@exagent/agent 0.1.22 → 0.1.24

package/dist/cli.js

@@ -1659,7 +1659,7 @@ function classifyTradeError(message) {
   if (lower.includes("notauthorizedforagent") || lower.includes("not authorized")) {
     return {
       category: "not_authorized",
-      userMessage: "Wallet not authorized for this agent. Ensure your wallet is linked via the registry."
+      userMessage: 'Wallet not authorized for this agent. This wallet is not linked to your agent on-chain, so the router rejected the trade. To fix: (1) Open your command center at exagent.io, (2) Use the Wallet Management panel to check linked wallets, (3) If you lost your old wallet, unlink it first then re-run the agent to link the new one. Run "npx @exagent/agent export-key" to verify which wallet this agent is using.'
     };
   }
   if (lower.includes("aggregatornotwhitelisted")) {
@@ -1834,7 +1834,9 @@ var RiskManager = class {
       dailyNetPnL: this.dailyPnL - this.dailyFees,
       dailyLossLimit: maxLossUSD,
       // Only market PnL triggers the limit — fees are excluded
-      isLimitHit: pv > 0 ? this.dailyPnL < -maxLossUSD : false
+      isLimitHit: pv > 0 ? this.dailyPnL < -maxLossUSD : false,
+      maxPositionSizeBps: this.config.maxPositionSizeBps,
+      maxDailyLossBps: this.config.maxDailyLossBps
     };
   }
   // ============================================================
@@ -3702,7 +3704,7 @@ function loadSecureEnv(basePath, passphrase) {
 }
 
 // src/index.ts
-var AGENT_VERSION = "0.1.22";
+var AGENT_VERSION = "0.1.24";
 
 // src/relay.ts
 var RelayClient = class {
@@ -4807,7 +4809,9 @@ var AgentRuntime = class {
       risk: this.riskManager?.getStatus(this.lastPortfolioValue) || {
         dailyPnL: 0,
         dailyLossLimit: 0,
-        isLimitHit: false
+        isLimitHit: false,
+        maxPositionSizeBps: this.config.trading.maxPositionSizeBps,
+        maxDailyLossBps: this.config.trading.maxDailyLossBps
       },
       vault: {
         policy: vaultConfig.policy,
@@ -5193,7 +5197,13 @@ var AgentRuntime = class {
         model: this.config.llm.model || "default"
       },
       configHash: this.configHash || "not initialized",
-      risk: this.riskManager?.getStatus(this.lastPortfolioValue) || { dailyPnL: 0, dailyLossLimit: 0, isLimitHit: false },
+      risk: this.riskManager?.getStatus(this.lastPortfolioValue) || {
+        dailyPnL: 0,
+        dailyLossLimit: 0,
+        isLimitHit: false,
+        maxPositionSizeBps: this.config.trading.maxPositionSizeBps,
+        maxDailyLossBps: this.config.trading.maxDailyLossBps
+      },
       vault: {
         policy: vaultConfig.policy,
         hasVault: false,
@@ -5306,6 +5316,37 @@ async function checkFirstRunSetup(configPath) {
   let privateKey;
   let walletAddress;
   if (walletSetup === "generate") {
+    console.log("");
+    console.log("!".repeat(60));
+    console.log("  WALLET BACKUP \u2014 READ BEFORE CONTINUING");
+    console.log("!".repeat(60));
+    console.log("");
+    console.log("  WHY THIS MATTERS:");
+    console.log("  Exagent is non-custodial. Your trading wallet key is");
+    console.log("  generated here on your machine and never leaves it.");
+    console.log("  We do not store it. No one else has a copy.");
+    console.log("");
+    console.log("  WHAT THIS MEANS:");
+    console.log("  The private key will live ONLY in the .env file");
+    console.log("  in this folder. If you delete this folder, your");
+    console.log("  wallet and ALL FUNDS in it are permanently lost.");
+    console.log("  There is NO recovery \u2014 Exagent cannot help.");
+    console.log("");
+    console.log("  BEFORE CONTINUING:");
+    console.log("  - Know where this folder is on your computer");
+    console.log("  - Plan to back up .env (or .env.enc) after setup");
+    console.log("  - Store your passphrase in a password manager");
+    console.log("  - View your key anytime: npx @exagent/agent export-key");
+    console.log("");
+    console.log("!".repeat(60));
+    console.log("");
+    const ack = await prompt('  Type "I understand" to continue: ');
+    if (ack.trim().toLowerCase() !== "i understand") {
+      console.log("");
+      console.log("  Setup cancelled. Run the agent again when ready.");
+      process.exit(0);
+    }
+    console.log("");
     console.log("[WALLET] Generating a new wallet for your agent...");
     console.log("");
     const generatedKey = (0, import_accounts6.generatePrivateKey)();
@@ -5319,8 +5360,9 @@ async function checkFirstRunSetup(configPath) {
     console.log("  | " + walletAddress.padEnd(56) + " |");
     console.log("  +" + "-".repeat(58) + "+");
     console.log("");
-    console.log("  IMPORTANT: Your private key has been saved to .env");
-    console.log("  Back up this file securely. If lost, your funds are gone.");
+    console.log("  CRITICAL: Back up your .env file now.");
+    console.log("  Export your key anytime: npx @exagent/agent export-key");
+    console.log("  If you lose .env AND your backup, funds are unrecoverable.");
     console.log("");
     const confirmed = await prompt("  Press Enter to continue, or Ctrl+C to cancel...");
   } else {
@@ -5649,4 +5691,56 @@ program.command("encrypt").description("Encrypt .env file to .env.enc for secure
     process.exit(1);
   }
 });
+program.command("export-key").description("Display your trading wallet private key for backup").option("-d, --dir <path>", "Directory containing .env or .env.enc file", ".").option("-p, --passphrase <passphrase>", "Passphrase to decrypt .env.enc").action(async (options) => {
+  try {
+    const dir = options.dir.startsWith("/") ? options.dir : path2.join(process.cwd(), options.dir);
+    let passphrase = options.passphrase || process.env.EXAGENT_PASSPHRASE;
+    const encPath = path2.join(dir, ".env.enc");
+    const envPath = path2.join(dir, ".env");
+    if (fs2.existsSync(encPath) && !passphrase) {
+      console.log("");
+      console.log("  Encrypted config found (.env.enc)");
+      console.log("");
+      passphrase = await prompt("  Enter passphrase: ", true);
+      console.log("");
+    }
+    const usedEncrypted = loadSecureEnv(dir, passphrase);
+    if (!usedEncrypted && fs2.existsSync(envPath)) {
+      const { config: loadDotenv } = await import("dotenv");
+      loadDotenv({ path: envPath, override: true });
+    }
+    const privateKey = process.env.EXAGENT_PRIVATE_KEY;
+    if (!privateKey) {
+      console.error("");
+      console.error("  No private key found. Make sure .env or .env.enc exists in this directory.");
+      console.error("");
+      process.exit(1);
+    }
+    const { privateKeyToAccount: privateKeyToAccount7 } = await import("viem/accounts");
+    const account = privateKeyToAccount7(privateKey);
+    console.log("");
+    console.log("=".repeat(60));
+    console.log("  WALLET PRIVATE KEY EXPORT");
+    console.log("=".repeat(60));
+    console.log("");
+    console.log("  +" + "-".repeat(58) + "+");
+    console.log("  | WALLET ADDRESS:                                          |");
+    console.log("  | " + account.address.padEnd(56) + " |");
+    console.log("  +" + "-".repeat(58) + "+");
+    console.log("  | PRIVATE KEY:                                             |");
+    console.log("  | " + privateKey.padEnd(56) + " |");
+    console.log("  +" + "-".repeat(58) + "+");
+    console.log("");
+    console.log("  WARNING: Anyone with this key controls your wallet.");
+    console.log("  Store it in a password manager. Never share it.");
+    console.log("  Never paste it in a browser, email, or chat.");
+    console.log("");
+    console.log("=".repeat(60));
+    console.log("");
+    process.exit(0);
+  } catch (error) {
+    console.error("Error:", error instanceof Error ? error.message : error);
+    process.exit(1);
+  }
+});
 program.parse();

package/dist/cli.mjs

@@ -6,7 +6,7 @@ import {
   loadConfig,
   loadSecureEnv,
   validateConfig
-} from "./chunk-EJHDRG5Y.mjs";
+} from "./chunk-IBU6T6U7.mjs";
 
 // src/cli.ts
 import { Command } from "commander";
@@ -89,6 +89,37 @@ async function checkFirstRunSetup(configPath) {
   let privateKey;
   let walletAddress;
   if (walletSetup === "generate") {
+    console.log("");
+    console.log("!".repeat(60));
+    console.log("  WALLET BACKUP \u2014 READ BEFORE CONTINUING");
+    console.log("!".repeat(60));
+    console.log("");
+    console.log("  WHY THIS MATTERS:");
+    console.log("  Exagent is non-custodial. Your trading wallet key is");
+    console.log("  generated here on your machine and never leaves it.");
+    console.log("  We do not store it. No one else has a copy.");
+    console.log("");
+    console.log("  WHAT THIS MEANS:");
+    console.log("  The private key will live ONLY in the .env file");
+    console.log("  in this folder. If you delete this folder, your");
+    console.log("  wallet and ALL FUNDS in it are permanently lost.");
+    console.log("  There is NO recovery \u2014 Exagent cannot help.");
+    console.log("");
+    console.log("  BEFORE CONTINUING:");
+    console.log("  - Know where this folder is on your computer");
+    console.log("  - Plan to back up .env (or .env.enc) after setup");
+    console.log("  - Store your passphrase in a password manager");
+    console.log("  - View your key anytime: npx @exagent/agent export-key");
+    console.log("");
+    console.log("!".repeat(60));
+    console.log("");
+    const ack = await prompt('  Type "I understand" to continue: ');
+    if (ack.trim().toLowerCase() !== "i understand") {
+      console.log("");
+      console.log("  Setup cancelled. Run the agent again when ready.");
+      process.exit(0);
+    }
+    console.log("");
     console.log("[WALLET] Generating a new wallet for your agent...");
     console.log("");
     const generatedKey = generatePrivateKey();
@@ -102,8 +133,9 @@ async function checkFirstRunSetup(configPath) {
     console.log("  | " + walletAddress.padEnd(56) + " |");
     console.log("  +" + "-".repeat(58) + "+");
     console.log("");
-    console.log("  IMPORTANT: Your private key has been saved to .env");
-    console.log("  Back up this file securely. If lost, your funds are gone.");
+    console.log("  CRITICAL: Back up your .env file now.");
+    console.log("  Export your key anytime: npx @exagent/agent export-key");
+    console.log("  If you lose .env AND your backup, funds are unrecoverable.");
     console.log("");
     const confirmed = await prompt("  Press Enter to continue, or Ctrl+C to cancel...");
   } else {
@@ -432,4 +464,56 @@ program.command("encrypt").description("Encrypt .env file to .env.enc for secure
     process.exit(1);
   }
 });
+program.command("export-key").description("Display your trading wallet private key for backup").option("-d, --dir <path>", "Directory containing .env or .env.enc file", ".").option("-p, --passphrase <passphrase>", "Passphrase to decrypt .env.enc").action(async (options) => {
+  try {
+    const dir = options.dir.startsWith("/") ? options.dir : path.join(process.cwd(), options.dir);
+    let passphrase = options.passphrase || process.env.EXAGENT_PASSPHRASE;
+    const encPath = path.join(dir, ".env.enc");
+    const envPath = path.join(dir, ".env");
+    if (fs.existsSync(encPath) && !passphrase) {
+      console.log("");
+      console.log("  Encrypted config found (.env.enc)");
+      console.log("");
+      passphrase = await prompt("  Enter passphrase: ", true);
+      console.log("");
+    }
+    const usedEncrypted = loadSecureEnv(dir, passphrase);
+    if (!usedEncrypted && fs.existsSync(envPath)) {
+      const { config: loadDotenv } = await import("dotenv");
+      loadDotenv({ path: envPath, override: true });
+    }
+    const privateKey = process.env.EXAGENT_PRIVATE_KEY;
+    if (!privateKey) {
+      console.error("");
+      console.error("  No private key found. Make sure .env or .env.enc exists in this directory.");
+      console.error("");
+      process.exit(1);
+    }
+    const { privateKeyToAccount: privateKeyToAccount2 } = await import("viem/accounts");
+    const account = privateKeyToAccount2(privateKey);
+    console.log("");
+    console.log("=".repeat(60));
+    console.log("  WALLET PRIVATE KEY EXPORT");
+    console.log("=".repeat(60));
+    console.log("");
+    console.log("  +" + "-".repeat(58) + "+");
+    console.log("  | WALLET ADDRESS:                                          |");
+    console.log("  | " + account.address.padEnd(56) + " |");
+    console.log("  +" + "-".repeat(58) + "+");
+    console.log("  | PRIVATE KEY:                                             |");
+    console.log("  | " + privateKey.padEnd(56) + " |");
+    console.log("  +" + "-".repeat(58) + "+");
+    console.log("");
+    console.log("  WARNING: Anyone with this key controls your wallet.");
+    console.log("  Store it in a password manager. Never share it.");
+    console.log("  Never paste it in a browser, email, or chat.");
+    console.log("");
+    console.log("=".repeat(60));
+    console.log("");
+    process.exit(0);
+  } catch (error) {
+    console.error("Error:", error instanceof Error ? error.message : error);
+    process.exit(1);
+  }
+});
 program.parse();

package/dist/index.d.mts

@@ -710,6 +710,8 @@ interface AgentStatusPayload {
         dailyPnL: number;
         dailyLossLimit: number;
         isLimitHit: boolean;
+        maxPositionSizeBps?: number;
+        maxDailyLossBps?: number;
     };
     vault?: {
         policy: string;
@@ -1392,6 +1394,8 @@ declare class RiskManager {
         dailyNetPnL: number;
         dailyLossLimit: number;
         isLimitHit: boolean;
+        maxPositionSizeBps: number;
+        maxDailyLossBps: number;
     };
     /**
      * Filter perp trade signals through risk checks.
@@ -2103,6 +2107,6 @@ declare function decryptEnvFile(encPath: string, passphrase: string): Record<str
 declare function loadSecureEnv(basePath: string, passphrase?: string): boolean;
 
 /** @exagent/agent package version — update alongside package.json */
-declare const AGENT_VERSION = "0.1.22";
+declare const AGENT_VERSION = "0.1.24";
 
 export { AGENT_VERSION, type AccountSummary, type AgentConfig, AgentConfigSchema, type AgentMode, AgentRuntime, type AgentStatusPayload, AnthropicAdapter, BaseLLMAdapter, type CommandType, DeepSeekAdapter, FileStore, type FillCallback, type FundingCallback, type FundingPayment, GoogleAdapter, GroqAdapter, HYPERLIQUID_DOMAIN, HyperliquidClient, HyperliquidSigner, HyperliquidWebSocket, type LLMAdapter, type LLMConfig, LLMConfigSchema, type LLMMessage, type LLMMetadata, type LLMProvider, LLMProviderSchema, type LLMResponse, type LiquidationCallback, type MarketData, MarketDataService, type MessageLevel, type MessageType, MistralAdapter, OllamaAdapter, type OnboardingStatus, OpenAIAdapter, OrderManager, type OrderResult, type PerpAction, type PerpConfig$1 as PerpConfig, PerpConfigSchema, type PerpFill, type PerpMarketData, PerpOnboarding, type PerpPosition, type PerpStrategyFunction, PerpTradeRecorder, type PerpTradeSignal, type PerpConfig as PerpTradingConfig, PositionManager, type PositionSummary, PositionTracker, type RecordPerpTradeParams, RelayClient, type RelayCommand, type RelayConfig$1 as RelayConfig, RelayConfigSchema, RiskManager, type RiskState, type RiskUniverse, RiskUniverseSchema, type RuntimeConfig, STRATEGY_TEMPLATES, type StrategyContext, type StrategyFunction, type StrategyStore, type StrategyTemplate, TogetherAdapter, type TrackedPosition, TradeExecutor, type TradeRecord, type TradeSignal, type TradingConfig, TradingConfigSchema, type VaultConfig, VaultConfigSchema, VaultManager, type VaultManagerConfig, type VaultPolicy, VaultPolicySchema, type VaultStatus, createLLMAdapter, createSampleConfig, decryptEnvFile, encryptEnvFile, fillHashToBytes32, fillOidToBytes32, getAllStrategyTemplates, getNextNonce, getStrategyTemplate, loadConfig, loadSecureEnv, loadStrategy, validateConfig, validateStrategy };

package/dist/index.d.ts

@@ -710,6 +710,8 @@ interface AgentStatusPayload {
         dailyPnL: number;
         dailyLossLimit: number;
         isLimitHit: boolean;
+        maxPositionSizeBps?: number;
+        maxDailyLossBps?: number;
     };
     vault?: {
         policy: string;
@@ -1392,6 +1394,8 @@ declare class RiskManager {
         dailyNetPnL: number;
         dailyLossLimit: number;
         isLimitHit: boolean;
+        maxPositionSizeBps: number;
+        maxDailyLossBps: number;
     };
     /**
      * Filter perp trade signals through risk checks.
@@ -2103,6 +2107,6 @@ declare function decryptEnvFile(encPath: string, passphrase: string): Record<str
 declare function loadSecureEnv(basePath: string, passphrase?: string): boolean;
 
 /** @exagent/agent package version — update alongside package.json */
-declare const AGENT_VERSION = "0.1.22";
+declare const AGENT_VERSION = "0.1.24";
 
 export { AGENT_VERSION, type AccountSummary, type AgentConfig, AgentConfigSchema, type AgentMode, AgentRuntime, type AgentStatusPayload, AnthropicAdapter, BaseLLMAdapter, type CommandType, DeepSeekAdapter, FileStore, type FillCallback, type FundingCallback, type FundingPayment, GoogleAdapter, GroqAdapter, HYPERLIQUID_DOMAIN, HyperliquidClient, HyperliquidSigner, HyperliquidWebSocket, type LLMAdapter, type LLMConfig, LLMConfigSchema, type LLMMessage, type LLMMetadata, type LLMProvider, LLMProviderSchema, type LLMResponse, type LiquidationCallback, type MarketData, MarketDataService, type MessageLevel, type MessageType, MistralAdapter, OllamaAdapter, type OnboardingStatus, OpenAIAdapter, OrderManager, type OrderResult, type PerpAction, type PerpConfig$1 as PerpConfig, PerpConfigSchema, type PerpFill, type PerpMarketData, PerpOnboarding, type PerpPosition, type PerpStrategyFunction, PerpTradeRecorder, type PerpTradeSignal, type PerpConfig as PerpTradingConfig, PositionManager, type PositionSummary, PositionTracker, type RecordPerpTradeParams, RelayClient, type RelayCommand, type RelayConfig$1 as RelayConfig, RelayConfigSchema, RiskManager, type RiskState, type RiskUniverse, RiskUniverseSchema, type RuntimeConfig, STRATEGY_TEMPLATES, type StrategyContext, type StrategyFunction, type StrategyStore, type StrategyTemplate, TogetherAdapter, type TrackedPosition, TradeExecutor, type TradeRecord, type TradeSignal, type TradingConfig, TradingConfigSchema, type VaultConfig, VaultConfigSchema, VaultManager, type VaultManagerConfig, type VaultPolicy, VaultPolicySchema, type VaultStatus, createLLMAdapter, createSampleConfig, decryptEnvFile, encryptEnvFile, fillHashToBytes32, fillOidToBytes32, getAllStrategyTemplates, getNextNonce, getStrategyTemplate, loadConfig, loadSecureEnv, loadStrategy, validateConfig, validateStrategy };

package/dist/index.js

@@ -1747,7 +1747,7 @@ function classifyTradeError(message) {
   if (lower.includes("notauthorizedforagent") || lower.includes("not authorized")) {
     return {
       category: "not_authorized",
-      userMessage: "Wallet not authorized for this agent. Ensure your wallet is linked via the registry."
+      userMessage: 'Wallet not authorized for this agent. This wallet is not linked to your agent on-chain, so the router rejected the trade. To fix: (1) Open your command center at exagent.io, (2) Use the Wallet Management panel to check linked wallets, (3) If you lost your old wallet, unlink it first then re-run the agent to link the new one. Run "npx @exagent/agent export-key" to verify which wallet this agent is using.'
     };
   }
   if (lower.includes("aggregatornotwhitelisted")) {
@@ -1922,7 +1922,9 @@ var RiskManager = class {
       dailyNetPnL: this.dailyPnL - this.dailyFees,
       dailyLossLimit: maxLossUSD,
       // Only market PnL triggers the limit — fees are excluded
-      isLimitHit: pv > 0 ? this.dailyPnL < -maxLossUSD : false
+      isLimitHit: pv > 0 ? this.dailyPnL < -maxLossUSD : false,
+      maxPositionSizeBps: this.config.maxPositionSizeBps,
+      maxDailyLossBps: this.config.maxDailyLossBps
     };
   }
   // ============================================================
@@ -4709,7 +4711,9 @@ var AgentRuntime = class {
       risk: this.riskManager?.getStatus(this.lastPortfolioValue) || {
         dailyPnL: 0,
         dailyLossLimit: 0,
-        isLimitHit: false
+        isLimitHit: false,
+        maxPositionSizeBps: this.config.trading.maxPositionSizeBps,
+        maxDailyLossBps: this.config.trading.maxDailyLossBps
       },
       vault: {
         policy: vaultConfig.policy,
@@ -5095,7 +5099,13 @@ var AgentRuntime = class {
         model: this.config.llm.model || "default"
       },
       configHash: this.configHash || "not initialized",
-      risk: this.riskManager?.getStatus(this.lastPortfolioValue) || { dailyPnL: 0, dailyLossLimit: 0, isLimitHit: false },
+      risk: this.riskManager?.getStatus(this.lastPortfolioValue) || {
+        dailyPnL: 0,
+        dailyLossLimit: 0,
+        isLimitHit: false,
+        maxPositionSizeBps: this.config.trading.maxPositionSizeBps,
+        maxDailyLossBps: this.config.trading.maxDailyLossBps
+      },
       vault: {
         policy: vaultConfig.policy,
         hasVault: false,
@@ -5317,7 +5327,7 @@ function loadSecureEnv(basePath, passphrase) {
 }
 
 // src/index.ts
-var AGENT_VERSION = "0.1.22";
+var AGENT_VERSION = "0.1.24";
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   AGENT_VERSION,

package/dist/index.mjs

@@ -49,7 +49,7 @@ import {
   loadStrategy,
   validateConfig,
   validateStrategy
-} from "./chunk-EJHDRG5Y.mjs";
+} from "./chunk-IBU6T6U7.mjs";
 export {
   AGENT_VERSION,
   AgentConfigSchema,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@exagent/agent",
-  "version": "0.1.22",
+  "version": "0.1.24",
   "description": "Autonomous trading agent runtime for Exagent",
   "main": "dist/index.js",
   "module": "dist/index.mjs",