@exagent/agent 0.1.20 → 0.1.22

package/dist/cli.js

@@ -31,105 +31,641 @@ var fs2 = __toESM(require("fs"));
 var path2 = __toESM(require("path"));
 
 // src/runtime.ts
-var import_sdk2 = require("@exagent/sdk");
+var import_sdk = require("@exagent/sdk");
 var import_viem6 = require("viem");
 var import_chains4 = require("viem/chains");
 var import_accounts5 = require("viem/accounts");
 
-// src/llm/openai.ts
-var import_openai = __toESM(require("openai"));
-
-// src/llm/base.ts
-var BaseLLMAdapter = class {
-  config;
-  constructor(config) {
-    this.config = config;
+// src/trading/market.ts
+var import_viem = require("viem");
+var NATIVE_ETH = "0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE";
+var TOKEN_DECIMALS = {
+  // Base Mainnet — Core tokens
+  "0x833589fcd6edb6e08f4c7c32d4f71b54bda02913": 6,
+  // USDC
+  "0xd9aaec86b65d86f6a7b5b1b0c42ffa531710b6ca": 6,
+  // USDbC
+  "0x4200000000000000000000000000000000000006": 18,
+  // WETH
+  "0x50c5725949a6f0c72e6c4a641f24049a917db0cb": 18,
+  // DAI
+  "0x2ae3f1ec7f1f5012cfeab0185bfc7aa3cf0dec22": 18,
+  // cbETH
+  [NATIVE_ETH.toLowerCase()]: 18,
+  // Native ETH
+  // Base Mainnet — Established tokens
+  "0x940181a94a35a4569e4529a3cdfb74e38fd98631": 18,
+  // AERO (Aerodrome)
+  "0x532f27101965dd16442e59d40670faf5ebb142e4": 18,
+  // BRETT
+  "0x4ed4e862860bed51a9570b96d89af5e1b0efefed": 18,
+  // DEGEN
+  "0x0b3e328455c4059eeb9e3f84b5543f74e24e7e1b": 18,
+  // VIRTUAL
+  "0xac1bd2486aaf3b5c0fc3fd868558b082a531b2b4": 18,
+  // TOSHI
+  "0xcbb7c0000ab88b473b1f5afd9ef808440eed33bf": 8,
+  // cbBTC
+  "0x2416092f143378750bb29b79ed961ab195cceea5": 18,
+  // ezETH (Renzo)
+  "0xc1cba3fcea344f92d9239c08c0568f6f2f0ee452": 18
+  // wstETH (Lido)
+};
+function getTokenDecimals(address) {
+  const decimals = TOKEN_DECIMALS[address.toLowerCase()];
+  if (decimals === void 0) {
+    console.warn(`Unknown token decimals for ${address}, defaulting to 18. THIS MAY BE WRONG.`);
+    return 18;
   }
-  getMetadata() {
+  return decimals;
+}
+var TOKEN_TO_COINGECKO = {
+  // Core
+  "0x4200000000000000000000000000000000000006": "ethereum",
+  // WETH
+  [NATIVE_ETH.toLowerCase()]: "ethereum",
+  "0x833589fcd6edb6e08f4c7c32d4f71b54bda02913": "usd-coin",
+  // USDC
+  "0xd9aaec86b65d86f6a7b5b1b0c42ffa531710b6ca": "usd-coin",
+  // USDbC
+  "0x2ae3f1ec7f1f5012cfeab0185bfc7aa3cf0dec22": "coinbase-wrapped-staked-eth",
+  // cbETH
+  "0x50c5725949a6f0c72e6c4a641f24049a917db0cb": "dai",
+  // DAI
+  // Established
+  "0x940181a94a35a4569e4529a3cdfb74e38fd98631": "aerodrome-finance",
+  // AERO
+  "0x532f27101965dd16442e59d40670faf5ebb142e4": "brett",
+  // BRETT
+  "0x4ed4e862860bed51a9570b96d89af5e1b0efefed": "degen-base",
+  // DEGEN
+  "0x0b3e328455c4059eeb9e3f84b5543f74e24e7e1b": "virtual-protocol",
+  // VIRTUAL
+  "0xac1bd2486aaf3b5c0fc3fd868558b082a531b2b4": "toshi",
+  // TOSHI
+  "0xcbb7c0000ab88b473b1f5afd9ef808440eed33bf": "coinbase-wrapped-btc",
+  // cbBTC
+  "0x2416092f143378750bb29b79ed961ab195cceea5": "renzo-restaked-eth",
+  // ezETH
+  "0xc1cba3fcea344f92d9239c08c0568f6f2f0ee452": "wrapped-steth"
+  // wstETH
+};
+var STABLECOIN_IDS = /* @__PURE__ */ new Set(["usd-coin", "dai"]);
+var PRICE_STALENESS_MS = 6e4;
+var MarketDataService = class {
+  rpcUrl;
+  client;
+  /** Cached prices from last fetch */
+  cachedPrices = {};
+  /** Timestamp of last successful price fetch */
+  lastPriceFetchAt = 0;
+  constructor(rpcUrl) {
+    this.rpcUrl = rpcUrl;
+    this.client = (0, import_viem.createPublicClient)({
+      transport: (0, import_viem.http)(rpcUrl)
+    });
+  }
+  /** Cached volume data */
+  cachedVolume24h = {};
+  /** Cached price change data */
+  cachedPriceChange24h = {};
+  /**
+   * Fetch current market data for the agent
+   */
+  async fetchMarketData(walletAddress, tokenAddresses) {
+    const prices = await this.fetchPrices(tokenAddresses);
+    const balances = await this.fetchBalances(walletAddress, tokenAddresses);
+    const portfolioValue = this.calculatePortfolioValue(balances, prices);
+    let gasPrice;
+    try {
+      gasPrice = await this.client.getGasPrice();
+    } catch {
+    }
     return {
-      provider: this.config.provider,
-      model: this.config.model || "unknown",
-      isLocal: this.config.provider === "ollama"
+      timestamp: Date.now(),
+      prices,
+      balances,
+      portfolioValue,
+      volume24h: Object.keys(this.cachedVolume24h).length > 0 ? { ...this.cachedVolume24h } : void 0,
+      priceChange24h: Object.keys(this.cachedPriceChange24h).length > 0 ? { ...this.cachedPriceChange24h } : void 0,
+      gasPrice,
+      network: {
+        chainId: this.client.chain?.id ?? 8453
+      }
     };
   }
   /**
-   * Format model name for display
+   * Check if cached prices are still fresh
    */
-  getDisplayModel() {
-    if (this.config.provider === "ollama") {
-      return `Local (${this.config.model || "ollama"})`;
-    }
-    return this.config.model || this.config.provider;
+  get pricesAreFresh() {
+    return Date.now() - this.lastPriceFetchAt < PRICE_STALENESS_MS;
   }
-};
-
-// src/llm/openai.ts
-var OpenAIAdapter = class extends BaseLLMAdapter {
-  client;
-  constructor(config) {
-    super(config);
-    if (!config.apiKey && !config.endpoint) {
-      throw new Error("OpenAI API key or custom endpoint required");
+  /**
+   * Fetch token prices from CoinGecko free API
+   * Returns cached prices if still fresh (<60s old)
+   */
+  async fetchPrices(tokenAddresses) {
+    if (this.pricesAreFresh && Object.keys(this.cachedPrices).length > 0) {
+      const prices2 = { ...this.cachedPrices };
+      for (const addr of tokenAddresses) {
+        const cgId = TOKEN_TO_COINGECKO[addr.toLowerCase()];
+        if (cgId && STABLECOIN_IDS.has(cgId) && !prices2[addr.toLowerCase()]) {
+          prices2[addr.toLowerCase()] = 1;
+        }
+      }
+      return prices2;
     }
-    this.client = new import_openai.default({
-      apiKey: config.apiKey || "not-needed-for-custom",
-      baseURL: config.endpoint
-    });
-  }
-  async chat(messages) {
-    try {
-      const response = await this.client.chat.completions.create({
-        model: this.config.model || "gpt-4.1",
-        messages: messages.map((m) => ({
-          role: m.role,
-          content: m.content
-        })),
-        temperature: this.config.temperature,
-        max_tokens: this.config.maxTokens
-      });
-      const choice = response.choices[0];
-      if (!choice || !choice.message) {
-        throw new Error("No response from OpenAI");
+    const prices = {};
+    const idsToFetch = /* @__PURE__ */ new Set();
+    for (const addr of tokenAddresses) {
+      const cgId = TOKEN_TO_COINGECKO[addr.toLowerCase()];
+      if (cgId && !STABLECOIN_IDS.has(cgId)) {
+        idsToFetch.add(cgId);
       }
-      return {
-        content: choice.message.content || "",
-        usage: response.usage ? {
-          promptTokens: response.usage.prompt_tokens,
-          completionTokens: response.usage.completion_tokens,
-          totalTokens: response.usage.total_tokens
-        } : void 0
-      };
-    } catch (error) {
-      if (error instanceof import_openai.default.APIError) {
-        throw new Error(`OpenAI API error: ${error.message}`);
+    }
+    idsToFetch.add("ethereum");
+    if (idsToFetch.size > 0) {
+      try {
+        const ids = Array.from(idsToFetch).join(",");
+        const response = await fetch(
+          `https://api.coingecko.com/api/v3/simple/price?ids=${ids}&vs_currencies=usd&include_24hr_vol=true&include_24hr_change=true`,
+          { signal: AbortSignal.timeout(5e3) }
+        );
+        if (response.ok) {
+          const data = await response.json();
+          for (const [cgId, priceData] of Object.entries(data)) {
+            for (const [addr, id] of Object.entries(TOKEN_TO_COINGECKO)) {
+              if (id === cgId) {
+                const key = addr.toLowerCase();
+                prices[key] = priceData.usd;
+                if (priceData.usd_24h_vol !== void 0) {
+                  this.cachedVolume24h[key] = priceData.usd_24h_vol;
+                }
+                if (priceData.usd_24h_change !== void 0) {
+                  this.cachedPriceChange24h[key] = priceData.usd_24h_change;
+                }
+              }
+            }
+          }
+          this.lastPriceFetchAt = Date.now();
+        } else {
+          console.warn(`CoinGecko API returned ${response.status}, using cached prices`);
+        }
+      } catch (error) {
+        console.warn("Failed to fetch prices from CoinGecko:", error instanceof Error ? error.message : error);
       }
-      throw error;
     }
-  }
-};
-
-// src/llm/anthropic.ts
-var AnthropicAdapter = class extends BaseLLMAdapter {
-  apiKey;
-  baseUrl;
-  constructor(config) {
-    super(config);
-    if (!config.apiKey) {
-      throw new Error("Anthropic API key required");
+    for (const addr of tokenAddresses) {
+      const cgId = TOKEN_TO_COINGECKO[addr.toLowerCase()];
+      if (cgId && STABLECOIN_IDS.has(cgId)) {
+        prices[addr.toLowerCase()] = 1;
+      }
     }
-    this.apiKey = config.apiKey;
-    this.baseUrl = config.endpoint || "https://api.anthropic.com";
-  }
-  async chat(messages) {
-    const systemMessage = messages.find((m) => m.role === "system");
-    const chatMessages = messages.filter((m) => m.role !== "system");
-    const body = {
-      model: this.config.model || "claude-opus-4-5-20251101",
-      max_tokens: this.config.maxTokens || 4096,
-      temperature: this.config.temperature,
-      system: systemMessage?.content,
-      messages: chatMessages.map((m) => ({
-        role: m.role,
+    const missingAddrs = tokenAddresses.filter(
+      (addr) => !prices[addr.toLowerCase()] && !STABLECOIN_IDS.has(TOKEN_TO_COINGECKO[addr.toLowerCase()] || "")
+    );
+    if (missingAddrs.length > 0) {
+      try {
+        const coins = missingAddrs.map((a) => `base:${a}`).join(",");
+        const llamaResponse = await fetch(
+          `https://coins.llama.fi/prices/current/${coins}`,
+          { signal: AbortSignal.timeout(5e3) }
+        );
+        if (llamaResponse.ok) {
+          const llamaData = await llamaResponse.json();
+          for (const [key, data] of Object.entries(llamaData.coins)) {
+            const addr = key.replace("base:", "").toLowerCase();
+            if (data.price && data.confidence > 0.5) {
+              prices[addr] = data.price;
+            }
+          }
+          if (!this.lastPriceFetchAt) this.lastPriceFetchAt = Date.now();
+        }
+      } catch {
+      }
+    }
+    if (Object.keys(prices).length > 0) {
+      this.cachedPrices = prices;
+    }
+    if (Object.keys(prices).length === 0 && Object.keys(this.cachedPrices).length > 0) {
+      console.warn("Using cached prices (last successful fetch was stale)");
+      return { ...this.cachedPrices };
+    }
+    for (const addr of tokenAddresses) {
+      if (!prices[addr.toLowerCase()]) {
+        console.warn(`No price available for ${addr}, using 0`);
+        prices[addr.toLowerCase()] = 0;
+      }
+    }
+    return prices;
+  }
+  /**
+   * Fetch real on-chain balances: native ETH + ERC-20 tokens
+   */
+  async fetchBalances(walletAddress, tokenAddresses) {
+    const balances = {};
+    const wallet = walletAddress;
+    try {
+      const nativeBalance = await this.client.getBalance({ address: wallet });
+      balances[NATIVE_ETH.toLowerCase()] = nativeBalance;
+      const erc20Promises = tokenAddresses.map(async (tokenAddress) => {
+        try {
+          const balance = await this.client.readContract({
+            address: tokenAddress,
+            abi: import_viem.erc20Abi,
+            functionName: "balanceOf",
+            args: [wallet]
+          });
+          return { address: tokenAddress.toLowerCase(), balance };
+        } catch (error) {
+          return { address: tokenAddress.toLowerCase(), balance: 0n };
+        }
+      });
+      const results = await Promise.all(erc20Promises);
+      for (const { address, balance } of results) {
+        balances[address] = balance;
+      }
+    } catch (error) {
+      console.error("MarketData: Failed to fetch balances:", error instanceof Error ? error.message : error);
+      balances[NATIVE_ETH.toLowerCase()] = 0n;
+      for (const address of tokenAddresses) {
+        balances[address.toLowerCase()] = 0n;
+      }
+    }
+    return balances;
+  }
+  /**
+   * Calculate total portfolio value in USD
+   */
+  calculatePortfolioValue(balances, prices) {
+    let total = 0;
+    for (const [address, balance] of Object.entries(balances)) {
+      const price = prices[address.toLowerCase()] || 0;
+      const decimals = getTokenDecimals(address);
+      const amount = Number(balance) / Math.pow(10, decimals);
+      total += amount * price;
+    }
+    return total;
+  }
+};
+
+// src/position-tracker.ts
+var BASE_ASSETS = /* @__PURE__ */ new Set([
+  NATIVE_ETH.toLowerCase(),
+  // Native ETH
+  "0x4200000000000000000000000000000000000006",
+  // WETH
+  "0x833589fcd6edb6e08f4c7c32d4f71b54bda02913",
+  // USDC
+  "0xd9aaec86b65d86f6a7b5b1b0c42ffa531710b6ca",
+  // USDbC
+  "0x50c5725949a6f0c72e6c4a641f24049a917db0cb",
+  // DAI
+  "0xfde4c96c8593536e31f229ea8f37b2ada2699bb2",
+  // USDT
+  "0x60a3e35cc302bfa44cb36dc100b2587cd09b9c83"
+  // EURC
+]);
+var TOKEN_SYMBOLS = {
+  "0x940181a94a35a4569e4529a3cdfb74e38fd98631": "AERO",
+  "0x532f27101965dd16442e59d40670faf5ebb142e4": "BRETT",
+  "0x4ed4e862860bed51a9570b96d89af5e1b0efefed": "DEGEN",
+  "0x0b3e328455c4059eeb9e3f84b5543f74e24e7e1b": "VIRTUAL",
+  "0xac1bd2486aaf3b5c0fc3fd868558b082a531b2b4": "TOSHI",
+  "0xcbb7c0000ab88b473b1f5afd9ef808440eed33bf": "cbBTC",
+  "0x2416092f143378750bb29b79ed961ab195cceea5": "ezETH",
+  "0xc1cba3fcea344f92d9239c08c0568f6f2f0ee452": "wstETH",
+  "0x2ae3f1ec7f1f5012cfeab0185bfc7aa3cf0dec22": "cbETH",
+  "0x13403fb738c97cf7564f279288468c140aaed05c": "EXA"
+};
+var KEY_POSITIONS = "__positions";
+var KEY_TRADE_HISTORY = "__trade_history";
+var KEY_RISK_STATE = "__risk_state";
+var PositionTracker = class {
+  store;
+  positions;
+  tradeHistory;
+  maxTradeHistory;
+  constructor(store, options) {
+    this.store = store;
+    this.maxTradeHistory = options?.maxTradeHistory ?? 50;
+    this.positions = store.get(KEY_POSITIONS) || {};
+    this.tradeHistory = store.get(KEY_TRADE_HISTORY) || [];
+    const posCount = Object.keys(this.positions).length;
+    if (posCount > 0 || this.tradeHistory.length > 0) {
+      console.log(`Position tracker loaded: ${posCount} positions, ${this.tradeHistory.length} trade records`);
+    }
+  }
+  // ============================================================
+  // TRADE RECORDING (called by runtime after execution)
+  // ============================================================
+  /**
+   * Record a trade result. On buy: creates/updates position with cost-basis
+   * weighted average. On sell: calculates realized PnL and removes if fully sold.
+   */
+  recordTrade(params) {
+    const { action, tokenIn, tokenOut, amountIn, priceIn, priceOut, txHash, reasoning, success } = params;
+    const decimalsIn = getTokenDecimals(tokenIn);
+    const amountInUnits = Number(amountIn) / Math.pow(10, decimalsIn);
+    const tradeValueUSD = amountInUnits * priceIn;
+    const record = {
+      timestamp: Date.now(),
+      action,
+      tokenIn: tokenIn.toLowerCase(),
+      tokenOut: tokenOut.toLowerCase(),
+      amountIn: amountIn.toString(),
+      priceUSD: tradeValueUSD,
+      txHash,
+      reasoning,
+      success
+    };
+    if (success) {
+      if (action === "buy") {
+        this.handleBuy(tokenOut.toLowerCase(), tradeValueUSD, priceOut, txHash);
+      } else if (action === "sell") {
+        const realizedPnL = this.handleSell(tokenIn.toLowerCase(), tradeValueUSD);
+        record.realizedPnL = realizedPnL;
+      }
+    }
+    this.tradeHistory.unshift(record);
+    if (this.tradeHistory.length > this.maxTradeHistory) {
+      this.tradeHistory = this.tradeHistory.slice(0, this.maxTradeHistory);
+    }
+    this.persist();
+  }
+  /**
+   * Handle a buy: create or update position with cost-basis weighted average.
+   */
+  handleBuy(token, costUSD, priceUSD, txHash) {
+    if (BASE_ASSETS.has(token) || priceUSD <= 0 || costUSD <= 0) return;
+    const existing = this.positions[token];
+    const acquiredAmount = costUSD / priceUSD;
+    if (existing) {
+      const newTotalCost = existing.totalCostBasis + costUSD;
+      const newTotalAmount = existing.totalAmountAcquired + acquiredAmount;
+      existing.averageEntryPrice = newTotalAmount > 0 ? newTotalCost / newTotalAmount : priceUSD;
+      existing.totalCostBasis = newTotalCost;
+      existing.totalAmountAcquired = newTotalAmount;
+      existing.lastUpdateTimestamp = Date.now();
+      if (txHash) {
+        existing.txHashes.push(txHash);
+        if (existing.txHashes.length > 10) existing.txHashes.shift();
+      }
+    } else {
+      this.positions[token] = {
+        token,
+        symbol: TOKEN_SYMBOLS[token],
+        entryPrice: priceUSD,
+        averageEntryPrice: priceUSD,
+        totalCostBasis: costUSD,
+        totalAmountAcquired: acquiredAmount,
+        currentAmount: acquiredAmount,
+        entryTimestamp: Date.now(),
+        lastUpdateTimestamp: Date.now(),
+        txHashes: txHash ? [txHash] : []
+      };
+    }
+  }
+  /**
+   * Handle a sell: calculate realized PnL and remove position if fully sold.
+   * Returns the realized PnL in USD.
+   */
+  handleSell(token, saleValueUSD) {
+    if (BASE_ASSETS.has(token)) return 0;
+    const position = this.positions[token];
+    if (!position || position.averageEntryPrice <= 0) return 0;
+    const estimatedUnitsSold = position.currentAmount > 0 ? Math.min(position.currentAmount, saleValueUSD / position.averageEntryPrice) : saleValueUSD / position.averageEntryPrice;
+    const costBasisOfSold = estimatedUnitsSold * position.averageEntryPrice;
+    const realizedPnL = saleValueUSD - costBasisOfSold;
+    position.totalAmountAcquired = Math.max(0, position.totalAmountAcquired - estimatedUnitsSold);
+    position.totalCostBasis = Math.max(0, position.totalCostBasis - costBasisOfSold);
+    position.lastUpdateTimestamp = Date.now();
+    return realizedPnL;
+  }
+  // ============================================================
+  // BALANCE SYNC (called by runtime each cycle)
+  // ============================================================
+  /**
+   * Sync tracked positions with on-chain balances.
+   * Updates currentAmount, detects new tokens (airdrops), removes zeroed positions.
+   */
+  syncBalances(balances, prices) {
+    let changed = false;
+    for (const [address, balance] of Object.entries(balances)) {
+      const token = address.toLowerCase();
+      if (BASE_ASSETS.has(token)) continue;
+      const decimals = getTokenDecimals(token);
+      const amount = Number(balance) / Math.pow(10, decimals);
+      if (amount > 0) {
+        if (this.positions[token]) {
+          if (this.positions[token].currentAmount !== amount) {
+            this.positions[token].currentAmount = amount;
+            this.positions[token].lastUpdateTimestamp = Date.now();
+            changed = true;
+          }
+        } else {
+          const price = prices[token] || 0;
+          this.positions[token] = {
+            token,
+            symbol: TOKEN_SYMBOLS[token],
+            entryPrice: price,
+            averageEntryPrice: price,
+            totalCostBasis: amount * price,
+            totalAmountAcquired: amount,
+            currentAmount: amount,
+            entryTimestamp: Date.now(),
+            lastUpdateTimestamp: Date.now(),
+            txHashes: []
+          };
+          if (price > 0) {
+            console.log(`Position tracker: detected new holding ${TOKEN_SYMBOLS[token] || token.slice(0, 10)} (${amount.toFixed(4)} units @ $${price.toFixed(4)})`);
+          }
+          changed = true;
+        }
+      } else if (this.positions[token]) {
+        delete this.positions[token];
+        changed = true;
+      }
+    }
+    if (changed) {
+      this.persist();
+    }
+  }
+  // ============================================================
+  // QUERY METHODS (for strategies)
+  // ============================================================
+  /** Get all tracked positions */
+  getPositions() {
+    return Object.values(this.positions);
+  }
+  /** Get a single position by token address */
+  getPosition(token) {
+    return this.positions[token.toLowerCase()];
+  }
+  /** Get trade history (newest first) */
+  getTradeHistory(limit) {
+    return limit ? this.tradeHistory.slice(0, limit) : [...this.tradeHistory];
+  }
+  /** Get unrealized PnL per position given current prices */
+  getUnrealizedPnL(prices) {
+    const pnl = {};
+    for (const pos of Object.values(this.positions)) {
+      const currentPrice = prices[pos.token] || 0;
+      if (currentPrice > 0 && pos.averageEntryPrice > 0 && pos.currentAmount > 0) {
+        const currentValue = pos.currentAmount * currentPrice;
+        const costBasis = pos.currentAmount * pos.averageEntryPrice;
+        pnl[pos.token] = currentValue - costBasis;
+      }
+    }
+    return pnl;
+  }
+  /** Get total unrealized PnL across all positions */
+  getTotalUnrealizedPnL(prices) {
+    const pnl = this.getUnrealizedPnL(prices);
+    return Object.values(pnl).reduce((sum, v) => sum + v, 0);
+  }
+  // ============================================================
+  // RISK STATE PERSISTENCE
+  // ============================================================
+  /** Load persisted risk state */
+  getRiskState() {
+    return this.store.get(KEY_RISK_STATE) || {
+      dailyPnL: 0,
+      dailyFees: 0,
+      lastResetDate: ""
+    };
+  }
+  /** Save risk state to persistent store */
+  saveRiskState(state) {
+    this.store.set(KEY_RISK_STATE, state);
+  }
+  // ============================================================
+  // RELAY SUMMARY
+  // ============================================================
+  /** Get a compact summary for relay heartbeats */
+  getPositionSummary(prices) {
+    const unrealizedPnL = this.getUnrealizedPnL(prices);
+    const now = Date.now();
+    const topPositions = Object.values(this.positions).map((pos) => ({
+      token: pos.token,
+      symbol: pos.symbol,
+      unrealizedPnL: unrealizedPnL[pos.token] || 0,
+      holdingDuration: now - pos.entryTimestamp
+    })).sort((a, b) => Math.abs(b.unrealizedPnL) - Math.abs(a.unrealizedPnL)).slice(0, 5);
+    const oneDayAgo = now - 24 * 60 * 60 * 1e3;
+    const recentTrades = this.tradeHistory.filter((t) => t.timestamp > oneDayAgo).length;
+    const totalRealizedPnL = this.tradeHistory.filter((t) => t.realizedPnL !== void 0).reduce((sum, t) => sum + (t.realizedPnL || 0), 0);
+    return {
+      openPositions: Object.keys(this.positions).length,
+      totalUnrealizedPnL: Object.values(unrealizedPnL).reduce((s, v) => s + v, 0),
+      topPositions,
+      recentTrades,
+      totalRealizedPnL
+    };
+  }
+  // ============================================================
+  // INTERNAL
+  // ============================================================
+  persist() {
+    this.store.set(KEY_POSITIONS, this.positions);
+    this.store.set(KEY_TRADE_HISTORY, this.tradeHistory);
+  }
+};
+
+// src/llm/openai.ts
+var import_openai = __toESM(require("openai"));
+
+// src/llm/base.ts
+var BaseLLMAdapter = class {
+  config;
+  constructor(config) {
+    this.config = config;
+  }
+  getMetadata() {
+    return {
+      provider: this.config.provider,
+      model: this.config.model || "unknown",
+      isLocal: this.config.provider === "ollama"
+    };
+  }
+  /**
+   * Format model name for display
+   */
+  getDisplayModel() {
+    if (this.config.provider === "ollama") {
+      return `Local (${this.config.model || "ollama"})`;
+    }
+    return this.config.model || this.config.provider;
+  }
+};
+
+// src/llm/openai.ts
+var OpenAIAdapter = class extends BaseLLMAdapter {
+  client;
+  constructor(config) {
+    super(config);
+    if (!config.apiKey && !config.endpoint) {
+      throw new Error("OpenAI API key or custom endpoint required");
+    }
+    this.client = new import_openai.default({
+      apiKey: config.apiKey || "not-needed-for-custom",
+      baseURL: config.endpoint
+    });
+  }
+  async chat(messages) {
+    try {
+      const response = await this.client.chat.completions.create({
+        model: this.config.model || "gpt-4.1",
+        messages: messages.map((m) => ({
+          role: m.role,
+          content: m.content
+        })),
+        temperature: this.config.temperature,
+        max_tokens: this.config.maxTokens
+      });
+      const choice = response.choices[0];
+      if (!choice || !choice.message) {
+        throw new Error("No response from OpenAI");
+      }
+      return {
+        content: choice.message.content || "",
+        usage: response.usage ? {
+          promptTokens: response.usage.prompt_tokens,
+          completionTokens: response.usage.completion_tokens,
+          totalTokens: response.usage.total_tokens
+        } : void 0
+      };
+    } catch (error) {
+      if (error instanceof import_openai.default.APIError) {
+        throw new Error(`OpenAI API error: ${error.message}`);
+      }
+      throw error;
+    }
+  }
+};
+
+// src/llm/anthropic.ts
+var AnthropicAdapter = class extends BaseLLMAdapter {
+  apiKey;
+  baseUrl;
+  constructor(config) {
+    super(config);
+    if (!config.apiKey) {
+      throw new Error("Anthropic API key required");
+    }
+    this.apiKey = config.apiKey;
+    this.baseUrl = config.endpoint || "https://api.anthropic.com";
+  }
+  async chat(messages) {
+    const systemMessage = messages.find((m) => m.role === "system");
+    const chatMessages = messages.filter((m) => m.role !== "system");
+    const body = {
+      model: this.config.model || "claude-opus-4-5-20251101",
+      max_tokens: this.config.maxTokens || 4096,
+      temperature: this.config.temperature,
+      system: systemMessage?.content,
+      messages: chatMessages.map((m) => ({
+        role: m.role,
         content: m.content
       }))
     };
@@ -1150,349 +1686,76 @@ function classifyTradeError(message) {
   };
 }
 
-// src/trading/market.ts
-var import_viem = require("viem");
-var NATIVE_ETH = "0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE";
-var TOKEN_DECIMALS = {
-  // Base Mainnet — Core tokens
-  "0x833589fcd6edb6e08f4c7c32d4f71b54bda02913": 6,
-  // USDC
-  "0xd9aaec86b65d86f6a7b5b1b0c42ffa531710b6ca": 6,
-  // USDbC
-  "0x4200000000000000000000000000000000000006": 18,
-  // WETH
-  "0x50c5725949a6f0c72e6c4a641f24049a917db0cb": 18,
-  // DAI
-  "0x2ae3f1ec7f1f5012cfeab0185bfc7aa3cf0dec22": 18,
-  // cbETH
-  [NATIVE_ETH.toLowerCase()]: 18,
-  // Native ETH
-  // Base Mainnet — Established tokens
-  "0x940181a94a35a4569e4529a3cdfb74e38fd98631": 18,
-  // AERO (Aerodrome)
-  "0x532f27101965dd16442e59d40670faf5ebb142e4": 18,
-  // BRETT
-  "0x4ed4e862860bed51a9570b96d89af5e1b0efefed": 18,
-  // DEGEN
-  "0x0b3e328455c4059eeb9e3f84b5543f74e24e7e1b": 18,
-  // VIRTUAL
-  "0xac1bd2486aaf3b5c0fc3fd868558b082a531b2b4": 18,
-  // TOSHI
-  "0xcbb7c0000ab88b473b1f5afd9ef808440eed33bf": 8,
-  // cbBTC
-  "0x2416092f143378750bb29b79ed961ab195cceea5": 18,
-  // ezETH (Renzo)
-  "0xc1cba3fcea344f92d9239c08c0568f6f2f0ee452": 18
-  // wstETH (Lido)
-};
-function getTokenDecimals(address) {
-  const decimals = TOKEN_DECIMALS[address.toLowerCase()];
-  if (decimals === void 0) {
-    console.warn(`Unknown token decimals for ${address}, defaulting to 18. THIS MAY BE WRONG.`);
-    return 18;
-  }
-  return decimals;
-}
-var TOKEN_TO_COINGECKO = {
-  // Core
-  "0x4200000000000000000000000000000000000006": "ethereum",
-  // WETH
-  [NATIVE_ETH.toLowerCase()]: "ethereum",
-  "0x833589fcd6edb6e08f4c7c32d4f71b54bda02913": "usd-coin",
-  // USDC
-  "0xd9aaec86b65d86f6a7b5b1b0c42ffa531710b6ca": "usd-coin",
-  // USDbC
-  "0x2ae3f1ec7f1f5012cfeab0185bfc7aa3cf0dec22": "coinbase-wrapped-staked-eth",
-  // cbETH
-  "0x50c5725949a6f0c72e6c4a641f24049a917db0cb": "dai",
-  // DAI
-  // Established
-  "0x940181a94a35a4569e4529a3cdfb74e38fd98631": "aerodrome-finance",
-  // AERO
-  "0x532f27101965dd16442e59d40670faf5ebb142e4": "brett",
-  // BRETT
-  "0x4ed4e862860bed51a9570b96d89af5e1b0efefed": "degen-base",
-  // DEGEN
-  "0x0b3e328455c4059eeb9e3f84b5543f74e24e7e1b": "virtual-protocol",
-  // VIRTUAL
-  "0xac1bd2486aaf3b5c0fc3fd868558b082a531b2b4": "toshi",
-  // TOSHI
-  "0xcbb7c0000ab88b473b1f5afd9ef808440eed33bf": "coinbase-wrapped-btc",
-  // cbBTC
-  "0x2416092f143378750bb29b79ed961ab195cceea5": "renzo-restaked-eth",
-  // ezETH
-  "0xc1cba3fcea344f92d9239c08c0568f6f2f0ee452": "wrapped-steth"
-  // wstETH
-};
-var STABLECOIN_IDS = /* @__PURE__ */ new Set(["usd-coin", "dai"]);
-var PRICE_STALENESS_MS = 6e4;
-var MarketDataService = class {
-  rpcUrl;
-  client;
-  /** Cached prices from last fetch */
-  cachedPrices = {};
-  /** Timestamp of last successful price fetch */
-  lastPriceFetchAt = 0;
-  constructor(rpcUrl) {
-    this.rpcUrl = rpcUrl;
-    this.client = (0, import_viem.createPublicClient)({
-      transport: (0, import_viem.http)(rpcUrl)
-    });
+// src/trading/risk.ts
+var RiskManager = class {
+  config;
+  dailyPnL = 0;
+  dailyFees = 0;
+  lastResetDate = "";
+  /** Minimum trade value in USD — trades below this are rejected as dust */
+  minTradeValueUSD;
+  constructor(config) {
+    this.config = config;
+    this.minTradeValueUSD = config.minTradeValueUSD ?? 1;
   }
-  /** Cached volume data */
-  cachedVolume24h = {};
-  /** Cached price change data */
-  cachedPriceChange24h = {};
   /**
-   * Fetch current market data for the agent
+   * Filter signals through risk checks
+   * Returns only signals that pass all guardrails
    */
-  async fetchMarketData(walletAddress, tokenAddresses) {
-    const prices = await this.fetchPrices(tokenAddresses);
-    const balances = await this.fetchBalances(walletAddress, tokenAddresses);
-    const portfolioValue = this.calculatePortfolioValue(balances, prices);
-    let gasPrice;
-    try {
-      gasPrice = await this.client.getGasPrice();
-    } catch {
+  filterSignals(signals, marketData) {
+    const today = (/* @__PURE__ */ new Date()).toISOString().split("T")[0];
+    if (today !== this.lastResetDate) {
+      this.dailyPnL = 0;
+      this.dailyFees = 0;
+      this.lastResetDate = today;
     }
-    return {
-      timestamp: Date.now(),
-      prices,
-      balances,
-      portfolioValue,
-      volume24h: Object.keys(this.cachedVolume24h).length > 0 ? { ...this.cachedVolume24h } : void 0,
-      priceChange24h: Object.keys(this.cachedPriceChange24h).length > 0 ? { ...this.cachedPriceChange24h } : void 0,
-      gasPrice,
-      network: {
-        chainId: this.client.chain?.id ?? 8453
-      }
-    };
-  }
-  /**
-   * Check if cached prices are still fresh
-   */
-  get pricesAreFresh() {
-    return Date.now() - this.lastPriceFetchAt < PRICE_STALENESS_MS;
+    if (this.isDailyLossLimitHit(marketData.portfolioValue)) {
+      console.warn("Daily loss limit reached - no new trades");
+      return [];
+    }
+    return signals.filter((signal) => this.validateSignal(signal, marketData));
   }
   /**
-   * Fetch token prices from CoinGecko free API
-   * Returns cached prices if still fresh (<60s old)
+   * Validate individual signal against risk limits.
+   * Sell signals are exempt from position size and minimum value checks —
+   * those guardrails prevent oversized/dust buys, but blocking exits traps capital.
    */
-  async fetchPrices(tokenAddresses) {
-    if (this.pricesAreFresh && Object.keys(this.cachedPrices).length > 0) {
-      const prices2 = { ...this.cachedPrices };
-      for (const addr of tokenAddresses) {
-        const cgId = TOKEN_TO_COINGECKO[addr.toLowerCase()];
-        if (cgId && STABLECOIN_IDS.has(cgId) && !prices2[addr.toLowerCase()]) {
-          prices2[addr.toLowerCase()] = 1;
-        }
-      }
-      return prices2;
+  validateSignal(signal, marketData) {
+    if (signal.action === "hold") {
+      return true;
     }
-    const prices = {};
-    const idsToFetch = /* @__PURE__ */ new Set();
-    for (const addr of tokenAddresses) {
-      const cgId = TOKEN_TO_COINGECKO[addr.toLowerCase()];
-      if (cgId && !STABLECOIN_IDS.has(cgId)) {
-        idsToFetch.add(cgId);
-      }
+    if (signal.confidence < 0.5) {
+      console.warn(`Signal confidence too low: ${signal.confidence}`);
+      return false;
     }
-    idsToFetch.add("ethereum");
-    if (idsToFetch.size > 0) {
-      try {
-        const ids = Array.from(idsToFetch).join(",");
-        const response = await fetch(
-          `https://api.coingecko.com/api/v3/simple/price?ids=${ids}&vs_currencies=usd&include_24hr_vol=true&include_24hr_change=true`,
-          { signal: AbortSignal.timeout(5e3) }
-        );
-        if (response.ok) {
-          const data = await response.json();
-          for (const [cgId, priceData] of Object.entries(data)) {
-            for (const [addr, id] of Object.entries(TOKEN_TO_COINGECKO)) {
-              if (id === cgId) {
-                const key = addr.toLowerCase();
-                prices[key] = priceData.usd;
-                if (priceData.usd_24h_vol !== void 0) {
-                  this.cachedVolume24h[key] = priceData.usd_24h_vol;
-                }
-                if (priceData.usd_24h_change !== void 0) {
-                  this.cachedPriceChange24h[key] = priceData.usd_24h_change;
-                }
-              }
-            }
-          }
-          this.lastPriceFetchAt = Date.now();
-        } else {
-          console.warn(`CoinGecko API returned ${response.status}, using cached prices`);
-        }
-      } catch (error) {
-        console.warn("Failed to fetch prices from CoinGecko:", error instanceof Error ? error.message : error);
-      }
+    if (signal.action === "sell") {
+      return true;
     }
-    for (const addr of tokenAddresses) {
-      const cgId = TOKEN_TO_COINGECKO[addr.toLowerCase()];
-      if (cgId && STABLECOIN_IDS.has(cgId)) {
-        prices[addr.toLowerCase()] = 1;
-      }
+    const signalValue = this.estimateSignalValue(signal, marketData);
+    const maxPositionValue = marketData.portfolioValue * this.config.maxPositionSizeBps / 1e4;
+    if (signalValue > maxPositionValue) {
+      console.warn(
+        `Signal exceeds position limit: ${signalValue.toFixed(2)} > ${maxPositionValue.toFixed(2)}`
+      );
+      return false;
     }
-    const missingAddrs = tokenAddresses.filter(
-      (addr) => !prices[addr.toLowerCase()] && !STABLECOIN_IDS.has(TOKEN_TO_COINGECKO[addr.toLowerCase()] || "")
-    );
-    if (missingAddrs.length > 0) {
-      try {
-        const coins = missingAddrs.map((a) => `base:${a}`).join(",");
-        const llamaResponse = await fetch(
-          `https://coins.llama.fi/prices/current/${coins}`,
-          { signal: AbortSignal.timeout(5e3) }
+    if (this.config.maxConcurrentPositions) {
+      const activePositions = this.countActivePositions(marketData);
+      if (activePositions >= this.config.maxConcurrentPositions) {
+        console.warn(
+          `Max concurrent positions reached: ${activePositions}/${this.config.maxConcurrentPositions} \u2014 blocking new buy`
         );
-        if (llamaResponse.ok) {
-          const llamaData = await llamaResponse.json();
-          for (const [key, data] of Object.entries(llamaData.coins)) {
-            const addr = key.replace("base:", "").toLowerCase();
-            if (data.price && data.confidence > 0.5) {
-              prices[addr] = data.price;
-            }
-          }
-          if (!this.lastPriceFetchAt) this.lastPriceFetchAt = Date.now();
-        }
-      } catch {
+        return false;
       }
     }
-    if (Object.keys(prices).length > 0) {
-      this.cachedPrices = prices;
-    }
-    if (Object.keys(prices).length === 0 && Object.keys(this.cachedPrices).length > 0) {
-      console.warn("Using cached prices (last successful fetch was stale)");
-      return { ...this.cachedPrices };
-    }
-    for (const addr of tokenAddresses) {
-      if (!prices[addr.toLowerCase()]) {
-        console.warn(`No price available for ${addr}, using 0`);
-        prices[addr.toLowerCase()] = 0;
-      }
+    if (signalValue < this.minTradeValueUSD) {
+      console.warn(`Trade value $${signalValue.toFixed(2)} below minimum $${this.minTradeValueUSD} \u2014 skipping`);
+      return false;
     }
-    return prices;
+    return true;
   }
   /**
-   * Fetch real on-chain balances: native ETH + ERC-20 tokens
-   */
-  async fetchBalances(walletAddress, tokenAddresses) {
-    const balances = {};
-    const wallet = walletAddress;
-    try {
-      const nativeBalance = await this.client.getBalance({ address: wallet });
-      balances[NATIVE_ETH.toLowerCase()] = nativeBalance;
-      const erc20Promises = tokenAddresses.map(async (tokenAddress) => {
-        try {
-          const balance = await this.client.readContract({
-            address: tokenAddress,
-            abi: import_viem.erc20Abi,
-            functionName: "balanceOf",
-            args: [wallet]
-          });
-          return { address: tokenAddress.toLowerCase(), balance };
-        } catch (error) {
-          return { address: tokenAddress.toLowerCase(), balance: 0n };
-        }
-      });
-      const results = await Promise.all(erc20Promises);
-      for (const { address, balance } of results) {
-        balances[address] = balance;
-      }
-    } catch (error) {
-      console.error("MarketData: Failed to fetch balances:", error instanceof Error ? error.message : error);
-      balances[NATIVE_ETH.toLowerCase()] = 0n;
-      for (const address of tokenAddresses) {
-        balances[address.toLowerCase()] = 0n;
-      }
-    }
-    return balances;
-  }
-  /**
-   * Calculate total portfolio value in USD
-   */
-  calculatePortfolioValue(balances, prices) {
-    let total = 0;
-    for (const [address, balance] of Object.entries(balances)) {
-      const price = prices[address.toLowerCase()] || 0;
-      const decimals = getTokenDecimals(address);
-      const amount = Number(balance) / Math.pow(10, decimals);
-      total += amount * price;
-    }
-    return total;
-  }
-};
-
-// src/trading/risk.ts
-var RiskManager = class {
-  config;
-  dailyPnL = 0;
-  dailyFees = 0;
-  lastResetDate = "";
-  /** Minimum trade value in USD — trades below this are rejected as dust */
-  minTradeValueUSD;
-  constructor(config) {
-    this.config = config;
-    this.minTradeValueUSD = config.minTradeValueUSD ?? 1;
-  }
-  /**
-   * Filter signals through risk checks
-   * Returns only signals that pass all guardrails
-   */
-  filterSignals(signals, marketData) {
-    const today = (/* @__PURE__ */ new Date()).toISOString().split("T")[0];
-    if (today !== this.lastResetDate) {
-      this.dailyPnL = 0;
-      this.dailyFees = 0;
-      this.lastResetDate = today;
-    }
-    if (this.isDailyLossLimitHit(marketData.portfolioValue)) {
-      console.warn("Daily loss limit reached - no new trades");
-      return [];
-    }
-    return signals.filter((signal) => this.validateSignal(signal, marketData));
-  }
-  /**
-   * Validate individual signal against risk limits.
-   * Sell signals are exempt from position size and minimum value checks —
-   * those guardrails prevent oversized/dust buys, but blocking exits traps capital.
-   */
-  validateSignal(signal, marketData) {
-    if (signal.action === "hold") {
-      return true;
-    }
-    if (signal.confidence < 0.5) {
-      console.warn(`Signal confidence too low: ${signal.confidence}`);
-      return false;
-    }
-    if (signal.action === "sell") {
-      return true;
-    }
-    const signalValue = this.estimateSignalValue(signal, marketData);
-    const maxPositionValue = marketData.portfolioValue * this.config.maxPositionSizeBps / 1e4;
-    if (signalValue > maxPositionValue) {
-      console.warn(
-        `Signal exceeds position limit: ${signalValue.toFixed(2)} > ${maxPositionValue.toFixed(2)}`
-      );
-      return false;
-    }
-    if (this.config.maxConcurrentPositions) {
-      const activePositions = this.countActivePositions(marketData);
-      if (activePositions >= this.config.maxConcurrentPositions) {
-        console.warn(
-          `Max concurrent positions reached: ${activePositions}/${this.config.maxConcurrentPositions} \u2014 blocking new buy`
-        );
-        return false;
-      }
-    }
-    if (signalValue < this.minTradeValueUSD) {
-      console.warn(`Trade value $${signalValue.toFixed(2)} below minimum $${this.minTradeValueUSD} \u2014 skipping`);
-      return false;
-    }
-    return true;
-  }
-  /**
-   * Count non-zero token positions (excluding native ETH and stablecoins used as base currency)
+   * Count non-zero token positions (excluding native ETH and stablecoins used as base currency)
    */
   countActivePositions(marketData) {
     const NATIVE_ETH_KEY = "0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee";
@@ -1533,6 +1796,31 @@ var RiskManager = class {
   updateFees(fees) {
     this.dailyFees += fees;
   }
+  /**
+   * Export current risk state for persistence across restarts.
+   */
+  exportState() {
+    return {
+      dailyPnL: this.dailyPnL,
+      dailyFees: this.dailyFees,
+      lastResetDate: this.lastResetDate
+    };
+  }
+  /**
+   * Restore risk state from persistence (called on startup).
+   * Only restores if the saved state is from today — expired state is ignored.
+   */
+  restoreState(state) {
+    const today = (/* @__PURE__ */ new Date()).toISOString().split("T")[0];
+    if (state.lastResetDate === today) {
+      this.dailyPnL = state.dailyPnL;
+      this.dailyFees = state.dailyFees;
+      this.lastResetDate = state.lastResetDate;
+      console.log(`Risk state restored: PnL=$${this.dailyPnL.toFixed(2)}, Fees=$${this.dailyFees.toFixed(2)}`);
+    } else {
+      console.log("Risk state expired (different day), starting fresh");
+    }
+  }
   /**
    * Get current risk status
    * @param portfolioValue - Current portfolio value in USD (needed for accurate loss limit)
@@ -1994,300 +2282,37 @@ var VaultManager = class {
 };
 
 // src/relay.ts
-var import_ws = __toESM(require("ws"));
-var import_accounts2 = require("viem/accounts");
-var import_sdk = require("@exagent/sdk");
-var RelayClient = class {
-  config;
-  ws = null;
-  authenticated = false;
-  authRejected = false;
-  reconnectAttempts = 0;
-  maxReconnectAttempts = 50;
-  reconnectTimer = null;
-  heartbeatTimer = null;
-  stopped = false;
+var import_ws2 = __toESM(require("ws"));
+var import_accounts4 = require("viem/accounts");
+
+// src/perp/client.ts
+var HyperliquidClient = class {
+  apiUrl;
+  meta = null;
+  assetIndexCache = /* @__PURE__ */ new Map();
   constructor(config) {
-    this.config = config;
+    this.apiUrl = config.apiUrl;
   }
-  /**
-   * Connect to the relay server
-   */
-  async connect() {
-    if (this.stopped) return;
-    const wsUrl = this.config.relay.apiUrl.replace(/^https?:\/\//, (m) => m.includes("https") ? "wss://" : "ws://").replace(/\/$/, "") + "/ws/agent";
-    return new Promise((resolve, reject) => {
-      try {
-        this.ws = new import_ws.default(wsUrl);
-      } catch (error) {
-        console.error("Relay: Failed to create WebSocket:", error);
-        this.scheduleReconnect();
-        reject(error);
-        return;
-      }
-      const connectTimeout = setTimeout(() => {
-        if (!this.authenticated) {
-          console.error("Relay: Connection timeout");
-          this.ws?.close();
-          this.scheduleReconnect();
-          reject(new Error("Connection timeout"));
-        }
-      }, 15e3);
-      this.ws.on("open", async () => {
-        this.authRejected = false;
-        console.log("Relay: Connected, authenticating...");
-        try {
-          await this.authenticate();
-        } catch (error) {
-          console.error("Relay: Authentication failed:", error);
-          this.ws?.close();
-          clearTimeout(connectTimeout);
-          reject(error);
-        }
-      });
-      this.ws.on("message", (raw) => {
-        try {
-          const data = JSON.parse(raw.toString());
-          this.handleMessage(data);
-          if (data.type === "auth_success") {
-            clearTimeout(connectTimeout);
-            this.authenticated = true;
-            this.reconnectAttempts = 0;
-            this.startHeartbeat();
-            console.log("Relay: Authenticated successfully");
-            resolve();
-          } else if (data.type === "auth_error") {
-            clearTimeout(connectTimeout);
-            this.authRejected = true;
-            console.error(`Relay: Auth rejected: ${data.message}`);
-            reject(new Error(data.message));
-          }
-        } catch {
-        }
-      });
-      this.ws.on("close", (code, reason) => {
-        clearTimeout(connectTimeout);
-        this.authenticated = false;
-        this.stopHeartbeat();
-        if (!this.stopped) {
-          if (!this.authRejected) {
-            console.log(`Relay: Disconnected (${code}: ${reason.toString() || "unknown"})`);
-          }
-          this.scheduleReconnect();
-        }
-      });
-      this.ws.on("error", (error) => {
-        if (!this.stopped) {
-          console.error("Relay: WebSocket error:", error.message);
-        }
-      });
+  // ============================================================
+  // INFO API (read-only)
+  // ============================================================
+  /** Fetch perpetuals metadata (asset specs, names, indices) */
+  async getMeta() {
+    if (this.meta) return this.meta;
+    const resp = await this.infoRequest({ type: "meta" });
+    this.meta = resp.universe;
+    this.meta.forEach((asset, idx) => {
+      this.assetIndexCache.set(asset.name, idx);
     });
+    return this.meta;
   }
-  /**
-   * Authenticate with the relay server using wallet signature
-   */
-  async authenticate() {
-    const account = (0, import_accounts2.privateKeyToAccount)(this.config.privateKey);
-    const timestamp = Math.floor(Date.now() / 1e3);
-    const message = `ExagentRelay:${this.config.agentId}:${timestamp}`;
-    const signature = await (0, import_accounts2.signMessage)({
-      message,
-      privateKey: this.config.privateKey
-    });
-    this.send({
-      type: "auth",
-      agentId: this.config.agentId,
-      wallet: account.address,
-      timestamp,
-      signature,
-      sdkVersion: import_sdk.SDK_VERSION
-    });
-  }
-  /**
-   * Handle incoming messages from the relay server
-   */
-  handleMessage(data) {
-    switch (data.type) {
-      case "command":
-        if (data.command && this.config.onCommand) {
-          this.config.onCommand(data.command);
-        }
-        break;
-      case "auth_success":
-      case "auth_error":
-        break;
-      case "error":
-        console.error(`Relay: Server error: ${data.message}`);
-        break;
-    }
-  }
-  /**
-   * Send a status heartbeat
-   */
-  sendHeartbeat(status) {
-    if (!this.authenticated) return;
-    this.send({
-      type: "heartbeat",
-      agentId: this.config.agentId,
-      status
-    });
-  }
-  /**
-   * Send a status update (outside of regular heartbeat)
-   */
-  sendStatusUpdate(status) {
-    if (!this.authenticated) return;
-    this.send({
-      type: "status_update",
-      agentId: this.config.agentId,
-      status
-    });
-  }
-  /**
-   * Send a message to the command center
-   */
-  sendMessage(messageType, level, title, body, data) {
-    if (!this.authenticated) return;
-    this.send({
-      type: "message",
-      agentId: this.config.agentId,
-      messageType,
-      level,
-      title,
-      body,
-      data
-    });
-  }
-  /**
-   * Send a command execution result
-   */
-  sendCommandResult(commandId, success, result) {
-    if (!this.authenticated) return;
-    this.send({
-      type: "command_result",
-      agentId: this.config.agentId,
-      commandId,
-      success,
-      result
-    });
-  }
-  /**
-   * Start the heartbeat timer
-   */
-  startHeartbeat() {
-    this.stopHeartbeat();
-    const interval = this.config.relay.heartbeatIntervalMs || 3e4;
-    this.heartbeatTimer = setInterval(() => {
-      if (this.ws?.readyState === import_ws.default.OPEN) {
-        this.ws.ping();
-      }
-    }, interval);
-  }
-  /**
-   * Stop the heartbeat timer
-   */
-  stopHeartbeat() {
-    if (this.heartbeatTimer) {
-      clearInterval(this.heartbeatTimer);
-      this.heartbeatTimer = null;
-    }
-  }
-  /**
-   * Schedule a reconnection with exponential backoff
-   */
-  scheduleReconnect() {
-    if (this.stopped) return;
-    if (this.reconnectAttempts >= this.maxReconnectAttempts) {
-      console.error("Relay: Max reconnection attempts reached. Giving up.");
-      return;
-    }
-    const delay = Math.min(1e3 * Math.pow(2, this.reconnectAttempts), 3e4);
-    this.reconnectAttempts++;
-    console.log(
-      `Relay: Reconnecting in ${delay / 1e3}s (attempt ${this.reconnectAttempts}/${this.maxReconnectAttempts})`
-    );
-    this.reconnectTimer = setTimeout(() => {
-      this.connect().catch(() => {
-      });
-    }, delay);
-  }
-  /**
-   * Send a JSON message to the WebSocket
-   */
-  send(data) {
-    if (this.ws?.readyState === import_ws.default.OPEN) {
-      this.ws.send(JSON.stringify(data));
-    }
-  }
-  /**
-   * Check if connected and authenticated
-   */
-  get isConnected() {
-    return this.authenticated && this.ws?.readyState === import_ws.default.OPEN;
-  }
-  /**
-   * Disconnect and stop reconnecting
-   */
-  disconnect() {
-    this.stopped = true;
-    this.stopHeartbeat();
-    if (this.reconnectTimer) {
-      clearTimeout(this.reconnectTimer);
-      this.reconnectTimer = null;
-    }
-    if (this.ws) {
-      this.ws.close(1e3, "Agent shutting down");
-      this.ws = null;
-    }
-    this.authenticated = false;
-    console.log("Relay: Disconnected");
-  }
-};
-
-// src/browser-open.ts
-var import_child_process2 = require("child_process");
-function openBrowser(url) {
-  const platform = process.platform;
-  try {
-    if (platform === "darwin") {
-      (0, import_child_process2.exec)(`open "${url}"`);
-    } else if (platform === "win32") {
-      (0, import_child_process2.exec)(`start "" "${url}"`);
-    } else {
-      (0, import_child_process2.exec)(`xdg-open "${url}"`);
-    }
-  } catch {
-  }
-}
-
-// src/perp/client.ts
-var HyperliquidClient = class {
-  apiUrl;
-  meta = null;
-  assetIndexCache = /* @__PURE__ */ new Map();
-  constructor(config) {
-    this.apiUrl = config.apiUrl;
-  }
-  // ============================================================
-  // INFO API (read-only)
-  // ============================================================
-  /** Fetch perpetuals metadata (asset specs, names, indices) */
-  async getMeta() {
-    if (this.meta) return this.meta;
-    const resp = await this.infoRequest({ type: "meta" });
-    this.meta = resp.universe;
-    this.meta.forEach((asset, idx) => {
-      this.assetIndexCache.set(asset.name, idx);
-    });
-    return this.meta;
-  }
-  /** Get asset index from symbol (e.g. "ETH" -> 1). Caches after first getMeta() call. */
-  async getAssetIndex(coin) {
-    if (this.assetIndexCache.has(coin)) return this.assetIndexCache.get(coin);
-    await this.getMeta();
-    const idx = this.assetIndexCache.get(coin);
-    if (idx === void 0) throw new Error(`Unknown instrument: ${coin}`);
-    return idx;
+  /** Get asset index from symbol (e.g. "ETH" -> 1). Caches after first getMeta() call. */
+  async getAssetIndex(coin) {
+    if (this.assetIndexCache.has(coin)) return this.assetIndexCache.get(coin);
+    await this.getMeta();
+    const idx = this.assetIndexCache.get(coin);
+    if (idx === void 0) throw new Error(`Unknown instrument: ${coin}`);
+    return idx;
   }
   /** Get mid-market prices for all perpetuals */
   async getAllMids() {
@@ -2864,7 +2889,7 @@ var PositionManager = class {
 };
 
 // src/perp/websocket.ts
-var import_ws2 = __toESM(require("ws"));
+var import_ws = __toESM(require("ws"));
 var HyperliquidWebSocket = class {
   wsUrl;
   userAddress;
@@ -2896,14 +2921,14 @@ var HyperliquidWebSocket = class {
    * Connect to Hyperliquid WebSocket and subscribe to user events.
    */
   async connect() {
-    if (this.ws?.readyState === import_ws2.default.OPEN || this.isConnecting) {
+    if (this.ws?.readyState === import_ws.default.OPEN || this.isConnecting) {
       return;
     }
     this.isConnecting = true;
     this.shouldReconnect = true;
     return new Promise((resolve, reject) => {
       try {
-        this.ws = new import_ws2.default(this.wsUrl);
+        this.ws = new import_ws.default(this.wsUrl);
         this.ws.on("open", () => {
           this.isConnecting = false;
           this.reconnectAttempts = 0;
@@ -2956,7 +2981,7 @@ var HyperliquidWebSocket = class {
     this.stopPing();
     if (this.ws) {
       this.ws.removeAllListeners();
-      if (this.ws.readyState === import_ws2.default.OPEN) {
+      if (this.ws.readyState === import_ws.default.OPEN) {
         this.ws.close(1e3, "Client disconnect");
       }
       this.ws = null;
@@ -2967,7 +2992,7 @@ var HyperliquidWebSocket = class {
    * Check if WebSocket is connected.
    */
   get isConnected() {
-    return this.ws?.readyState === import_ws2.default.OPEN;
+    return this.ws?.readyState === import_ws.default.OPEN;
   }
   // ============================================================
   // EVENT HANDLERS
@@ -3094,7 +3119,7 @@ var HyperliquidWebSocket = class {
   startPing() {
     this.stopPing();
     this.pingTimer = setInterval(() => {
-      if (this.ws?.readyState === import_ws2.default.OPEN) {
+      if (this.ws?.readyState === import_ws.default.OPEN) {
         this.ws.send(JSON.stringify({ method: "ping" }));
       }
     }, 25e3);
@@ -3109,7 +3134,7 @@ var HyperliquidWebSocket = class {
   // HELPERS
   // ============================================================
   subscribe(msg) {
-    if (this.ws?.readyState === import_ws2.default.OPEN) {
+    if (this.ws?.readyState === import_ws.default.OPEN) {
       this.ws.send(JSON.stringify(msg));
     }
   }
@@ -3118,7 +3143,7 @@ var HyperliquidWebSocket = class {
 // src/perp/recorder.ts
 var import_viem4 = require("viem");
 var import_chains2 = require("viem/chains");
-var import_accounts3 = require("viem/accounts");
+var import_accounts2 = require("viem/accounts");
 var ROUTER_ADDRESS = "0x1BCFa13f677fDCf697D8b7d5120f544817F1de1A";
 var ROUTER_ABI = [
   {
@@ -3157,7 +3182,7 @@ var PerpTradeRecorder = class {
   constructor(opts) {
     this.agentId = opts.agentId;
     this.configHash = opts.configHash;
-    this.account = (0, import_accounts3.privateKeyToAccount)(opts.privateKey);
+    this.account = (0, import_accounts2.privateKeyToAccount)(opts.privateKey);
     const rpcUrl = opts.rpcUrl || "https://mainnet.base.org";
     const transport = (0, import_viem4.http)(rpcUrl);
     this.publicClient = (0, import_viem4.createPublicClient)({
@@ -3298,199 +3323,650 @@ var PerpTradeRecorder = class {
   // CONVERSION HELPERS
   // ============================================================
   /**
-   * Calculate notional USD from a fill (6-decimal).
-   * notionalUSD = px * sz * 1e6
+   * Calculate notional USD from a fill (6-decimal).
+   * notionalUSD = px * sz * 1e6
+   */
+  calculateNotionalUSD(fill) {
+    const px = parseFloat(fill.px);
+    const sz = parseFloat(fill.sz);
+    return BigInt(Math.round(px * sz * 1e6));
+  }
+  /**
+   * Calculate fee USD from a fill (6-decimal).
+   * feeUSD = fee * 1e6 (fee is already in USD on Hyperliquid)
+   */
+  calculateFeeUSD(fill) {
+    const fee = parseFloat(fill.fee);
+    const builderFee = fill.builderFee ? parseFloat(fill.builderFee) : 0;
+    return BigInt(Math.round((fee + builderFee) * 1e6));
+  }
+};
+
+// src/perp/onboarding.ts
+var PerpOnboarding = class {
+  client;
+  signer;
+  config;
+  constructor(client, signer, config) {
+    this.client = client;
+    this.signer = signer;
+    this.config = config;
+  }
+  // ============================================================
+  // BUILDER FEE
+  // ============================================================
+  /**
+   * Check if the user has approved the builder fee.
+   * Builder fee must be approved before orders can include builder fees.
+   */
+  async isBuilderFeeApproved() {
+    try {
+      const maxFee = await this.client.getMaxBuilderFee(
+        this.signer.getAddress(),
+        this.config.builderAddress
+      );
+      return maxFee >= this.config.builderFeeTenthsBps;
+    } catch {
+      return false;
+    }
+  }
+  /**
+   * Approve the builder fee on Hyperliquid.
+   * This is a one-time approval per builder address.
+   */
+  async approveBuilderFee() {
+    try {
+      const action = {
+        type: "approveBuilderFee",
+        hyperliquidChain: "Mainnet",
+        maxFeeRate: `${this.config.builderFeeTenthsBps / 1e4}%`,
+        builder: this.config.builderAddress,
+        nonce: Number(getNextNonce())
+      };
+      const { signature } = await this.signer.signApproval(action);
+      const resp = await fetch(`${this.config.apiUrl}/exchange`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({
+          action,
+          signature: {
+            r: signature.slice(0, 66),
+            s: `0x${signature.slice(66, 130)}`,
+            v: parseInt(signature.slice(130, 132), 16)
+          },
+          nonce: action.nonce,
+          vaultAddress: null
+        })
+      });
+      if (!resp.ok) {
+        const text = await resp.text();
+        console.error(`Builder fee approval failed: ${resp.status} ${text}`);
+        return false;
+      }
+      console.log(`Builder fee approved: ${this.config.builderFeeTenthsBps / 10} bps for ${this.config.builderAddress}`);
+      return true;
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      console.error(`Builder fee approval failed: ${message}`);
+      return false;
+    }
+  }
+  // ============================================================
+  // BALANCE & REQUIREMENTS
+  // ============================================================
+  /**
+   * Check if the user has sufficient USDC balance on Hyperliquid.
+   * Returns the account equity in USD.
+   */
+  async checkBalance() {
+    try {
+      const account = await this.client.getAccountSummary(this.signer.getAddress());
+      return {
+        hasBalance: account.totalEquity > 0,
+        equity: account.totalEquity
+      };
+    } catch {
+      return { hasBalance: false, equity: 0 };
+    }
+  }
+  /**
+   * Verify that the agent's risk universe allows perp trading.
+   * Perps require risk universe >= 2 (Derivatives or higher).
+   */
+  verifyRiskUniverse(riskUniverse) {
+    if (riskUniverse >= 2) {
+      return {
+        allowed: true,
+        message: `Risk universe ${riskUniverse} allows perp trading`
+      };
+    }
+    return {
+      allowed: false,
+      message: `Risk universe ${riskUniverse} does not allow perp trading. Perps require Derivatives (2) or higher.`
+    };
+  }
+  // ============================================================
+  // FULL ONBOARDING CHECK
+  // ============================================================
+  /**
+   * Run all onboarding checks and return status.
+   * Does NOT auto-approve — caller must explicitly approve after review.
+   */
+  async checkOnboardingStatus(riskUniverse) {
+    const riskCheck = this.verifyRiskUniverse(riskUniverse);
+    const balanceCheck = await this.checkBalance();
+    const builderFeeApproved = await this.isBuilderFeeApproved();
+    const ready = riskCheck.allowed && balanceCheck.hasBalance && builderFeeApproved;
+    return {
+      ready,
+      riskUniverseOk: riskCheck.allowed,
+      riskUniverseMessage: riskCheck.message,
+      hasBalance: balanceCheck.hasBalance,
+      equity: balanceCheck.equity,
+      builderFeeApproved,
+      builderAddress: this.config.builderAddress,
+      builderFeeBps: this.config.builderFeeTenthsBps / 10
+    };
+  }
+  /**
+   * Run full onboarding: check status and auto-approve builder fee if needed.
+   * Returns the final status after all actions.
+   */
+  async onboard(riskUniverse) {
+    let status = await this.checkOnboardingStatus(riskUniverse);
+    if (!status.riskUniverseOk) {
+      console.error(`Perp onboarding blocked: ${status.riskUniverseMessage}`);
+      return status;
+    }
+    if (!status.hasBalance) {
+      console.warn("No USDC balance on Hyperliquid \u2014 deposit required before trading");
+      return status;
+    }
+    if (!status.builderFeeApproved) {
+      console.log("Approving builder fee...");
+      const approved = await this.approveBuilderFee();
+      if (approved) {
+        status = { ...status, builderFeeApproved: true, ready: true };
+      }
+    }
+    if (status.ready) {
+      console.log(`Perp onboarding complete \u2014 equity: $${status.equity.toFixed(2)}`);
+    }
+    return status;
+  }
+};
+
+// src/perp/funding.ts
+var import_viem5 = require("viem");
+var import_chains3 = require("viem/chains");
+var import_accounts3 = require("viem/accounts");
+var ERC20_ABI = (0, import_viem5.parseAbi)([
+  "function approve(address spender, uint256 amount) external returns (bool)",
+  "function balanceOf(address account) external view returns (uint256)",
+  "function allowance(address owner, address spender) external view returns (uint256)"
+]);
+var TOKEN_MESSENGER_V2_ABI = (0, import_viem5.parseAbi)([
+  "function depositForBurn(uint256 amount, uint32 destinationDomain, bytes32 mintRecipient, address burnToken) external returns (uint64 nonce)",
+  "event DepositForBurn(uint64 indexed nonce, address indexed burnToken, uint256 amount, address indexed depositor, bytes32 mintRecipient, uint32 destinationDomain, bytes32 destinationTokenMessenger, bytes32 destinationCaller)"
+]);
+var MESSAGE_TRANSMITTER_V2_ABI = (0, import_viem5.parseAbi)([
+  "function receiveMessage(bytes message, bytes attestation) external returns (bool success)",
+  "event MessageSent(bytes message)"
+]);
+var CORE_DEPOSIT_WALLET_ABI = (0, import_viem5.parseAbi)([
+  "function deposit(uint256 amount, uint32 destinationDex) external"
+]);
+
+// src/secure-env.ts
+var crypto = __toESM(require("crypto"));
+var fs = __toESM(require("fs"));
+var path = __toESM(require("path"));
+var ALGORITHM = "aes-256-gcm";
+var PBKDF2_ITERATIONS = 1e5;
+var SALT_LENGTH = 32;
+var IV_LENGTH = 16;
+var KEY_LENGTH = 32;
+var SENSITIVE_PATTERNS = [
+  /PRIVATE_KEY$/i,
+  /_API_KEY$/i,
+  /API_KEY$/i,
+  /_SECRET$/i,
+  /^OPENAI_API_KEY$/i,
+  /^ANTHROPIC_API_KEY$/i,
+  /^GOOGLE_AI_API_KEY$/i,
+  /^DEEPSEEK_API_KEY$/i,
+  /^MISTRAL_API_KEY$/i,
+  /^GROQ_API_KEY$/i,
+  /^TOGETHER_API_KEY$/i
+];
+function isSensitiveKey(key) {
+  return SENSITIVE_PATTERNS.some((pattern) => pattern.test(key));
+}
+function deriveKey(passphrase, salt) {
+  return crypto.pbkdf2Sync(passphrase, salt, PBKDF2_ITERATIONS, KEY_LENGTH, "sha256");
+}
+function encryptValue(value, key) {
+  const iv = crypto.randomBytes(IV_LENGTH);
+  const cipher = crypto.createCipheriv(ALGORITHM, key, iv);
+  let encrypted = cipher.update(value, "utf8", "hex");
+  encrypted += cipher.final("hex");
+  const tag = cipher.getAuthTag();
+  return {
+    iv: iv.toString("hex"),
+    encrypted,
+    tag: tag.toString("hex")
+  };
+}
+function decryptValue(encrypted, key, iv, tag) {
+  const decipher = crypto.createDecipheriv(
+    ALGORITHM,
+    key,
+    Buffer.from(iv, "hex")
+  );
+  decipher.setAuthTag(Buffer.from(tag, "hex"));
+  let decrypted = decipher.update(encrypted, "hex", "utf8");
+  decrypted += decipher.final("utf8");
+  return decrypted;
+}
+function parseEnvFile(content) {
+  const entries = [];
+  for (const line of content.split("\n")) {
+    const trimmed = line.trim();
+    if (!trimmed || trimmed.startsWith("#")) continue;
+    const eqIndex = trimmed.indexOf("=");
+    if (eqIndex === -1) continue;
+    const key = trimmed.slice(0, eqIndex).trim();
+    let value = trimmed.slice(eqIndex + 1).trim();
+    if (value.startsWith('"') && value.endsWith('"') || value.startsWith("'") && value.endsWith("'")) {
+      value = value.slice(1, -1);
+    }
+    if (key && value) {
+      entries.push({ key, value });
+    }
+  }
+  return entries;
+}
+function encryptEnvFile(envPath, passphrase, deleteOriginal = false) {
+  if (!fs.existsSync(envPath)) {
+    throw new Error(`File not found: ${envPath}`);
+  }
+  const content = fs.readFileSync(envPath, "utf-8");
+  const entries = parseEnvFile(content);
+  if (entries.length === 0) {
+    throw new Error("No environment variables found in file");
+  }
+  const salt = crypto.randomBytes(SALT_LENGTH);
+  const key = deriveKey(passphrase, salt);
+  const encryptedEntries = entries.map(({ key: envKey, value }) => {
+    if (isSensitiveKey(envKey)) {
+      const { iv, encrypted, tag } = encryptValue(value, key);
+      return {
+        key: envKey,
+        value: encrypted,
+        encrypted: true,
+        iv,
+        tag
+      };
+    }
+    return {
+      key: envKey,
+      value,
+      encrypted: false
+    };
+  });
+  const encryptedEnv = {
+    version: 1,
+    salt: salt.toString("hex"),
+    entries: encryptedEntries
+  };
+  const encPath = envPath + ".enc";
+  fs.writeFileSync(encPath, JSON.stringify(encryptedEnv, null, 2), { mode: 384 });
+  if (deleteOriginal) {
+    fs.unlinkSync(envPath);
+  }
+  const sensitiveCount = encryptedEntries.filter((e) => e.encrypted).length;
+  const plainCount = encryptedEntries.filter((e) => !e.encrypted).length;
+  console.log(
+    `Encrypted ${sensitiveCount} sensitive values (${plainCount} non-sensitive kept as plaintext)`
+  );
+  return encPath;
+}
+function decryptEnvFile(encPath, passphrase) {
+  if (!fs.existsSync(encPath)) {
+    throw new Error(`Encrypted env file not found: ${encPath}`);
+  }
+  const content = JSON.parse(fs.readFileSync(encPath, "utf-8"));
+  if (content.version !== 1) {
+    throw new Error(`Unsupported encrypted env version: ${content.version}`);
+  }
+  const salt = Buffer.from(content.salt, "hex");
+  const key = deriveKey(passphrase, salt);
+  const result = {};
+  for (const entry of content.entries) {
+    if (entry.encrypted) {
+      if (!entry.iv || !entry.tag) {
+        throw new Error(`Missing encryption metadata for ${entry.key}`);
+      }
+      try {
+        result[entry.key] = decryptValue(entry.value, key, entry.iv, entry.tag);
+      } catch {
+        throw new Error(
+          `Failed to decrypt ${entry.key}. Wrong passphrase or corrupted data.`
+        );
+      }
+    } else {
+      result[entry.key] = entry.value;
+    }
+  }
+  return result;
+}
+function loadSecureEnv(basePath, passphrase) {
+  const encPath = path.join(basePath, ".env.enc");
+  const envPath = path.join(basePath, ".env");
+  if (fs.existsSync(encPath)) {
+    if (!passphrase) {
+      passphrase = process.env.EXAGENT_PASSPHRASE;
+    }
+    if (!passphrase) {
+      console.warn("");
+      console.warn("WARNING: Found .env.enc but no passphrase provided.");
+      console.warn("  Set EXAGENT_PASSPHRASE environment variable or");
+      console.warn("  pass --passphrase when running the agent.");
+      console.warn("  Falling back to plaintext .env file.");
+      console.warn("");
+    } else {
+      const vars = decryptEnvFile(encPath, passphrase);
+      for (const [key, value] of Object.entries(vars)) {
+        process.env[key] = value;
+      }
+      return true;
+    }
+  }
+  if (fs.existsSync(envPath)) {
+    const content = fs.readFileSync(envPath, "utf-8");
+    const entries = parseEnvFile(content);
+    const sensitiveKeys = entries.filter(({ key }) => isSensitiveKey(key)).map(({ key }) => key);
+    if (sensitiveKeys.length > 0) {
+      console.warn("");
+      console.warn("WARNING: Sensitive values stored in plaintext .env file:");
+      for (const key of sensitiveKeys) {
+        console.warn(`  - ${key}`);
+      }
+      console.warn("");
+      console.warn('  Run "npx @exagent/agent encrypt" to secure your keys.');
+      console.warn("");
+    }
+    return false;
+  }
+  return false;
+}
+
+// src/index.ts
+var AGENT_VERSION = "0.1.22";
+
+// src/relay.ts
+var RelayClient = class {
+  config;
+  ws = null;
+  authenticated = false;
+  authRejected = false;
+  reconnectAttempts = 0;
+  maxReconnectAttempts = 50;
+  reconnectTimer = null;
+  heartbeatTimer = null;
+  stopped = false;
+  constructor(config) {
+    this.config = config;
+  }
+  /**
+   * Connect to the relay server
+   */
+  async connect() {
+    if (this.stopped) return;
+    const wsUrl = this.config.relay.apiUrl.replace(/^https?:\/\//, (m) => m.includes("https") ? "wss://" : "ws://").replace(/\/$/, "") + "/ws/agent";
+    return new Promise((resolve, reject) => {
+      try {
+        this.ws = new import_ws2.default(wsUrl);
+      } catch (error) {
+        console.error("Relay: Failed to create WebSocket:", error);
+        this.scheduleReconnect();
+        reject(error);
+        return;
+      }
+      const connectTimeout = setTimeout(() => {
+        if (!this.authenticated) {
+          console.error("Relay: Connection timeout");
+          this.ws?.close();
+          this.scheduleReconnect();
+          reject(new Error("Connection timeout"));
+        }
+      }, 15e3);
+      this.ws.on("open", async () => {
+        this.authRejected = false;
+        console.log("Relay: Connected, authenticating...");
+        try {
+          await this.authenticate();
+        } catch (error) {
+          console.error("Relay: Authentication failed:", error);
+          this.ws?.close();
+          clearTimeout(connectTimeout);
+          reject(error);
+        }
+      });
+      this.ws.on("message", (raw) => {
+        try {
+          const data = JSON.parse(raw.toString());
+          this.handleMessage(data);
+          if (data.type === "auth_success") {
+            clearTimeout(connectTimeout);
+            this.authenticated = true;
+            this.reconnectAttempts = 0;
+            this.startHeartbeat();
+            console.log("Relay: Authenticated successfully");
+            resolve();
+          } else if (data.type === "auth_error") {
+            clearTimeout(connectTimeout);
+            this.authRejected = true;
+            console.error(`Relay: Auth rejected: ${data.message}`);
+            reject(new Error(data.message));
+          }
+        } catch {
+        }
+      });
+      this.ws.on("close", (code, reason) => {
+        clearTimeout(connectTimeout);
+        this.authenticated = false;
+        this.stopHeartbeat();
+        if (!this.stopped) {
+          if (!this.authRejected) {
+            console.log(`Relay: Disconnected (${code}: ${reason.toString() || "unknown"})`);
+          }
+          this.scheduleReconnect();
+        }
+      });
+      this.ws.on("error", (error) => {
+        if (!this.stopped) {
+          console.error("Relay: WebSocket error:", error.message);
+        }
+      });
+    });
+  }
+  /**
+   * Authenticate with the relay server using wallet signature
+   */
+  async authenticate() {
+    const account = (0, import_accounts4.privateKeyToAccount)(this.config.privateKey);
+    const timestamp = Math.floor(Date.now() / 1e3);
+    const message = `ExagentRelay:${this.config.agentId}:${timestamp}`;
+    const signature = await (0, import_accounts4.signMessage)({
+      message,
+      privateKey: this.config.privateKey
+    });
+    this.send({
+      type: "auth",
+      agentId: this.config.agentId,
+      wallet: account.address,
+      timestamp,
+      signature,
+      sdkVersion: AGENT_VERSION
+    });
+  }
+  /**
+   * Handle incoming messages from the relay server
+   */
+  handleMessage(data) {
+    switch (data.type) {
+      case "command":
+        if (data.command && this.config.onCommand) {
+          this.config.onCommand(data.command);
+        }
+        break;
+      case "auth_success":
+      case "auth_error":
+        break;
+      case "error":
+        console.error(`Relay: Server error: ${data.message}`);
+        break;
+    }
+  }
+  /**
+   * Send a status heartbeat
    */
-  calculateNotionalUSD(fill) {
-    const px = parseFloat(fill.px);
-    const sz = parseFloat(fill.sz);
-    return BigInt(Math.round(px * sz * 1e6));
+  sendHeartbeat(status) {
+    if (!this.authenticated) return;
+    this.send({
+      type: "heartbeat",
+      agentId: this.config.agentId,
+      status
+    });
   }
   /**
-   * Calculate fee USD from a fill (6-decimal).
-   * feeUSD = fee * 1e6 (fee is already in USD on Hyperliquid)
+   * Send a status update (outside of regular heartbeat)
    */
-  calculateFeeUSD(fill) {
-    const fee = parseFloat(fill.fee);
-    const builderFee = fill.builderFee ? parseFloat(fill.builderFee) : 0;
-    return BigInt(Math.round((fee + builderFee) * 1e6));
+  sendStatusUpdate(status) {
+    if (!this.authenticated) return;
+    this.send({
+      type: "status_update",
+      agentId: this.config.agentId,
+      status
+    });
   }
-};
-
-// src/perp/onboarding.ts
-var PerpOnboarding = class {
-  client;
-  signer;
-  config;
-  constructor(client, signer, config) {
-    this.client = client;
-    this.signer = signer;
-    this.config = config;
+  /**
+   * Send a message to the command center
+   */
+  sendMessage(messageType, level, title, body, data) {
+    if (!this.authenticated) return;
+    this.send({
+      type: "message",
+      agentId: this.config.agentId,
+      messageType,
+      level,
+      title,
+      body,
+      data
+    });
   }
-  // ============================================================
-  // BUILDER FEE
-  // ============================================================
   /**
-   * Check if the user has approved the builder fee.
-   * Builder fee must be approved before orders can include builder fees.
+   * Send a command execution result
    */
-  async isBuilderFeeApproved() {
-    try {
-      const maxFee = await this.client.getMaxBuilderFee(
-        this.signer.getAddress(),
-        this.config.builderAddress
-      );
-      return maxFee >= this.config.builderFeeTenthsBps;
-    } catch {
-      return false;
-    }
+  sendCommandResult(commandId, success, result) {
+    if (!this.authenticated) return;
+    this.send({
+      type: "command_result",
+      agentId: this.config.agentId,
+      commandId,
+      success,
+      result
+    });
   }
   /**
-   * Approve the builder fee on Hyperliquid.
-   * This is a one-time approval per builder address.
+   * Start the heartbeat timer
    */
-  async approveBuilderFee() {
-    try {
-      const action = {
-        type: "approveBuilderFee",
-        hyperliquidChain: "Mainnet",
-        maxFeeRate: `${this.config.builderFeeTenthsBps / 1e4}%`,
-        builder: this.config.builderAddress,
-        nonce: Number(getNextNonce())
-      };
-      const { signature } = await this.signer.signApproval(action);
-      const resp = await fetch(`${this.config.apiUrl}/exchange`, {
-        method: "POST",
-        headers: { "Content-Type": "application/json" },
-        body: JSON.stringify({
-          action,
-          signature: {
-            r: signature.slice(0, 66),
-            s: `0x${signature.slice(66, 130)}`,
-            v: parseInt(signature.slice(130, 132), 16)
-          },
-          nonce: action.nonce,
-          vaultAddress: null
-        })
-      });
-      if (!resp.ok) {
-        const text = await resp.text();
-        console.error(`Builder fee approval failed: ${resp.status} ${text}`);
-        return false;
+  startHeartbeat() {
+    this.stopHeartbeat();
+    const interval = this.config.relay.heartbeatIntervalMs || 3e4;
+    this.heartbeatTimer = setInterval(() => {
+      if (this.ws?.readyState === import_ws2.default.OPEN) {
+        this.ws.ping();
       }
-      console.log(`Builder fee approved: ${this.config.builderFeeTenthsBps / 10} bps for ${this.config.builderAddress}`);
-      return true;
-    } catch (error) {
-      const message = error instanceof Error ? error.message : String(error);
-      console.error(`Builder fee approval failed: ${message}`);
-      return false;
+    }, interval);
+  }
+  /**
+   * Stop the heartbeat timer
+   */
+  stopHeartbeat() {
+    if (this.heartbeatTimer) {
+      clearInterval(this.heartbeatTimer);
+      this.heartbeatTimer = null;
     }
   }
-  // ============================================================
-  // BALANCE & REQUIREMENTS
-  // ============================================================
   /**
-   * Check if the user has sufficient USDC balance on Hyperliquid.
-   * Returns the account equity in USD.
+   * Schedule a reconnection with exponential backoff
    */
-  async checkBalance() {
-    try {
-      const account = await this.client.getAccountSummary(this.signer.getAddress());
-      return {
-        hasBalance: account.totalEquity > 0,
-        equity: account.totalEquity
-      };
-    } catch {
-      return { hasBalance: false, equity: 0 };
+  scheduleReconnect() {
+    if (this.stopped) return;
+    if (this.reconnectAttempts >= this.maxReconnectAttempts) {
+      console.error("Relay: Max reconnection attempts reached. Giving up.");
+      return;
     }
+    const delay = Math.min(1e3 * Math.pow(2, this.reconnectAttempts), 3e4);
+    this.reconnectAttempts++;
+    console.log(
+      `Relay: Reconnecting in ${delay / 1e3}s (attempt ${this.reconnectAttempts}/${this.maxReconnectAttempts})`
+    );
+    this.reconnectTimer = setTimeout(() => {
+      this.connect().catch(() => {
+      });
+    }, delay);
   }
   /**
-   * Verify that the agent's risk universe allows perp trading.
-   * Perps require risk universe >= 2 (Derivatives or higher).
+   * Send a JSON message to the WebSocket
    */
-  verifyRiskUniverse(riskUniverse) {
-    if (riskUniverse >= 2) {
-      return {
-        allowed: true,
-        message: `Risk universe ${riskUniverse} allows perp trading`
-      };
+  send(data) {
+    if (this.ws?.readyState === import_ws2.default.OPEN) {
+      this.ws.send(JSON.stringify(data));
     }
-    return {
-      allowed: false,
-      message: `Risk universe ${riskUniverse} does not allow perp trading. Perps require Derivatives (2) or higher.`
-    };
   }
-  // ============================================================
-  // FULL ONBOARDING CHECK
-  // ============================================================
   /**
-   * Run all onboarding checks and return status.
-   * Does NOT auto-approve — caller must explicitly approve after review.
+   * Check if connected and authenticated
    */
-  async checkOnboardingStatus(riskUniverse) {
-    const riskCheck = this.verifyRiskUniverse(riskUniverse);
-    const balanceCheck = await this.checkBalance();
-    const builderFeeApproved = await this.isBuilderFeeApproved();
-    const ready = riskCheck.allowed && balanceCheck.hasBalance && builderFeeApproved;
-    return {
-      ready,
-      riskUniverseOk: riskCheck.allowed,
-      riskUniverseMessage: riskCheck.message,
-      hasBalance: balanceCheck.hasBalance,
-      equity: balanceCheck.equity,
-      builderFeeApproved,
-      builderAddress: this.config.builderAddress,
-      builderFeeBps: this.config.builderFeeTenthsBps / 10
-    };
+  get isConnected() {
+    return this.authenticated && this.ws?.readyState === import_ws2.default.OPEN;
   }
   /**
-   * Run full onboarding: check status and auto-approve builder fee if needed.
-   * Returns the final status after all actions.
+   * Disconnect and stop reconnecting
    */
-  async onboard(riskUniverse) {
-    let status = await this.checkOnboardingStatus(riskUniverse);
-    if (!status.riskUniverseOk) {
-      console.error(`Perp onboarding blocked: ${status.riskUniverseMessage}`);
-      return status;
-    }
-    if (!status.hasBalance) {
-      console.warn("No USDC balance on Hyperliquid \u2014 deposit required before trading");
-      return status;
-    }
-    if (!status.builderFeeApproved) {
-      console.log("Approving builder fee...");
-      const approved = await this.approveBuilderFee();
-      if (approved) {
-        status = { ...status, builderFeeApproved: true, ready: true };
-      }
+  disconnect() {
+    this.stopped = true;
+    this.stopHeartbeat();
+    if (this.reconnectTimer) {
+      clearTimeout(this.reconnectTimer);
+      this.reconnectTimer = null;
     }
-    if (status.ready) {
-      console.log(`Perp onboarding complete \u2014 equity: $${status.equity.toFixed(2)}`);
+    if (this.ws) {
+      this.ws.close(1e3, "Agent shutting down");
+      this.ws = null;
     }
-    return status;
+    this.authenticated = false;
+    console.log("Relay: Disconnected");
   }
 };
 
-// src/perp/funding.ts
-var import_viem5 = require("viem");
-var import_chains3 = require("viem/chains");
-var import_accounts4 = require("viem/accounts");
-var ERC20_ABI = (0, import_viem5.parseAbi)([
-  "function approve(address spender, uint256 amount) external returns (bool)",
-  "function balanceOf(address account) external view returns (uint256)",
-  "function allowance(address owner, address spender) external view returns (uint256)"
-]);
-var TOKEN_MESSENGER_V2_ABI = (0, import_viem5.parseAbi)([
-  "function depositForBurn(uint256 amount, uint32 destinationDomain, bytes32 mintRecipient, address burnToken) external returns (uint64 nonce)",
-  "event DepositForBurn(uint64 indexed nonce, address indexed burnToken, uint256 amount, address indexed depositor, bytes32 mintRecipient, uint32 destinationDomain, bytes32 destinationTokenMessenger, bytes32 destinationCaller)"
-]);
-var MESSAGE_TRANSMITTER_V2_ABI = (0, import_viem5.parseAbi)([
-  "function receiveMessage(bytes message, bytes attestation) external returns (bool success)",
-  "event MessageSent(bytes message)"
-]);
-var CORE_DEPOSIT_WALLET_ABI = (0, import_viem5.parseAbi)([
-  "function deposit(uint256 amount, uint32 destinationDex) external"
-]);
+// src/browser-open.ts
+var import_child_process2 = require("child_process");
+function openBrowser(url) {
+  const platform = process.platform;
+  try {
+    if (platform === "darwin") {
+      (0, import_child_process2.exec)(`open "${url}"`);
+    } else if (platform === "win32") {
+      (0, import_child_process2.exec)(`start "" "${url}"`);
+    } else {
+      (0, import_child_process2.exec)(`xdg-open "${url}"`);
+    }
+  } catch {
+  }
+}
 
 // src/runtime.ts
 var FUNDS_LOW_THRESHOLD = 5e-3;
@@ -3508,14 +3984,19 @@ var AgentRuntime = class {
   isRunning = false;
   mode = "idle";
   configHash;
+  pendingConfigHash = null;
+  lastConfigCheckAt = 0;
+  // Timestamp of last pending config RPC check
   cycleCount = 0;
   lastCycleAt = 0;
   lastPortfolioValue = 0;
   lastEthBalance = "0";
+  lastPrices = {};
   processAlive = true;
   riskUniverse = 0;
   allowedTokens = /* @__PURE__ */ new Set();
   strategyContext;
+  positionTracker;
   // Perp trading components (null if perp not enabled)
   perpClient = null;
   perpSigner = null;
@@ -3532,6 +4013,12 @@ var AgentRuntime = class {
   // When perpConnected && perpTradingActive: dedicated runPerpCycle() runs every interval
   perpConnected = false;
   perpTradingActive = false;
+  // Cached perp account data for synchronous heartbeat inclusion (refreshed async)
+  cachedPerpEquity = 0;
+  cachedPerpUnrealizedPnl = 0;
+  cachedPerpMarginUsed = 0;
+  cachedPerpLeverage = 0;
+  cachedPerpOpenPositions = 0;
   constructor(config) {
     this.config = config;
   }
@@ -3540,7 +4027,7 @@ var AgentRuntime = class {
    */
   async initialize() {
     console.log(`Initializing agent: ${this.config.name} (ID: ${this.config.agentId})`);
-    this.client = new import_sdk2.ExagentClient({
+    this.client = new import_sdk.ExagentClient({
       privateKey: this.config.privateKey,
       network: this.config.network
     });
@@ -3558,14 +4045,20 @@ var AgentRuntime = class {
     console.log(`LLM ready: ${llmMeta.provider} (${llmMeta.model})`);
     await this.syncConfigHash();
     this.strategy = await loadStrategy();
+    const store = new FileStore();
     this.strategyContext = {
-      store: new FileStore(),
+      store,
       agentId: Number(this.config.agentId),
       walletAddress: this.client.address
     };
+    this.positionTracker = new PositionTracker(store, { maxTradeHistory: 50 });
     this.executor = new TradeExecutor(this.client, this.config, () => this.getConfigHash());
     this.riskManager = new RiskManager(this.config.trading);
     this.marketData = new MarketDataService(this.getRpcUrl());
+    const savedRisk = this.positionTracker.getRiskState();
+    if (savedRisk.lastResetDate) {
+      this.riskManager.restoreState(savedRisk);
+    }
     await this.initializeVaultManager();
     await this.initializePerp();
     await this.initializeRelay();
@@ -3751,7 +4244,7 @@ var AgentRuntime = class {
       if (agent?.owner.toLowerCase() !== address.toLowerCase()) {
         const ccUrl = `https://exagent.io/agents/${encodeURIComponent(this.config.name)}/command-center`;
         const nonce = await this.client.registry.getNonce(address);
-        const linkMessage = import_sdk2.ExagentRegistry.generateLinkMessage(
+        const linkMessage = import_sdk.ExagentRegistry.generateLinkMessage(
           address,
           agentId,
           nonce
@@ -3836,65 +4329,104 @@ var AgentRuntime = class {
   }
   /**
    * Sync the LLM config hash to chain for epoch tracking.
-   * If the wallet has insufficient gas, enters a recovery loop
-   * that waits for the user to fund the wallet.
+   *
+   * If the trading wallet is NOT the agent owner, the on-chain setConfig
+   * call would revert with AgentNotOwner. Instead, we set a pending state
+   * and send a message to the command center so the owner can approve it
+   * from the website with one click.
+   *
+   * Until the config is verified on-chain, the agent won't appear on the
+   * leaderboard (trades still execute normally).
    */
   async syncConfigHash() {
     const agentId = BigInt(this.config.agentId);
     const llmMeta = this.llm.getMetadata();
-    this.configHash = import_sdk2.ExagentRegistry.calculateConfigHash(llmMeta.provider, llmMeta.model);
+    this.configHash = import_sdk.ExagentRegistry.calculateConfigHash(llmMeta.provider, llmMeta.model);
     console.log(`Config hash: ${this.configHash}`);
     const onChainHash = await this.client.registry.getConfigHash(agentId);
-    if (onChainHash !== this.configHash) {
-      console.log("Config changed, updating on-chain...");
-      try {
-        await this.client.registry.updateConfig(agentId, this.configHash);
-        const newEpoch = await this.client.registry.getCurrentEpoch(agentId);
-        console.log(`Config updated, new epoch started: ${newEpoch}`);
-      } catch (error) {
-        const message = error instanceof Error ? error.message : String(error);
-        if (message.includes("insufficient funds") || message.includes("intrinsic gas too low") || message.includes("exceeds the balance")) {
-          const ccUrl = `https://exagent.io/agents/${encodeURIComponent(this.config.name)}/command-center`;
-          const chain = import_chains4.base;
-          const publicClientInstance = (0, import_viem6.createPublicClient)({
-            chain,
-            transport: (0, import_viem6.http)(this.getRpcUrl())
+    if (onChainHash === this.configHash) {
+      console.log("Config hash matches on-chain");
+      this.pendingConfigHash = null;
+      return;
+    }
+    console.log("Config changed, updating on-chain...");
+    const agent = await this.client.registry.getAgent(agentId);
+    const isOwner = agent?.owner.toLowerCase() === this.client.address.toLowerCase();
+    if (!isOwner) {
+      this.pendingConfigHash = this.configHash;
+      this.configHash = onChainHash;
+      console.log("");
+      console.log("=== CONFIG VERIFICATION NEEDED ===");
+      console.log("");
+      console.log("  Your trading wallet cannot update the LLM config on-chain.");
+      console.log("  The owner must approve this from the command center.");
+      console.log("");
+      console.log(`  LLM:  ${llmMeta.provider} / ${llmMeta.model}`);
+      console.log(`  Hash: ${this.pendingConfigHash}`);
+      console.log("");
+      console.log("  Until approved:");
+      console.log("    - New agents will not appear on the leaderboard");
+      console.log("    - Trades will still execute normally");
+      console.log("");
+      this.relay?.sendMessage(
+        "system",
+        "warning",
+        "Config Verification Needed",
+        `Your agent is using ${llmMeta.provider}/${llmMeta.model} but this hasn't been recorded on-chain. Open the command center and click "Approve Config" to verify. Until then, your agent won't appear on the leaderboard.`,
+        { configHash: this.pendingConfigHash, provider: llmMeta.provider, model: llmMeta.model }
+      );
+      return;
+    }
+    try {
+      await this.client.registry.updateConfig(agentId, this.configHash);
+      console.log(`Config updated on-chain`);
+      this.pendingConfigHash = null;
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      if (message.includes("insufficient funds") || message.includes("intrinsic gas too low") || message.includes("exceeds the balance")) {
+        const ccUrl = `https://exagent.io/agents/${encodeURIComponent(this.config.name)}/command-center`;
+        const publicClientInstance = (0, import_viem6.createPublicClient)({
+          chain: import_chains4.base,
+          transport: (0, import_viem6.http)(this.getRpcUrl())
+        });
+        console.log("");
+        console.log("=== ETH NEEDED FOR GAS ===");
+        console.log("");
+        console.log(`  Wallet: ${this.client.address}`);
+        console.log("  Your wallet needs ETH to pay for transaction gas.");
+        console.log("  Opening the command center to fund your wallet...");
+        console.log(`  ${ccUrl}`);
+        console.log("");
+        openBrowser(ccUrl);
+        console.log("  Waiting for ETH... (checking every 15s)");
+        console.log("  Press Ctrl+C to exit.");
+        console.log("");
+        while (true) {
+          await this.sleep(15e3);
+          const balance = await publicClientInstance.getBalance({
+            address: this.client.address
           });
-          console.log("");
-          console.log("=== ETH NEEDED FOR GAS ===");
-          console.log("");
-          console.log(`  Wallet: ${this.client.address}`);
-          console.log("  Your wallet needs ETH to pay for transaction gas.");
-          console.log("  Opening the command center to fund your wallet...");
-          console.log(`  ${ccUrl}`);
-          console.log("");
-          openBrowser(ccUrl);
-          console.log("  Waiting for ETH... (checking every 15s)");
-          console.log("  Press Ctrl+C to exit.");
-          console.log("");
-          while (true) {
-            await this.sleep(15e3);
-            const balance = await publicClientInstance.getBalance({
-              address: this.client.address
-            });
-            if (balance > BigInt(0)) {
-              console.log("  ETH detected! Retrying config update...");
-              console.log("");
+          if (balance > BigInt(0)) {
+            console.log("  ETH detected! Retrying config update...");
+            console.log("");
+            try {
               await this.client.registry.updateConfig(agentId, this.configHash);
-              const newEpoch = await this.client.registry.getCurrentEpoch(agentId);
-              console.log(`Config updated, new epoch started: ${newEpoch}`);
-              return;
+              console.log(`Config updated on-chain`);
+              this.pendingConfigHash = null;
+            } catch (retryError) {
+              const retryMsg = retryError instanceof Error ? retryError.message : String(retryError);
+              console.warn(`Config update failed after funding: ${retryMsg}`);
+              console.warn("Continuing with on-chain config.");
+              this.configHash = onChainHash;
             }
-            process.stdout.write(".");
+            return;
           }
-        } else {
-          console.warn(`Config update skipped (continuing with on-chain config): ${message}`);
-          this.configHash = onChainHash;
+          process.stdout.write(".");
         }
+      } else {
+        console.warn(`Config update skipped (continuing with on-chain config): ${message}`);
+        this.configHash = onChainHash;
       }
-    } else {
-      const currentEpoch = await this.client.registry.getCurrentEpoch(agentId);
-      console.log(`Config hash matches on-chain (epoch ${currentEpoch})`);
     }
   }
   /**
@@ -4028,6 +4560,10 @@ var AgentRuntime = class {
           }
           if (updated) {
             this.riskManager = new RiskManager(this.config.trading);
+            const savedRiskState = this.positionTracker.getRiskState();
+            if (savedRiskState.lastResetDate) {
+              this.riskManager.restoreState(savedRiskState);
+            }
             console.log("Risk params updated via command center");
             this.relay?.sendCommandResult(cmd.id, true, "Risk parameters updated");
             this.relay?.sendMessage(
@@ -4221,16 +4757,44 @@ var AgentRuntime = class {
       this.relay?.sendCommandResult(cmd.id, false, message);
     }
   }
+  /**
+   * Periodically check if the owner has approved the pending config hash.
+   * Called from sendRelayStatus at most every 2.5 minutes (timestamp-throttled).
+   */
+  async checkPendingConfigApproval() {
+    if (!this.pendingConfigHash) return;
+    try {
+      const onChain = await this.client.registry.getConfigHash(BigInt(this.config.agentId));
+      if (onChain === this.pendingConfigHash) {
+        this.configHash = this.pendingConfigHash;
+        this.pendingConfigHash = null;
+        console.log("Config verified on-chain! Your agent will now appear on the leaderboard.");
+        this.relay?.sendMessage(
+          "config_updated",
+          "success",
+          "Config Verified",
+          "Your LLM config has been verified on-chain. Your agent will now appear on the leaderboard."
+        );
+      }
+    } catch {
+    }
+  }
   /**
    * Send current status to the relay
    */
   sendRelayStatus() {
     if (!this.relay) return;
+    const CONFIG_CHECK_INTERVAL_MS = 15e4;
+    if (this.pendingConfigHash && Date.now() - this.lastConfigCheckAt >= CONFIG_CHECK_INTERVAL_MS) {
+      this.lastConfigCheckAt = Date.now();
+      this.checkPendingConfigApproval();
+    }
     const vaultConfig = this.config.vault || { policy: "disabled" };
     const status = {
       mode: this.mode,
       agentId: String(this.config.agentId),
       wallet: this.client?.address,
+      sdkVersion: AGENT_VERSION,
       cycleCount: this.cycleCount,
       lastCycleAt: this.lastCycleAt,
       tradingIntervalMs: this.config.trading.tradingIntervalMs,
@@ -4253,30 +4817,32 @@ var AgentRuntime = class {
       perp: this.perpConnected ? {
         enabled: true,
         trading: this.perpTradingActive,
-        equity: 0,
-        unrealizedPnl: 0,
-        marginUsed: 0,
-        openPositions: 0,
-        effectiveLeverage: 0,
+        equity: this.cachedPerpEquity,
+        unrealizedPnl: this.cachedPerpUnrealizedPnl,
+        marginUsed: this.cachedPerpMarginUsed,
+        openPositions: this.cachedPerpOpenPositions,
+        effectiveLeverage: this.cachedPerpLeverage,
         pendingRecords: this.perpRecorder?.pendingRetries ?? 0
-      } : void 0
+      } : void 0,
+      positions: this.positionTracker ? this.positionTracker.getPositionSummary(this.lastPrices) : void 0,
+      configHash: this.configHash || void 0,
+      pendingConfigHash: this.pendingConfigHash
+      // null preserved by JSON.stringify for clearing
     };
-    if (this.perpConnected && this.perpPositions && status.perp) {
+    this.relay.sendHeartbeat(status);
+    if (this.perpConnected && this.perpPositions) {
       this.perpPositions.getAccountSummary().then((account) => {
-        if (status.perp) {
-          status.perp.equity = account.totalEquity;
-          status.perp.unrealizedPnl = account.totalUnrealizedPnl;
-          status.perp.marginUsed = account.totalMarginUsed;
-          status.perp.effectiveLeverage = account.effectiveLeverage;
-        }
+        this.cachedPerpEquity = account.totalEquity;
+        this.cachedPerpUnrealizedPnl = account.totalUnrealizedPnl;
+        this.cachedPerpMarginUsed = account.totalMarginUsed;
+        this.cachedPerpLeverage = account.effectiveLeverage;
       }).catch(() => {
       });
       this.perpPositions.getPositionCount().then((count) => {
-        if (status.perp) status.perp.openPositions = count;
+        this.cachedPerpOpenPositions = count;
       }).catch(() => {
       });
     }
-    this.relay.sendHeartbeat(status);
   }
   /**
    * Run a single trading cycle
@@ -4290,14 +4856,19 @@ var AgentRuntime = class {
     const marketData = await this.marketData.fetchMarketData(this.client.address, tokens);
     console.log(`Portfolio value: $${marketData.portfolioValue.toFixed(2)}`);
     this.lastPortfolioValue = marketData.portfolioValue;
+    this.lastPrices = marketData.prices;
     const nativeEthBal = marketData.balances[NATIVE_ETH.toLowerCase()] || BigInt(0);
     this.lastEthBalance = (Number(nativeEthBal) / 1e18).toFixed(6);
+    this.positionTracker.syncBalances(marketData.balances, marketData.prices);
     const fundsOk = this.checkFundsLow(marketData);
     if (!fundsOk) {
       console.warn("Skipping trading cycle \u2014 ETH balance critically low");
       this.sendRelayStatus();
       return;
     }
+    this.strategyContext.positions = this.positionTracker.getPositions();
+    this.strategyContext.tradeHistory = this.positionTracker.getTradeHistory(20);
+    this.strategyContext.positionTracker = this.positionTracker;
     let signals;
     try {
       signals = await this.strategy(marketData, this.llm, this.config, this.strategyContext);
@@ -4363,13 +4934,30 @@ var AgentRuntime = class {
           );
         }
       }
+      for (const result of results) {
+        const tokenIn = result.signal.tokenIn.toLowerCase();
+        const tokenOut = result.signal.tokenOut.toLowerCase();
+        this.positionTracker.recordTrade({
+          action: result.signal.action,
+          tokenIn,
+          tokenOut,
+          amountIn: result.signal.amountIn,
+          priceIn: marketData.prices[tokenIn] || 0,
+          priceOut: marketData.prices[tokenOut] || 0,
+          txHash: result.txHash,
+          reasoning: result.signal.reasoning,
+          success: result.success
+        });
+      }
       const postTokens = this.config.allowedTokens || this.getDefaultTokens();
       const postTradeData = await this.marketData.fetchMarketData(this.client.address, postTokens);
       const marketPnL = postTradeData.portfolioValue - preTradePortfolioValue + totalFeesUSD;
       this.riskManager.updatePnL(marketPnL);
+      this.positionTracker.saveRiskState(this.riskManager.exportState());
       if (marketPnL !== 0) {
         console.log(`Cycle PnL: $${marketPnL.toFixed(2)} (market), -$${totalFeesUSD.toFixed(2)} (fees)`);
       }
+      this.positionTracker.syncBalances(postTradeData.balances, postTradeData.prices);
       this.lastPortfolioValue = postTradeData.portfolioValue;
       const postNativeEthBal = postTradeData.balances[NATIVE_ETH.toLowerCase()] || BigInt(0);
       this.lastEthBalance = (Number(postNativeEthBal) / 1e18).toFixed(6);
@@ -4644,192 +5232,6 @@ var AgentRuntime = class {
 
 // src/cli.ts
 var import_accounts6 = require("viem/accounts");
-
-// src/secure-env.ts
-var crypto = __toESM(require("crypto"));
-var fs = __toESM(require("fs"));
-var path = __toESM(require("path"));
-var ALGORITHM = "aes-256-gcm";
-var PBKDF2_ITERATIONS = 1e5;
-var SALT_LENGTH = 32;
-var IV_LENGTH = 16;
-var KEY_LENGTH = 32;
-var SENSITIVE_PATTERNS = [
-  /PRIVATE_KEY$/i,
-  /_API_KEY$/i,
-  /API_KEY$/i,
-  /_SECRET$/i,
-  /^OPENAI_API_KEY$/i,
-  /^ANTHROPIC_API_KEY$/i,
-  /^GOOGLE_AI_API_KEY$/i,
-  /^DEEPSEEK_API_KEY$/i,
-  /^MISTRAL_API_KEY$/i,
-  /^GROQ_API_KEY$/i,
-  /^TOGETHER_API_KEY$/i
-];
-function isSensitiveKey(key) {
-  return SENSITIVE_PATTERNS.some((pattern) => pattern.test(key));
-}
-function deriveKey(passphrase, salt) {
-  return crypto.pbkdf2Sync(passphrase, salt, PBKDF2_ITERATIONS, KEY_LENGTH, "sha256");
-}
-function encryptValue(value, key) {
-  const iv = crypto.randomBytes(IV_LENGTH);
-  const cipher = crypto.createCipheriv(ALGORITHM, key, iv);
-  let encrypted = cipher.update(value, "utf8", "hex");
-  encrypted += cipher.final("hex");
-  const tag = cipher.getAuthTag();
-  return {
-    iv: iv.toString("hex"),
-    encrypted,
-    tag: tag.toString("hex")
-  };
-}
-function decryptValue(encrypted, key, iv, tag) {
-  const decipher = crypto.createDecipheriv(
-    ALGORITHM,
-    key,
-    Buffer.from(iv, "hex")
-  );
-  decipher.setAuthTag(Buffer.from(tag, "hex"));
-  let decrypted = decipher.update(encrypted, "hex", "utf8");
-  decrypted += decipher.final("utf8");
-  return decrypted;
-}
-function parseEnvFile(content) {
-  const entries = [];
-  for (const line of content.split("\n")) {
-    const trimmed = line.trim();
-    if (!trimmed || trimmed.startsWith("#")) continue;
-    const eqIndex = trimmed.indexOf("=");
-    if (eqIndex === -1) continue;
-    const key = trimmed.slice(0, eqIndex).trim();
-    let value = trimmed.slice(eqIndex + 1).trim();
-    if (value.startsWith('"') && value.endsWith('"') || value.startsWith("'") && value.endsWith("'")) {
-      value = value.slice(1, -1);
-    }
-    if (key && value) {
-      entries.push({ key, value });
-    }
-  }
-  return entries;
-}
-function encryptEnvFile(envPath, passphrase, deleteOriginal = false) {
-  if (!fs.existsSync(envPath)) {
-    throw new Error(`File not found: ${envPath}`);
-  }
-  const content = fs.readFileSync(envPath, "utf-8");
-  const entries = parseEnvFile(content);
-  if (entries.length === 0) {
-    throw new Error("No environment variables found in file");
-  }
-  const salt = crypto.randomBytes(SALT_LENGTH);
-  const key = deriveKey(passphrase, salt);
-  const encryptedEntries = entries.map(({ key: envKey, value }) => {
-    if (isSensitiveKey(envKey)) {
-      const { iv, encrypted, tag } = encryptValue(value, key);
-      return {
-        key: envKey,
-        value: encrypted,
-        encrypted: true,
-        iv,
-        tag
-      };
-    }
-    return {
-      key: envKey,
-      value,
-      encrypted: false
-    };
-  });
-  const encryptedEnv = {
-    version: 1,
-    salt: salt.toString("hex"),
-    entries: encryptedEntries
-  };
-  const encPath = envPath + ".enc";
-  fs.writeFileSync(encPath, JSON.stringify(encryptedEnv, null, 2), { mode: 384 });
-  if (deleteOriginal) {
-    fs.unlinkSync(envPath);
-  }
-  const sensitiveCount = encryptedEntries.filter((e) => e.encrypted).length;
-  const plainCount = encryptedEntries.filter((e) => !e.encrypted).length;
-  console.log(
-    `Encrypted ${sensitiveCount} sensitive values (${plainCount} non-sensitive kept as plaintext)`
-  );
-  return encPath;
-}
-function decryptEnvFile(encPath, passphrase) {
-  if (!fs.existsSync(encPath)) {
-    throw new Error(`Encrypted env file not found: ${encPath}`);
-  }
-  const content = JSON.parse(fs.readFileSync(encPath, "utf-8"));
-  if (content.version !== 1) {
-    throw new Error(`Unsupported encrypted env version: ${content.version}`);
-  }
-  const salt = Buffer.from(content.salt, "hex");
-  const key = deriveKey(passphrase, salt);
-  const result = {};
-  for (const entry of content.entries) {
-    if (entry.encrypted) {
-      if (!entry.iv || !entry.tag) {
-        throw new Error(`Missing encryption metadata for ${entry.key}`);
-      }
-      try {
-        result[entry.key] = decryptValue(entry.value, key, entry.iv, entry.tag);
-      } catch {
-        throw new Error(
-          `Failed to decrypt ${entry.key}. Wrong passphrase or corrupted data.`
-        );
-      }
-    } else {
-      result[entry.key] = entry.value;
-    }
-  }
-  return result;
-}
-function loadSecureEnv(basePath, passphrase) {
-  const encPath = path.join(basePath, ".env.enc");
-  const envPath = path.join(basePath, ".env");
-  if (fs.existsSync(encPath)) {
-    if (!passphrase) {
-      passphrase = process.env.EXAGENT_PASSPHRASE;
-    }
-    if (!passphrase) {
-      console.warn("");
-      console.warn("WARNING: Found .env.enc but no passphrase provided.");
-      console.warn("  Set EXAGENT_PASSPHRASE environment variable or");
-      console.warn("  pass --passphrase when running the agent.");
-      console.warn("  Falling back to plaintext .env file.");
-      console.warn("");
-    } else {
-      const vars = decryptEnvFile(encPath, passphrase);
-      for (const [key, value] of Object.entries(vars)) {
-        process.env[key] = value;
-      }
-      return true;
-    }
-  }
-  if (fs.existsSync(envPath)) {
-    const content = fs.readFileSync(envPath, "utf-8");
-    const entries = parseEnvFile(content);
-    const sensitiveKeys = entries.filter(({ key }) => isSensitiveKey(key)).map(({ key }) => key);
-    if (sensitiveKeys.length > 0) {
-      console.warn("");
-      console.warn("WARNING: Sensitive values stored in plaintext .env file:");
-      for (const key of sensitiveKeys) {
-        console.warn(`  - ${key}`);
-      }
-      console.warn("");
-      console.warn('  Run "npx @exagent/agent encrypt" to secure your keys.');
-      console.warn("");
-    }
-    return false;
-  }
-  return false;
-}
-
-// src/cli.ts
 (0, import_dotenv2.config)();
 var program = new import_commander.Command();
 program.name("exagent").description("Exagent autonomous trading agent").version("0.1.0");