@exagent/agent 0.2.1 → 0.3.1

package/src/setup.ts

@@ -0,0 +1,332 @@
+import { chmodSync, existsSync, mkdirSync, writeFileSync } from 'node:fs';
+import { homedir } from 'node:os';
+import { dirname, resolve } from 'node:path';
+import { generatePrivateKey, privateKeyToAccount } from 'viem/accounts';
+import * as clack from '@clack/prompts';
+import {
+  encryptSecretPayload,
+  getDefaultSecureStorePath,
+  readConfigFile,
+  type LocalSecretPayload,
+  type RuntimeConfigFile,
+  writeConfigFile,
+} from './config.js';
+import { printBanner, printStep, printDone, printInfo, printError, printSuccess, pc } from './ui.js';
+
+interface BootstrapPayload {
+  apiToken: string;
+  walletPrivateKey?: string;
+  llm?: {
+    provider?: string;
+    model?: string;
+    apiKey?: string;
+  };
+}
+
+function expandHomeDir(path: string): string {
+  if (!path.startsWith('~/')) return path;
+  return resolve(homedir(), path.slice(2));
+}
+
+function cancelled(): never {
+  clack.cancel('Setup cancelled.');
+  process.exit(0);
+}
+
+// ---------------------------------------------------------------------------
+// Step 1: Bootstrap
+// ---------------------------------------------------------------------------
+
+async function consumeBootstrapPackage(config: RuntimeConfigFile): Promise<BootstrapPayload> {
+  if (!config.secrets?.bootstrapToken) {
+    return { apiToken: '' };
+  }
+
+  const apiHost = new URL(config.apiUrl).host;
+  printInfo(`Connecting to ${pc.cyan(apiHost)}...`);
+
+  const res = await fetch(`${config.apiUrl}/v1/agents/bootstrap/consume`, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({
+      agentId: config.agentId,
+      token: config.secrets.bootstrapToken,
+    }),
+  });
+
+  if (!res.ok) {
+    const body = await res.text();
+    throw new Error(`Failed to consume bootstrap package: ${body}`);
+  }
+
+  const data = await res.json() as { payload: BootstrapPayload };
+  return data.payload;
+}
+
+// ---------------------------------------------------------------------------
+// Step 2: Wallet
+// ---------------------------------------------------------------------------
+
+async function setupWallet(config: RuntimeConfigFile): Promise<string> {
+  if (config.wallet?.privateKey) {
+    const account = privateKeyToAccount(config.wallet.privateKey as `0x${string}`);
+    printDone(`Using existing wallet: ${pc.dim(account.address)}`);
+    return config.wallet.privateKey;
+  }
+
+  const method = await clack.select({
+    message: 'How would you like to set up your wallet?',
+    options: [
+      { value: 'generate', label: 'Generate new wallet locally', hint: 'recommended' },
+      { value: 'import', label: 'Import existing private key' },
+    ],
+  });
+  if (clack.isCancel(method)) cancelled();
+
+  if (method === 'generate') {
+    const privateKey = generatePrivateKey();
+    const address = privateKeyToAccount(privateKey).address;
+    printDone(`Wallet created: ${pc.dim(address)}`);
+    return privateKey;
+  }
+
+  // Import flow
+  const privateKey = await clack.password({
+    message: 'Wallet private key (0x...):',
+    validate: (val) => {
+      if (!/^0x[a-fA-F0-9]{64}$/.test(val)) {
+        return 'Invalid private key. Expected a 32-byte hex string prefixed with 0x.';
+      }
+    },
+  });
+  if (clack.isCancel(privateKey)) cancelled();
+
+  const address = privateKeyToAccount(privateKey as `0x${string}`).address;
+  printDone(`Wallet imported: ${pc.dim(address)}`);
+  return privateKey;
+}
+
+// ---------------------------------------------------------------------------
+// Step 3: LLM
+// ---------------------------------------------------------------------------
+
+const LLM_PROVIDERS = ['openai', 'anthropic', 'google', 'deepseek', 'mistral', 'groq', 'together', 'ollama'] as const;
+
+async function setupLlm(
+  config: RuntimeConfigFile,
+  bootstrapPayload: BootstrapPayload,
+): Promise<{ provider: string; model: string; apiKey: string }> {
+  // Provider
+  let provider = config.llm?.provider || bootstrapPayload.llm?.provider;
+  if (provider) {
+    printInfo(`Provider: ${pc.cyan(provider)} ${pc.dim('(from dashboard)')}`);
+  } else {
+    const selected = await clack.select({
+      message: 'LLM provider:',
+      options: LLM_PROVIDERS.map(p => ({ value: p, label: p })),
+    });
+    if (clack.isCancel(selected)) cancelled();
+    provider = selected;
+  }
+
+  // Model
+  let model = config.llm?.model || bootstrapPayload.llm?.model;
+  if (model) {
+    printInfo(`Model: ${pc.cyan(model)} ${pc.dim('(from dashboard)')}`);
+  } else {
+    const entered = await clack.text({
+      message: 'LLM model:',
+      placeholder: 'gpt-4o',
+      validate: (val) => {
+        if (!val.trim()) return 'Model name is required.';
+      },
+    });
+    if (clack.isCancel(entered)) cancelled();
+    model = entered;
+  }
+
+  // API Key
+  let apiKey: string | undefined;
+  if (bootstrapPayload.llm?.apiKey) {
+    const useBootstrap = await clack.confirm({
+      message: 'LLM API key received from dashboard. Use it?',
+      initialValue: true,
+    });
+    if (clack.isCancel(useBootstrap)) cancelled();
+    if (useBootstrap) {
+      apiKey = bootstrapPayload.llm.apiKey;
+    }
+  }
+  if (!apiKey) {
+    apiKey = config.llm?.apiKey;
+  }
+  if (!apiKey) {
+    const entered = await clack.password({
+      message: 'LLM API key:',
+      validate: (val) => {
+        if (!val.trim()) return 'API key is required.';
+      },
+    });
+    if (clack.isCancel(entered)) cancelled();
+    apiKey = entered;
+  }
+
+  printDone('LLM configured');
+  return { provider, model, apiKey };
+}
+
+// ---------------------------------------------------------------------------
+// Step 4: Encryption
+// ---------------------------------------------------------------------------
+
+async function setupEncryption(): Promise<string> {
+  printInfo(`Secrets encrypted with ${pc.cyan('AES-256-GCM')} (${pc.cyan('scrypt')} KDF)`);
+  printInfo('The password never leaves this machine.');
+  console.log();
+
+  const password = await clack.password({
+    message: 'Choose a device password (12+ characters):',
+    validate: (val) => {
+      if (val.length < 12) return 'Password must be at least 12 characters.';
+    },
+  });
+  if (clack.isCancel(password)) cancelled();
+
+  const confirm = await clack.password({
+    message: 'Confirm password:',
+    validate: (val) => {
+      if (val !== password) return 'Passwords do not match.';
+    },
+  });
+  if (clack.isCancel(confirm)) cancelled();
+
+  return password;
+}
+
+// ---------------------------------------------------------------------------
+// Secure store
+// ---------------------------------------------------------------------------
+
+function writeSecureStore(path: string, secrets: LocalSecretPayload, password: string): string {
+  const secureStorePath = expandHomeDir(path);
+  const encrypted = encryptSecretPayload(secrets, password);
+  const dir = dirname(secureStorePath);
+  if (!existsSync(dir)) {
+    mkdirSync(dir, { recursive: true, mode: 0o700 });
+  }
+  writeFileSync(secureStorePath, JSON.stringify(encrypted, null, 2), { mode: 0o600 });
+  try {
+    chmodSync(secureStorePath, 0o600);
+  } catch {
+    // Best effort — some platforms ignore chmod semantics.
+  }
+  return secureStorePath;
+}
+
+// ---------------------------------------------------------------------------
+// Public: password prompt (used by run/status commands)
+// ---------------------------------------------------------------------------
+
+export async function promptSecretPassword(question: string = 'Device password:'): Promise<string> {
+  const password = await clack.password({ message: question });
+  if (clack.isCancel(password)) cancelled();
+  return password;
+}
+
+// ---------------------------------------------------------------------------
+// Main setup orchestrator
+// ---------------------------------------------------------------------------
+
+export async function ensureLocalSetup(configPath: string): Promise<void> {
+  const config = readConfigFile(configPath);
+  const existingSecureStorePath = config.secrets?.secureStorePath ? expandHomeDir(config.secrets.secureStorePath) : null;
+  if (
+    existingSecureStorePath &&
+    !config.secrets?.bootstrapToken &&
+    existsSync(existingSecureStorePath) &&
+    !config.apiToken &&
+    !config.wallet?.privateKey &&
+    !config.llm.apiKey
+  ) {
+    return;
+  }
+
+  printBanner();
+
+  clack.intro(pc.bold('Agent Setup'));
+
+  // Step 1: Bootstrap
+  printStep(1, 4, 'Bootstrap package');
+  const bootstrapPayload = await consumeBootstrapPackage(config);
+  if (config.secrets?.bootstrapToken) {
+    printDone('Bootstrap package consumed');
+    if (bootstrapPayload.llm?.provider) {
+      printInfo(`LLM config received: ${pc.cyan(bootstrapPayload.llm.provider)}${bootstrapPayload.llm.model ? ` / ${pc.cyan(bootstrapPayload.llm.model)}` : ''}`);
+    }
+  } else {
+    printInfo('No bootstrap token — manual configuration');
+  }
+
+  // Step 2: Wallet
+  printStep(2, 4, 'Wallet setup');
+  const walletPrivateKey = await setupWallet(config);
+
+  // Step 3: LLM
+  printStep(3, 4, 'LLM configuration');
+  const llm = await setupLlm(config, bootstrapPayload);
+
+  // Step 4: Encryption
+  printStep(4, 4, 'Device encryption');
+  const password = await setupEncryption();
+
+  // Build secrets and write
+  const secrets: LocalSecretPayload = {
+    apiToken: bootstrapPayload.apiToken || config.apiToken || '',
+    walletPrivateKey,
+    llmApiKey: llm.apiKey,
+  };
+
+  if (!secrets.apiToken) {
+    // Prompt for relay token if not available from bootstrap or config
+    const token = await clack.password({
+      message: 'Agent relay token:',
+      validate: (val) => {
+        if (!val.trim()) return 'Relay token is required.';
+      },
+    });
+    if (clack.isCancel(token)) cancelled();
+    secrets.apiToken = token;
+  }
+
+  const nextConfig = structuredClone(config);
+  nextConfig.llm = {
+    ...nextConfig.llm,
+    provider: llm.provider as RuntimeConfigFile['llm']['provider'],
+    model: llm.model,
+  };
+
+  // Strip plaintext secrets from config file
+  delete nextConfig.apiToken;
+  delete nextConfig.wallet;
+  delete nextConfig.llm.apiKey;
+
+  const secureStorePath = writeSecureStore(
+    nextConfig.secrets?.secureStorePath || getDefaultSecureStorePath(nextConfig.agentId),
+    secrets,
+    password,
+  );
+
+  nextConfig.secrets = { secureStorePath };
+  writeConfigFile(configPath, nextConfig);
+
+  printDone(`Encrypted store: ${pc.dim(secureStorePath)}`);
+
+  clack.outro(pc.green('Setup complete'));
+
+  printSuccess('Ready', [
+    `${pc.cyan('npx exagent run')}      Start trading`,
+    `${pc.cyan('npx exagent status')}   Check connection`,
+    '',
+    `${pc.dim('Dashboard:')}  ${pc.cyan('https://exagent.io')}`,
+  ]);
+}

package/src/strategy/loader.ts

@@ -1,16 +1,50 @@
 import { existsSync } from 'node:fs';
 import { resolve } from 'node:path';
+import { z } from 'zod';
 import type { StrategyFunction, StrategyContext, TradeSignal } from '@exagent/sdk';
 import { getTemplate } from './templates.js';
+import { scrubSecrets } from '../scrub-secrets.js';
+
+const promptSignalSchema = z.object({
+  symbol: z.string().min(1),
+  side: z.enum(['buy', 'sell', 'long', 'short']),
+  confidence: z.number().min(0).max(1).optional(),
+  reasoning: z.string().optional(),
+  venue: z.string().optional(),
+  chain: z.string().optional(),
+  size: z.number().positive().optional(),
+  price: z.number().positive().optional(),
+  fee: z.number().min(0).optional(),
+  venueFillId: z.string().optional(),
+  venueTimestamp: z.string().optional(),
+  leverage: z.number().positive().optional(),
+  orderType: z.string().optional(),
+});
+
+const promptSignalArraySchema = z.array(promptSignalSchema);
 
 export async function loadStrategy(config: {
   file?: string;
+  code?: string;
   template?: string;
+  prompt?: {
+    name?: string;
+    systemPrompt: string;
+    venues?: string[];
+  };
 }): Promise<StrategyFunction> {
   if (config.file) {
     return loadFromFile(config.file);
   }
 
+  if (config.code) {
+    return loadFromCode(config.code);
+  }
+
+  if (config.prompt) {
+    return loadFromPrompt(config.prompt);
+  }
+
   if (config.template) {
     const template = getTemplate(config.template);
     if (!template) {
@@ -34,7 +68,31 @@ async function loadFromFile(filePath: string): Promise<StrategyFunction> {
     const fn = mod.default || mod.strategy;
 
     if (typeof fn !== 'function') {
-      throw new Error(`Strategy file must export a default function or 'strategy' function`);
+      if (typeof mod.code === 'string' && mod.code.trim()) {
+        return loadFromCode(mod.code);
+      }
+
+      if (typeof mod.systemPrompt === 'string' && mod.systemPrompt.trim()) {
+        const venues = Array.isArray(mod.venues)
+          ? mod.venues.filter((venue: unknown): venue is string => typeof venue === 'string')
+          : undefined;
+        const name = typeof mod.name === 'string' ? mod.name : undefined;
+        return loadFromPrompt({
+          name,
+          systemPrompt: mod.systemPrompt,
+          venues,
+        });
+      }
+
+      if (typeof mod.template === 'string' && mod.template.trim()) {
+        const template = getTemplate(mod.template);
+        if (!template) {
+          throw new Error(`Unknown strategy template: ${mod.template}. Available: momentum, value, arbitrage, hold`);
+        }
+        return loadFromCode(template.code);
+      }
+
+      throw new Error(`Strategy file must export a default function, 'strategy' function, 'code' string, 'systemPrompt' string, or 'template' string`);
     }
 
     return fn as StrategyFunction;
@@ -51,6 +109,79 @@ async function loadFromCode(code: string): Promise<StrategyFunction> {
   return fn;
 }
 
+function loadFromPrompt(config: {
+  name?: string;
+  systemPrompt: string;
+  venues?: string[];
+}): StrategyFunction {
+  return async (context: StrategyContext): Promise<TradeSignal[]> => {
+    const prices = context.market.getPrices();
+    const positions = context.position.openPositions.map((position) => ({
+      token: position.token,
+      quantity: position.quantity,
+      costBasisPerUnit: position.costBasisPerUnit,
+      venue: position.venue,
+      chain: position.chain,
+    }));
+
+    const response = await context.llm.chat([
+      { role: 'system', content: config.systemPrompt },
+      {
+        role: 'user',
+        content: [
+          `Strategy: ${config.name || 'Prompt Strategy'}`,
+          `Allowed venues: ${(config.venues || []).join(', ') || 'any'}`,
+          `Current prices: ${JSON.stringify(prices)}`,
+          `Open positions: ${JSON.stringify(positions)}`,
+          `Risk config: ${JSON.stringify(context.config)}`,
+          'Return ONLY a JSON array of trade signals.',
+        ].join('\n'),
+      },
+    ]);
+
+    // Defense-in-depth: scrub any secrets the LLM might echo back before parsing
+    const scrubbedContent = scrubSecrets(response.content);
+
+    const match = scrubbedContent.match(/\[[\s\S]*\]/);
+    if (!match) {
+      context.log('Prompt strategy returned a non-JSON response; no signals emitted.');
+      return [];
+    }
+
+    try {
+      const parsed = promptSignalArraySchema.parse(JSON.parse(match[0]));
+      const signals: TradeSignal[] = [];
+      for (const signal of parsed) {
+        const price = signal.price ?? prices[signal.symbol.toUpperCase()];
+        if (!price || price <= 0) {
+          context.log(`Prompt strategy skipped ${signal.symbol}: no usable price in response or market cache.`);
+          continue;
+        }
+
+        signals.push({
+          symbol: signal.symbol,
+          side: signal.side,
+          confidence: signal.confidence ?? 0.5,
+          reasoning: signal.reasoning,
+          venue: signal.venue || config.venues?.[0] || 'manual',
+          chain: signal.chain,
+          size: signal.size ?? 1,
+          price,
+          fee: signal.fee ?? 0,
+          venueFillId: signal.venueFillId ?? '',
+          venueTimestamp: signal.venueTimestamp ?? new Date().toISOString(),
+          leverage: signal.leverage,
+          orderType: signal.orderType,
+        });
+      }
+      return signals;
+    } catch (err) {
+      context.log(`Prompt strategy parse failed: ${(err as Error).message}`);
+      return [];
+    }
+  };
+}
+
 const holdStrategy: StrategyFunction = async (_context: StrategyContext): Promise<TradeSignal[]> => {
   return []; // No trades — hold position
 };

package/src/ui.ts

@@ -0,0 +1,75 @@
+import figlet from 'figlet';
+import gradient from 'gradient-string';
+import boxen from 'boxen';
+import pc from 'picocolors';
+import { createRequire } from 'node:module';
+
+// Brand gradient: Blue → Indigo → Violet (from Exagent design system)
+const brandGradient: (text: string) => string = gradient(['#3B82F6', '#6366F1', '#7C3AED']);
+
+// Secondary gradient: Cyan → Blue
+const accentGradient: (text: string) => string = gradient(['#22D3EE', '#3B82F6']);
+
+function getVersion(): string {
+  try {
+    const require = createRequire(import.meta.url);
+    const pkg = require('../package.json');
+    return pkg.version || '0.0.0';
+  } catch {
+    return '0.0.0';
+  }
+}
+
+export function printBanner(): void {
+  const art = figlet.textSync('EXAGENT', {
+    font: 'Small',
+    horizontalLayout: 'default',
+  });
+
+  console.log();
+  console.log(brandGradient(art));
+  console.log(pc.dim(`  v${getVersion()}`));
+  console.log();
+}
+
+export function printSuccess(title: string, lines: string[]): void {
+  const body = [
+    '',
+    pc.bold(pc.white(title)),
+    '',
+    ...lines.map(l => `  ${l}`),
+    '',
+  ].join('\n');
+
+  console.log();
+  console.log(boxen(body, {
+    padding: { top: 0, bottom: 0, left: 2, right: 2 },
+    borderColor: '#3B82F6',
+    borderStyle: 'round',
+    dimBorder: false,
+  }));
+  console.log();
+}
+
+export function printStep(step: number, total: number, label: string): void {
+  console.log();
+  console.log(accentGradient(`  Step ${step} of ${total}`) + pc.dim(` — ${label}`));
+}
+
+export function printDone(message: string): void {
+  console.log(`  ${pc.green('✓')} ${message}`);
+}
+
+export function printInfo(message: string): void {
+  console.log(`  ${pc.dim('│')} ${message}`);
+}
+
+export function printWarn(message: string): void {
+  console.log(`  ${pc.yellow('!')} ${message}`);
+}
+
+export function printError(message: string): void {
+  console.log(`  ${pc.red('✗')} ${message}`);
+}
+
+export { pc, brandGradient, accentGradient };