and state location.
+- `keys/` stores encrypted local signing keys. Never commit these files.
+- `runtime/` is for local UI and signing handoff state.
+- `state/` is for persistent agent state, audit logs, and tx history.
+
+AI coding agents should read the project's `AGENTS.md` and this folder's `config.json`
+before changing strategy code or running commands that touch funds.

package/templates/{dca-rebalancer → default}/.sail/config.json

@@ -1,10 +1,10 @@
-{
-  "version": 1,
-  "name": "dca-rebalancer",
-  "chainId": 8453,
-  "stateDir": ".sail/state",
-  "contracts": {
-    "kernel": "",
-    "mandateFactory": ""
-  }
-}
+{
+  "version": 1,
+  "name": "sail-agent",
+  "chainId": null,
+  "stateDir": ".sail/state",
+  "contracts": {
+    "kernel": "",
+    "mandateFactory": ""
+  }
+}