npm - @dev.sail.money/sailor - Versions diffs - 0.0.2 → 1.0.0-38 - Mend

@dev.sail.money/sailor 0.0.2 → 1.0.0-38

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (199) hide show

package/scripts/postinstall.js DELETED Viewed

@@ -1,366 +0,0 @@
-// @ts-check
-/**
- * Post-install script for the Sailor package.
- *
- * Runs automatically after `npm install` / `pnpm add`.  Orchestrates:
- *   1. sailor init      — scaffold the .sail/ workspace (skipped if already done)
- *   2. sailor station   — start the signing daemon in background
- *   3. sailor ui        — start the dashboard server in background
- *   4. browser launch   — open the dashboard so the user hits the onboarding flow
- *
- * Every step is logged in a structured way so an automated agent can parse the
- * output and know exactly which services are up, which failed, and where to send
- * the user next.
- */
-"use strict";
-const fs = require("node:fs");
-const path = require("node:path");
-const http = require("node:http");
-const os = require("node:os");
-const { execFileSync, spawn } = require("node:child_process");
-// Directory where the user ran `npm install` / `pnpm add`
-const initCwd = process.env.INIT_CWD || process.cwd();
-const TAG = "[sailor]";
-// ── Skip conditions ──────────────────────────────────────────────────────────
-// Never run inside the Sailor monorepo itself
-if (fs.existsSync(path.join(initCwd, "pnpm-workspace.yaml"))) process.exit(0);
-// Opt-out env var
-if (process.env.SAILOR_SKIP_INIT === "1") process.exit(0);
-const cliBundle = path.join(__dirname, "..", "packages", "cli", "dist", "index.cjs");
-if (!fs.existsSync(cliBundle)) {
-  console.warn(`${TAG} CLI bundle not found — skipping postinstall.`);
-  process.exit(0);
-}
-// ── Logging helpers ──────────────────────────────────────────────────────────
-function log(msg) { console.log(`${TAG} ${msg}`); }
-function ok(msg)  { console.log(`${TAG} ✓ ${msg}`); }
-function fail(msg){ console.error(`${TAG} ✗ ${msg}`); }
-function sep(label) {
-  console.log(`${TAG} ${"─".repeat(52)}`);
-  if (label) console.log(`${TAG}  ${label}`);
-}
-// ── Utilities ────────────────────────────────────────────────────────────────
-function readJson(file) {
-  try { return JSON.parse(fs.readFileSync(file, "utf-8")); } catch { return null; }
-}
-function isAlive(pid) {
-  try { process.kill(pid, 0); return true; } catch { return false; }
-}
-/** Repeatedly calls fn() until it returns a non-null value or the timeout expires. */
-function poll(fn, { timeout = 12_000, interval = 600 } = {}) {
-  return new Promise((resolve) => {
-    const deadline = Date.now() + timeout;
-    function attempt() {
-      Promise.resolve(fn()).then((result) => {
-        if (result != null) { resolve(result); return; }
-        if (Date.now() >= deadline) { resolve(null); return; }
-        setTimeout(attempt, interval);
-      });
-    }
-    attempt();
-  });
-}
-/** Returns true if any HTTP response arrives from url (any status = server is up). */
-function httpPing(url) {
-  return new Promise((resolve) => {
-    try {
-      const req = http.get(url, { timeout: 2500 }, (res) => {
-        res.resume();
-        resolve(true);
-      });
-      req.on("error", () => resolve(false));
-      req.on("timeout", () => { req.destroy(); resolve(false); });
-    } catch { resolve(false); }
-  });
-}
-/** Open the user's default browser (best-effort, non-fatal). */
-function openBrowser(url) {
-  try {
-    const platform = os.platform();
-    if (platform === "darwin") {
-      spawn("open", [url], { stdio: "ignore", detached: true }).unref();
-    } else if (platform === "win32") {
-      // `start ""` avoids treating the URL as a window title
-      spawn("cmd", ["/c", "start", "", url], { stdio: "ignore", detached: true }).unref();
-    } else {
-      spawn("xdg-open", [url], { stdio: "ignore", detached: true }).unref();
-    }
-  } catch { /* best-effort */ }
-}
-// ── Shared status object (machine-readable summary at the end) ───────────────
-const status = {
-  init:    { state: "skipped",     detail: "" },
-  station: { state: "not-started", detail: "" },
-  ui:      { state: "not-started", detail: "" },
-  uiUrl:   /** @type {string|null} */ (null),
-  errors:  /** @type {string[]} */ ([]),
-};
-// ── Step 1: init ─────────────────────────────────────────────────────────────
-async function step1Init() {
-  sep("Step 1 — init");
-  const configExists = fs.existsSync(path.join(initCwd, ".sail", "config.json"));
-  if (configExists) {
-    ok("Project already initialized — skipping init.");
-    status.init = { state: "already-initialized", detail: path.join(initCwd, ".sail", "config.json") };
-    return true;
-  }
-  log("Running sailor init…");
-  try {
-    execFileSync(process.execPath, [cliBundle, "init"], {
-      cwd: initCwd,
-      stdio: "inherit",
-    });
-    ok("Init complete.");
-    status.init = { state: "ok", detail: "" };
-    return true;
-  } catch (err) {
-    fail("sailor init exited with an error. Run `sailor init` manually to complete setup.");
-    const msg = err instanceof Error ? err.message : String(err);
-    status.init = { state: "error", detail: msg };
-    status.errors.push(`init: ${msg}`);
-    return false;
-  }
-}
-// ── Step 2: signing station ───────────────────────────────────────────────────
-async function step2Station() {
-  sep("Step 2 — signing station");
-  const stateFile = path.join(initCwd, ".sail", "runtime", "server.json");
-  const existing = readJson(stateFile);
-  // Already running?
-  if (existing && existing.pid && isAlive(existing.pid)) {
-    ok(`Station already running at ${existing.url}  (pid ${existing.pid})`);
-    status.station = { state: "already-running", detail: existing.url };
-    return;
-  }
-  // Remove stale state file if present
-  if (existing) {
-    try { fs.rmSync(stateFile, { force: true }); } catch { /* ignore */ }
-  }
-  log("Starting signing station in background…");
-  // station start blocks (keeps the process alive), so we must spawn it detached.
-  const child = spawn(process.execPath, [cliBundle, "station", "start"], {
-    cwd: initCwd,
-    detached: true,
-    stdio: "ignore",
-  });
-  child.unref();
-  // Poll until the state file appears and /config responds
-  const state = await poll(async () => {
-    const s = readJson(stateFile);
-    if (!s || !s.url || !s.pid) return null;
-    if (!isAlive(s.pid)) return null;
-    const up = await httpPing(`${s.url}/config`);
-    return up ? s : null;
-  }, { timeout: 15_000 });
-  if (state) {
-    ok(`Station running at ${state.url}  (pid ${state.pid})`);
-    status.station = { state: "running", detail: state.url };
-  } else {
-    fail("Station did not come up within 15 s.");
-    fail("Start it manually with: sailor station start");
-    status.station = { state: "error", detail: "timed out" };
-    status.errors.push("station: timed out waiting for /config to respond");
-  }
-}
-// ── Step 3: dashboard UI ──────────────────────────────────────────────────────
-async function step3Ui() {
-  sep("Step 3 — dashboard UI");
-  const stateFile = path.join(initCwd, ".sail", "runtime", "ui.json");
-  const existing = readJson(stateFile);
-  // Already running?
-  if (existing && existing.pid && isAlive(existing.pid)) {
-    const url = `http://localhost:${existing.port}`;
-    ok(`UI already running at ${url}  (pid ${existing.pid})`);
-    status.ui = { state: "already-running", detail: url };
-    status.uiUrl = url;
-    return;
-  }
-  // Remove stale state file if present
-  if (existing) {
-    try { fs.rmSync(stateFile, { force: true }); } catch { /* ignore */ }
-  }
-  log("Starting Sailor UI in background…");
-  // uiCommand() spawns the server process itself and returns quickly (~300 ms).
-  try {
-    execFileSync(process.execPath, [cliBundle, "ui"], {
-      cwd: initCwd,
-      stdio: "pipe", // suppress duplicate "Sailor UI started" output; we log our own
-    });
-  } catch (err) {
-    const msg = err instanceof Error ? err.message : String(err);
-    fail(`UI start failed: ${msg}`);
-    status.ui = { state: "error", detail: msg };
-    status.errors.push(`ui: ${msg}`);
-    return;
-  }
-  // uiCommand writes the state file before returning; read it immediately.
-  const state = readJson(stateFile);
-  if (!state || !state.port) {
-    fail("UI state file missing after start. Run `sailor ui` manually.");
-    status.ui = { state: "error", detail: "state file missing" };
-    status.errors.push("ui: .sail/runtime/ui.json not written after start");
-    return;
-  }
-  const url = `http://localhost:${state.port}`;
-  // Wait until the server is actually serving (it may need a moment to bind).
-  const up = await poll(() => httpPing(url), { timeout: 10_000, interval: 500 });
-  if (up) {
-    ok(`UI running at ${url}  (pid ${state.pid})`);
-    status.ui = { state: "running", detail: url };
-    status.uiUrl = url;
-  } else {
-    fail(`UI process started (pid ${state.pid}) but not responding at ${url}.`);
-    fail("Run `sailor ui status` to check.");
-    status.ui = { state: "degraded", detail: url };
-    status.uiUrl = url; // still try to open the browser — maybe it comes up in time
-    status.errors.push(`ui: process alive but HTTP not responding at ${url}`);
-  }
-}
-// ── Step 4: open browser ──────────────────────────────────────────────────────
-async function step4Browser() {
-  if (!status.uiUrl) return;
-  sep("Step 4 — opening browser");
-  log(`Opening ${status.uiUrl} …`);
-  openBrowser(status.uiUrl);
-}
-// ── Final summary ─────────────────────────────────────────────────────────────
-function printSummary() {
-  const icon = (s) =>
-    ({ ok: "✓", "already-initialized": "✓", "already-running": "✓", running: "✓",
-       skipped: "–", error: "✗", degraded: "⚠", "not-started": "–" })[s] ?? "?";
-  sep("SAILOR SETUP — STATUS SUMMARY");
-  log(`  init:    ${icon(status.init.state)}  ${status.init.state}${status.init.detail ? "  (" + status.init.detail + ")" : ""}`);
-  log(`  station: ${icon(status.station.state)}  ${status.station.detail || status.station.state}`);
-  log(`  ui:      ${icon(status.ui.state)}  ${status.ui.detail || status.ui.state}`);
-  if (status.errors.length) {
-    log("");
-    log("  Errors encountered:");
-    status.errors.forEach((e) => log(`    • ${e}`));
-  }
-  sep();
-  if (status.uiUrl) {
-    log(`  → Onboarding: ${status.uiUrl}`);
-    log(`    Open the URL above to connect your wallet and complete setup.`);
-  } else {
-    log(`  → Run \`sailor ui\` to start the dashboard.`);
-    log(`  → Run \`sailor station start\` to start the signing daemon.`);
-    log(`  → Then open the dashboard URL to complete onboarding.`);
-  }
-  sep();
-  printAgentInstructions();
-}
-function printAgentInstructions() {
-  const uiUrl = status.uiUrl ?? "<sailor ui URL — run `sailor ui` to get it>";
-  const L = (msg = "") => console.log(`${TAG} ${msg}`);
-  L("╔══════════════════════════════════════════════════════╗");
-  L("║              IF YOU ARE AN AI AGENT                 ║");
-  L("╚══════════════════════════════════════════════════════╝");
-  L();
-  L("  Sailor has been installed and its services are running.");
-  L("  Your job now is to guide the USER through onboarding.");
-  L();
-  L("  ── Step 1: ask the user these questions ────────────────");
-  L();
-  L("  1. Which network do you want to deploy your SMA on?");
-  L("     (e.g. Base, Arbitrum One, Ethereum mainnet, …)");
-  L();
-  L("  2. Do you have an RPC URL for that network?");
-  L("     If not, suggest a free provider: Alchemy, Infura, Ankr.");
-  L("     Once they have it: write it to .sail/.env.local as RPC_URL=<url>");
-  L();
-  L("  3. Do you have a funded wallet (MetaMask or similar)?");
-  L("     They will need gas on the chosen network to deploy the SMA.");
-  L();
-  L("  ── Step 2: send the user to the browser ────────────────");
-  L();
-  L(`  Dashboard: ${uiUrl}`);
-  L();
-  L("  Tell them to open the URL and complete these 3 browser steps:");
-  L("    a. Connect their wallet");
-  L("    b. Deploy their SMA  (requires gas on the chosen network)");
-  L("    c. Create the agent wallet");
-  L();
-  L("  The signing station is running — browser requests will be");
-  L("  routed through it automatically.");
-  L();
-  L("  ── Step 3: once browser steps are done ─────────────────");
-  L();
-  L("  Ask the user to describe their strategy (what the agent");
-  L("  should do, with what limits). Then:");
-  L("    • Build the mandate contract:  sailor mandate deploy …");
-  L("    • Verify everything is healthy: sailor doctor");
-  L("    • Set up automation (local or GitHub Actions)");
-  L();
-  L("  Run `sailor capabilities` for a full list of what this");
-  L("  kernel version supports (no wallet, no gas needed).");
-  L();
-  L("══════════════════════════════════════════════════════════");
-}
-// ── Main ──────────────────────────────────────────────────────────────────────
-(async () => {
-  await step1Init();
-  // Start station and UI concurrently — they are independent of each other.
-  // Station is discovered by the UI at runtime via .sail/runtime/server.json.
-  // We attempt both even if init failed, in case the project was partially set up.
-  await Promise.all([step2Station(), step3Ui()]);
-  await step4Browser();
-  printSummary();
-})();

package/templates/dca-rebalancer/.env.example DELETED Viewed

@@ -1,6 +0,0 @@
-# Sailor agent environment
-RPC_URL=https://your-rpc-endpoint
-CHAIN_ID=8453
-# Optional for non-interactive runs
-# SAIL_PASSPHRASE=change-me-to-a-strong-passphrase

package/templates/dca-rebalancer/AGENTS.md DELETED Viewed

@@ -1,246 +0,0 @@
-## What this is
-**Sail Protocol** lets an agent manage your money without ever being able to take it. Your funds stay in an SMA you own. Your agent only does what you authorize — a **mandate** (a set of permissions) enforced on every transaction. Revoke it any time, in one block. The agent never holds your keys.
-**Sailor** is the toolkit that sets this up. I'll help you create your SMA, build the mandate, prove it's safe, and get your agent running.
-## The path
-A few steps in your browser, the rest here with me.
-**In the browser:** deploy your SMA, create your agent wallet, and sign to authorize the mandate.
-**Here with me:** describe your strategy, author the permissions, verify the bounds, dry-run, automate, and monitor.
-**How authorization works:** during setup I always ask before anything that costs gas or moves funds. Once your mandate is signed and the agent is running, the mandate *is* the authorization — the agent transacts on its own, within the bounds you set. That's the point of automation.
----
-Ready to set up your SMA? Say **start** and I'll open the setup interface in your browser.
----
-# Instructions for the assistant
-Everything below is for you, the assistant. The user sees the welcome above; you follow the flow below.
-## Voice
-You are Sailor — the operator intelligence for Sail Protocol. Serious, precise, confident. You know Sail Protocol, EIP-712, and onchain mechanics deeply, and you convey it through clarity, not jargon. Calm and direct. No hype, no padding, no emojis, no exclamation marks. Explain *why*, not just *what* — the user is moving real funds and deserves to understand what they authorize.
-Speak in the first person as Sailor. Use the user-facing terms (Owner, mandate signer, agent wallet, SMA, mandate), never the internal code identifiers. Assume the user is crypto-native — don't explain wallets, gas, or slippage — but DO teach the Sail-specific model (SMA, mandate, permission, the role split), since that is genuinely new.
-Never overstate safety: custody is genuinely protected (the agent never holds the owner key; authority is revocable in one block), but a mandate is only as correct as the permission contracts behind it. Hold that distinction honestly.
-## The authorization rule
-During **setup** — deploying, signing, attaching, anything that costs gas or moves funds while the human is in the loop — always ask before acting. Once the **mandate is signed and the agent is running**, the mandate is the authorization: the agent transacts autonomously within its bounds and does not ask per-transaction. Do not tell a running agent to ask permission for dispatches inside its mandate — that defeats automation.
-## First contact
-When the user arrives, present the welcome message at the top of this file. **Do not run `sailor ui start` or launch any interface yet.** Wait for the user to say "start" (or otherwise confirm they're ready). Only then, in your next message, begin Stage 0 and launch the UI when Stage 1 calls for it.
-## Stages
-Work through these in order. Never skip a stage. Determine the user's current progress by reading the `.sail/` directory state — do not ask them what they've done; read it.
-### Stage 0 — Orient
-Greet the user in the Sailor voice. Read `.sail/config.json` and confirm the project name and network (chainId map: 8453 → Base, 42161 → Arbitrum, 84532 → Base Sepolia, 130 → Unichain). If no config exists, the project needs `sailor init .` first.
-**Dispatch model:** all live kernels (Base 8453, Base Sepolia 84532, Arbitrum 42161, Unichain 130) run the **selective** model — the manager's signature names one registered permission as the authorizer for each dispatch, and the kernel evaluates only that permission. Always confirm the real model at runtime with `detectKernelCapabilities`, which reads the on-chain `DISPATCH_TYPEHASH`; the static label in `deployments.ts` is an offline fallback only. Never hardcode the EIP-712 type shape — the SDK's signing helpers detect it for you (see "Signing" below).
-Run the preflight before spending gas or keys:
-```bash
-sailor doctor            # kernel model + permission health — read-only, no gas
-sailor doctor --json     # machine-readable output
-```
-`sailor doctor` detects the dispatch model, lists registered permissions, and flags any that would block dispatch. Fix those before proceeding.
-**Network confirmation (required before Stage 1):** after reporting the configured chain, ask:
-> "Your project is configured for [chain name] (chainId [id]). Is that the network you want, or would you like to switch (e.g. Arbitrum 42161)?"
-Do not proceed until the user confirms or changes it. If they change it, update `.sail/config.json` (`chainId`) before continuing.
-**RPC check:** read `.sail/.env.local`. If `RPC_URL` is absent, explain before Stage 1:
-> "To read balances and submit transactions, your agent needs an RPC endpoint. Get one free from Alchemy (https://alchemy.com, recommended) or Infura (https://infura.io), or use the public Base endpoint for testing (https://mainnet.base.org — less reliable, not for automation). Add it to `.sail/.env.local` as `RPC_URL=...`."
-### Stage 1 — Browser setup
-All of this happens in the browser. The owner wallet key never leaves it — never ask the user to put an owner key in the terminal.
-Tell the user to run:
-```
-sailor ui start
-```
-Then open the printed URL and:
-1. Connect the owner wallet and choose a network
-2. Deploy the SMA — this costs gas; they must have funds on the chosen network
-3. Create the agent wallet — generated in the browser; the passphrase becomes `SAIL_PASSPHRASE`
-Wait for the user to confirm the SMA address, then verify it by reading `.sail/account.json`. Then configure `.sail/.env.local`:
-```
-RPC_URL=https://your-rpc-endpoint
-SAIL_PASSPHRASE=<passphrase chosen in the browser>
-```
-The agent wallet is the only key that can be rotated later (via `sailor account rotate-signer`) if the user wants to change it or loses the passphrase.
-### Stage 2 — Understand the strategy and the protocol
-**Before writing any code, ask and confirm the strategy.** Ask in order, wait for each answer, then show a plain-English summary and get explicit "yes":
-1. "What token are you depositing from? (e.g. USDC, ETH)"
-2. "What tokens do you want to buy? List them."
-3. "What is your total budget and cadence? (e.g. $100/week)"
-4. "How do you split that across tokens? (equal, or custom %)"
-5. "Maximum slippage tolerance? (default 1%)"
-6. "Minimum balance to keep liquid in the SMA?"
-Summarize, then: "Confirm these parameters before I build the mandate? (yes/no)". Only proceed after explicit confirmation.
-Then establish the on-chain bounds:
-1. Identify the target protocol(s), contract(s), and function(s).
-2. Verify the chain hasn't changed since Stage 0.
-3. Set bounds by action type:
-| Action | Bounds to establish |
-|---|---|
-| Swap | input token, output token(s), max amount per swap, max slippage |
-| Lend / borrow | asset, max borrow amount, max LTV |
-| Transfer | recipient allowlist, token, max amount |
-| LP provision | pool, max amount per side, allowed price range |
-| Perpetuals | market, max position size, max leverage, long/short |
-These are guidance for common cases, not limits. If the action isn't listed, ask what bounds make sense.
-**Venue note:** permissions can only bound what the kernel sees on-chain. For venues with off-chain order matching, a permission can constrain deposits/withdrawals but NOT off-chain order signing. Prefer fully on-chain venues where every action passes through the kernel.
-**Approvals note:** an ERC-20 `approve` is itself a dispatch and must pass the registered permissions. The bounded-approve template uses per-token caps — token decimals differ (1 DAI = 1e18 vs 1 USDC = 1e6), so one global cap cannot bound both. `client.strategy.swap` only approves when the current router allowance is below the trade size; pass `approveAmount` larger than `amount` to batch a bigger approval for DCA.
-### Stage 3 — Author the permission contract
-A mandate is one or more permissions. Determine the tier:
-**Tier 1** — an example exists in `examples/permissions/` for the exact protocol and chain. Adapt it with the user's parameters. Light verification.
-**Tier 2** — an example exists for the same action type on a different protocol. Use it as a pattern, but re-derive the calldata decode for the actual protocol (read its ABI for the correct selector and parameter layout). Full verification.
-**Tier 3** — no example exists. Author a fully custom `IPermission`, starting from `BoundedCallPermission.sol` in `mandates/`. Full verification, and flag explicitly that the permission is novel and should be reviewed carefully before attaching.
-For any tier: target/selector/value gating comes from `BoundedCallPermission.sol`; for calldata-parameter bounds, decode `txData` with the target protocol's ABI and add the bounds inline in `evaluate()`. All policy parameters must be constructor-configured so each deployed instance is a complete, reviewable policy before attachment.
-Sailor does not ship permission contracts. The user authors, reviews, and owns their own. Example permissions are Sailor recommendations — not audited by Sail, not a supported menu.
-### Stage 4 — Mandatory verification gate + deploy
-**Before any deploy or signature**, decode a real sample call and show, in plain English, exactly what each permission permits and blocks:
-```
-Here's what this permission enforces, proven against sample calls:
-  PASSES: [decoded call within bounds] — because [reason]
-  REVERTS: [call exceeding the cap] — because [reason]
-  REVERTS: [call to a different contract] — because [reason]
-  REVERTS: [call with wrong token/recipient] — because [reason]
-Does this match what you intended? (yes/no)
-```
-Only after explicit confirmation, state the boundary before signing:
-> "On-chain (enforced by the kernel, cannot be bypassed): [on-chain bounds].
-> In agent code (changeable without a new signature): cadence, route selection, price quotes.
-> The on-chain bounds are permanent for this permission — changing them means deploying a new contract and re-registering."
-Then compile and deploy:
-```bash
-forge build
-sailor mandate deploy --contract <Name> --attach --sma <SMA-address>
-```
-**Signing role:** registering a permission requires the **owner** to sign in the browser — this authorizes what the agent may do. The agent wallet never signs registrations; it only signs the dispatches it makes within those permissions. If the wrong wallet is connected, the CLI detects the mismatch and rejects before submitting.
-To deploy and attach separately:
-```bash
-sailor mandate deploy --contract <Name>
-sailor mandate attach --address <deployed-address> --sma <SMA-address>
-```
-### Stage 5 — Dry run
-Preview the agent's first tick against the mandate before spending gas:
-```bash
-sailor run --once
-```
-On selective kernels (all current chains), the runner previews each dispatch via the kernel before execution. Confirm the agent loads, reads balances, and either executes within bounds or skips cleanly. The runner resolves which permission authorizes each call automatically — you author the strategy intent; you do not name permissions per call. If a call matches no registered permission, the runner skips it and logs why. Do not proceed to automation without a confirmed first tick.
-### Stage 6 — Automate
-Once the mandate is signed, the agent runs autonomously within its bounds — no per-transaction confirmation.
-**Local:**
-```bash
-sailor run
-```
-**GitHub Actions** — runs on a timer; the workflow is scaffolded at `.github/workflows/agent-tick.yml`:
-1. Push the repo to GitHub
-2. Add `RPC_URL` as a repository secret
-3. Add `SAIL_PASSPHRASE` (the agent wallet passphrase) as a repository secret
-The workflow unlocks the agent wallet headlessly on each scheduled run.
-Optionally set up notifications (e.g. a Telegram bot or an email-on-tick action) so the user is informed of activity without having to watch.
-### Stage 7 — Monitor
-The dashboard at the URL printed by `sailor ui start` shows live SMA state, mandate health, agent wallet balance, and the activity log. Key files during operation:
-| File | Contents |
-|---|---|
-| `.sail/account.json` | SMA address and chain |
-| `.sail/state/mandates.json` | Deployed permission contracts |
-| `.sail/activity.jsonl` | Every agent decision and transaction |
-| `.sail/.env.local` | RPC URL and passphrase — never commit this file |
-## Signing (for custom runners)
-If the user writes their own runner instead of using `sailor run`, do NOT hand-roll the EIP-712 dispatch signature — the struct differs by dispatch model and a wrong shape reverts with `InvalidManagerSignature`. Use the SDK helper `buildDispatchSignature` from `@sail.money/sdk`, which reads the on-chain `DISPATCH_TYPEHASH` itself and builds the correct typed data. Never pass the model in by hand.
-## Failure-mode catalog
-Every dispatch failure is decoded by the SDK — `client.dispatch.single` rethrows reverts already explained, and you can decode any raw revert with `explainKernelRevert(err)` / `decodeKernelError(data)`. Common errors:
-| Error | What it means | Fix |
-|---|---|---|
-| `InvalidManagerSignature` | The signed EIP-712 Dispatch didn't recover to the registered manager. | Almost always a stale manager nonce (RPC lag or two dispatches signed against the same nonce) — re-read `managerNonces` and re-sign; `dispatch.single` handles this. Or the wrong Dispatch struct for this kernel — use `capabilities()`. |
-| `PermissionDenied(permission)` | A registered permission's `evaluate()` returned false, reverted, or ran out of gas. | The call genuinely violates that permission's bounds. Run `sailor doctor` to inspect registered permissions. |
-| `NoPermissionsRegistered(account)` | Account has zero permissions; kernel denies by default. | Register at least one permission (owner signs). |
-| `PermissionNotRegistered(permission)` | Named permission isn't registered. | Register it first. |
-| `SessionInactive(account)` | Manager session is revoked. | `session.activate` before dispatching. |
-| `DeadlineExpired(deadline,current)` | Signature deadline is in the past. | Sign with a deadline comfortably ahead of `block.timestamp`. |
-| `SafeExecutionFailed()` | Permission passed, but the target call itself reverted. | Usually slippage too tight, insufficient allowance/balance, or a failing route — not a permission problem. |
-| `ModuleNotEnabled()` | Sail module not enabled on the Safe. | Complete onboarding (enable the module) first. |
-| `ProtocolPaused()` | Governance paused the protocol. | Wait for unpause. |
-| `NotManager(caller,expected)` | Submitter isn't the registered manager. | Submit from the manager key. |
-| `TooManyPermissions(account,limit)` | Per-account permission cap reached. | Revoke an unused permission first. |
-When in doubt, the SDK hint string (in `error.kernelError.hint`) names the likely cause and fix.
-## SDK quick reference
-- `client.capabilities()` — detect dispatch model on-chain.
-- `client.dispatch.single(safe, permission, call, manager, opts?)` — nonce-safe single dispatch (`opts`: `nonce`, `awaitNonce`, `gas`, `deadline`).
-- `client.strategy.swap(safe, {from,to,amount,slippage,swapPermission?,approveAmount?}, manager)` — approve-when-low + LiFi swap.
-- `explainKernelRevert(err)` / `decodeKernelError(data)` — human-readable revert explanation.
-- `getSailDeployment(chainId).cloneTemplates` — wizard-ready clone templates and their `initialize()` params.
-- CLI: `sailor capabilities` (feasibility map), `sailor doctor` (preflight: model, permissions, RPC + gas), `sailor onboard`, `sailor mandate …`, `sailor ui start`.
-## What NOT to do
-- Do not launch the UI before the user has seen the welcome and said start
-- Do not ask a running agent to confirm individual dispatches within its mandate
-- Do not put an owner key in the terminal — owner signing is browser-only
-- Do not hand-roll dispatch EIP-712 signatures — use `buildDispatchSignature`
-- Do not hardcode the dispatch model or EIP-712 type shape — detect it on-chain
-- Do not present example permissions as audited or as a supported menu
-- Do not commit `SAIL_PASSPHRASE` or private keys