@fidacy/openclaw-plugin 0.1.1 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -18,3 +18,10 @@ First release. Fidacy payment firewall as a native OpenClaw plugin:
18
18
  fallback; `engineApiKey` enables signed verdicts from the live engine.
19
19
  - Built against `openclaw@2026.6.11` plugin-sdk types; bundle is self-contained
20
20
  (`openclaw/plugin-sdk/*` external, engine inlined).
21
+
22
+ ## 0.1.2 — 2026-07-02
23
+
24
+ - Telemetry: reports `shell: "openclaw-plugin"` + the plugin's own version, so
25
+ ClawHub-native adoption is attributable (was indistinguishable from MCP).
26
+ - DENY responses now point to the `fidacy_upgrade` tool.
27
+ - Inherits the self-documenting first-run config + friendlier boot line.
package/dist/index.js CHANGED
@@ -4439,7 +4439,7 @@ var DevFidacyCore = class {
4439
4439
  this.priv = kp.privateKey;
4440
4440
  this.pubPem = publicKeyPem(kp.publicKey);
4441
4441
  if (kp.ephemeral)
4442
- console.error("[fidacy] dev mode: ephemeral signing key. Production: set FIDACY_SIGNING_KEY_B64, or FIDACY_MODE=http + FIDACY_API_URL + FIDACY_API_KEY to use the live core.");
4442
+ console.error("[fidacy] local firewall active, deny-by-default. Grants are signed with a per-session key (fine for local use); set FIDACY_SIGNING_KEY_B64 for a stable key, or FIDACY_MODE=http to use the hosted core.");
4443
4443
  this.mandate = opts.mandate;
4444
4444
  this.store = new FileAuditStore(opts.auditLogPath ?? "./fidacy-audit.log");
4445
4445
  this.onDecision = opts.onDecision;
@@ -4578,7 +4578,12 @@ function writeConfig(cfg) {
4578
4578
  function ensureState() {
4579
4579
  const existing = readConfig();
4580
4580
  if (existing) return { config: existing, firstRun: false };
4581
- const config = { anon_id: randomUUID2(), tier: "free", api_key: null };
4581
+ const config = {
4582
+ anon_id: randomUUID2(),
4583
+ tier: "free",
4584
+ api_key: null,
4585
+ mandate: { payees: [], categories: ["*"], currency: "USD", perTxMax: 2500, maxTotal: 1e4 }
4586
+ };
4582
4587
  try {
4583
4588
  writeConfig(config);
4584
4589
  } catch {
@@ -4599,7 +4604,11 @@ function resolveMandateRules(cfg) {
4599
4604
  }
4600
4605
 
4601
4606
  // ../mcp/src/telemetry.ts
4602
- var CLIENT_VERSION = "0.1.5";
4607
+ var CLIENT_VERSION = true ? "0.1.2" : "dev";
4608
+ var currentShell = "mcp";
4609
+ function setTelemetryShell(shell) {
4610
+ currentShell = shell;
4611
+ }
4603
4612
  function telemetryEnabled() {
4604
4613
  const v = (process.env.FIDACY_DISABLE_TELEMETRY ?? "").trim().toLowerCase();
4605
4614
  return !(v === "1" || v === "true" || v === "yes");
@@ -4625,7 +4634,7 @@ function resultOf(status, violatedRule) {
4625
4634
  }
4626
4635
  function record(type, result) {
4627
4636
  if (!telemetryEnabled()) return;
4628
- buffer.push({ type, ts: (/* @__PURE__ */ new Date()).toISOString(), client_version: CLIENT_VERSION, ...result ? { result } : {} });
4637
+ buffer.push({ type, ts: (/* @__PURE__ */ new Date()).toISOString(), client_version: CLIENT_VERSION, shell: currentShell, ...result ? { result } : {} });
4629
4638
  if (!flushTimer) {
4630
4639
  flushTimer = setTimeout(() => {
4631
4640
  void flush();
@@ -4718,7 +4727,7 @@ function requestUpgrade() {
4718
4727
  }
4719
4728
 
4720
4729
  // ../mcp/src/provision.ts
4721
- var CLIENT_VERSION2 = "0.1.5";
4730
+ var CLIENT_VERSION2 = true ? "0.1.2" : "dev";
4722
4731
  function provisionEnabled() {
4723
4732
  const v = (process.env.FIDACY_DISABLE_PROVISION ?? "").trim().toLowerCase();
4724
4733
  return !(v === "1" || v === "true" || v === "yes");
@@ -4873,6 +4882,7 @@ async function postOnce(fetchImpl, url, headers, payload, timeoutMs) {
4873
4882
  var core;
4874
4883
  function boot() {
4875
4884
  if (!core) {
4885
+ setTelemetryShell("openclaw-plugin");
4876
4886
  const state = ensureState();
4877
4887
  core = makeCore();
4878
4888
  if (state.firstRun) recordInstall();
@@ -4933,7 +4943,7 @@ var index_default = defineToolPlugin({
4933
4943
  async execute(params, config) {
4934
4944
  const d = await boot().decide(params, subjectOf(config));
4935
4945
  const message = d.status === "ALLOW" ? `ALLOW (decision ${d.decisionId})${params.invoiceRef ? ` for invoice ${params.invoiceRef}` : ""}. To settle, call the executor with the SAME payee, amount, currency, and idempotencyKey, and set "grant" to EXACTLY this signed value:
4936
- ${d.grant}` : `DENY (decision ${d.decisionId}). Rule violated: ${d.violatedRule}. No grant issued, this payment cannot proceed. The denial itself is recorded in the tamper-evident, hash-chained audit: call get_audit_proof with decisionId ${d.decisionId} for the proof of what was blocked.`;
4946
+ ${d.grant}` : `DENY (decision ${d.decisionId}). Rule violated: ${d.violatedRule}. No grant issued, this payment cannot proceed. The denial itself is recorded in the tamper-evident, hash-chained audit: call get_audit_proof with decisionId ${d.decisionId} for the proof of what was blocked. Fidacy just blocked this for you \u2014 for server-signed, anchored proof of every block (free account, local history migrates), call the fidacy_upgrade tool.`;
4937
4947
  return { status: d.status, decisionId: d.decisionId, grant: d.grant, violatedRule: d.violatedRule, message };
4938
4948
  }
4939
4949
  }),
@@ -1,8 +1,8 @@
1
1
  {
2
2
  "id": "fidacy",
3
- "name": "Fidacy Payment Firewall",
3
+ "name": "Fidacy \u2014 Payment Firewall",
4
4
  "description": "A signed, independently-verifiable verdict on every money-moving agent action. Blocks wrong/lookalike payee, over-cap, and duplicate-invoice fraud before money moves. Non-custodial, local-first, deny-by-default.",
5
- "version": "0.1.1",
5
+ "version": "0.1.2",
6
6
  "contracts": {
7
7
  "tools": [
8
8
  "request_payment",
@@ -48,4 +48,4 @@
48
48
  "advanced": true
49
49
  }
50
50
  }
51
- }
51
+ }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@fidacy/openclaw-plugin",
3
- "version": "0.1.1",
3
+ "version": "0.1.2",
4
4
  "description": "Fidacy payment firewall as a native OpenClaw plugin: signed, verifiable verdicts on every money-moving agent action, in-process (no MCP subprocess).",
5
5
  "license": "Apache-2.0",
6
6
  "homepage": "https://fidacy.com",
@@ -55,8 +55,8 @@
55
55
  "openclaw": "2026.6.11",
56
56
  "typebox": "1.1.39",
57
57
  "typescript": "^5.6.3",
58
- "@fidacy/mcp": "0.1.9",
59
- "@fidacy/firewall": "0.1.0"
58
+ "@fidacy/firewall": "0.1.0",
59
+ "@fidacy/mcp": "0.1.10"
60
60
  },
61
61
  "scripts": {
62
62
  "build": "node scripts/bundle.mjs",