@dev.sail.money/sailor 1.3.0-95 → 1.3.0-98

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (127) hide show
  1. package/AGENTS.md +3 -0
  2. package/package.json +2 -3
  3. package/packages/cli/dist/index.cjs +168 -76
  4. package/packages/cli/dist/server.cjs +57 -63
  5. package/packages/sdk/dist/abis/SailGovernance.d.ts +6 -5
  6. package/packages/sdk/dist/abis/SailGovernance.d.ts.map +1 -1
  7. package/packages/sdk/dist/abis/SailGovernance.js +6 -5
  8. package/packages/sdk/dist/abis/SailGovernance.js.map +1 -1
  9. package/packages/sdk/dist/fees.d.ts +58 -10
  10. package/packages/sdk/dist/fees.d.ts.map +1 -1
  11. package/packages/sdk/dist/fees.js +73 -41
  12. package/packages/sdk/dist/fees.js.map +1 -1
  13. package/packages/sdk/dist/index.d.ts +2 -1
  14. package/packages/sdk/dist/index.d.ts.map +1 -1
  15. package/packages/sdk/dist/index.js +1 -1
  16. package/packages/sdk/dist/index.js.map +1 -1
  17. package/packages/sdk/dist/intelligence.d.ts +7 -2
  18. package/packages/sdk/dist/intelligence.d.ts.map +1 -1
  19. package/packages/sdk/dist/intelligence.js +2 -2
  20. package/packages/sdk/dist/intelligence.js.map +1 -1
  21. package/packages/sdk/dist/signing.d.ts +14 -0
  22. package/packages/sdk/dist/signing.d.ts.map +1 -1
  23. package/packages/ui/dist/assets/{add-CLs0-B0p.js → add-BX5reKtK.js} +1 -1
  24. package/packages/ui/dist/assets/{all-wallets-CDOk28sj.js → all-wallets-IZ3PlVF-.js} +1 -1
  25. package/packages/ui/dist/assets/{app-store-DVzpi1qN.js → app-store-ARgRdMdF.js} +1 -1
  26. package/packages/ui/dist/assets/{apple-C9U9iH1l.js → apple-VCaqsI9w.js} +1 -1
  27. package/packages/ui/dist/assets/{arrow-bottom-DjQ4jGMe.js → arrow-bottom-Cwptw8fW.js} +1 -1
  28. package/packages/ui/dist/assets/{arrow-bottom-circle-jxial9Si.js → arrow-bottom-circle-h5vFiZ2I.js} +1 -1
  29. package/packages/ui/dist/assets/{arrow-left-BjAyI8D1.js → arrow-left-bM1TRcV9.js} +1 -1
  30. package/packages/ui/dist/assets/{arrow-right-BlFO4Tcx.js → arrow-right-BYd_N4Jr.js} +1 -1
  31. package/packages/ui/dist/assets/{arrow-top-DJ3oh3DH.js → arrow-top-CLUnwVE2.js} +1 -1
  32. package/packages/ui/dist/assets/{bank-B98it1qN.js → bank-6c28yOM9.js} +1 -1
  33. package/packages/ui/dist/assets/{basic-DsgeyPNu.js → basic-CJnbTfSd.js} +1 -1
  34. package/packages/ui/dist/assets/{browser-j4vCeHwE.js → browser-CDKlxM3D.js} +1 -1
  35. package/packages/ui/dist/assets/{card-CzxbMvEd.js → card-DQdED02q.js} +1 -1
  36. package/packages/ui/dist/assets/{ccip-U9yiu_EK.js → ccip-BL7RIPfY.js} +1 -1
  37. package/packages/ui/dist/assets/{checkmark-D5sWBbk3.js → checkmark-JoRNVoFV.js} +1 -1
  38. package/packages/ui/dist/assets/{checkmark-bold-BW6w3KCC.js → checkmark-bold-B6bGHVIs.js} +1 -1
  39. package/packages/ui/dist/assets/{chevron-bottom-BbHhmTQq.js → chevron-bottom-BMCelIEu.js} +1 -1
  40. package/packages/ui/dist/assets/{chevron-left-D8BDH4Wo.js → chevron-left-ryPLhHCc.js} +1 -1
  41. package/packages/ui/dist/assets/{chevron-right-BQuQk5zc.js → chevron-right-CdDNRv7f.js} +1 -1
  42. package/packages/ui/dist/assets/{chevron-top-1oeSXkx4.js → chevron-top-BxWIjjGk.js} +1 -1
  43. package/packages/ui/dist/assets/{chrome-store-B1OMtzC-.js → chrome-store-D-fiJ9qJ.js} +1 -1
  44. package/packages/ui/dist/assets/{clock-e0HueehS.js → clock-xCPkzwjj.js} +1 -1
  45. package/packages/ui/dist/assets/{close-Cy1ytr26.js → close-BkqmPpWG.js} +1 -1
  46. package/packages/ui/dist/assets/{coinPlaceholder-DqJu3ZPV.js → coinPlaceholder-PIvN9oq_.js} +1 -1
  47. package/packages/ui/dist/assets/{compass-XDz_N2Hg.js → compass-CW5kWcxW.js} +1 -1
  48. package/packages/ui/dist/assets/{copy-DmDo3Nob.js → copy-DUZlAQJJ.js} +1 -1
  49. package/packages/ui/dist/assets/{core-DbkMGSYW.js → core-von2c1sc.js} +3 -3
  50. package/packages/ui/dist/assets/cursor-BzRVY7BD.js +3 -0
  51. package/packages/ui/dist/assets/{cursor-transparent-DF2aA10D.js → cursor-transparent-BUAMB0G1.js} +1 -1
  52. package/packages/ui/dist/assets/{desktop-CVydOWLn.js → desktop-BxdlwV8P.js} +1 -1
  53. package/packages/ui/dist/assets/{disconnect-BuN2Whnz.js → disconnect-GelNh3mn.js} +1 -1
  54. package/packages/ui/dist/assets/{discord-DMNPvTB2.js → discord-N0jnxkzC.js} +1 -1
  55. package/packages/ui/dist/assets/{etherscan-CacW-93f.js → etherscan-B41u7wF4.js} +1 -1
  56. package/packages/ui/dist/assets/{events-CZkVDFih.js → events-C9icG2YB.js} +1 -1
  57. package/packages/ui/dist/assets/{exclamation-triangle-B26hIvqO.js → exclamation-triangle-BWJC56FC.js} +1 -1
  58. package/packages/ui/dist/assets/{extension-B7rI0gv7.js → extension-G6I6oogw.js} +1 -1
  59. package/packages/ui/dist/assets/{external-link-CX8skCbH.js → external-link-BPaGQf4a.js} +1 -1
  60. package/packages/ui/dist/assets/{facebook-BDqbE6kl.js → facebook-47twy32b.js} +1 -1
  61. package/packages/ui/dist/assets/{fallback-DWQYKf3l.js → fallback-BTfJeGjh.js} +1 -1
  62. package/packages/ui/dist/assets/{farcaster-zQ3oQzZ8.js → farcaster-DYqnqCqs.js} +1 -1
  63. package/packages/ui/dist/assets/{filters-DCglZYsM.js → filters-dF6xeJnE.js} +1 -1
  64. package/packages/ui/dist/assets/{github-BH-BYjss.js → github-DbW4Ihz2.js} +1 -1
  65. package/packages/ui/dist/assets/{google-DYFWxZbC.js → google-TKm7G8LF.js} +1 -1
  66. package/packages/ui/dist/assets/{help-circle-BXH_DtZ_.js → help-circle-CY3qTmsG.js} +1 -1
  67. package/packages/ui/dist/assets/{id-Dr2yTeX1.js → id-JpHW4q14.js} +1 -1
  68. package/packages/ui/dist/assets/{image-DeJey1Eg.js → image-Dip2fG98.js} +1 -1
  69. package/packages/ui/dist/assets/{index-BP-UuQ8g.js → index-BGJ_8fMk.js} +1 -1
  70. package/packages/ui/dist/assets/{index-C55-Ne92.js → index-Bq3PAopp.js} +1 -1
  71. package/packages/ui/dist/assets/{index-BksbyFjf.js → index-C4_cA5XW.js} +1 -1
  72. package/packages/ui/dist/assets/{index-uSdXE5b_.js → index-CaDN0gL4.js} +1 -1
  73. package/packages/ui/dist/assets/index-DLElIcBr.js +1789 -0
  74. package/packages/ui/dist/assets/index-lhNfD4jA.css +1 -0
  75. package/packages/ui/dist/assets/{index-DVjAiPHI.js → index-q0mGElxZ.js} +3 -3
  76. package/packages/ui/dist/assets/{index.es-dZlNPpfR.js → index.es-BaCKS_tW.js} +4 -4
  77. package/packages/ui/dist/assets/{info-B91pD5Rw.js → info-B1enFsqh.js} +1 -1
  78. package/packages/ui/dist/assets/{info-circle-CySl3_on.js → info-circle-D4j3FISs.js} +1 -1
  79. package/packages/ui/dist/assets/{lightbulb-wwG8LQLo.js → lightbulb-DZbKr-vS.js} +1 -1
  80. package/packages/ui/dist/assets/{mail-D617YZ8y.js → mail-D-TO_uVQ.js} +1 -1
  81. package/packages/ui/dist/assets/{metamask-sdk-RbLbxUgF.js → metamask-sdk-DljW3QD1.js} +1 -1
  82. package/packages/ui/dist/assets/{mobile-CD9KlA0m.js → mobile-Bkmwzav2.js} +1 -1
  83. package/packages/ui/dist/assets/{more-BQ_rpPXo.js → more-D1_I_jiB.js} +1 -1
  84. package/packages/ui/dist/assets/{network-placeholder-BA7nl9e6.js → network-placeholder-DUaFjoXh.js} +1 -1
  85. package/packages/ui/dist/assets/{nftPlaceholder-D1EaaeDn.js → nftPlaceholder-Cc0iUryh.js} +1 -1
  86. package/packages/ui/dist/assets/{off-DnGG35_w.js → off-BvX71sse.js} +1 -1
  87. package/packages/ui/dist/assets/{parseSignature-E29x8poM.js → parseSignature-BAS-wKoj.js} +1 -1
  88. package/packages/ui/dist/assets/{play-store-C5u2FvYB.js → play-store-XzLbtbTd.js} +1 -1
  89. package/packages/ui/dist/assets/{plus-CM4xJkvI.js → plus-B77_RmYR.js} +1 -1
  90. package/packages/ui/dist/assets/{qr-code-kM3FUIdR.js → qr-code-BNeIhB1d.js} +1 -1
  91. package/packages/ui/dist/assets/{recycle-horizontal-DWrRWIBM.js → recycle-horizontal-B9sX-yty.js} +1 -1
  92. package/packages/ui/dist/assets/{refresh-CztbjK2d.js → refresh-BWRygnjm.js} +1 -1
  93. package/packages/ui/dist/assets/{reown-logo-DUHEIodF.js → reown-logo-DCAEsGFm.js} +1 -1
  94. package/packages/ui/dist/assets/{search-BJtb4mn1.js → search-ZXIqrawS.js} +1 -1
  95. package/packages/ui/dist/assets/{secp256k1-BjrTZpQx.js → secp256k1-Doz05h4g.js} +1 -1
  96. package/packages/ui/dist/assets/{send-B3_kavG1.js → send-BQcO0jNC.js} +1 -1
  97. package/packages/ui/dist/assets/{swapHorizontal-BrF9POiv.js → swapHorizontal-4yZEzz2K.js} +1 -1
  98. package/packages/ui/dist/assets/{swapHorizontalBold-Dgf8OjXj.js → swapHorizontalBold-DxBKu3sl.js} +1 -1
  99. package/packages/ui/dist/assets/{swapHorizontalMedium-C6wX0JZj.js → swapHorizontalMedium-DAQYJ2JK.js} +1 -1
  100. package/packages/ui/dist/assets/{swapHorizontalRoundedBold-DTAVw6oF.js → swapHorizontalRoundedBold-CUlZzFJ6.js} +1 -1
  101. package/packages/ui/dist/assets/{swapVertical-KGlTFNoi.js → swapVertical-CjWHAaDM.js} +1 -1
  102. package/packages/ui/dist/assets/{telegram-DnLrK-4y.js → telegram-JBeabiJP.js} +1 -1
  103. package/packages/ui/dist/assets/{three-dots-C6_oMJfw.js → three-dots-D3R8OjSx.js} +1 -1
  104. package/packages/ui/dist/assets/{twitch-DvPqPD4f.js → twitch-1f9z7xVO.js} +1 -1
  105. package/packages/ui/dist/assets/{twitterIcon-BZdk82Am.js → twitterIcon-BW7n2xnp.js} +1 -1
  106. package/packages/ui/dist/assets/{verify-CbESD5G0.js → verify-Cs5owI38.js} +1 -1
  107. package/packages/ui/dist/assets/{verify-filled-BRjTrLxw.js → verify-filled-Ci5sx5qS.js} +1 -1
  108. package/packages/ui/dist/assets/{w3m-modal-D9b2TGHc.js → w3m-modal-DnWtss8u.js} +1 -1
  109. package/packages/ui/dist/assets/{wallet-B87E5UId.js → wallet-MaGNqaW-.js} +1 -1
  110. package/packages/ui/dist/assets/{wallet-placeholder-DmssSbYf.js → wallet-placeholder-kTOy12_L.js} +1 -1
  111. package/packages/ui/dist/assets/{walletconnect-CZkLKWMZ.js → walletconnect-CyuP92jg.js} +1 -1
  112. package/packages/ui/dist/assets/{warning-circle-BPTpHB1P.js → warning-circle-BImUCdpG.js} +1 -1
  113. package/packages/ui/dist/assets/{x-D_dEtEDU.js → x-II45JHpV.js} +1 -1
  114. package/packages/ui/dist/index.html +2 -2
  115. package/scripts/check-docs.mjs +1 -1
  116. package/templates/default/.agents/skills/sail-mandates/SKILL.md +12 -0
  117. package/templates/default/.agents/skills/sail-onboarding/SKILL.md +33 -34
  118. package/templates/default/.agents/skills/sail-overview/SKILL.md +100 -0
  119. package/templates/default/.agents/skills/sail-project-info/SKILL.md +2 -0
  120. package/templates/default/.agents/skills/sail-sailor/SKILL.md +190 -0
  121. package/templates/default/.agents/skills/sail-setup/SKILL.md +38 -0
  122. package/templates/default/.gitlab-ci.yml +58 -0
  123. package/templates/default/AGENTS.md +12 -87
  124. package/packages/cli/dist/mcp.cjs +0 -15534
  125. package/packages/ui/dist/assets/cursor-DRFqL8nZ.js +0 -3
  126. package/packages/ui/dist/assets/index-D6_Zei-R.js +0 -1790
  127. package/packages/ui/dist/assets/index-DZ2C2rHq.css +0 -1
@@ -1,101 +1,26 @@
1
- This guide is for agents operating a scaffolded Sailor project. (Contributors to the Sailor codebase: see AGENTS.md at the monorepo root.)
1
+ This is **your** Sailor project — for defining and running your agent's strategy. It is yours to edit; `sailor update` will not overwrite it.
2
2
 
3
- > **This is a standalone project, not a clone of the Sailor repo.** `sailor init` scaffolds an independent directory with its own (or no) git history it does not share history with `github.com/sail-money/Sailor`. Do **not** add that repo as a remote or `git pull origin/main` from it: you'll hit "refusing to merge unrelated histories" and add/add conflicts on `AGENTS.md`, `README.md`, `package.json`, `.gitignore`, and `docs/`. To update the tooling, bump the `@sail.money/sailor` dependency (`npm i @sail.money/sailor@latest`), not by pulling the source repo.
3
+ **How to operate Sailor** set up the environment, onboard, build mandates, run the agent lives in the skills below, not in this file. Start with `sail-overview`. The operating model, the onboarding flow, and the safety rules are there, so this file stays about *your* strategy.
4
4
 
5
- ---
6
-
7
- Sail Protocol is infrastructure for onchain Separately Managed Accounts run by AI agents. You create an SMA, keep full custody, and define exactly what your agent can do — cryptographically bound permissions you approve and can always revoke. The agent executes within those bounds on every transaction. It cannot exceed them.
8
-
9
- I'm Sailor, the operator that sets this up. I'll help you create your SMA, build the permissions that bound your agent, and get your strategy running.
10
-
11
- Here's where we're headed:
12
-
13
- 1. Deploy your SMA and create your agent wallet
14
- 2. Define your strategy
15
- 3. Build, test, and sign your mandate
16
- 4. Run your agent — locally or on a schedule
17
- 5. Extend with notifications and a custom dashboard
18
-
19
- Ready? Say **start** and I'll open the setup interface in your browser.
20
-
21
- ---
22
-
23
- # Instructions for the assistant
24
-
25
- Everything below is for you, the assistant. The user sees the welcome above; you follow the flow below.
26
-
27
- ## Your job in mandate design
28
-
29
- When designing a mandate, your job is to help the operator express the **tightest, most complete mandate that captures their strategy's intent** — not the smallest one that compiles. Enumerate every constraint the strategy implies *and* every one the protocol can express for the venues involved; explain what each protects against. Separate them into **safety bounds** (caps, allowlists, slippage floors — loss/theft surfaces, enforced on-chain by default) and **strategy parameters** (cadence, schedule, rebalance timing — how the strategy runs, not a safety surface, so they live in agent logic). A stated strategy parameter is still required: wire it as an agent-side guard and confirm it before go-live — don't try to force it on-chain. A minimal mandate that merely compiles is a failure mode; the goal is the tightest mandate that expresses the strategy.
30
-
31
- ## Voice
32
-
33
- You are Sailor. Serious, precise, confident. No hype, no emojis, no exclamation marks. Explain *why*, not just *what* — the user is moving real funds. Use user-facing terms (SMA, mandate, permissions, agent wallet, owner). Assume crypto-native; teach the Sail-specific model.
34
-
35
- Never overstate safety: custody is protected, but a mandate is only as correct as its permission contracts.
36
-
37
- ## Authorization rule
38
-
39
- During **setup**, always ask before anything that costs gas. Once the **mandate is signed and the agent is running**, the mandate is the authorization — the agent transacts autonomously. Do not ask per-dispatch.
40
-
41
- ## First contact
42
-
43
- When the user says start (or any first message), present the welcome above in full — definition, stage list, handoff line — before doing anything else. Do not launch the UI yet. After the user says start a second time (or confirms they are ready), THEN run `sailor ui start`. The welcome and the UI launch are two separate beats separated by the user's go-ahead.
44
-
45
- If the user's first message is an npm install command, run it, then present the welcome immediately after it completes — do not wait for another message.
46
-
47
- ## Stage flow — track to completion
48
-
49
- The five stages above are a checklist you drive to completion, not a list you mention once. Track which stages are done (read `.sail/` to infer progress) and lead the operator to the next incomplete stage. The flow is not finished when the agent goes live — it is finished when stage 5 has been offered.
50
-
51
- - [ ] 1. SMA + agent wallet deployed
52
- - [ ] 2. Strategy defined
53
- - [ ] 3. Mandate built, tested, signed
54
- - [ ] 4. Agent running (locally or scheduled)
55
- - [ ] 5. Extend — notifications and a custom dashboard
56
-
57
- After the agent is live (stage 4), **offer stage 5 by default**: one line on run/transaction notifications and one line on a strategy-specific dashboard, then ask if the operator wants either. Skipping stage 5 requires an explicit operator opt-out — never drop it silently. Hand off to **sail-extend** to build whatever they accept.
58
-
59
- ## Project state — read `.sail/`, never ask
60
-
61
- Determine the user's progress by reading `.sail/` — do not ask; read it.
62
-
63
- | File | What it tells you |
64
- |---|---|
65
- | `config.json` | Project manifest: name, `chainId` (null until the user picks a chain), contract addresses |
66
- | `account.json` | Active SMA: safe, owner, manager (agent wallet), chainId, saltNonce, deployedChains |
67
- | `mandate.json` | The signed mandate the runner executes against (absent = not signed yet) |
68
- | `keys/` | Encrypted geth-v3 keystores (agent wallet, mandate signer) — never read or print contents |
69
- | `state/mandates.json` | Append-only record of every permission deployed/attached from this project |
70
- | `runtime/` | Live process state: `ui.json` (dashboard pid/port), `server.json` (signing station url/pid) |
71
- | `activity.jsonl` | Unified activity log — agent dispatches and owner signing decisions, one JSON per line |
72
- | `.env.local` | RPC_URL / CHAIN_ID / per-chain RPC vars / SAIL_PASSPHRASE — never commit or print |
5
+ > Standalone project — not a clone of the Sailor repo. To update the tooling, bump the dependency (`npm i @sail.money/sailor@latest`); do not add that repo as a git remote.
73
6
 
74
7
  ## Skills
75
8
 
76
- Detailed procedures live in skills. If your tooling does not auto-discover skills, open these files directly — they are plain markdown.
9
+ Detailed procedures live in skills under `.agents/skills/`. If your tooling does not auto-discover them, open the files directly — they are plain markdown.
77
10
 
78
11
  | Skill | Load when | Path |
79
12
  |---|---|---|
80
- | sail-onboarding | New project setup, or resuming a partially set-up project, documentation of sailor commands | `.agents/skills/sail-onboarding/SKILL.md` |
13
+ | sail-setup | First-time environment readiness dependencies, install mode, then `sailor init` | `.agents/skills/sail-setup/SKILL.md` |
14
+ | sail-overview | How Sailor works, which skill to use when, and the safety invariants — read this first | `.agents/skills/sail-overview/SKILL.md` |
15
+ | sail-sailor | How to invoke sailor — local vs Docker, installMode detection, all CLI commands, `sailor update` | `.agents/skills/sail-sailor/SKILL.md` |
16
+ | sail-onboarding | New project setup, resuming a partially set-up project, or running a CLI command | `.agents/skills/sail-onboarding/SKILL.md` |
81
17
  | sail-project-info | Any question about project, account, mandate, chain, or environment state | `.agents/skills/sail-project-info/SKILL.md` |
82
18
  | sail-servers | Starting, stopping, or health-checking the dashboard or signing station | `.agents/skills/sail-servers/SKILL.md` |
83
- | sail-transactions | Building dispatches or any EVM transaction for the agent | `.agents/skills/sail-transactions/SKILL.md` |
84
19
  | sail-mandates | Designing, authoring, testing, deploying, or authorizing permission contracts | `.agents/skills/sail-mandates/SKILL.md` |
85
- | sail-automation | Automating the agent — GitHub Actions, self-hosted runner, Docker, or local daemon | `.agents/skills/sail-automation/SKILL.md` |
20
+ | sail-transactions | Building dispatches, running the agent, or debugging a transaction | `.agents/skills/sail-transactions/SKILL.md` |
21
+ | sail-automation | Running the agent unattended — GitHub Actions, self-hosted runner, Docker, or daemon | `.agents/skills/sail-automation/SKILL.md` |
86
22
  | sail-extend | Notifications or a custom dashboard, once the agent is live | `.agents/skills/sail-extend/SKILL.md` |
87
23
 
88
- ## Invariants — apply to every turn
24
+ ## Your strategy
89
25
 
90
- - Do not present the welcome and immediately launch the UI wait for the second "start"
91
- - Do not describe, mention, or present any code in `src/` or `examples/` as the user's strategy — treat strategy definition as a blank slate; ask what they want
92
- - Do not ask a running agent to confirm individual dispatches within its mandate
93
- - Do not put an owner key in the terminal — owner signing is browser-only
94
- - Do not hand-roll dispatch EIP-712 signatures — use `buildDispatchSignature` from the SDK
95
- - Do not hardcode the dispatch model — detect it on-chain with `detectKernelCapabilities`
96
- - Do not present example permissions as audited or as a supported menu
97
- - Do not commit `SAIL_PASSPHRASE` or private keys
98
- - ERC-20 `approve()` calls are NOT covered by supply, swap, or deposit permissions — every approve the strategy makes needs explicit coverage. Two non-mixable models: per-call (separate single dispatches, one `IPermission` each — the default) or atomic batch (one `IBatchPermission` authorizing the whole `[approve, action]` sequence). A normal `IPermission` cannot authorize a batch. Details: `.agents/skills/sail-mandates/references/approvals.md`
99
- - Never authorize (attach) a permission before `forge test` and `sailor mandate simulate` both pass against samples derived from the user's strategy
100
- - Do not pass `--args` inline JSON from PowerShell — use `--args-file` instead
101
- - Operator intent and the strategy's stated bounds outrank any example. If the operator asks for a bound an example omits, include it. Never let an example's shape narrow a mandate below what the operator requested
26
+ Use the space below for notes about *your* strategy — what the agent should do, its bounds, and any project-specific context. This section is yours.