npm - @elizaos/plugin-vincent - Versions diffs - 2.0.3-beta.5 → 2.0.3-beta.7 - Mend

@elizaos/plugin-vincent 2.0.3-beta.5 → 2.0.3-beta.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (91) hide show

package/dist/TradingProfileCard.d.ts +8 -0
package/dist/TradingProfileCard.d.ts.map +1 -0
package/dist/TradingProfileCard.js +70 -0
package/dist/TradingProfileCard.js.map +1 -0
package/dist/TradingStrategyPanel.d.ts +10 -0
package/dist/TradingStrategyPanel.d.ts.map +1 -0
package/dist/TradingStrategyPanel.js +133 -0
package/dist/TradingStrategyPanel.js.map +1 -0
package/dist/VincentAppView.d.ts +4 -0
package/dist/VincentAppView.d.ts.map +1 -0
package/dist/VincentAppView.helpers.d.ts +10 -0
package/dist/VincentAppView.helpers.d.ts.map +1 -0
package/dist/VincentAppView.helpers.js +21 -0
package/dist/VincentAppView.helpers.js.map +1 -0
package/dist/VincentAppView.interact.d.ts +2 -0
package/dist/VincentAppView.interact.d.ts.map +1 -0
package/dist/VincentAppView.interact.js +45 -0
package/dist/VincentAppView.interact.js.map +1 -0
package/dist/VincentAppView.js +145 -0
package/dist/VincentAppView.js.map +1 -0
package/dist/VincentConnectionCard.d.ts +9 -0
package/dist/VincentConnectionCard.d.ts.map +1 -0
package/dist/VincentConnectionCard.js +121 -0
package/dist/VincentConnectionCard.js.map +1 -0
package/dist/VincentView.d.ts +13 -0
package/dist/VincentView.d.ts.map +1 -0
package/dist/VincentView.js +86 -0
package/dist/VincentView.js.map +1 -0
package/dist/WalletStatusCard.d.ts +12 -0
package/dist/WalletStatusCard.d.ts.map +1 -0
package/dist/WalletStatusCard.js +203 -0
package/dist/WalletStatusCard.js.map +1 -0
package/dist/client.d.ts +21 -0
package/dist/client.d.ts.map +1 -0
package/dist/client.js +31 -0
package/dist/client.js.map +1 -0
package/dist/components/VincentSpatialView.d.ts +32 -0
package/dist/components/VincentSpatialView.d.ts.map +1 -0
package/dist/components/VincentSpatialView.js +191 -0
package/dist/components/VincentSpatialView.js.map +1 -0
package/dist/index.d.ts +15 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +21 -0
package/dist/index.js.map +1 -0
package/dist/plugin.d.ts +14 -0
package/dist/plugin.d.ts.map +1 -0
package/dist/plugin.js +98 -0
package/dist/plugin.js.map +1 -0
package/dist/register-routes.d.ts +2 -0
package/dist/register-routes.d.ts.map +1 -0
package/dist/register-routes.js +6 -0
package/dist/register-routes.js.map +1 -0
package/dist/register-terminal-view.d.ts +15 -0
package/dist/register-terminal-view.d.ts.map +1 -0
package/dist/register-terminal-view.js +28 -0
package/dist/register-terminal-view.js.map +1 -0
package/dist/register.d.ts +2 -0
package/dist/register.d.ts.map +1 -0
package/dist/register.js +6 -0
package/dist/register.js.map +1 -0
package/dist/routes.d.ts +24 -0
package/dist/routes.d.ts.map +1 -0
package/dist/routes.js +429 -0
package/dist/routes.js.map +1 -0
package/dist/ui.d.ts +11 -0
package/dist/ui.d.ts.map +1 -0
package/dist/ui.js +16 -0
package/dist/ui.js.map +1 -0
package/dist/useVincentDashboard.d.ts +21 -0
package/dist/useVincentDashboard.d.ts.map +1 -0
package/dist/useVincentDashboard.js +105 -0
package/dist/useVincentDashboard.js.map +1 -0
package/dist/useVincentState.d.ts +15 -0
package/dist/useVincentState.d.ts.map +1 -0
package/dist/useVincentState.js +116 -0
package/dist/useVincentState.js.map +1 -0
package/dist/views/bundle.js +500 -0
package/dist/views/bundle.js.map +1 -0
package/dist/vincent-app.d.ts +10 -0
package/dist/vincent-app.d.ts.map +1 -0
package/dist/vincent-app.js +16 -0
package/dist/vincent-app.js.map +1 -0
package/dist/vincent-contracts.d.ts +52 -0
package/dist/vincent-contracts.d.ts.map +1 -0
package/dist/vincent-contracts.js +8 -0
package/dist/vincent-contracts.js.map +1 -0
package/dist/vincent-view-bundle.d.ts +3 -0
package/dist/vincent-view-bundle.d.ts.map +1 -0
package/dist/vincent-view-bundle.js +7 -0
package/dist/vincent-view-bundle.js.map +1 -0
package/package.json +7 -7

package/dist/routes.js ADDED Viewed

@@ -0,0 +1,429 @@
+import crypto from "node:crypto";
+import { saveElizaConfig } from "@elizaos/agent/config/config";
+import { sendJson, sendJsonError } from "@elizaos/app-core/api/response";
+import { logger } from "@elizaos/core";
+import { VINCENT_TRADING_VENUES } from "./vincent-contracts.js";
+const VINCENT_API_BASE = "https://heyvincent.ai";
+const PENDING_LOGIN_TTL_MS = 10 * 60 * 1e3;
+const pendingLogins = /* @__PURE__ */ new Map();
+function sweepExpiredLogins() {
+  const cutoff = Date.now() - PENDING_LOGIN_TTL_MS;
+  for (const [state, entry] of pendingLogins) {
+    if (entry.createdAt < cutoff) pendingLogins.delete(state);
+  }
+}
+function base64UrlEncode(buf) {
+  return buf.toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+}
+function generateCodeVerifier() {
+  return base64UrlEncode(crypto.randomBytes(32));
+}
+function generateCodeChallenge(verifier) {
+  return base64UrlEncode(crypto.createHash("sha256").update(verifier).digest());
+}
+function resolveServerOrigin(req) {
+  const host = req.headers.host;
+  if (!host) return null;
+  return `http://${host}`;
+}
+function isVincentTradingConfig(value) {
+  return isPlainRecord(value) && (value.strategy === void 0 || readVincentStrategyName(value.strategy) !== null) && (value.params === void 0 || isPlainRecord(value.params)) && (value.intervalSeconds === void 0 || typeof value.intervalSeconds === "number") && (value.dryRun === void 0 || typeof value.dryRun === "boolean");
+}
+function isPlainRecord(value) {
+  return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+function parseJsonRecord(body) {
+  try {
+    const parsed = JSON.parse(body);
+    return isPlainRecord(parsed) ? parsed : null;
+  } catch {
+    return null;
+  }
+}
+function readStringField(value, key) {
+  const field = value?.[key];
+  return typeof field === "string" && field.trim() ? field.trim() : null;
+}
+function readVincentStrategyName(value) {
+  return value === "dca" || value === "rebalance" || value === "threshold" || value === "manual" ? value : null;
+}
+function getVincentTokens(config) {
+  const vincent = Reflect.get(config, "vincent");
+  return isPlainRecord(vincent) && typeof vincent.accessToken === "string" && typeof vincent.clientId === "string" && typeof vincent.connectedAt === "number" ? {
+    accessToken: vincent.accessToken,
+    refreshToken: typeof vincent.refreshToken === "string" ? vincent.refreshToken : null,
+    clientId: vincent.clientId,
+    connectedAt: vincent.connectedAt
+  } : void 0;
+}
+function setVincentTokens(config, tokens) {
+  Reflect.set(config, "vincent", tokens);
+}
+function getVincentTradingConfig(config) {
+  const trading = Reflect.get(config, "trading");
+  return isVincentTradingConfig(trading) ? trading : void 0;
+}
+function setVincentTradingConfig(config, trading) {
+  Reflect.set(config, "trading", trading);
+}
+async function handleVincentRoute(req, res, pathname, method, state) {
+  if (method === "POST" && pathname === "/api/vincent/start-login") {
+    try {
+      sweepExpiredLogins();
+      const origin = resolveServerOrigin(req);
+      if (!origin) {
+        sendJsonError(res, 400, "Missing Host header");
+        return true;
+      }
+      const redirectUri = `${origin}/callback/vincent`;
+      const body = await readBody(req).catch(() => "");
+      const parsed = body ? parseJsonRecord(body) : null;
+      const appName = readStringField(parsed, "appName") ?? "Eliza";
+      const registerRes = await fetch(
+        `${VINCENT_API_BASE}/api/oauth/public/register`,
+        {
+          method: "POST",
+          headers: { "Content-Type": "application/json" },
+          body: JSON.stringify({
+            client_name: appName,
+            redirect_uris: [redirectUri]
+          })
+        }
+      );
+      if (!registerRes.ok) {
+        const text = await registerRes.text().catch(() => "");
+        sendJsonError(
+          res,
+          registerRes.status,
+          `Vincent register failed: ${text}`
+        );
+        return true;
+      }
+      const registerJson = parseJsonRecord(
+        await registerRes.text().catch(() => "")
+      );
+      const clientId = readStringField(registerJson, "client_id");
+      if (!clientId) {
+        sendJsonError(res, 502, "Vincent register returned an invalid payload");
+        return true;
+      }
+      const codeVerifier = generateCodeVerifier();
+      const codeChallenge = generateCodeChallenge(codeVerifier);
+      const stateParam = crypto.randomUUID();
+      pendingLogins.set(stateParam, {
+        clientId,
+        codeVerifier,
+        redirectUri,
+        createdAt: Date.now()
+      });
+      const params = new URLSearchParams({
+        client_id: clientId,
+        response_type: "code",
+        redirect_uri: redirectUri,
+        scope: "all",
+        resource: VINCENT_API_BASE,
+        code_challenge: codeChallenge,
+        code_challenge_method: "S256",
+        state: stateParam
+      });
+      const authUrl = `${VINCENT_API_BASE}/api/oauth/public/authorize?${params.toString()}`;
+      const payload = {
+        authUrl,
+        state: stateParam,
+        redirectUri
+      };
+      sendJson(res, 200, payload);
+    } catch (err) {
+      logger.error(
+        `[vincent/start-login] ${err instanceof Error ? err.message : String(err)}`
+      );
+      sendJsonError(res, 500, "Vincent start-login failed");
+    }
+    return true;
+  }
+  if (method === "GET" && pathname === "/callback/vincent") {
+    try {
+      sweepExpiredLogins();
+      const url = new URL(req.url ?? "/callback/vincent", "http://localhost");
+      const code = url.searchParams.get("code");
+      const stateParam = url.searchParams.get("state");
+      const oauthError = url.searchParams.get("error");
+      if (oauthError) {
+        sendCallbackHtml(
+          res,
+          400,
+          "Vincent login failed",
+          `Vincent returned an error: ${oauthError}. You may close this window.`
+        );
+        return true;
+      }
+      if (!code) {
+        sendCallbackHtml(
+          res,
+          400,
+          "Vincent login failed",
+          "The Vincent redirect did not include an authorization code. You may close this window."
+        );
+        return true;
+      }
+      if (!stateParam) {
+        sendCallbackHtml(
+          res,
+          400,
+          "Vincent login failed",
+          "The Vincent redirect did not include a state parameter. Please return to the app and try again."
+        );
+        return true;
+      }
+      const pending = pendingLogins.get(stateParam);
+      if (!pending) {
+        sendCallbackHtml(
+          res,
+          400,
+          "Vincent login expired",
+          "No pending login was found for this callback. Please return to the app and try again."
+        );
+        return true;
+      }
+      pendingLogins.delete(stateParam);
+      const tokenRes = await fetch(
+        `${VINCENT_API_BASE}/api/oauth/public/token`,
+        {
+          method: "POST",
+          headers: { "Content-Type": "application/json" },
+          body: JSON.stringify({
+            grant_type: "authorization_code",
+            code,
+            client_id: pending.clientId,
+            code_verifier: pending.codeVerifier,
+            // RFC 6749 §4.1.3: redirect_uri MUST match the one used in the
+            // authorize request. Vincent rejects the exchange with
+            // "invalid_request: expected string, received undefined" without
+            // this field.
+            redirect_uri: pending.redirectUri
+          })
+        }
+      );
+      if (!tokenRes.ok) {
+        const text = await tokenRes.text().catch(() => "");
+        logger.error(
+          `[vincent/callback] token exchange failed: ${tokenRes.status} ${text}`
+        );
+        sendCallbackHtml(
+          res,
+          502,
+          "Vincent login failed",
+          "Token exchange with Vincent failed. Please return to the app and try again."
+        );
+        return true;
+      }
+      const tokenJson = parseJsonRecord(await tokenRes.text().catch(() => ""));
+      const accessToken = readStringField(tokenJson, "access_token");
+      if (!accessToken) {
+        logger.error(
+          "[vincent/callback] token response was missing access_token"
+        );
+        sendCallbackHtml(
+          res,
+          502,
+          "Vincent login failed",
+          "Token exchange with Vincent returned an invalid payload. Please return to the app and try again."
+        );
+        return true;
+      }
+      const refreshToken = readStringField(tokenJson, "refresh_token");
+      const config = state.config;
+      setVincentTokens(config, {
+        accessToken,
+        refreshToken,
+        clientId: pending.clientId,
+        connectedAt: Math.floor(Date.now() / 1e3)
+      });
+      await saveElizaConfig(config);
+      logger.info("[vincent/callback] Vincent connected successfully");
+      sendCallbackHtml(
+        res,
+        200,
+        "Vincent connected",
+        "You're signed in. You can close this window and return to the app."
+      );
+    } catch (err) {
+      logger.error(
+        `[vincent/callback] ${err instanceof Error ? err.message : String(err)}`
+      );
+      sendCallbackHtml(
+        res,
+        500,
+        "Vincent login failed",
+        "An unexpected error occurred completing the Vincent login. You may close this window and try again."
+      );
+    }
+    return true;
+  }
+  if (method === "GET" && pathname === "/api/vincent/status") {
+    const vincent = getVincentTokens(state.config);
+    const payload = {
+      connected: Boolean(vincent?.accessToken),
+      connectedAt: vincent?.connectedAt ?? null,
+      tradingVenues: VINCENT_TRADING_VENUES
+    };
+    sendJson(res, 200, payload);
+    return true;
+  }
+  if (method === "POST" && pathname === "/api/vincent/disconnect") {
+    try {
+      const config = state.config;
+      setVincentTokens(config, void 0);
+      await saveElizaConfig(config);
+      logger.info("[vincent/disconnect] Vincent disconnected");
+      sendJson(res, 200, { ok: true });
+    } catch (err) {
+      logger.error(
+        `[vincent/disconnect] ${err instanceof Error ? err.message : String(err)}`
+      );
+      sendJsonError(res, 500, "Vincent disconnect failed");
+    }
+    return true;
+  }
+  if (method === "GET" && pathname === "/api/vincent/trading-profile") {
+    const vincent = getVincentTokens(state.config);
+    if (!vincent?.accessToken) {
+      sendJson(res, 200, { connected: false, profile: null });
+      return true;
+    }
+    const payload = {
+      connected: true,
+      profile: null
+    };
+    sendJson(res, 200, payload);
+    return true;
+  }
+  if (method === "GET" && pathname === "/api/vincent/strategy") {
+    const vincent = getVincentTokens(state.config);
+    if (!vincent?.accessToken) {
+      sendJson(res, 200, { connected: false, strategy: null });
+      return true;
+    }
+    const tradingConfig = getVincentTradingConfig(state.config);
+    if (!tradingConfig) {
+      sendJson(res, 200, { connected: true, strategy: null });
+      return true;
+    }
+    const payload = {
+      connected: true,
+      strategy: {
+        name: tradingConfig?.strategy ?? "manual",
+        venues: VINCENT_TRADING_VENUES,
+        params: tradingConfig?.params ?? {},
+        intervalSeconds: tradingConfig?.intervalSeconds ?? 60,
+        dryRun: tradingConfig?.dryRun ?? false,
+        running: false
+      }
+    };
+    sendJson(res, 200, payload);
+    return true;
+  }
+  if (method === "POST" && pathname === "/api/vincent/strategy") {
+    try {
+      const vincent = getVincentTokens(state.config);
+      if (!vincent?.accessToken) {
+        sendJsonError(res, 401, "Vincent not connected");
+        return true;
+      }
+      const body = await readBody(req);
+      const parsed = parseJsonRecord(body);
+      const updates = {
+        strategy: readVincentStrategyName(parsed?.strategy) ?? void 0,
+        params: isPlainRecord(parsed?.params) ? parsed.params : void 0,
+        intervalSeconds: typeof parsed?.intervalSeconds === "number" ? parsed.intervalSeconds : void 0,
+        dryRun: typeof parsed?.dryRun === "boolean" ? parsed.dryRun : void 0
+      };
+      const config = getVincentTradingConfig(state.config);
+      const nextTrading = {
+        ...config ?? {},
+        ...updates.strategy !== void 0 && { strategy: updates.strategy },
+        ...updates.params !== void 0 && { params: updates.params },
+        ...updates.intervalSeconds !== void 0 && {
+          intervalSeconds: updates.intervalSeconds
+        },
+        ...updates.dryRun !== void 0 && { dryRun: updates.dryRun }
+      };
+      setVincentTradingConfig(state.config, nextTrading);
+      await saveElizaConfig(state.config);
+      const payload = {
+        ok: true,
+        strategy: {
+          name: nextTrading.strategy ?? "manual",
+          venues: VINCENT_TRADING_VENUES,
+          params: nextTrading.params ?? {},
+          intervalSeconds: nextTrading.intervalSeconds ?? 60,
+          dryRun: nextTrading.dryRun ?? false,
+          running: false
+        }
+      };
+      sendJson(res, 200, payload);
+    } catch (err) {
+      logger.error(
+        `[vincent/strategy] ${err instanceof Error ? err.message : String(err)}`
+      );
+      sendJsonError(res, 500, "Strategy update failed");
+    }
+    return true;
+  }
+  return false;
+}
+function readBody(req) {
+  return new Promise((resolve, reject) => {
+    const chunks = [];
+    req.on("data", (chunk) => chunks.push(chunk));
+    req.on("end", () => resolve(Buffer.concat(chunks).toString()));
+    req.on("error", reject);
+  });
+}
+function escapeHtml(input) {
+  return input.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&#39;");
+}
+function sendCallbackHtml(res, status, title, message) {
+  if (res.headersSent) return;
+  const safeTitle = escapeHtml(title);
+  const safeMessage = escapeHtml(message);
+  const html = `<!doctype html>
+<html lang="en">
+<head>
+<meta charset="utf-8" />
+<meta name="viewport" content="width=device-width,initial-scale=1" />
+<title>${safeTitle} \xB7 Eliza</title>
+<style>
+  :root { color-scheme: light dark; }
+  html, body { height: 100%; margin: 0; }
+  body {
+    font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
+    display: flex; align-items: center; justify-content: center;
+    background: #0b0b0f; color: #f4f4f5;
+  }
+  .card {
+    max-width: 420px; padding: 32px 36px; border-radius: 16px;
+    background: #17171c; border: 1px solid #2a2a33;
+    box-shadow: 0 20px 60px rgba(0,0,0,0.4);
+    text-align: center;
+  }
+  h1 { margin: 0 0 12px; font-size: 20px; font-weight: 600; }
+  p  { margin: 0; font-size: 14px; line-height: 1.5; color: #b4b4bd; }
+</style>
+</head>
+<body>
+  <main class="card">
+    <h1>${safeTitle}</h1>
+    <p>${safeMessage}</p>
+  </main>
+  <script>setTimeout(() => { try { window.close(); } catch (_) {} }, 1500);</script>
+</body>
+</html>`;
+  res.statusCode = status;
+  res.setHeader("content-type", "text/html; charset=utf-8");
+  res.end(html);
+}
+export {
+  handleVincentRoute
+};
+//# sourceMappingURL=routes.js.map

package/dist/routes.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/routes.ts"],"sourcesContent":["/**\n * Vincent OAuth backend routes for Hyperliquid and Polymarket access.\n *\n * POST /api/vincent/start-login — Begin OAuth: register app, generate PKCE, return authUrl\n * GET /callback/vincent — OAuth redirect target: exchange code, persist tokens\n * GET /api/vincent/status — Check if Vincent is connected\n * POST /api/vincent/disconnect — Clear stored Vincent tokens\n *\n * The start-login + /callback/vincent pair keeps the PKCE code_verifier on the\n * server so the OAuth redirect can land in the user's external system browser\n * (where sessionStorage is not shared with the desktop webview) and still\n * complete the token exchange.\n */\n\nimport crypto from \"node:crypto\";\nimport type http from \"node:http\";\nimport { saveElizaConfig } from \"@elizaos/agent/config/config\";\nimport { sendJson, sendJsonError } from \"@elizaos/app-core/api/response\";\nimport { logger } from \"@elizaos/core\";\nimport type { ElizaConfig } from \"@elizaos/shared\";\nimport type {\n VincentStartLoginResponse,\n VincentStatusResponse,\n VincentStrategyName,\n VincentStrategyResponse,\n VincentStrategyUpdateRequest,\n VincentStrategyUpdateResponse,\n VincentTradingProfileResponse,\n} from \"./vincent-contracts.js\";\nimport { VINCENT_TRADING_VENUES } from \"./vincent-contracts.js\";\n\nconst VINCENT_API_BASE = \"https://heyvincent.ai\";\n\n/** Maximum time a pending PKCE login can sit before it is evicted. */\nconst PENDING_LOGIN_TTL_MS = 10 * 60 * 1000; // 10 minutes\n\ninterface PendingLogin {\n clientId: string;\n codeVerifier: string;\n /**\n * Must be echoed back to the Vincent token endpoint verbatim. RFC 6749\n * §4.1.3 requires redirect_uri in the token exchange to exactly match the\n * one in the authorize request when it was present there — Vincent enforces\n * this and rejects with \"invalid_request: expected string, received\n * undefined\" if the field is missing.\n */\n redirectUri: string;\n createdAt: number;\n}\n\n/**\n * In-memory store for in-flight OAuth logins, keyed by OAuth `state` param.\n * Process-local on purpose — Vincent tokens only matter for this runtime.\n */\nconst pendingLogins = new Map<string, PendingLogin>();\n\nfunction sweepExpiredLogins(): void {\n const cutoff = Date.now() - PENDING_LOGIN_TTL_MS;\n for (const [state, entry] of pendingLogins) {\n if (entry.createdAt < cutoff) pendingLogins.delete(state);\n }\n}\n\nfunction base64UrlEncode(buf: Buffer): string {\n return buf\n .toString(\"base64\")\n .replace(/\\+/g, \"-\")\n .replace(/\\//g, \"_\")\n .replace(/=+$/, \"\");\n}\n\nfunction generateCodeVerifier(): string {\n return base64UrlEncode(crypto.randomBytes(32));\n}\n\nfunction generateCodeChallenge(verifier: string): string {\n return base64UrlEncode(crypto.createHash(\"sha256\").update(verifier).digest());\n}\n\nfunction resolveServerOrigin(req: http.IncomingMessage): string | null {\n const host = req.headers.host;\n if (!host) return null;\n // All Vincent login traffic is loopback — http is fine and matches the\n // redirect_uri the external browser will actually hit.\n return `http://${host}`;\n}\n\ninterface VincentTokens {\n accessToken: string;\n refreshToken: string | null;\n clientId: string;\n connectedAt: number;\n}\n\ninterface VincentConfigState {\n vincent?: VincentTokens;\n trading?: {\n strategy?: VincentStrategyName;\n params?: Record<string, unknown>;\n intervalSeconds?: number;\n dryRun?: boolean;\n };\n}\n\nfunction isVincentTradingConfig(\n value: unknown,\n): value is NonNullable<VincentConfigState[\"trading\"]> {\n return (\n isPlainRecord(value) &&\n (value.strategy === undefined ||\n readVincentStrategyName(value.strategy) !== null) &&\n (value.params === undefined || isPlainRecord(value.params)) &&\n (value.intervalSeconds === undefined ||\n typeof value.intervalSeconds === \"number\") &&\n (value.dryRun === undefined || typeof value.dryRun === \"boolean\")\n );\n}\n\nfunction isPlainRecord(value: unknown): value is Record<string, unknown> {\n return typeof value === \"object\" && value !== null && !Array.isArray(value);\n}\n\nfunction parseJsonRecord(body: string): Record<string, unknown> | null {\n try {\n const parsed: unknown = JSON.parse(body);\n return isPlainRecord(parsed) ? parsed : null;\n } catch {\n return null;\n }\n}\n\nfunction readStringField(\n value: Record<string, unknown> | null,\n key: string,\n): string | null {\n const field = value?.[key];\n return typeof field === \"string\" && field.trim() ? field.trim() : null;\n}\n\nfunction readVincentStrategyName(value: unknown): VincentStrategyName | null {\n return value === \"dca\" ||\n value === \"rebalance\" ||\n value === \"threshold\" ||\n value === \"manual\"\n ? value\n : null;\n}\n\nfunction getVincentTokens(config: ElizaConfig): VincentTokens | undefined {\n const vincent: unknown = Reflect.get(config, \"vincent\");\n return isPlainRecord(vincent) &&\n typeof vincent.accessToken === \"string\" &&\n typeof vincent.clientId === \"string\" &&\n typeof vincent.connectedAt === \"number\"\n ? {\n accessToken: vincent.accessToken,\n refreshToken:\n typeof vincent.refreshToken === \"string\"\n ? vincent.refreshToken\n : null,\n clientId: vincent.clientId,\n connectedAt: vincent.connectedAt,\n }\n : undefined;\n}\n\nfunction setVincentTokens(\n config: ElizaConfig,\n tokens: VincentTokens | undefined,\n): void {\n Reflect.set(config, \"vincent\", tokens);\n}\n\nfunction getVincentTradingConfig(\n config: ElizaConfig,\n): VincentConfigState[\"trading\"] | undefined {\n const trading: unknown = Reflect.get(config, \"trading\");\n return isVincentTradingConfig(trading) ? trading : undefined;\n}\n\nfunction setVincentTradingConfig(\n config: ElizaConfig,\n trading: VincentConfigState[\"trading\"],\n): void {\n Reflect.set(config, \"trading\", trading);\n}\n\nexport interface VincentRouteState {\n config: ElizaConfig;\n}\n\n/**\n * Handle all /api/vincent/* routes.\n * Returns true if the route was handled, false otherwise.\n */\nexport async function handleVincentRoute(\n req: http.IncomingMessage,\n res: http.ServerResponse,\n pathname: string,\n method: string,\n state: VincentRouteState,\n): Promise<boolean> {\n // ── POST /api/vincent/start-login ───────────────────────────────\n // Server-side PKCE: register with Vincent, generate verifier/challenge,\n // store the verifier keyed by a fresh `state` param, and return the\n // authorization URL. The browser visits this URL, authenticates, and is\n // redirected back to GET /callback/vincent on this same origin.\n if (method === \"POST\" && pathname === \"/api/vincent/start-login\") {\n try {\n sweepExpiredLogins();\n\n const origin = resolveServerOrigin(req);\n if (!origin) {\n sendJsonError(res, 400, \"Missing Host header\");\n return true;\n }\n const redirectUri = `${origin}/callback/vincent`;\n\n const body = await readBody(req).catch(() => \"\");\n const parsed = body ? parseJsonRecord(body) : null;\n const appName = readStringField(parsed, \"appName\") ?? \"Eliza\";\n\n const registerRes = await fetch(\n `${VINCENT_API_BASE}/api/oauth/public/register`,\n {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/json\" },\n body: JSON.stringify({\n client_name: appName,\n redirect_uris: [redirectUri],\n }),\n },\n );\n if (!registerRes.ok) {\n const text = await registerRes.text().catch(() => \"\");\n sendJsonError(\n res,\n registerRes.status,\n `Vincent register failed: ${text}`,\n );\n return true;\n }\n const registerJson = parseJsonRecord(\n await registerRes.text().catch(() => \"\"),\n );\n const clientId = readStringField(registerJson, \"client_id\");\n if (!clientId) {\n sendJsonError(res, 502, \"Vincent register returned an invalid payload\");\n return true;\n }\n\n const codeVerifier = generateCodeVerifier();\n const codeChallenge = generateCodeChallenge(codeVerifier);\n const stateParam = crypto.randomUUID();\n\n pendingLogins.set(stateParam, {\n clientId,\n codeVerifier,\n redirectUri,\n createdAt: Date.now(),\n });\n\n const params = new URLSearchParams({\n client_id: clientId,\n response_type: \"code\",\n redirect_uri: redirectUri,\n scope: \"all\",\n resource: VINCENT_API_BASE,\n code_challenge: codeChallenge,\n code_challenge_method: \"S256\",\n state: stateParam,\n });\n const authUrl = `${VINCENT_API_BASE}/api/oauth/public/authorize?${params.toString()}`;\n const payload: VincentStartLoginResponse = {\n authUrl,\n state: stateParam,\n redirectUri,\n };\n\n sendJson(res, 200, payload);\n } catch (err) {\n logger.error(\n `[vincent/start-login] ${err instanceof Error ? err.message : String(err)}`,\n );\n sendJsonError(res, 500, \"Vincent start-login failed\");\n }\n return true;\n }\n\n // ── GET /callback/vincent ───────────────────────────────────────\n // OAuth redirect target for the Vincent authorization flow. Loads in the\n // user's external browser (not the desktop webview), so it returns a small\n // HTML page that tells the user to close the tab — the desktop app is\n // polling /api/vincent/status and will flip to connected on its own.\n if (method === \"GET\" && pathname === \"/callback/vincent\") {\n try {\n sweepExpiredLogins();\n\n const url = new URL(req.url ?? \"/callback/vincent\", \"http://localhost\");\n const code = url.searchParams.get(\"code\");\n const stateParam = url.searchParams.get(\"state\");\n const oauthError = url.searchParams.get(\"error\");\n\n if (oauthError) {\n // `sendCallbackHtml` escapes `message` wholesale — don't escape the\n // `error` param here or it ends up double-encoded (&lt; instead\n // of <).\n sendCallbackHtml(\n res,\n 400,\n \"Vincent login failed\",\n `Vincent returned an error: ${oauthError}. You may close this window.`,\n );\n return true;\n }\n if (!code) {\n sendCallbackHtml(\n res,\n 400,\n \"Vincent login failed\",\n \"The Vincent redirect did not include an authorization code. You may close this window.\",\n );\n return true;\n }\n\n // Require a state param that matches a pending login exactly. This\n // prevents any local process that can reach loopback from completing a\n // login flow it did not initiate — only start-login can seed an entry\n // in pendingLogins, and only the state value we returned from it can\n // unlock the associated code_verifier. (PKCE already prevents cross-\n // session token theft via Vincent's challenge/verifier check, but\n // rejecting unknown state is the cheaper, clearer gate.)\n if (!stateParam) {\n sendCallbackHtml(\n res,\n 400,\n \"Vincent login failed\",\n \"The Vincent redirect did not include a state parameter. Please return to the app and try again.\",\n );\n return true;\n }\n const pending = pendingLogins.get(stateParam);\n if (!pending) {\n sendCallbackHtml(\n res,\n 400,\n \"Vincent login expired\",\n \"No pending login was found for this callback. Please return to the app and try again.\",\n );\n return true;\n }\n pendingLogins.delete(stateParam);\n\n const tokenRes = await fetch(\n `${VINCENT_API_BASE}/api/oauth/public/token`,\n {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/json\" },\n body: JSON.stringify({\n grant_type: \"authorization_code\",\n code,\n client_id: pending.clientId,\n code_verifier: pending.codeVerifier,\n // RFC 6749 §4.1.3: redirect_uri MUST match the one used in the\n // authorize request. Vincent rejects the exchange with\n // \"invalid_request: expected string, received undefined\" without\n // this field.\n redirect_uri: pending.redirectUri,\n }),\n },\n );\n if (!tokenRes.ok) {\n const text = await tokenRes.text().catch(() => \"\");\n logger.error(\n `[vincent/callback] token exchange failed: ${tokenRes.status} ${text}`,\n );\n sendCallbackHtml(\n res,\n 502,\n \"Vincent login failed\",\n \"Token exchange with Vincent failed. Please return to the app and try again.\",\n );\n return true;\n }\n\n const tokenJson = parseJsonRecord(await tokenRes.text().catch(() => \"\"));\n const accessToken = readStringField(tokenJson, \"access_token\");\n if (!accessToken) {\n logger.error(\n \"[vincent/callback] token response was missing access_token\",\n );\n sendCallbackHtml(\n res,\n 502,\n \"Vincent login failed\",\n \"Token exchange with Vincent returned an invalid payload. Please return to the app and try again.\",\n );\n return true;\n }\n const refreshToken = readStringField(tokenJson, \"refresh_token\");\n\n const config = state.config;\n setVincentTokens(config, {\n accessToken,\n refreshToken,\n clientId: pending.clientId,\n connectedAt: Math.floor(Date.now() / 1000),\n });\n await saveElizaConfig(config);\n\n logger.info(\"[vincent/callback] Vincent connected successfully\");\n sendCallbackHtml(\n res,\n 200,\n \"Vincent connected\",\n \"You're signed in. You can close this window and return to the app.\",\n );\n } catch (err) {\n logger.error(\n `[vincent/callback] ${err instanceof Error ? err.message : String(err)}`,\n );\n sendCallbackHtml(\n res,\n 500,\n \"Vincent login failed\",\n \"An unexpected error occurred completing the Vincent login. You may close this window and try again.\",\n );\n }\n return true;\n }\n\n // ── GET /api/vincent/status ─────────────────────────────────────\n if (method === \"GET\" && pathname === \"/api/vincent/status\") {\n const vincent = getVincentTokens(state.config);\n const payload: VincentStatusResponse = {\n connected: Boolean(vincent?.accessToken),\n connectedAt: vincent?.connectedAt ?? null,\n tradingVenues: VINCENT_TRADING_VENUES,\n };\n sendJson(res, 200, payload);\n return true;\n }\n\n // ── POST /api/vincent/disconnect ────────────────────────────────\n if (method === \"POST\" && pathname === \"/api/vincent/disconnect\") {\n try {\n const config = state.config;\n setVincentTokens(config, undefined);\n await saveElizaConfig(config);\n logger.info(\"[vincent/disconnect] Vincent disconnected\");\n sendJson(res, 200, { ok: true });\n } catch (err) {\n logger.error(\n `[vincent/disconnect] ${err instanceof Error ? err.message : String(err)}`,\n );\n sendJsonError(res, 500, \"Vincent disconnect failed\");\n }\n return true;\n }\n\n // ── GET /api/vincent/trading-profile ───────────────────────────\n if (method === \"GET\" && pathname === \"/api/vincent/trading-profile\") {\n const vincent = getVincentTokens(state.config);\n if (!vincent?.accessToken) {\n sendJson(res, 200, { connected: false, profile: null });\n return true;\n }\n const payload: VincentTradingProfileResponse = {\n connected: true,\n profile: null,\n };\n sendJson(res, 200, payload);\n return true;\n }\n\n // ── GET /api/vincent/strategy ──────────────────────────────────\n // Current trading strategy configuration.\n if (method === \"GET\" && pathname === \"/api/vincent/strategy\") {\n const vincent = getVincentTokens(state.config);\n if (!vincent?.accessToken) {\n sendJson(res, 200, { connected: false, strategy: null });\n return true;\n }\n const tradingConfig = getVincentTradingConfig(state.config);\n if (!tradingConfig) {\n sendJson(res, 200, { connected: true, strategy: null });\n return true;\n }\n const payload: VincentStrategyResponse = {\n connected: true,\n strategy: {\n name: tradingConfig?.strategy ?? \"manual\",\n venues: VINCENT_TRADING_VENUES,\n params: tradingConfig?.params ?? {},\n intervalSeconds: tradingConfig?.intervalSeconds ?? 60,\n dryRun: tradingConfig?.dryRun ?? false,\n running: false,\n },\n };\n sendJson(res, 200, payload);\n return true;\n }\n\n // ── POST /api/vincent/strategy ─────────────────────────────────\n // Update trading strategy configuration.\n if (method === \"POST\" && pathname === \"/api/vincent/strategy\") {\n try {\n const vincent = getVincentTokens(state.config);\n if (!vincent?.accessToken) {\n sendJsonError(res, 401, \"Vincent not connected\");\n return true;\n }\n const body = await readBody(req);\n const parsed = parseJsonRecord(body);\n const updates: VincentStrategyUpdateRequest = {\n strategy: readVincentStrategyName(parsed?.strategy) ?? undefined,\n params: isPlainRecord(parsed?.params) ? parsed.params : undefined,\n intervalSeconds:\n typeof parsed?.intervalSeconds === \"number\"\n ? parsed.intervalSeconds\n : undefined,\n dryRun: typeof parsed?.dryRun === \"boolean\" ? parsed.dryRun : undefined,\n };\n const config = getVincentTradingConfig(state.config);\n const nextTrading = {\n ...(config ?? {}),\n ...(updates.strategy !== undefined && { strategy: updates.strategy }),\n ...(updates.params !== undefined && { params: updates.params }),\n ...(updates.intervalSeconds !== undefined && {\n intervalSeconds: updates.intervalSeconds,\n }),\n ...(updates.dryRun !== undefined && { dryRun: updates.dryRun }),\n };\n setVincentTradingConfig(state.config, nextTrading);\n await saveElizaConfig(state.config);\n const payload: VincentStrategyUpdateResponse = {\n ok: true,\n strategy: {\n name: nextTrading.strategy ?? \"manual\",\n venues: VINCENT_TRADING_VENUES,\n params: nextTrading.params ?? {},\n intervalSeconds: nextTrading.intervalSeconds ?? 60,\n dryRun: nextTrading.dryRun ?? false,\n running: false,\n },\n };\n sendJson(res, 200, payload);\n } catch (err) {\n logger.error(\n `[vincent/strategy] ${err instanceof Error ? err.message : String(err)}`,\n );\n sendJsonError(res, 500, \"Strategy update failed\");\n }\n return true;\n }\n\n return false;\n}\n\n// ── Helpers ───────────────────────────────────────────────────────────\n\nfunction readBody(req: http.IncomingMessage): Promise<string> {\n return new Promise((resolve, reject) => {\n const chunks: Buffer[] = [];\n req.on(\"data\", (chunk: Buffer) => chunks.push(chunk));\n req.on(\"end\", () => resolve(Buffer.concat(chunks).toString()));\n req.on(\"error\", reject);\n });\n}\n\nfunction escapeHtml(input: string): string {\n return input\n .replace(/&/g, \"&\")\n .replace(/</g, \"<\")\n .replace(/>/g, \">\")\n .replace(/\"/g, \""\")\n .replace(/'/g, \"'\");\n}\n\nfunction sendCallbackHtml(\n res: http.ServerResponse,\n status: number,\n title: string,\n message: string,\n): void {\n if (res.headersSent) return;\n const safeTitle = escapeHtml(title);\n const safeMessage = escapeHtml(message);\n const html = `<!doctype html>\n<html lang=\"en\">\n<head>\n<meta charset=\"utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1\" />\n<title>${safeTitle} · Eliza</title>\n<style>\n :root { color-scheme: light dark; }\n html, body { height: 100%; margin: 0; }\n body {\n font-family: -apple-system, BlinkMacSystemFont, \"Segoe UI\", Roboto, sans-serif;\n display: flex; align-items: center; justify-content: center;\n background: #0b0b0f; color: #f4f4f5;\n }\n .card {\n max-width: 420px; padding: 32px 36px; border-radius: 16px;\n background: #17171c; border: 1px solid #2a2a33;\n box-shadow: 0 20px 60px rgba(0,0,0,0.4);\n text-align: center;\n }\n h1 { margin: 0 0 12px; font-size: 20px; font-weight: 600; }\n p { margin: 0; font-size: 14px; line-height: 1.5; color: #b4b4bd; }\n</style>\n</head>\n<body>\n <main class=\"card\">\n <h1>${safeTitle}</h1>\n <p>${safeMessage}</p>\n </main>\n <script>setTimeout(() => { try { window.close(); } catch (_) {} }, 1500);</script>\n</body>\n</html>`;\n res.statusCode = status;\n res.setHeader(\"content-type\", \"text/html; charset=utf-8\");\n res.end(html);\n}\n"],"mappings":"AAcA,OAAO,YAAY;AAEnB,SAAS,uBAAuB;AAChC,SAAS,UAAU,qBAAqB;AACxC,SAAS,cAAc;AAWvB,SAAS,8BAA8B;AAEvC,MAAM,mBAAmB;AAGzB,MAAM,uBAAuB,KAAK,KAAK;AAoBvC,MAAM,gBAAgB,oBAAI,IAA0B;AAEpD,SAAS,qBAA2B;AAClC,QAAM,SAAS,KAAK,IAAI,IAAI;AAC5B,aAAW,CAAC,OAAO,KAAK,KAAK,eAAe;AAC1C,QAAI,MAAM,YAAY,OAAQ,eAAc,OAAO,KAAK;AAAA,EAC1D;AACF;AAEA,SAAS,gBAAgB,KAAqB;AAC5C,SAAO,IACJ,SAAS,QAAQ,EACjB,QAAQ,OAAO,GAAG,EAClB,QAAQ,OAAO,GAAG,EAClB,QAAQ,OAAO,EAAE;AACtB;AAEA,SAAS,uBAA+B;AACtC,SAAO,gBAAgB,OAAO,YAAY,EAAE,CAAC;AAC/C;AAEA,SAAS,sBAAsB,UAA0B;AACvD,SAAO,gBAAgB,OAAO,WAAW,QAAQ,EAAE,OAAO,QAAQ,EAAE,OAAO,CAAC;AAC9E;AAEA,SAAS,oBAAoB,KAA0C;AACrE,QAAM,OAAO,IAAI,QAAQ;AACzB,MAAI,CAAC,KAAM,QAAO;AAGlB,SAAO,UAAU,IAAI;AACvB;AAmBA,SAAS,uBACP,OACqD;AACrD,SACE,cAAc,KAAK,MAClB,MAAM,aAAa,UAClB,wBAAwB,MAAM,QAAQ,MAAM,UAC7C,MAAM,WAAW,UAAa,cAAc,MAAM,MAAM,OACxD,MAAM,oBAAoB,UACzB,OAAO,MAAM,oBAAoB,cAClC,MAAM,WAAW,UAAa,OAAO,MAAM,WAAW;AAE3D;AAEA,SAAS,cAAc,OAAkD;AACvE,SAAO,OAAO,UAAU,YAAY,UAAU,QAAQ,CAAC,MAAM,QAAQ,KAAK;AAC5E;AAEA,SAAS,gBAAgB,MAA8C;AACrE,MAAI;AACF,UAAM,SAAkB,KAAK,MAAM,IAAI;AACvC,WAAO,cAAc,MAAM,IAAI,SAAS;AAAA,EAC1C,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEA,SAAS,gBACP,OACA,KACe;AACf,QAAM,QAAQ,QAAQ,GAAG;AACzB,SAAO,OAAO,UAAU,YAAY,MAAM,KAAK,IAAI,MAAM,KAAK,IAAI;AACpE;AAEA,SAAS,wBAAwB,OAA4C;AAC3E,SAAO,UAAU,SACf,UAAU,eACV,UAAU,eACV,UAAU,WACR,QACA;AACN;AAEA,SAAS,iBAAiB,QAAgD;AACxE,QAAM,UAAmB,QAAQ,IAAI,QAAQ,SAAS;AACtD,SAAO,cAAc,OAAO,KAC1B,OAAO,QAAQ,gBAAgB,YAC/B,OAAO,QAAQ,aAAa,YAC5B,OAAO,QAAQ,gBAAgB,WAC7B;AAAA,IACE,aAAa,QAAQ;AAAA,IACrB,cACE,OAAO,QAAQ,iBAAiB,WAC5B,QAAQ,eACR;AAAA,IACN,UAAU,QAAQ;AAAA,IAClB,aAAa,QAAQ;AAAA,EACvB,IACA;AACN;AAEA,SAAS,iBACP,QACA,QACM;AACN,UAAQ,IAAI,QAAQ,WAAW,MAAM;AACvC;AAEA,SAAS,wBACP,QAC2C;AAC3C,QAAM,UAAmB,QAAQ,IAAI,QAAQ,SAAS;AACtD,SAAO,uBAAuB,OAAO,IAAI,UAAU;AACrD;AAEA,SAAS,wBACP,QACA,SACM;AACN,UAAQ,IAAI,QAAQ,WAAW,OAAO;AACxC;AAUA,eAAsB,mBACpB,KACA,KACA,UACA,QACA,OACkB;AAMlB,MAAI,WAAW,UAAU,aAAa,4BAA4B;AAChE,QAAI;AACF,yBAAmB;AAEnB,YAAM,SAAS,oBAAoB,GAAG;AACtC,UAAI,CAAC,QAAQ;AACX,sBAAc,KAAK,KAAK,qBAAqB;AAC7C,eAAO;AAAA,MACT;AACA,YAAM,cAAc,GAAG,MAAM;AAE7B,YAAM,OAAO,MAAM,SAAS,GAAG,EAAE,MAAM,MAAM,EAAE;AAC/C,YAAM,SAAS,OAAO,gBAAgB,IAAI,IAAI;AAC9C,YAAM,UAAU,gBAAgB,QAAQ,SAAS,KAAK;AAEtD,YAAM,cAAc,MAAM;AAAA,QACxB,GAAG,gBAAgB;AAAA,QACnB;AAAA,UACE,QAAQ;AAAA,UACR,SAAS,EAAE,gBAAgB,mBAAmB;AAAA,UAC9C,MAAM,KAAK,UAAU;AAAA,YACnB,aAAa;AAAA,YACb,eAAe,CAAC,WAAW;AAAA,UAC7B,CAAC;AAAA,QACH;AAAA,MACF;AACA,UAAI,CAAC,YAAY,IAAI;AACnB,cAAM,OAAO,MAAM,YAAY,KAAK,EAAE,MAAM,MAAM,EAAE;AACpD;AAAA,UACE;AAAA,UACA,YAAY;AAAA,UACZ,4BAA4B,IAAI;AAAA,QAClC;AACA,eAAO;AAAA,MACT;AACA,YAAM,eAAe;AAAA,QACnB,MAAM,YAAY,KAAK,EAAE,MAAM,MAAM,EAAE;AAAA,MACzC;AACA,YAAM,WAAW,gBAAgB,cAAc,WAAW;AAC1D,UAAI,CAAC,UAAU;AACb,sBAAc,KAAK,KAAK,8CAA8C;AACtE,eAAO;AAAA,MACT;AAEA,YAAM,eAAe,qBAAqB;AAC1C,YAAM,gBAAgB,sBAAsB,YAAY;AACxD,YAAM,aAAa,OAAO,WAAW;AAErC,oBAAc,IAAI,YAAY;AAAA,QAC5B;AAAA,QACA;AAAA,QACA;AAAA,QACA,WAAW,KAAK,IAAI;AAAA,MACtB,CAAC;AAED,YAAM,SAAS,IAAI,gBAAgB;AAAA,QACjC,WAAW;AAAA,QACX,eAAe;AAAA,QACf,cAAc;AAAA,QACd,OAAO;AAAA,QACP,UAAU;AAAA,QACV,gBAAgB;AAAA,QAChB,uBAAuB;AAAA,QACvB,OAAO;AAAA,MACT,CAAC;AACD,YAAM,UAAU,GAAG,gBAAgB,+BAA+B,OAAO,SAAS,CAAC;AACnF,YAAM,UAAqC;AAAA,QACzC;AAAA,QACA,OAAO;AAAA,QACP;AAAA,MACF;AAEA,eAAS,KAAK,KAAK,OAAO;AAAA,IAC5B,SAAS,KAAK;AACZ,aAAO;AAAA,QACL,yBAAyB,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG,CAAC;AAAA,MAC3E;AACA,oBAAc,KAAK,KAAK,4BAA4B;AAAA,IACtD;AACA,WAAO;AAAA,EACT;AAOA,MAAI,WAAW,SAAS,aAAa,qBAAqB;AACxD,QAAI;AACF,yBAAmB;AAEnB,YAAM,MAAM,IAAI,IAAI,IAAI,OAAO,qBAAqB,kBAAkB;AACtE,YAAM,OAAO,IAAI,aAAa,IAAI,MAAM;AACxC,YAAM,aAAa,IAAI,aAAa,IAAI,OAAO;AAC/C,YAAM,aAAa,IAAI,aAAa,IAAI,OAAO;AAE/C,UAAI,YAAY;AAId;AAAA,UACE;AAAA,UACA;AAAA,UACA;AAAA,UACA,8BAA8B,UAAU;AAAA,QAC1C;AACA,eAAO;AAAA,MACT;AACA,UAAI,CAAC,MAAM;AACT;AAAA,UACE;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,QACF;AACA,eAAO;AAAA,MACT;AASA,UAAI,CAAC,YAAY;AACf;AAAA,UACE;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,QACF;AACA,eAAO;AAAA,MACT;AACA,YAAM,UAAU,cAAc,IAAI,UAAU;AAC5C,UAAI,CAAC,SAAS;AACZ;AAAA,UACE;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,QACF;AACA,eAAO;AAAA,MACT;AACA,oBAAc,OAAO,UAAU;AAE/B,YAAM,WAAW,MAAM;AAAA,QACrB,GAAG,gBAAgB;AAAA,QACnB;AAAA,UACE,QAAQ;AAAA,UACR,SAAS,EAAE,gBAAgB,mBAAmB;AAAA,UAC9C,MAAM,KAAK,UAAU;AAAA,YACnB,YAAY;AAAA,YACZ;AAAA,YACA,WAAW,QAAQ;AAAA,YACnB,eAAe,QAAQ;AAAA;AAAA;AAAA;AAAA;AAAA,YAKvB,cAAc,QAAQ;AAAA,UACxB,CAAC;AAAA,QACH;AAAA,MACF;AACA,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,OAAO,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,EAAE;AACjD,eAAO;AAAA,UACL,6CAA6C,SAAS,MAAM,IAAI,IAAI;AAAA,QACtE;AACA;AAAA,UACE;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,QACF;AACA,eAAO;AAAA,MACT;AAEA,YAAM,YAAY,gBAAgB,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,EAAE,CAAC;AACvE,YAAM,cAAc,gBAAgB,WAAW,cAAc;AAC7D,UAAI,CAAC,aAAa;AAChB,eAAO;AAAA,UACL;AAAA,QACF;AACA;AAAA,UACE;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,QACF;AACA,eAAO;AAAA,MACT;AACA,YAAM,eAAe,gBAAgB,WAAW,eAAe;AAE/D,YAAM,SAAS,MAAM;AACrB,uBAAiB,QAAQ;AAAA,QACvB;AAAA,QACA;AAAA,QACA,UAAU,QAAQ;AAAA,QAClB,aAAa,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AAAA,MAC3C,CAAC;AACD,YAAM,gBAAgB,MAAM;AAE5B,aAAO,KAAK,mDAAmD;AAC/D;AAAA,QACE;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,IACF,SAAS,KAAK;AACZ,aAAO;AAAA,QACL,sBAAsB,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG,CAAC;AAAA,MACxE;AACA;AAAA,QACE;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAGA,MAAI,WAAW,SAAS,aAAa,uBAAuB;AAC1D,UAAM,UAAU,iBAAiB,MAAM,MAAM;AAC7C,UAAM,UAAiC;AAAA,MACrC,WAAW,QAAQ,SAAS,WAAW;AAAA,MACvC,aAAa,SAAS,eAAe;AAAA,MACrC,eAAe;AAAA,IACjB;AACA,aAAS,KAAK,KAAK,OAAO;AAC1B,WAAO;AAAA,EACT;AAGA,MAAI,WAAW,UAAU,aAAa,2BAA2B;AAC/D,QAAI;AACF,YAAM,SAAS,MAAM;AACrB,uBAAiB,QAAQ,MAAS;AAClC,YAAM,gBAAgB,MAAM;AAC5B,aAAO,KAAK,2CAA2C;AACvD,eAAS,KAAK,KAAK,EAAE,IAAI,KAAK,CAAC;AAAA,IACjC,SAAS,KAAK;AACZ,aAAO;AAAA,QACL,wBAAwB,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG,CAAC;AAAA,MAC1E;AACA,oBAAc,KAAK,KAAK,2BAA2B;AAAA,IACrD;AACA,WAAO;AAAA,EACT;AAGA,MAAI,WAAW,SAAS,aAAa,gCAAgC;AACnE,UAAM,UAAU,iBAAiB,MAAM,MAAM;AAC7C,QAAI,CAAC,SAAS,aAAa;AACzB,eAAS,KAAK,KAAK,EAAE,WAAW,OAAO,SAAS,KAAK,CAAC;AACtD,aAAO;AAAA,IACT;AACA,UAAM,UAAyC;AAAA,MAC7C,WAAW;AAAA,MACX,SAAS;AAAA,IACX;AACA,aAAS,KAAK,KAAK,OAAO;AAC1B,WAAO;AAAA,EACT;AAIA,MAAI,WAAW,SAAS,aAAa,yBAAyB;AAC5D,UAAM,UAAU,iBAAiB,MAAM,MAAM;AAC7C,QAAI,CAAC,SAAS,aAAa;AACzB,eAAS,KAAK,KAAK,EAAE,WAAW,OAAO,UAAU,KAAK,CAAC;AACvD,aAAO;AAAA,IACT;AACA,UAAM,gBAAgB,wBAAwB,MAAM,MAAM;AAC1D,QAAI,CAAC,eAAe;AAClB,eAAS,KAAK,KAAK,EAAE,WAAW,MAAM,UAAU,KAAK,CAAC;AACtD,aAAO;AAAA,IACT;AACA,UAAM,UAAmC;AAAA,MACvC,WAAW;AAAA,MACX,UAAU;AAAA,QACR,MAAM,eAAe,YAAY;AAAA,QACjC,QAAQ;AAAA,QACR,QAAQ,eAAe,UAAU,CAAC;AAAA,QAClC,iBAAiB,eAAe,mBAAmB;AAAA,QACnD,QAAQ,eAAe,UAAU;AAAA,QACjC,SAAS;AAAA,MACX;AAAA,IACF;AACA,aAAS,KAAK,KAAK,OAAO;AAC1B,WAAO;AAAA,EACT;AAIA,MAAI,WAAW,UAAU,aAAa,yBAAyB;AAC7D,QAAI;AACF,YAAM,UAAU,iBAAiB,MAAM,MAAM;AAC7C,UAAI,CAAC,SAAS,aAAa;AACzB,sBAAc,KAAK,KAAK,uBAAuB;AAC/C,eAAO;AAAA,MACT;AACA,YAAM,OAAO,MAAM,SAAS,GAAG;AAC/B,YAAM,SAAS,gBAAgB,IAAI;AACnC,YAAM,UAAwC;AAAA,QAC5C,UAAU,wBAAwB,QAAQ,QAAQ,KAAK;AAAA,QACvD,QAAQ,cAAc,QAAQ,MAAM,IAAI,OAAO,SAAS;AAAA,QACxD,iBACE,OAAO,QAAQ,oBAAoB,WAC/B,OAAO,kBACP;AAAA,QACN,QAAQ,OAAO,QAAQ,WAAW,YAAY,OAAO,SAAS;AAAA,MAChE;AACA,YAAM,SAAS,wBAAwB,MAAM,MAAM;AACnD,YAAM,cAAc;AAAA,QAClB,GAAI,UAAU,CAAC;AAAA,QACf,GAAI,QAAQ,aAAa,UAAa,EAAE,UAAU,QAAQ,SAAS;AAAA,QACnE,GAAI,QAAQ,WAAW,UAAa,EAAE,QAAQ,QAAQ,OAAO;AAAA,QAC7D,GAAI,QAAQ,oBAAoB,UAAa;AAAA,UAC3C,iBAAiB,QAAQ;AAAA,QAC3B;AAAA,QACA,GAAI,QAAQ,WAAW,UAAa,EAAE,QAAQ,QAAQ,OAAO;AAAA,MAC/D;AACA,8BAAwB,MAAM,QAAQ,WAAW;AACjD,YAAM,gBAAgB,MAAM,MAAM;AAClC,YAAM,UAAyC;AAAA,QAC7C,IAAI;AAAA,QACJ,UAAU;AAAA,UACR,MAAM,YAAY,YAAY;AAAA,UAC9B,QAAQ;AAAA,UACR,QAAQ,YAAY,UAAU,CAAC;AAAA,UAC/B,iBAAiB,YAAY,mBAAmB;AAAA,UAChD,QAAQ,YAAY,UAAU;AAAA,UAC9B,SAAS;AAAA,QACX;AAAA,MACF;AACA,eAAS,KAAK,KAAK,OAAO;AAAA,IAC5B,SAAS,KAAK;AACZ,aAAO;AAAA,QACL,sBAAsB,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG,CAAC;AAAA,MACxE;AACA,oBAAc,KAAK,KAAK,wBAAwB;AAAA,IAClD;AACA,WAAO;AAAA,EACT;AAEA,SAAO;AACT;AAIA,SAAS,SAAS,KAA4C;AAC5D,SAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AACtC,UAAM,SAAmB,CAAC;AAC1B,QAAI,GAAG,QAAQ,CAAC,UAAkB,OAAO,KAAK,KAAK,CAAC;AACpD,QAAI,GAAG,OAAO,MAAM,QAAQ,OAAO,OAAO,MAAM,EAAE,SAAS,CAAC,CAAC;AAC7D,QAAI,GAAG,SAAS,MAAM;AAAA,EACxB,CAAC;AACH;AAEA,SAAS,WAAW,OAAuB;AACzC,SAAO,MACJ,QAAQ,MAAM,OAAO,EACrB,QAAQ,MAAM,MAAM,EACpB,QAAQ,MAAM,MAAM,EACpB,QAAQ,MAAM,QAAQ,EACtB,QAAQ,MAAM,OAAO;AAC1B;AAEA,SAAS,iBACP,KACA,QACA,OACA,SACM;AACN,MAAI,IAAI,YAAa;AACrB,QAAM,YAAY,WAAW,KAAK;AAClC,QAAM,cAAc,WAAW,OAAO;AACtC,QAAM,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA,SAKN,SAAS;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,UAqBR,SAAS;AAAA,SACV,WAAW;AAAA;AAAA;AAAA;AAAA;AAKlB,MAAI,aAAa;AACjB,MAAI,UAAU,gBAAgB,0BAA0B;AACxD,MAAI,IAAI,IAAI;AACd;","names":[]}

package/dist/ui.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+export * from "./TradingProfileCard.tsx";
+export * from "./TradingStrategyPanel.tsx";
+export * from "./useVincentDashboard.ts";
+export * from "./useVincentState.ts";
+export * from "./VincentAppView.helpers.ts";
+export * from "./VincentAppView.tsx";
+export * from "./VincentConnectionCard.tsx";
+export { VincentView } from "./VincentView.tsx";
+export { VINCENT_APP_NAME, vincentApp } from "./vincent-app.ts";
+export * from "./WalletStatusCard.tsx";
+//# sourceMappingURL=ui.d.ts.map

package/dist/ui.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"ui.d.ts","sourceRoot":"","sources":["../src/ui.ts"],"names":[],"mappings":"AAAA,cAAc,0BAA0B,CAAC;AACzC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,0BAA0B,CAAC;AACzC,cAAc,sBAAsB,CAAC;AACrC,cAAc,6BAA6B,CAAC;AAC5C,cAAc,sBAAsB,CAAC;AACrC,cAAc,6BAA6B,CAAC;AAC5C,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAChE,cAAc,wBAAwB,CAAC"}

package/dist/ui.js ADDED Viewed

@@ -0,0 +1,16 @@
+export * from "./TradingProfileCard.js";
+export * from "./TradingStrategyPanel.js";
+export * from "./useVincentDashboard.js";
+export * from "./useVincentState.js";
+export * from "./VincentAppView.helpers.js";
+export * from "./VincentAppView.js";
+export * from "./VincentConnectionCard.js";
+import { VincentView } from "./VincentView.js";
+import { VINCENT_APP_NAME, vincentApp } from "./vincent-app.js";
+export * from "./WalletStatusCard.js";
+export {
+  VINCENT_APP_NAME,
+  VincentView,
+  vincentApp
+};
+//# sourceMappingURL=ui.js.map

package/dist/ui.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/ui.ts"],"sourcesContent":["export * from \"./TradingProfileCard.js\";\nexport * from \"./TradingStrategyPanel.js\";\nexport * from \"./useVincentDashboard.js\";\nexport * from \"./useVincentState.js\";\nexport * from \"./VincentAppView.helpers.js\";\nexport * from \"./VincentAppView.js\";\nexport * from \"./VincentConnectionCard.js\";\nexport { VincentView } from \"./VincentView.js\";\nexport { VINCENT_APP_NAME, vincentApp } from \"./vincent-app.js\";\nexport * from \"./WalletStatusCard.js\";\n"],"mappings":"AAAA,cAAc;AACd,cAAc;AACd,cAAc;AACd,cAAc;AACd,cAAc;AACd,cAAc;AACd,cAAc;AACd,SAAS,mBAAmB;AAC5B,SAAS,kBAAkB,kBAAkB;AAC7C,cAAc;","names":[]}

package/dist/useVincentDashboard.d.ts ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * useVincentDashboard — aggregated data hook for the Vincent overlay app.
+ *
+ * Polls Vincent-specific endpoints every 15 s when connected, and fetches
+ * the agent wallet addresses and balances for dashboard context.
+ */
+import type { WalletAddresses, WalletBalancesResponse } from "@elizaos/shared";
+import type { VincentStrategy, VincentTradingProfile } from "./vincent-contracts";
+export interface VincentDashboardState {
+    vincentConnected: boolean;
+    vincentConnectedAt: number | null;
+    walletAddresses: WalletAddresses | null;
+    walletBalances: WalletBalancesResponse | null;
+    strategy: VincentStrategy | null;
+    tradingProfile: VincentTradingProfile | null;
+    loading: boolean;
+    error: string | null;
+    refresh: () => void;
+}
+export declare function useVincentDashboard(): VincentDashboardState;
+//# sourceMappingURL=useVincentDashboard.d.ts.map

package/dist/useVincentDashboard.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"useVincentDashboard.d.ts","sourceRoot":"","sources":["../src/useVincentDashboard.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,sBAAsB,EAAE,MAAM,iBAAiB,CAAC;AAI/E,OAAO,KAAK,EACV,eAAe,EACf,qBAAqB,EACtB,MAAM,qBAAqB,CAAC;AAE7B,MAAM,WAAW,qBAAqB;IACpC,gBAAgB,EAAE,OAAO,CAAC;IAC1B,kBAAkB,EAAE,MAAM,GAAG,IAAI,CAAC;IAElC,eAAe,EAAE,eAAe,GAAG,IAAI,CAAC;IACxC,cAAc,EAAE,sBAAsB,GAAG,IAAI,CAAC;IAE9C,QAAQ,EAAE,eAAe,GAAG,IAAI,CAAC;IAEjC,cAAc,EAAE,qBAAqB,GAAG,IAAI,CAAC;IAE7C,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IAErB,OAAO,EAAE,MAAM,IAAI,CAAC;CACrB;AAID,wBAAgB,mBAAmB,IAAI,qBAAqB,CAqH3D"}

package/dist/useVincentDashboard.js ADDED Viewed

@@ -0,0 +1,105 @@
+import { ApiError } from "@elizaos/ui";
+import { useCallback, useEffect, useRef, useState } from "react";
+import { vincentClient } from "./client.js";
+const POLL_INTERVAL_MS = 15e3;
+function useVincentDashboard() {
+  const [vincentConnected, setVincentConnected] = useState(false);
+  const [vincentConnectedAt, setVincentConnectedAt] = useState(
+    null
+  );
+  const [walletAddresses, setWalletAddresses] = useState(null);
+  const [walletBalances, setWalletBalances] = useState(null);
+  const [strategy, setStrategy] = useState(null);
+  const [tradingProfile, setTradingProfile] = useState(null);
+  const [loading, setLoading] = useState(true);
+  const [error, setError] = useState(null);
+  const intervalRef = useRef(null);
+  const mountedRef = useRef(true);
+  const fetchAll = useCallback(async () => {
+    try {
+      const vincentStatusResult = await vincentClient.vincentStatus();
+      if (!mountedRef.current) return;
+      setVincentConnected(vincentStatusResult.connected);
+      setVincentConnectedAt(vincentStatusResult.connectedAt);
+      const [
+        addressResult,
+        balanceResult,
+        strategyResult,
+        tradingProfileResult
+      ] = await Promise.allSettled([
+        vincentClient.getWalletAddresses(),
+        vincentClient.getWalletBalances(),
+        vincentClient.vincentStrategy(),
+        vincentClient.vincentTradingProfile()
+      ]);
+      if (!mountedRef.current) return;
+      if (addressResult.status === "fulfilled") {
+        setWalletAddresses(addressResult.value);
+      }
+      if (balanceResult.status === "fulfilled") {
+        setWalletBalances(balanceResult.value);
+      }
+      if (strategyResult.status === "fulfilled") {
+        setStrategy(strategyResult.value.strategy);
+      }
+      if (tradingProfileResult.status === "fulfilled") {
+        setTradingProfile(tradingProfileResult.value.profile);
+      }
+      setError(null);
+    } catch (err) {
+      if (!mountedRef.current) return;
+      if (err instanceof ApiError && err.status === 404) {
+        setVincentConnected(false);
+        setError(null);
+        return;
+      }
+      setError(err instanceof Error ? err.message : "Failed to load data");
+    } finally {
+      if (mountedRef.current) setLoading(false);
+    }
+  }, []);
+  useEffect(() => {
+    mountedRef.current = true;
+    void fetchAll();
+    return () => {
+      mountedRef.current = false;
+    };
+  }, [fetchAll]);
+  useEffect(() => {
+    if (intervalRef.current) {
+      clearInterval(intervalRef.current);
+      intervalRef.current = null;
+    }
+    if (vincentConnected) {
+      intervalRef.current = setInterval(
+        () => void fetchAll(),
+        POLL_INTERVAL_MS
+      );
+    }
+    return () => {
+      if (intervalRef.current) {
+        clearInterval(intervalRef.current);
+        intervalRef.current = null;
+      }
+    };
+  }, [vincentConnected, fetchAll]);
+  const refresh = useCallback(() => {
+    setLoading(true);
+    void fetchAll();
+  }, [fetchAll]);
+  return {
+    vincentConnected,
+    vincentConnectedAt,
+    walletAddresses,
+    walletBalances,
+    strategy,
+    tradingProfile,
+    loading,
+    error,
+    refresh
+  };
+}
+export {
+  useVincentDashboard
+};
+//# sourceMappingURL=useVincentDashboard.js.map