@exagent/agent 0.3.5 → 0.3.6

package/test-live-signing.mjs

@@ -1,374 +0,0 @@
-/**
- * Live Signing Validation Test
- *
- * Tests our signing/auth code against REAL mainnet APIs.
- * No funds needed — we validate that signatures are accepted
- * (errors should be "insufficient margin", NOT "invalid signature").
- *
- * Tests:
- * 1. Hyperliquid: EIP-712 sign → submit order → expect margin error (not signature error)
- * 2. Polymarket: L2 API key derivation → expect success (proves auth works)
- */
-
-import { createWalletClient, http } from 'viem';
-import { privateKeyToAccount } from 'viem/accounts';
-import { arbitrum } from 'viem/chains';
-
-// Test wallet (no funds — that's fine for signing validation)
-const TEST_PKEY = '0xf1a60fbdb6a77340ce20756f95496b477ea86ab73e01f6c27a503771a80850ad';
-
-const account = privateKeyToAccount(TEST_PKEY);
-console.log(`Test wallet: ${account.address}`);
-console.log('═══════════════════════════════════════════════\n');
-
-let passed = 0;
-let failed = 0;
-
-// ═══════════════════════════════════════════════════════════
-// TEST 1: Hyperliquid EIP-712 Signing
-// ═══════════════════════════════════════════════════════════
-
-console.log('TEST 1: Hyperliquid EIP-712 Signing + Order Submission');
-console.log('─────────────────────────────────────────────');
-
-try {
-  // Import our modules from dist
-  const { HyperliquidClient, HyperliquidSigner, getNextNonce, HYPERLIQUID_DOMAIN } = await import('./dist/index.js');
-
-  const config = {
-    enabled: true,
-    apiUrl: 'https://api.hyperliquid.xyz',
-    wsUrl: 'wss://api.hyperliquid.xyz/ws',
-    maxLeverage: 10,
-    maxNotionalUSD: 50000,
-  };
-
-  const client = new HyperliquidClient(config);
-
-  // Create a viem WalletClient for signing
-  const walletClient = createWalletClient({
-    account,
-    chain: arbitrum,
-    transport: http('https://arb1.arbitrum.io/rpc'),
-  });
-
-  const signer = new HyperliquidSigner(walletClient);
-
-  // Verify signer address
-  const signerAddr = signer.getAddress();
-  console.log(`  Signer address: ${signerAddr}`);
-  if (signerAddr.toLowerCase() !== account.address.toLowerCase()) {
-    throw new Error('Signer address mismatch!');
-  }
-  console.log('  ✓ Signer address matches\n');
-
-  // Get ETH asset index
-  const ethIndex = await client.getAssetIndex('ETH');
-  console.log(`  ETH asset index: ${ethIndex}`);
-
-  // Simulate the exact same flow as OrderManager.placeOrder
-  // (price.toString() on a round number produces "2000", not "2000.0")
-  const signal = { price: 2000, size: 0.001, reduceOnly: false };
-  const orderWire = {
-    a: ethIndex,
-    b: true,          // buy (long)
-    p: signal.price.toString(),   // "2000" — correct format
-    s: signal.size.toString(),    // "0.001"
-    r: signal.reduceOnly,
-    t: { limit: { tif: 'Gtc' } },
-  };
-
-  const action = {
-    type: 'order',
-    orders: [orderWire],
-    grouping: 'na',
-  };
-
-  // Sign the action
-  const nonce = getNextNonce();
-  const { signature } = await signer.signAction(action, nonce);
-  console.log(`  Signature: ${signature.slice(0, 20)}...${signature.slice(-8)}`);
-  console.log(`  Nonce: ${nonce}\n`);
-
-  // Parse signature into r, s, v
-  const sigR = signature.slice(0, 66);
-  const sigS = `0x${signature.slice(66, 130)}`;
-  const sigV = parseInt(signature.slice(130, 132), 16);
-
-  console.log('  Submitting to Hyperliquid Exchange API...');
-
-  // Submit to the Exchange API
-  const resp = await fetch('https://api.hyperliquid.xyz/exchange', {
-    method: 'POST',
-    headers: { 'Content-Type': 'application/json' },
-    body: JSON.stringify({
-      action,
-      nonce: Number(nonce),
-      signature: { r: sigR, s: sigS, v: sigV },
-      vaultAddress: null,
-    }),
-  });
-
-  const respText = await resp.text();
-  let respJson;
-  try { respJson = JSON.parse(respText); } catch { respJson = respText; }
-
-  console.log(`  HTTP Status: ${resp.status}`);
-  console.log(`  Response: ${JSON.stringify(respJson)}\n`);
-
-  // Analyze the response
-  const respStr = typeof respJson === 'string' ? respJson : JSON.stringify(respJson);
-
-  if (respStr.toLowerCase().includes('invalid signature') ||
-      respStr.toLowerCase().includes('signature verification') ||
-      respStr.toLowerCase().includes('bad signature')) {
-    console.log('  ✗ SIGNATURE REJECTED — our EIP-712 signing is broken!\n');
-    failed++;
-  } else if (resp.status === 200 || resp.status === 400 || resp.status === 403) {
-    // Any response that ISN'T a signature error means our signing works
-    // Common expected errors: "Not enough margin", "User does not exist", etc.
-    console.log('  ✓ Signature ACCEPTED by Hyperliquid API');
-    console.log('    (Order rejected for business reason, not signing — this is expected)\n');
-    passed++;
-  } else {
-    console.log(`  ⚠ Unexpected response — needs manual review\n`);
-    // Still count as pass if not a signature error
-    if (!respStr.toLowerCase().includes('signature')) {
-      passed++;
-    } else {
-      failed++;
-    }
-  }
-
-} catch (error) {
-  console.log(`  ✗ Error: ${error.message}\n`);
-  // Check if the error is about signing or about something else
-  if (error.message.toLowerCase().includes('signature')) {
-    failed++;
-  } else {
-    console.log('  (Error is not signature-related — may be a network or other issue)');
-    failed++;
-  }
-}
-
-// ═══════════════════════════════════════════════════════════
-// TEST 2: Hyperliquid Update Leverage (different action type)
-// ═══════════════════════════════════════════════════════════
-
-console.log('TEST 2: Hyperliquid Update Leverage Signing');
-console.log('─────────────────────────────────────────────');
-
-try {
-  const { HyperliquidClient, HyperliquidSigner, getNextNonce } = await import('./dist/index.js');
-
-  const config = {
-    enabled: true,
-    apiUrl: 'https://api.hyperliquid.xyz',
-    wsUrl: 'wss://api.hyperliquid.xyz/ws',
-    maxLeverage: 10,
-    maxNotionalUSD: 50000,
-  };
-
-  const client = new HyperliquidClient(config);
-  const walletClient = createWalletClient({
-    account,
-    chain: arbitrum,
-    transport: http('https://arb1.arbitrum.io/rpc'),
-  });
-  const signer = new HyperliquidSigner(walletClient);
-
-  const ethIndex = await client.getAssetIndex('ETH');
-
-  const action = {
-    type: 'updateLeverage',
-    asset: ethIndex,
-    isCross: true,
-    leverage: 5,
-  };
-
-  const nonce = getNextNonce();
-  const { signature } = await signer.signAction(action, nonce);
-
-  const sigR = signature.slice(0, 66);
-  const sigS = `0x${signature.slice(66, 130)}`;
-  const sigV = parseInt(signature.slice(130, 132), 16);
-
-  console.log('  Submitting updateLeverage to Exchange API...');
-
-  const resp = await fetch('https://api.hyperliquid.xyz/exchange', {
-    method: 'POST',
-    headers: { 'Content-Type': 'application/json' },
-    body: JSON.stringify({
-      action,
-      nonce: Number(nonce),
-      signature: { r: sigR, s: sigS, v: sigV },
-      vaultAddress: null,
-    }),
-  });
-
-  const respText = await resp.text();
-  let respJson;
-  try { respJson = JSON.parse(respText); } catch { respJson = respText; }
-
-  console.log(`  HTTP Status: ${resp.status}`);
-  console.log(`  Response: ${JSON.stringify(respJson)}\n`);
-
-  const respStr = typeof respJson === 'string' ? respJson : JSON.stringify(respJson);
-
-  if (respStr.toLowerCase().includes('invalid signature') ||
-      respStr.toLowerCase().includes('bad signature')) {
-    console.log('  ✗ SIGNATURE REJECTED\n');
-    failed++;
-  } else {
-    console.log('  ✓ Leverage update accepted (or rejected for non-signature reason)\n');
-    passed++;
-  }
-} catch (error) {
-  console.log(`  ✗ Error: ${error.message}\n`);
-  failed++;
-}
-
-// ═══════════════════════════════════════════════════════════
-// TEST 3: Polymarket L2 API Key Derivation
-// ═══════════════════════════════════════════════════════════
-
-console.log('TEST 3: Polymarket CLOB API Key Derivation');
-console.log('─────────────────────────────────────────────');
-
-try {
-  const { PolymarketClient } = await import('./dist/index.js');
-
-  console.log('  Initializing PolymarketClient...');
-  console.log('  (This derives L2 API keys via wallet signature — proves auth works)\n');
-
-  const pmClient = new PolymarketClient(TEST_PKEY, {
-    enabled: true,
-    clobApiUrl: 'https://clob.polymarket.com',
-    gammaApiUrl: 'https://gamma-api.polymarket.com',
-    maxNotionalUSD: 100,
-    maxTotalExposureUSD: 200,
-  });
-
-  await pmClient.initialize();
-
-  if (pmClient.isInitialized) {
-    console.log(`  ✓ CLOB client initialized successfully`);
-    console.log(`  ✓ L2 API keys derived — authentication pipeline WORKS`);
-    console.log(`  Wallet: ${pmClient.getWalletAddress()}\n`);
-    passed++;
-
-    // Test 3b: Try to fetch open orders (validates L2 auth headers)
-    console.log('  Fetching open orders (validates L2 auth headers)...');
-    const orders = await pmClient.getOpenOrders();
-    console.log(`  ✓ Open orders response: ${orders.length} orders (expected: 0)\n`);
-
-    // Test 3c: Try to fetch trade history
-    console.log('  Fetching trade history...');
-    const trades = await pmClient.getTradeHistory();
-    console.log(`  ✓ Trade history response: ${trades.length} trades (expected: 0)\n`);
-
-    passed++; // Auth headers work
-
-  } else {
-    console.log('  ✗ CLOB client failed to initialize\n');
-    failed++;
-  }
-} catch (error) {
-  console.log(`  ✗ Error: ${error.message}`);
-  if (error.message.includes('401') || error.message.includes('403')) {
-    console.log('  (Auth rejected — signing may be incompatible)\n');
-  } else {
-    console.log('  (May be a network or API issue)\n');
-  }
-  failed++;
-}
-
-// ═══════════════════════════════════════════════════════════
-// TEST 4: Polymarket Order Signing (expect insufficient balance)
-// ═══════════════════════════════════════════════════════════
-
-console.log('TEST 4: Polymarket Order Signing');
-console.log('─────────────────────────────────────────────');
-
-try {
-  const { PolymarketClient } = await import('./dist/index.js');
-
-  const pmClient = new PolymarketClient(TEST_PKEY, {
-    enabled: true,
-    clobApiUrl: 'https://clob.polymarket.com',
-    gammaApiUrl: 'https://gamma-api.polymarket.com',
-    maxNotionalUSD: 100,
-    maxTotalExposureUSD: 200,
-  });
-
-  await pmClient.initialize();
-
-  // Find a real active market to test against
-  console.log('  Finding an active market (trending)...');
-  const trending = await pmClient.getTrendingMarkets(1);
-
-  if (trending.length === 0) {
-    console.log('  ⚠ No active markets found — skipping order test\n');
-    // Not a failure, just can't test this part
-  } else {
-    const market = trending[0];
-    console.log(`  Found: "${market.question}"`);
-    console.log(`  Token IDs: ${market.outcomeTokenIds.join(', ')}`);
-
-    const tokenId = market.outcomeTokenIds[0];
-    if (tokenId) {
-      console.log(`\n  Attempting to place a tiny limit order (will fail with balance error)...`);
-      try {
-        const result = await pmClient.placeLimitOrder({
-          tokenId,
-          price: 0.01, // Minimum price
-          size: 5,     // Minimum size
-          side: 'BUY',
-        });
-        console.log(`  Order result: ${JSON.stringify(result)}`);
-        if (result.success) {
-          console.log('  ✓ Order placed successfully (unexpected with no balance, but signing works!)');
-          // Cancel it immediately
-          if (result.orderId) {
-            await pmClient.cancelOrder(result.orderId);
-            console.log('  Cancelled test order\n');
-          }
-          passed++;
-        } else {
-          console.log('  Order rejected (expected — no balance)\n');
-          // This is still a pass for signing if the error isn't about signatures
-          passed++;
-        }
-      } catch (orderError) {
-        const msg = orderError.message || String(orderError);
-        console.log(`  Order error: ${msg}`);
-        if (msg.toLowerCase().includes('signature') || msg.toLowerCase().includes('auth')) {
-          console.log('  ✗ Order SIGNING failed\n');
-          failed++;
-        } else {
-          console.log('  ✓ Order rejected for non-signing reason (balance, size, etc.)\n');
-          passed++;
-        }
-      }
-    }
-  }
-} catch (error) {
-  console.log(`  ✗ Error: ${error.message}\n`);
-  failed++;
-}
-
-// ═══════════════════════════════════════════════════════════
-// SUMMARY
-// ═══════════════════════════════════════════════════════════
-
-console.log('═══════════════════════════════════════════════');
-console.log(`  RESULTS: ${passed} passed, ${failed} failed`);
-console.log('═══════════════════════════════════════════════');
-
-if (failed > 0) {
-  console.log('\n⚠ Some tests failed. The signing/auth pipeline needs fixes before live trading.');
-  process.exit(1);
-} else {
-  console.log('\n✓ All signing/auth tests passed. The code is ready for funded live testing.');
-  process.exit(0);
-}