npm - @dfm-fi/agent - Versions diffs - 0.2.0 - Mend

@dfm-fi/agent 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (59) hide show

package/README.md +326 -0
package/dist/api-client.d.ts +137 -0
package/dist/api-client.d.ts.map +1 -0
package/dist/api-client.js +215 -0
package/dist/api-client.js.map +1 -0
package/dist/config.d.ts +56 -0
package/dist/config.d.ts.map +1 -0
package/dist/config.js +55 -0
package/dist/config.js.map +1 -0
package/dist/create-flow.d.ts +62 -0
package/dist/create-flow.d.ts.map +1 -0
package/dist/create-flow.js +88 -0
package/dist/create-flow.js.map +1 -0
package/dist/examples/deposit-redeem-loop.d.ts +2 -0
package/dist/examples/deposit-redeem-loop.d.ts.map +1 -0
package/dist/examples/deposit-redeem-loop.js +67 -0
package/dist/examples/deposit-redeem-loop.js.map +1 -0
package/dist/examples/launch-deposit-redeem.d.ts +2 -0
package/dist/examples/launch-deposit-redeem.d.ts.map +1 -0
package/dist/examples/launch-deposit-redeem.js +166 -0
package/dist/examples/launch-deposit-redeem.js.map +1 -0
package/dist/examples/list-and-status.d.ts +2 -0
package/dist/examples/list-and-status.d.ts.map +1 -0
package/dist/examples/list-and-status.js +67 -0
package/dist/examples/list-and-status.js.map +1 -0
package/dist/manager-flow.d.ts +73 -0
package/dist/manager-flow.d.ts.map +1 -0
package/dist/manager-flow.js +110 -0
package/dist/manager-flow.js.map +1 -0
package/dist/mcp-server.d.ts +3 -0
package/dist/mcp-server.d.ts.map +1 -0
package/dist/mcp-server.js +529 -0
package/dist/mcp-server.js.map +1 -0
package/dist/recovery-flow.d.ts +81 -0
package/dist/recovery-flow.d.ts.map +1 -0
package/dist/recovery-flow.js +123 -0
package/dist/recovery-flow.js.map +1 -0
package/dist/session.d.ts +52 -0
package/dist/session.d.ts.map +1 -0
package/dist/session.js +107 -0
package/dist/session.js.map +1 -0
package/dist/signing.d.ts +30 -0
package/dist/signing.d.ts.map +1 -0
package/dist/signing.js +129 -0
package/dist/signing.js.map +1 -0
package/dist/submit.d.ts +31 -0
package/dist/submit.d.ts.map +1 -0
package/dist/submit.js +165 -0
package/dist/submit.js.map +1 -0
package/dist/types.d.ts +191 -0
package/dist/types.d.ts.map +1 -0
package/dist/types.js +16 -0
package/dist/types.js.map +1 -0
package/dist/zap-v2-flow.d.ts +76 -0
package/dist/zap-v2-flow.d.ts.map +1 -0
package/dist/zap-v2-flow.js +176 -0
package/dist/zap-v2-flow.js.map +1 -0
package/package.json +60 -0
package/skills.md +153 -0

package/dist/api-client.js ADDED Viewed

@@ -0,0 +1,215 @@
+const BASE58_RE = /^[1-9A-HJ-NP-Za-km-z]{32,44}$/;
+function requireBase58(addr, label) {
+    if (!BASE58_RE.test(addr)) {
+        throw new Error(`Invalid base58 ${label}: ${addr}`);
+    }
+}
+export class DfmApiClient {
+    session;
+    baseUrl;
+    constructor(config, session) {
+        this.session = session;
+        this.baseUrl = config.apiUrl;
+    }
+    // ─── low-level request helpers ─────────────────────────────────────────
+    async publicRequest(path, init) {
+        const res = await fetch(`${this.baseUrl}${path}`, {
+            ...init,
+            headers: { 'Content-Type': 'application/json', ...(init?.headers ?? {}) },
+        });
+        if (!res.ok) {
+            const body = await res.text().catch(() => '');
+            throw new Error(`DFM API ${res.status} on ${path}: ${body.slice(0, 400)}`);
+        }
+        return (await res.json());
+    }
+    async authRequest(path, init) {
+        const send = async (token) => fetch(`${this.baseUrl}${path}`, {
+            ...init,
+            headers: {
+                'Content-Type': 'application/json',
+                Authorization: `Bearer ${token}`,
+                ...(init?.headers ?? {}),
+            },
+        });
+        let token = await this.session.getAccessToken();
+        let res = await send(token);
+        // One transparent re-auth on token expiry/rotation.
+        if (res.status === 401) {
+            token = await this.session.getAccessToken(true);
+            res = await send(token);
+        }
+        if (!res.ok) {
+            const body = await res.text().catch(() => '');
+            throw new Error(`DFM API ${res.status} on ${path}: ${body.slice(0, 400)}`);
+        }
+        // 204 No Content → undefined
+        if (res.status === 204)
+            return undefined;
+        return (await res.json());
+    }
+    // ─── READ (safe) ───────────────────────────────────────────────────────
+    /** `GET /vaults` (public). Supports the API's documented query params. */
+    async listVaults(params) {
+        const q = new URLSearchParams();
+        if (params?.category)
+            q.set('category', params.category);
+        if (params?.dtfType)
+            q.set('dtfType', params.dtfType);
+        if (params?.status)
+            q.set('status', params.status);
+        if (params?.sortBy)
+            q.set('sortBy', params.sortBy);
+        if (params?.page)
+            q.set('page', String(params.page));
+        if (params?.limit)
+            q.set('limit', String(params.limit));
+        const qs = q.toString();
+        return this.publicRequest(`/vaults${qs ? `?${qs}` : ''}`);
+    }
+    /** `GET /vaults/:address` (public) — wraps the doc under `{ vault, ... }`. */
+    async getVault(address) {
+        requireBase58(address, 'vault address');
+        return this.publicRequest(`/vaults/${address}`);
+    }
+    /** `GET /access/status?wallet=` (public) — closed-alpha gate decision. */
+    async getAccessStatus(wallet) {
+        requireBase58(wallet, 'wallet');
+        return this.publicRequest(`/access/status?wallet=${wallet}`);
+    }
+    /**
+     * `GET /vaults/:address/zap-v2/status/:user` (auth) — decoded ZapEscrowV2 or
+     * null. The session wallet must equal `user` (or be the vault admin), else 403.
+     * Returns `null` when the user has no open escrow.
+     */
+    async getZapV2Status(vaultAddress, user) {
+        requireBase58(vaultAddress, 'vault address');
+        requireBase58(user, 'user wallet');
+        return this.authRequest(`/vaults/${vaultAddress}/zap-v2/status/${user}`);
+    }
+    /**
+     * `GET /portfolio` (auth) — the API reads the wallet from the JWT; there is NO
+     * portfolio-by-arbitrary-address endpoint. So this returns the SESSION
+     * wallet's positions. (To inspect another wallet you'd need that wallet's
+     * keypair / session.)
+     */
+    async getPortfolioPositions() {
+        return this.authRequest('/portfolio');
+    }
+    /** `GET /portfolio/summary` (auth) — total value + PnL for the session wallet. */
+    async getPortfolioSummary() {
+        return this.authRequest('/portfolio/summary');
+    }
+    // ─── WRITE (zap-v2 prepare endpoints) ──────────────────────────────────
+    // These return UNSIGNED transactions. They do not move funds by themselves —
+    // the agent must sign locally + submit. The MCP write tools gate these behind
+    // DFM_AGENT_WRITE_ENABLED. The prepare calls themselves are auth-gated and
+    // rate-limited (tx_prepare tier) server-side.
+    // REVIEW: real-money path — parent must review before enabling.
+    /** `POST /vaults/:address/zap-in-v2/open/prepare` — pull USDC, pin plan. */
+    async prepareZapInOpenV2(vaultAddress, usdcAmountRaw, opts) {
+        requireBase58(vaultAddress, 'vault address');
+        return this.authRequest(`/vaults/${vaultAddress}/zap-in-v2/open/prepare`, { method: 'POST', body: JSON.stringify({ usdcAmount: usdcAmountRaw, ...opts }) });
+    }
+    /** `POST /vaults/:address/zap-in-v2/close/prepare` — CPI mint_in_kind_v2. */
+    async prepareZapInCloseV2(vaultAddress) {
+        requireBase58(vaultAddress, 'vault address');
+        return this.authRequest(`/vaults/${vaultAddress}/zap-in-v2/close/prepare`, { method: 'POST', body: JSON.stringify({}) });
+    }
+    /** `POST /vaults/:address/zap-out-v2/open/prepare` — burn shares → escrow. */
+    async prepareZapOutOpenV2(vaultAddress, sharesRaw, opts) {
+        requireBase58(vaultAddress, 'vault address');
+        return this.authRequest(`/vaults/${vaultAddress}/zap-out-v2/open/prepare`, { method: 'POST', body: JSON.stringify({ shares: sharesRaw, ...opts }) });
+    }
+    /** `POST /vaults/:address/zap-out-v2/close/prepare` — exit fee, pay net USDC. */
+    async prepareZapOutCloseV2(vaultAddress) {
+        requireBase58(vaultAddress, 'vault address');
+        return this.authRequest(`/vaults/${vaultAddress}/zap-out-v2/close/prepare`, { method: 'POST', body: JSON.stringify({}) });
+    }
+    /**
+     * `POST /vaults/:address/zap-v2/cancel/prepare` — return the escrow's current
+     * USDC + per-asset balances to the test wallet as-is (no swaps, no oracle),
+     * then close it. 404 server-side when no escrow is open. Single v0 tx.
+     */
+    async prepareZapCancelV2(vaultAddress) {
+        requireBase58(vaultAddress, 'vault address');
+        return this.authRequest(`/vaults/${vaultAddress}/zap-v2/cancel/prepare`, { method: 'POST', body: JSON.stringify({}) });
+    }
+    /**
+     * `POST /vaults/:address/zap-v2/update-envelope/prepare` — LOOSEN the pinned
+     * per-leg floors + slippage (and optionally extend expiry) so a stalled escrow
+     * can complete. Monotonic loosening is enforced on-chain; the API rejects any
+     * non-positive `newMinOuts`. Single v0 tx.
+     */
+    async prepareUpdateEnvelopeV2(vaultAddress, body) {
+        requireBase58(vaultAddress, 'vault address');
+        return this.authRequest(`/vaults/${vaultAddress}/zap-v2/update-envelope/prepare`, { method: 'POST', body: JSON.stringify(body) });
+    }
+    // ─── WRITE (create / launch a DTF) ─────────────────────────────────────
+    // The create flow is prepare → sign locally → submit → confirm. Mirrors the
+    // zap-v2 write gating (DFM_AGENT_WRITE_ENABLED). The prepare is auth-gated +
+    // rate-limited (tx_prepare tier) server-side; the authed JWT wallet is the
+    // vault creator/admin (body-supplied wallet is ignored by the API).
+    // REVIEW: real-money path — parent must review before enabling.
+    /**
+     * `POST /vaults/create/prepare` — build the on-chain `create_vault` tx. The
+     * creator is the SESSION wallet (from the JWT), not a body field. Returns a
+     * single unsigned v0 tx + the `vaultAddress` PDA + a server-built ALT.
+     */
+    async prepareCreateVault(params) {
+        return this.authRequest('/vaults/create/prepare', {
+            method: 'POST',
+            body: JSON.stringify(params),
+        });
+    }
+    /**
+     * `POST /vaults/create/confirm` — record the vault doc after the create tx
+     * confirms. Only `signature` + `vaultAddress` are authoritative; the API reads
+     * the economic params back from its prepare-cache (so they can't be tampered
+     * post-prepare). MUST be called inside the cache TTL (~15 min).
+     */
+    async confirmCreateVault(signature, vaultAddress) {
+        requireBase58(vaultAddress, 'vault address');
+        return this.authRequest('/vaults/create/confirm', {
+            method: 'POST',
+            body: JSON.stringify({ signature, vaultAddress }),
+        });
+    }
+    // ─── WRITE (vault MANAGER actions: rebalance / fees / transfer-admin) ───
+    // Each requires the signed-in wallet to be the vault ADMIN (API-enforced).
+    // Same prepare → sign → submit pattern. REVIEW: control path — parent reviews.
+    /**
+     * `POST /vaults/:address/assets/prepare` (vault admin) — build an
+     * `update_vault_assets` FULL-REPLACE basket tx. The API enforces the same
+     * guards as the chain (manual mode, 24h timelock, Σ bps == 10000, no dupes,
+     * ≤15 on mainnet) → clean 4xx instead of a chain revert.
+     */
+    async prepareUpdateAssets(vaultAddress, assets) {
+        requireBase58(vaultAddress, 'vault address');
+        return this.authRequest(`/vaults/${vaultAddress}/assets/prepare`, { method: 'POST', body: JSON.stringify({ assets }) });
+    }
+    /** `POST /vaults/:address/assets/confirm` — record the basket change post-broadcast. */
+    async confirmUpdateAssets(vaultAddress, signature) {
+        requireBase58(vaultAddress, 'vault address');
+        return this.authRequest(`/vaults/${vaultAddress}/assets/confirm`, { method: 'POST', body: JSON.stringify({ signature }) });
+    }
+    /**
+     * `PATCH /vaults/:address/fees` (vault admin) — build an `update_management_fee`
+     * tx (bps ≤2000). Reverts on a fees-immutable vault.
+     */
+    async prepareUpdateManagementFee(vaultAddress, managementFeeBps) {
+        requireBase58(vaultAddress, 'vault address');
+        return this.authRequest(`/vaults/${vaultAddress}/fees`, { method: 'PATCH', body: JSON.stringify({ managementFeeBps }) });
+    }
+    /**
+     * `POST /vaults/:address/transfer-admin` (vault admin) — initiate transferring
+     * vault admin to `newAdmin` (the new admin must ACCEPT separately). HIGH
+     * sensitivity — gates the agent's `transfer_admin` tool.
+     */
+    async prepareTransferAdmin(vaultAddress, newAdmin) {
+        requireBase58(vaultAddress, 'vault address');
+        requireBase58(newAdmin, 'new admin wallet');
+        return this.authRequest(`/vaults/${vaultAddress}/transfer-admin`, { method: 'POST', body: JSON.stringify({ newAdmin }) });
+    }
+}
+//# sourceMappingURL=api-client.js.map

package/dist/api-client.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"api-client.js","sourceRoot":"","sources":["../src/api-client.ts"],"names":[],"mappings":"AA6BA,MAAM,SAAS,GAAG,+BAA+B,CAAC;AAElD,SAAS,aAAa,CAAC,IAAY,EAAE,KAAa;IAChD,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,kBAAkB,KAAK,KAAK,IAAI,EAAE,CAAC,CAAC;IACtD,CAAC;AACH,CAAC;AAED,MAAM,OAAO,YAAY;IAKJ;IAJF,OAAO,CAAS;IAEjC,YACE,MAAmB,EACF,OAAoB;QAApB,YAAO,GAAP,OAAO,CAAa;QAErC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC;IAC/B,CAAC;IAED,0EAA0E;IAElE,KAAK,CAAC,aAAa,CAAI,IAAY,EAAE,IAAkB;QAC7D,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,GAAG,IAAI,EAAE,EAAE;YAChD,GAAG,IAAI;YACP,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,GAAG,CAAC,IAAI,EAAE,OAAO,IAAI,EAAE,CAAC,EAAE;SAC1E,CAAC,CAAC;QACH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;YAC9C,MAAM,IAAI,KAAK,CAAC,WAAW,GAAG,CAAC,MAAM,OAAO,IAAI,KAAK,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7E,CAAC;QACD,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAM,CAAC;IACjC,CAAC;IAEO,KAAK,CAAC,WAAW,CAAI,IAAY,EAAE,IAAkB;QAC3D,MAAM,IAAI,GAAG,KAAK,EAAE,KAAa,EAAqB,EAAE,CACtD,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,GAAG,IAAI,EAAE,EAAE;YAC9B,GAAG,IAAI;YACP,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,aAAa,EAAE,UAAU,KAAK,EAAE;gBAChC,GAAG,CAAC,IAAI,EAAE,OAAO,IAAI,EAAE,CAAC;aACzB;SACF,CAAC,CAAC;QAEL,IAAI,KAAK,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;QAChD,IAAI,GAAG,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,CAAC;QAC5B,oDAAoD;QACpD,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YACvB,KAAK,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;YAChD,GAAG,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,CAAC;QAC1B,CAAC;QACD,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;YAC9C,MAAM,IAAI,KAAK,CAAC,WAAW,GAAG,CAAC,MAAM,OAAO,IAAI,KAAK,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;QAC7E,CAAC;QACD,6BAA6B;QAC7B,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;YAAE,OAAO,SAAc,CAAC;QAC9C,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAM,CAAC;IACjC,CAAC;IAED,0EAA0E;IAE1E,0EAA0E;IAC1E,KAAK,CAAC,UAAU,CAAC,MAOhB;QACC,MAAM,CAAC,GAAG,IAAI,eAAe,EAAE,CAAC;QAChC,IAAI,MAAM,EAAE,QAAQ;YAAE,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;QACzD,IAAI,MAAM,EAAE,OAAO;YAAE,CAAC,CAAC,GAAG,CAAC,SAAS,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;QACtD,IAAI,MAAM,EAAE,MAAM;YAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;QACnD,IAAI,MAAM,EAAE,MAAM;YAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;QACnD,IAAI,MAAM,EAAE,IAAI;YAAE,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QACrD,IAAI,MAAM,EAAE,KAAK;YAAE,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QACxD,MAAM,EAAE,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,aAAa,CAAoB,UAAU,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC/E,CAAC;IAED,8EAA8E;IAC9E,KAAK,CAAC,QAAQ,CAAC,OAAe;QAC5B,aAAa,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;QACxC,OAAO,IAAI,CAAC,aAAa,CAAsB,WAAW,OAAO,EAAE,CAAC,CAAC;IACvE,CAAC;IAED,0EAA0E;IAC1E,KAAK,CAAC,eAAe,CAAC,MAAc;QAClC,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAChC,OAAO,IAAI,CAAC,aAAa,CAAe,yBAAyB,MAAM,EAAE,CAAC,CAAC;IAC7E,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,cAAc,CAAC,YAAoB,EAAE,IAAY;QACrD,aAAa,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;QAC7C,aAAa,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;QACnC,OAAO,IAAI,CAAC,WAAW,CACrB,WAAW,YAAY,kBAAkB,IAAI,EAAE,CAChD,CAAC;IACJ,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,qBAAqB;QACzB,OAAO,IAAI,CAAC,WAAW,CAAU,YAAY,CAAC,CAAC;IACjD,CAAC;IAED,kFAAkF;IAClF,KAAK,CAAC,mBAAmB;QACvB,OAAO,IAAI,CAAC,WAAW,CAAU,oBAAoB,CAAC,CAAC;IACzD,CAAC;IAED,0EAA0E;IAC1E,6EAA6E;IAC7E,8EAA8E;IAC9E,2EAA2E;IAC3E,8CAA8C;IAC9C,gEAAgE;IAEhE,4EAA4E;IAC5E,KAAK,CAAC,kBAAkB,CACtB,YAAoB,EACpB,aAAqB,EACrB,IAAoD;QAEpD,aAAa,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;QAC7C,OAAO,IAAI,CAAC,WAAW,CACrB,WAAW,YAAY,yBAAyB,EAChD,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,UAAU,EAAE,aAAa,EAAE,GAAG,IAAI,EAAE,CAAC,EAAE,CACjF,CAAC;IACJ,CAAC;IAED,6EAA6E;IAC7E,KAAK,CAAC,mBAAmB,CAAC,YAAoB;QAC5C,aAAa,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;QAC7C,OAAO,IAAI,CAAC,WAAW,CACrB,WAAW,YAAY,0BAA0B,EACjD,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,EAAE,CAC7C,CAAC;IACJ,CAAC;IAED,8EAA8E;IAC9E,KAAK,CAAC,mBAAmB,CACvB,YAAoB,EACpB,SAAiB,EACjB,IAAoD;QAEpD,aAAa,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;QAC7C,OAAO,IAAI,CAAC,WAAW,CACrB,WAAW,YAAY,0BAA0B,EACjD,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,EAAE,CAAC,EAAE,CACzE,CAAC;IACJ,CAAC;IAED,iFAAiF;IACjF,KAAK,CAAC,oBAAoB,CAAC,YAAoB;QAC7C,aAAa,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;QAC7C,OAAO,IAAI,CAAC,WAAW,CACrB,WAAW,YAAY,2BAA2B,EAClD,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,EAAE,CAC7C,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,kBAAkB,CAAC,YAAoB;QAC3C,aAAa,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;QAC7C,OAAO,IAAI,CAAC,WAAW,CACrB,WAAW,YAAY,wBAAwB,EAC/C,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,EAAE,CAC7C,CAAC;IACJ,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,uBAAuB,CAC3B,YAAoB,EACpB,IAKC;QAED,aAAa,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;QAC7C,OAAO,IAAI,CAAC,WAAW,CACrB,WAAW,YAAY,iCAAiC,EACxD,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAC/C,CAAC;IACJ,CAAC;IAED,0EAA0E;IAC1E,4EAA4E;IAC5E,6EAA6E;IAC7E,2EAA2E;IAC3E,oEAAoE;IACpE,gEAAgE;IAEhE;;;;OAIG;IACH,KAAK,CAAC,kBAAkB,CAAC,MAexB;QACC,OAAO,IAAI,CAAC,WAAW,CAAwB,wBAAwB,EAAE;YACvE,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC;SAC7B,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,kBAAkB,CACtB,SAAiB,EACjB,YAAoB;QAEpB,aAAa,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;QAC7C,OAAO,IAAI,CAAC,WAAW,CAAwB,wBAAwB,EAAE;YACvE,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,SAAS,EAAE,YAAY,EAAE,CAAC;SAClD,CAAC,CAAC;IACL,CAAC;IAED,2EAA2E;IAC3E,2EAA2E;IAC3E,+EAA+E;IAE/E;;;;;OAKG;IACH,KAAK,CAAC,mBAAmB,CACvB,YAAoB,EACpB,MAA0B;QAE1B,aAAa,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;QAC7C,OAAO,IAAI,CAAC,WAAW,CACrB,WAAW,YAAY,iBAAiB,EACxC,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,CACrD,CAAC;IACJ,CAAC;IAED,wFAAwF;IACxF,KAAK,CAAC,mBAAmB,CACvB,YAAoB,EACpB,SAAiB;QAEjB,aAAa,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;QAC7C,OAAO,IAAI,CAAC,WAAW,CACrB,WAAW,YAAY,iBAAiB,EACxC,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE,CACxD,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,0BAA0B,CAC9B,YAAoB,EACpB,gBAAwB;QAExB,aAAa,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;QAC7C,OAAO,IAAI,CAAC,WAAW,CACrB,WAAW,YAAY,OAAO,EAC9B,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,gBAAgB,EAAE,CAAC,EAAE,CAChE,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,oBAAoB,CACxB,YAAoB,EACpB,QAAgB;QAEhB,aAAa,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;QAC7C,aAAa,CAAC,QAAQ,EAAE,kBAAkB,CAAC,CAAC;QAC5C,OAAO,IAAI,CAAC,WAAW,CACrB,WAAW,YAAY,iBAAiB,EACxC,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,CACvD,CAAC;IACJ,CAAC;CACF"}

package/dist/config.d.ts ADDED Viewed

@@ -0,0 +1,56 @@
+/**
+ * Agent configuration — loaded from env vars set by the OPERATOR locally.
+ *
+ * SECURITY MODEL (read before changing anything here):
+ *   - The agent operates with ITS OWN test-wallet keypair, loaded LOCALLY by the
+ *     operator from a file path (`DFM_AGENT_KEYPAIR_PATH`) or an env-injected
+ *     secret (`DFM_AGENT_KEYPAIR_JSON`). The keypair is NEVER passed through the
+ *     MCP protocol, tool arguments, or tool results, and is NEVER logged.
+ *   - That test wallet must be on the closed-alpha access allowlist (a sign-in
+ *     from a non-allowed wallet is rejected server-side — see auth.service).
+ *   - The protocol wallet (`9GjE…`) must NOT be used here. The agent signs with
+ *     a throwaway test wallet funded with a few dollars of USDC.
+ *   - All real-money WRITE tools (deposit / redeem) are GATED behind
+ *     `DFM_AGENT_WRITE_ENABLED=true` and default OFF.
+ */
+export interface AgentConfig {
+    /** DFM v2 backend API base, INCLUDING the `/api/v2` prefix. */
+    apiUrl: string;
+    /** Solana cluster (devnet | mainnet-beta). Mainnet is the live system. */
+    cluster: 'devnet' | 'mainnet-beta';
+    /**
+     * Helius (or other dedicated) RPC endpoint. Used only by the WRITE path to
+     * submit signed transactions. The read tools do not need it.
+     */
+    rpcUrl?: string;
+    /**
+     * SIWS domain the API binds sign-in messages to (e.g. `n2.dfm.finance`).
+     * Informational only — the agent signs the EXACT message the API returns from
+     * `POST /auth/nonce`, so it does not need to reconstruct the domain. Surfaced
+     * for diagnostics / sanity-logging.
+     */
+    siwsDomain?: string;
+    /**
+     * Where to load the test-wallet keypair from. Exactly ONE of these should be
+     * set by the operator when WRITE is enabled (path preferred). Format: the
+     * standard Solana 64-byte secret-key JSON array (e.g. `solana-keygen` output).
+     * Read lazily + only inside the signing module — never eagerly, never logged.
+     */
+    keypairPath?: string;
+    keypairJsonEnvPresent: boolean;
+    /**
+     * Master kill-switch for the real-money WRITE tools (deposit/redeem). Default
+     * OFF. When false, the write tools refuse with a clear message and never load
+     * the keypair or touch the chain.
+     */
+    writeEnabled: boolean;
+}
+/**
+ * Normalize the API base so it always ends with the `/api/v2` global prefix and
+ * has no trailing slash. Accepts either a bare origin
+ * (`https://n2-api.dfm.finance`) or a full base
+ * (`https://n2-api.dfm.finance/api/v2`).
+ */
+export declare function normalizeApiUrl(raw: string): string;
+export declare function loadConfig(): AgentConfig;
+//# sourceMappingURL=config.d.ts.map

package/dist/config.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,MAAM,WAAW,WAAW;IAC1B,+DAA+D;IAC/D,MAAM,EAAE,MAAM,CAAC;IACf,0EAA0E;IAC1E,OAAO,EAAE,QAAQ,GAAG,cAAc,CAAC;IACnC;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;;;;OAKG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB;;;;;OAKG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,qBAAqB,EAAE,OAAO,CAAC;IAC/B;;;;OAIG;IACH,YAAY,EAAE,OAAO,CAAC;CACvB;AAMD;;;;;GAKG;AACH,wBAAgB,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAMnD;AAED,wBAAgB,UAAU,IAAI,WAAW,CAyBxC"}

package/dist/config.js ADDED Viewed

@@ -0,0 +1,55 @@
+/**
+ * Agent configuration — loaded from env vars set by the OPERATOR locally.
+ *
+ * SECURITY MODEL (read before changing anything here):
+ *   - The agent operates with ITS OWN test-wallet keypair, loaded LOCALLY by the
+ *     operator from a file path (`DFM_AGENT_KEYPAIR_PATH`) or an env-injected
+ *     secret (`DFM_AGENT_KEYPAIR_JSON`). The keypair is NEVER passed through the
+ *     MCP protocol, tool arguments, or tool results, and is NEVER logged.
+ *   - That test wallet must be on the closed-alpha access allowlist (a sign-in
+ *     from a non-allowed wallet is rejected server-side — see auth.service).
+ *   - The protocol wallet (`9GjE…`) must NOT be used here. The agent signs with
+ *     a throwaway test wallet funded with a few dollars of USDC.
+ *   - All real-money WRITE tools (deposit / redeem) are GATED behind
+ *     `DFM_AGENT_WRITE_ENABLED=true` and default OFF.
+ */
+function parseCluster(raw) {
+    return raw === 'mainnet-beta' ? 'mainnet-beta' : raw === 'devnet' ? 'devnet' : 'mainnet-beta';
+}
+/**
+ * Normalize the API base so it always ends with the `/api/v2` global prefix and
+ * has no trailing slash. Accepts either a bare origin
+ * (`https://n2-api.dfm.finance`) or a full base
+ * (`https://n2-api.dfm.finance/api/v2`).
+ */
+export function normalizeApiUrl(raw) {
+    let url = raw.trim().replace(/\/+$/, '');
+    if (!/\/api\/v2$/.test(url)) {
+        url = `${url}/api/v2`;
+    }
+    return url;
+}
+export function loadConfig() {
+    // Default to the live closed-mainnet API so the read tools work out of the box.
+    const apiUrl = normalizeApiUrl(process.env.DFM_API_URL ?? 'https://n2-api.dfm.finance');
+    const cluster = parseCluster(process.env.SOLANA_CLUSTER);
+    // RPC is optional (only the WRITE path uses it). On mainnet, refuse the
+    // rate-limited public fallback so a misconfigured write agent fails loudly
+    // instead of silently throttling through api.mainnet-beta.solana.com.
+    let rpcUrl = process.env.HELIUS_RPC_URL ?? process.env.DFM_RPC_URL;
+    if (!rpcUrl && cluster === 'devnet') {
+        rpcUrl = 'https://api.devnet.solana.com';
+    }
+    const writeEnabled = process.env.DFM_AGENT_WRITE_ENABLED === 'true';
+    return {
+        apiUrl,
+        cluster,
+        rpcUrl,
+        siwsDomain: process.env.SIWS_DOMAIN,
+        keypairPath: process.env.DFM_AGENT_KEYPAIR_PATH,
+        keypairJsonEnvPresent: typeof process.env.DFM_AGENT_KEYPAIR_JSON === 'string'
+            && process.env.DFM_AGENT_KEYPAIR_JSON.trim().length > 0,
+        writeEnabled,
+    };
+}
+//# sourceMappingURL=config.js.map

package/dist/config.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAmCH,SAAS,YAAY,CAAC,GAAuB;IAC3C,OAAO,GAAG,KAAK,cAAc,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC;AAChG,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,eAAe,CAAC,GAAW;IACzC,IAAI,GAAG,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACzC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QAC5B,GAAG,GAAG,GAAG,GAAG,SAAS,CAAC;IACxB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,UAAU;IACxB,gFAAgF;IAChF,MAAM,MAAM,GAAG,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,IAAI,4BAA4B,CAAC,CAAC;IACxF,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAEzD,wEAAwE;IACxE,2EAA2E;IAC3E,sEAAsE;IACtE,IAAI,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC;IACnE,IAAI,CAAC,MAAM,IAAI,OAAO,KAAK,QAAQ,EAAE,CAAC;QACpC,MAAM,GAAG,+BAA+B,CAAC;IAC3C,CAAC;IAED,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,uBAAuB,KAAK,MAAM,CAAC;IAEpE,OAAO;QACL,MAAM;QACN,OAAO;QACP,MAAM;QACN,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,WAAW;QACnC,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,sBAAsB;QAC/C,qBAAqB,EAAE,OAAO,OAAO,CAAC,GAAG,CAAC,sBAAsB,KAAK,QAAQ;eACxE,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC;QACzD,YAAY;KACb,CAAC;AACJ,CAAC"}

package/dist/create-flow.d.ts ADDED Viewed

@@ -0,0 +1,62 @@
+/**
+ * Vault LAUNCH (create DTF) lifecycle driver — a real-money WRITE path.
+ *
+ * ⚠️ GATED. Reachable only when DFM_AGENT_WRITE_ENABLED=true. Creating a vault
+ * pulls the on-chain creation fee (USDC) from the test wallet and writes a vault
+ * the operator then owns/administers. The parent must review before enabling.
+ * REVIEW: real-money path — parent must review before enabling.
+ *
+ * ─── Flow (prepare → sign → submit → confirm) ──────────────────────────────
+ *   1. POST /vaults/create/prepare  → ONE unsigned v0 tx + the vaultAddress PDA
+ *      + a server-built per-create ALT. The creator is the SESSION wallet.
+ *   2. sign the tx LOCALLY with the test keypair.
+ *   3. submit + confirm via RPC.
+ *   4. POST /vaults/create/confirm { signature, vaultAddress } → records the
+ *      vault doc (reads economic params from the prepare-cache, so they cannot
+ *      be tampered after prepare). MUST land inside the ~15-min cache TTL.
+ *
+ * If confirm fails AFTER the tx confirmed on-chain, the vault EXISTS on-chain
+ * but has no Mongo doc ("ghost vault"). We surface the signature + vaultAddress
+ * so the operator can retry confirm (within TTL) or reconcile — we never hide it.
+ * ───────────────────────────────────────────────────────────────────────────
+ */
+import type { AgentConfig } from './config.js';
+import type { DfmApiClient } from './api-client.js';
+import type { CreateAssetInput } from './types.js';
+export interface LaunchVaultParams {
+    name: string;
+    symbol: string;
+    assets: CreateAssetInput[];
+    /** DTF type — defaults to 'index' (the only live type). */
+    dtfType?: string;
+    /** Category enum (0-7, 255). Defaults to 255 (uncategorized/other). */
+    category?: number;
+    managementFeeBps?: number;
+    exitFeeBps?: number;
+    description?: string;
+    metadataUri?: string;
+}
+export interface LaunchVaultResult {
+    ok: boolean;
+    vault: string;
+    signature: string;
+    vaultMint: string;
+    vaultIndex: number;
+    /** Set when /create/confirm failed after the tx confirmed (ghost-vault risk). */
+    confirmError?: string;
+    message: string;
+}
+/**
+ * Validate the basket client-side BEFORE hitting the network — fast, clear
+ * failures the agent can fix without a round-trip. (The API re-validates
+ * everything; this is a courtesy layer.)
+ */
+export declare function validateLaunchParams(params: LaunchVaultParams): void;
+/**
+ * Drive a full vault LAUNCH (create DTF). Returns when the vault doc is recorded
+ * (confirm succeeded) — or, if confirm fails after the on-chain tx confirmed,
+ * returns `ok:false` WITH the signature + vaultAddress so the operator can
+ * recover (the on-chain vault exists either way).
+ */
+export declare function runLaunchVault(config: AgentConfig, api: DfmApiClient, params: LaunchVaultParams): Promise<LaunchVaultResult>;
+//# sourceMappingURL=create-flow.d.ts.map

package/dist/create-flow.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"create-flow.d.ts","sourceRoot":"","sources":["../src/create-flow.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AACpD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAInD,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,gBAAgB,EAAE,CAAC;IAC3B,2DAA2D;IAC3D,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,uEAAuE;IACvE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,iBAAiB;IAChC,EAAE,EAAE,OAAO,CAAC;IACZ,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,iFAAiF;IACjF,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;CACjB;AAID;;;;GAIG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,iBAAiB,GAAG,IAAI,CA4BpE;AAED;;;;;GAKG;AACH,wBAAsB,cAAc,CAClC,MAAM,EAAE,WAAW,EACnB,GAAG,EAAE,YAAY,EACjB,MAAM,EAAE,iBAAiB,GACxB,OAAO,CAAC,iBAAiB,CAAC,CAyD5B"}

package/dist/create-flow.js ADDED Viewed

@@ -0,0 +1,88 @@
+import { signBase64Transaction } from './signing.js';
+import { submitSignedTx } from './submit.js';
+const MAX_ASSETS = 15; // mainnet basket cap (zap-v2 OPEN tx ceiling)
+/**
+ * Validate the basket client-side BEFORE hitting the network — fast, clear
+ * failures the agent can fix without a round-trip. (The API re-validates
+ * everything; this is a courtesy layer.)
+ */
+export function validateLaunchParams(params) {
+    if (!params.assets || params.assets.length === 0) {
+        throw new Error('launch_vault needs at least 1 basket asset.');
+    }
+    if (params.assets.length > MAX_ASSETS) {
+        throw new Error(`Basket has ${params.assets.length} assets — the mainnet cap is ${MAX_ASSETS} ` +
+            `(the zap-v2 OPEN tx hits the 1232-byte v0 limit beyond that).`);
+    }
+    const sum = params.assets.reduce((acc, a) => acc + a.mintBps, 0);
+    if (sum !== 10_000) {
+        throw new Error(`Basket allocations must sum to exactly 10000 bps; got ${sum}. ` +
+            `(${params.assets.map((a) => `${a.symbol}=${a.mintBps}`).join(', ')})`);
+    }
+    for (const a of params.assets) {
+        if (!Number.isInteger(a.mintBps) || a.mintBps <= 0 || a.mintBps > 10_000) {
+            throw new Error(`Asset ${a.symbol} has invalid mintBps ${a.mintBps} (must be 1..10000).`);
+        }
+    }
+    if ((params.managementFeeBps ?? 0) > 2_000) {
+        throw new Error('managementFeeBps must be ≤ 2000 (20%/yr).');
+    }
+    if ((params.exitFeeBps ?? 0) > 1_000) {
+        throw new Error('exitFeeBps must be ≤ 1000 (10%).');
+    }
+}
+/**
+ * Drive a full vault LAUNCH (create DTF). Returns when the vault doc is recorded
+ * (confirm succeeded) — or, if confirm fails after the on-chain tx confirmed,
+ * returns `ok:false` WITH the signature + vaultAddress so the operator can
+ * recover (the on-chain vault exists either way).
+ */
+export async function runLaunchVault(config, api, params) {
+    validateLaunchParams(params);
+    // 1. PREPARE — build the create tx. Entry fee is forced to 0 (mainnet rule).
+    const prepared = await api.prepareCreateVault({
+        name: params.name,
+        symbol: params.symbol,
+        dtfType: params.dtfType ?? 'index',
+        category: params.category ?? 255,
+        assets: params.assets,
+        entryFeeBps: 0,
+        exitFeeBps: params.exitFeeBps ?? 0,
+        managementFeeBps: params.managementFeeBps ?? 0,
+        description: params.description,
+        metadataUri: params.metadataUri,
+    });
+    // 2. SIGN locally + 3. SUBMIT.
+    const signed = signBase64Transaction(config, prepared.transaction);
+    const signature = await submitSignedTx(config, signed, prepared.blockhash, prepared.lastValidBlockHeight);
+    // 4. CONFIRM — record the vault doc. If this fails the on-chain vault already
+    // exists (the tx confirmed in step 3), so we DON'T throw it away — we return
+    // the recovery info. The operator can retry confirm inside the cache TTL.
+    try {
+        await api.confirmCreateVault(signature, prepared.vaultAddress);
+    }
+    catch (e) {
+        return {
+            ok: false,
+            vault: prepared.vaultAddress,
+            signature,
+            vaultMint: prepared.vaultMint,
+            vaultIndex: prepared.vaultIndex,
+            confirmError: e.message,
+            message: `Create tx CONFIRMED on-chain (vault ${prepared.vaultAddress}) but /create/confirm ` +
+                `failed: ${e.message}. The on-chain vault EXISTS. Retry confirm within the ` +
+                `~15-min prepare-cache TTL (POST /vaults/create/confirm { signature, vaultAddress }), ` +
+                `or it will need a chain reconcile.`,
+        };
+    }
+    return {
+        ok: true,
+        vault: prepared.vaultAddress,
+        signature,
+        vaultMint: prepared.vaultMint,
+        vaultIndex: prepared.vaultIndex,
+        message: `Vault "${params.name}" (${params.symbol}) launched: ${prepared.vaultAddress} ` +
+            `(index ${prepared.vaultIndex}). Recorded. Fund the first deposit ≥ ~$12 to clear the $10 floor.`,
+    };
+}
+//# sourceMappingURL=create-flow.js.map

package/dist/create-flow.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"create-flow.js","sourceRoot":"","sources":["../src/create-flow.ts"],"names":[],"mappings":"AAyBA,OAAO,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AACrD,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AA2B7C,MAAM,UAAU,GAAG,EAAE,CAAC,CAAC,8CAA8C;AAErE;;;;GAIG;AACH,MAAM,UAAU,oBAAoB,CAAC,MAAyB;IAC5D,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjD,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACjE,CAAC;IACD,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,UAAU,EAAE,CAAC;QACtC,MAAM,IAAI,KAAK,CACb,cAAc,MAAM,CAAC,MAAM,CAAC,MAAM,gCAAgC,UAAU,GAAG;YAC7E,+DAA+D,CAClE,CAAC;IACJ,CAAC;IACD,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;IACjE,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CACb,yDAAyD,GAAG,IAAI;YAC9D,IAAI,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CACzE,CAAC;IACJ,CAAC;IACD,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9B,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,OAAO,GAAG,MAAM,EAAE,CAAC;YACzE,MAAM,IAAI,KAAK,CAAC,SAAS,CAAC,CAAC,MAAM,wBAAwB,CAAC,CAAC,OAAO,sBAAsB,CAAC,CAAC;QAC5F,CAAC;IACH,CAAC;IACD,IAAI,CAAC,MAAM,CAAC,gBAAgB,IAAI,CAAC,CAAC,GAAG,KAAK,EAAE,CAAC;QAC3C,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;IAC/D,CAAC;IACD,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,CAAC,CAAC,GAAG,KAAK,EAAE,CAAC;QACrC,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACtD,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,MAAmB,EACnB,GAAiB,EACjB,MAAyB;IAEzB,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAE7B,6EAA6E;IAC7E,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,kBAAkB,CAAC;QAC5C,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,OAAO;QAClC,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,GAAG;QAChC,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,WAAW,EAAE,CAAC;QACd,UAAU,EAAE,MAAM,CAAC,UAAU,IAAI,CAAC;QAClC,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,IAAI,CAAC;QAC9C,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,WAAW,EAAE,MAAM,CAAC,WAAW;KAChC,CAAC,CAAC;IAEH,+BAA+B;IAC/B,MAAM,MAAM,GAAG,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC,WAAW,CAAC,CAAC;IACnE,MAAM,SAAS,GAAG,MAAM,cAAc,CACpC,MAAM,EACN,MAAM,EACN,QAAQ,CAAC,SAAS,EAClB,QAAQ,CAAC,oBAAoB,CAC9B,CAAC;IAEF,8EAA8E;IAC9E,6EAA6E;IAC7E,0EAA0E;IAC1E,IAAI,CAAC;QACH,MAAM,GAAG,CAAC,kBAAkB,CAAC,SAAS,EAAE,QAAQ,CAAC,YAAY,CAAC,CAAC;IACjE,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO;YACL,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,QAAQ,CAAC,YAAY;YAC5B,SAAS;YACT,SAAS,EAAE,QAAQ,CAAC,SAAS;YAC7B,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,YAAY,EAAG,CAAW,CAAC,OAAO;YAClC,OAAO,EACL,uCAAuC,QAAQ,CAAC,YAAY,wBAAwB;gBACpF,WAAY,CAAW,CAAC,OAAO,wDAAwD;gBACvF,uFAAuF;gBACvF,oCAAoC;SACvC,CAAC;IACJ,CAAC;IAED,OAAO;QACL,EAAE,EAAE,IAAI;QACR,KAAK,EAAE,QAAQ,CAAC,YAAY;QAC5B,SAAS;QACT,SAAS,EAAE,QAAQ,CAAC,SAAS;QAC7B,UAAU,EAAE,QAAQ,CAAC,UAAU;QAC/B,OAAO,EACL,UAAU,MAAM,CAAC,IAAI,MAAM,MAAM,CAAC,MAAM,eAAe,QAAQ,CAAC,YAAY,GAAG;YAC/E,UAAU,QAAQ,CAAC,UAAU,oEAAoE;KACpG,CAAC;AACJ,CAAC"}

package/dist/examples/deposit-redeem-loop.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=deposit-redeem-loop.d.ts.map

package/dist/examples/deposit-redeem-loop.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"deposit-redeem-loop.d.ts","sourceRoot":"","sources":["../../src/examples/deposit-redeem-loop.ts"],"names":[],"mappings":""}

package/dist/examples/deposit-redeem-loop.js ADDED Viewed

@@ -0,0 +1,67 @@
+/**
+ * Example (REAL-MONEY — GATED): the full deposit → redeem loop a tester would
+ * run programmatically. Deposits a small USDC amount into a vault, waits for the
+ * orchestrator to mint shares, reads the position, then redeems it back to USDC.
+ *
+ * ⚠️ This MOVES REAL FUNDS on mainnet. It refuses unless DFM_AGENT_WRITE_ENABLED
+ * is set, an RPC is configured, and a funded, allowlisted test keypair is loaded.
+ * REVIEW: real-money path — parent must review before relying on this.
+ *
+ * Usage:
+ *   DFM_API_URL=https://n2-api.dfm.finance \
+ *   HELIUS_RPC_URL=https://mainnet.helius-rpc.com/?api-key=… \
+ *   DFM_AGENT_KEYPAIR_PATH=/abs/path/test-wallet.json \
+ *   DFM_AGENT_WRITE_ENABLED=true \
+ *   npx tsx src/examples/deposit-redeem-loop.ts <vaultAddress> [usdcRaw=12000000]
+ */
+import { loadConfig } from '../config.js';
+import { SiwsSession } from '../session.js';
+import { DfmApiClient } from '../api-client.js';
+import { runDeposit, runRedeem } from '../zap-v2-flow.js';
+async function main() {
+    const vault = process.argv[2];
+    const usdcRaw = process.argv[3] ?? '12000000'; // $12 default (clears the $10 first-mint floor)
+    if (!vault) {
+        console.error('Usage: npx tsx deposit-redeem-loop.ts <vaultAddress> [usdcRaw]');
+        process.exit(1);
+    }
+    const config = loadConfig();
+    if (!config.writeEnabled) {
+        console.error('Refusing: DFM_AGENT_WRITE_ENABLED is not "true". This is a real-money loop.');
+        process.exit(1);
+    }
+    if (!config.rpcUrl) {
+        console.error('Refusing: no RPC. Set HELIUS_RPC_URL to submit transactions.');
+        process.exit(1);
+    }
+    const session = new SiwsSession(config);
+    const api = new DfmApiClient(config, session);
+    const user = session.walletAddress;
+    console.log(`Test wallet: ${user} | vault: ${vault} | deposit: ${usdcRaw} raw USDC`);
+    // 1. Deposit.
+    console.log('\n→ DEPOSIT (open → orchestrator cranks → close)…');
+    const dep = await runDeposit(config, api, user, vault, usdcRaw);
+    console.log(JSON.stringify(dep, null, 2));
+    // 2. Read the resulting share balance.
+    console.log('\n→ position after deposit…');
+    const positions = await api.getPortfolioPositions();
+    console.log(JSON.stringify(positions, null, 2));
+    // 3. Redeem the freshly minted shares. The exact share amount comes from the
+    //    on-chain position — a real harness would read it from `positions` above.
+    //    Here we leave redemption sizing to the operator: pass the share raw amount
+    //    you want to redeem as an env to avoid accidentally over/under-redeeming.
+    const sharesRaw = process.env.DFM_REDEEM_SHARES_RAW;
+    if (!sharesRaw) {
+        console.log('\nSet DFM_REDEEM_SHARES_RAW to the raw 6dp share amount to redeem ' +
+            '(read it from the position above), then re-run the redeem leg.');
+        return;
+    }
+    console.log(`\n→ REDEEM ${sharesRaw} raw shares (open → orchestrator cranks → close)…`);
+    const red = await runRedeem(config, api, user, vault, sharesRaw);
+    console.log(JSON.stringify(red, null, 2));
+}
+main().catch((e) => {
+    console.error(e);
+    process.exit(1);
+});
+//# sourceMappingURL=deposit-redeem-loop.js.map

package/dist/examples/deposit-redeem-loop.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"deposit-redeem-loop.js","sourceRoot":"","sources":["../../src/examples/deposit-redeem-loop.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AACH,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5C,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAChD,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAE1D,KAAK,UAAU,IAAI;IACjB,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC9B,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,CAAC,gDAAgD;IAC/F,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,gEAAgE,CAAC,CAAC;QAChF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;QACzB,OAAO,CAAC,KAAK,CAAC,6EAA6E,CAAC,CAAC;QAC7F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QACnB,OAAO,CAAC,KAAK,CAAC,8DAA8D,CAAC,CAAC;QAC9E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC,MAAM,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,IAAI,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC9C,MAAM,IAAI,GAAG,OAAO,CAAC,aAAa,CAAC;IACnC,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,aAAa,KAAK,eAAe,OAAO,WAAW,CAAC,CAAC;IAErF,cAAc;IACd,OAAO,CAAC,GAAG,CAAC,mDAAmD,CAAC,CAAC;IACjE,MAAM,GAAG,GAAG,MAAM,UAAU,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;IAChE,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAE1C,uCAAuC;IACvC,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;IAC3C,MAAM,SAAS,GAAG,MAAM,GAAG,CAAC,qBAAqB,EAAE,CAAC;IACpD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAEhD,6EAA6E;IAC7E,8EAA8E;IAC9E,gFAAgF;IAChF,8EAA8E;IAC9E,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC;IACpD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,CAAC,GAAG,CACT,oEAAoE;YAClE,gEAAgE,CACnE,CAAC;QACF,OAAO;IACT,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,cAAc,SAAS,mDAAmD,CAAC,CAAC;IACxF,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,SAAS,CAAC,CAAC;IACjE,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAC5C,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;IACjB,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACjB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/examples/launch-deposit-redeem.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=launch-deposit-redeem.d.ts.map

package/dist/examples/launch-deposit-redeem.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"launch-deposit-redeem.d.ts","sourceRoot":"","sources":["../../src/examples/launch-deposit-redeem.ts"],"names":[],"mappings":""}