@ilalv3/cli 0.2.0 → 0.2.2

package/README.md

@@ -18,19 +18,42 @@ npx @ilalv3/cli <command>
 
 ## Quick start (Base Sepolia demo)
 
+`ilal init` points at the current seeded Base Sepolia demo stack. The demo issuer
+uses MockEAS, so reviewers can verify the full path without waiting for a real
+Coinbase attestation. The seeded reviewer wallet already has CNF + TOKA/TOKB;
+for your own wallet, deploy a mock stack with `ilal deploy --mock`.
+
 ```bash
 # 1. Point CLI at the live demo deployment
 ilal init
 
-# 2. Check credential + pool status
-ilal status
+# 2. Check credential + pool status for the seeded reviewer wallet
+ilal status --wallet 0xc0807D4778a9E5FE15ad68A8500e64d65BA78D58
 
-# 3. Mint a CNF via ZK proof
-#    Requires the issuer root to already include your wallet.
-PRIVATE_KEY=0x... ilal credential prove --wallet 0xYourWallet
+# 3. Full readiness verdict
+ilal demo check --wallet 0xc0807D4778a9E5FE15ad68A8500e64d65BA78D58
+
+# 4. Execute a compliant swap with the seeded reviewer key
+PRIVATE_KEY=0x... ilal swap --amount-in 1 --token-in 0x582362E608F36850F6f641510d5D19C1EaB4cb27 --min-amount-out 0
+```
+
+For a fully seeded local/testnet demo, deploy mock EAS + demo pool pieces:
 
-# 4. Execute a compliant swap
-PRIVATE_KEY=0x... ilal swap --amount-in 0.001 --token-in 0x2E0dEd1CF4ec6106079df4eF1200959c2a454f3A --min-amount-out 0
+```bash
+PRIVATE_KEY=0x... ilal deploy \
+  --chain 84532 \
+  --mock \
+  --wallet-to-seed 0xYourWallet \
+  --broadcast
+
+# Then mint the seeded CNF from the printed AttestationUID:
+PRIVATE_KEY=0x... ilal credential mint \
+  --issuer <CNFIssuer> \
+  --attestation <AttestationUID> \
+  --chain 84532
+
+# If the wallet needs more demo tokens:
+PRIVATE_KEY=0x... ilal demo faucet --wallet 0xYourWallet
 ```
 
 ## Getting a CNF credential
@@ -75,6 +98,8 @@ Generates a Groth16 proof locally (~5s), verifies it on-chain, and mints/renews
 | `ilal oracle activate-verifier` | Operator flow: activate the pending ZK verifier after timelock |
 | `ilal session sign` | Sign a standalone SessionToken |
 | `ilal proof mint` | Mint CNF from existing proof.json + public.json |
+| `ilal deploy --mock` | Deploy a seeded testnet demo stack with MockEAS, tokens, router, hook, and policy |
+| `ilal demo faucet` | Mint mock demo TOKA/TOKB to a wallet |
 | `ilal deploy` | Deploy full ILAL contract stack |
 
 ## Configuration
@@ -83,10 +108,10 @@ The CLI reads `.ilal.json` in the current directory. Run `ilal init` to create i
 
 ```bash
 ilal swap \
-  --router    0xd0aF4D1EFF36CB2a1E88017eA398dCaDe1Ac0040 \
-  --hook      0x6C57b50Ef9286b132066012B19b291FB120ACa80 \
-  --issuer    0xB13AE2498Df62A85768a4b783109C05fCf5A264a \
-  --pool-id   0x16b3e7a5c52216925f705673b3ab25db5e6025da530cf53b3bcb5affeb18d95f \
+  --router    0x7727F0f3EBe99A558487394D001950ee6B33BB86 \
+  --hook      0xF5066ad9c25F3f54cfb19609A60187C48C184A80 \
+  --issuer    0xc4E032A7574016bd0e3d1a5BbFdE886af09CeD9A \
+  --pool-id   0xc1c8f29d6f03b5cd18bf2b862d48f45cc338022a154945b89c4bcb0a3e11e87f \
   --amount-in 0.001
 ```
 
@@ -94,10 +119,19 @@ ilal swap \
 
 | Contract | Address |
 |---|---|
-| CNFIssuer | `0xB13AE2498Df62A85768a4b783109C05fCf5A264a` |
-| ComplianceHook | `0x6C57b50Ef9286b132066012B19b291FB120ACa80` |
-| ILALRouter | `0xd0aF4D1EFF36CB2a1E88017eA398dCaDe1Ac0040` |
-| PolicyRegistry | `0x19fD4eCF4359fCc8d5E79916691a28c24A22a9B4` |
+| CNFIssuer | `0xc4E032A7574016bd0e3d1a5BbFdE886af09CeD9A` |
+| ComplianceHook | `0xF5066ad9c25F3f54cfb19609A60187C48C184A80` |
+| ILALRouter | `0x7727F0f3EBe99A558487394D001950ee6B33BB86` |
+| PolicyRegistry | `0x910a3efDc426f3216738106dd0DC6EA696477233` |
+| TokenA / TOKA | `0x582362E608F36850F6f641510d5D19C1EaB4cb27` |
+| TokenB / TOKB | `0x6eBBdAC70EC422C512727B25c7F0D9120ed101Ff` |
+| Pool ID | `0xc1c8f29d6f03b5cd18bf2b862d48f45cc338022a154945b89c4bcb0a3e11e87f` |
+
+Live proof:
+
+- CNF mint tx: `0x676ca67698eb8fed6c905c2b3a9536d4d056e89c199c41c44085a29db8b4d462`
+- Add liquidity tx: `0x531fac3678878e4855471318b8ea39b2b2f3ced3d890d9d7c40721af296084ca`
+- Swap tx: `0xdaf4136d305e546d6936715cc0101efb4dc88abcb779add9ee03591fdf555a5a`
 
 ## License
 

package/dist/commands/demo.d.ts

@@ -5,3 +5,8 @@ export declare function demoCheck(opts: {
     wallet?: string;
     privateKey?: string;
 }): Promise<void>;
+export declare function demoFaucet(opts: {
+    wallet?: string;
+    amount?: string;
+    privateKey?: string;
+}): Promise<void>;

package/dist/commands/demo.js

@@ -1,19 +1,19 @@
-import { createPublicClient, formatUnits, http, isAddress, isHex, } from "viem";
+import { createPublicClient, createWalletClient, formatUnits, http, isAddress, isHex, parseUnits, } from "viem";
 import { privateKeyToAccount } from "viem/accounts";
 import { base, baseSepolia } from "viem/chains";
 import { loadConfig } from "../config.js";
-import { fmt, header, log } from "../ui.js";
+import { die, fmt, header, log, Spinner } from "../ui.js";
 const CHAINS = { "8453": base, "84532": baseSepolia };
 const POOL_MANAGER = {
     "84532": "0x05E73354cFDd6745C338b50BcFDfA3Aa6fA03408",
     "8453": "0x498581fF718922c3f8e6A244956aF099B2652b2b",
 };
 const SAMPLE = {
-    wallet: "0x1b869CaC69Df23Ad9D727932496AEb3605538c8D",
-    issuer: "0x319c0F1cb46c85B42E051251c4db04BA6BD265a2",
-    hook: "0xdFF2ebBAc963f5Ed0B0EBCf021aB5EA16d57ea94",
-    router: "0x4A1F7E7d9D2D1f2A0c4A2F4A8C1A0B3E9E5d1111",
-    pool: "0x7ef1c0ffee00000000000000000000000000000000000000000000000000bEEF",
+    wallet: "0xc0807D4778a9E5FE15ad68A8500e64d65BA78D58",
+    issuer: "0xc4E032A7574016bd0e3d1a5BbFdE886af09CeD9A",
+    hook: "0xF5066ad9c25F3f54cfb19609A60187C48C184A80",
+    router: "0x7727F0f3EBe99A558487394D001950ee6B33BB86",
+    pool: "0xc1c8f29d6f03b5cd18bf2b862d48f45cc338022a154945b89c4bcb0a3e11e87f",
     proof: "0x91f2b8a0c43e902f7f1a8c0d",
     session: "0x6b84eac5e0db21f8d5d43b7a",
 };
@@ -23,6 +23,7 @@ const CNF_ABI = [
     { name: "credentialOf", type: "function", stateMutability: "view", inputs: [{ name: "wallet", type: "address" }], outputs: [{ type: "uint256" }] },
     { name: "merkleRoot", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "uint256" }] },
     { name: "zkVerifier", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "address" }] },
+    { name: "eas", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "address" }] },
 ];
 const REGISTRY_ABI = [
     { name: "getPolicy", type: "function", stateMutability: "view", inputs: [{ name: "poolId", type: "bytes32" }], outputs: [{ type: "tuple", components: [{ name: "cnfIssuer", type: "address" }, { name: "requiredCredentialType", type: "bytes32" }, { name: "enabled", type: "bool" }] }] },
@@ -36,6 +37,7 @@ const ERC20_ABI = [
     { name: "decimals", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "uint8" }] },
     { name: "balanceOf", type: "function", stateMutability: "view", inputs: [{ name: "owner", type: "address" }], outputs: [{ type: "uint256" }] },
     { name: "allowance", type: "function", stateMutability: "view", inputs: [{ name: "owner", type: "address" }, { name: "spender", type: "address" }], outputs: [{ type: "uint256" }] },
+    { name: "mint", type: "function", stateMutability: "nonpayable", inputs: [{ name: "to", type: "address" }, { name: "amount", type: "uint256" }], outputs: [] },
 ];
 function stage(n, title, subtitle) {
     console.log();
@@ -222,10 +224,19 @@ export async function demoCheck(opts) {
     if (cfg.issuer && isAddress(cfg.issuer)) {
         log.section("Issuer State");
         try {
-            const [root, verifier] = await Promise.all([
+            const [root, verifier, eas] = await Promise.all([
                 client.readContract({ address: cfg.issuer, abi: CNF_ABI, functionName: "merkleRoot" }),
                 client.readContract({ address: cfg.issuer, abi: CNF_ABI, functionName: "zkVerifier" }),
+                client.readContract({ address: cfg.issuer, abi: CNF_ABI, functionName: "eas" }),
             ]);
+            const hasEASPath = eas !== ZERO;
+            const hasZKPath = root !== 0n && verifier !== ZERO;
+            if (hasEASPath)
+                ok("issuance path", `${fmt.badge("EAS/mock", "green")} ${fmt.addr(eas)}`);
+            else if (hasZKPath)
+                ok("issuance path", fmt.badge("ZK", "green"));
+            else
+                warn("issuance path", fmt.badge("not ready", "yellow"));
             if (root === 0n)
                 warn("merkleRoot", fmt.badge("not set", "yellow"));
             else
@@ -234,9 +245,11 @@ export async function demoCheck(opts) {
                 warn("zkVerifier", fmt.badge("not set", "yellow"));
             else
                 ok("zkVerifier", fmt.addr(verifier));
+            pass(hasEASPath || hasZKPath);
         }
         catch (e) {
             bad("issuer reads", e instanceof Error ? e.message.split("\n")[0] : String(e));
+            pass(false);
         }
         if (wallet && isAddress(wallet)) {
             try {
@@ -344,3 +357,41 @@ export async function demoCheck(opts) {
     log.command(`ilal swap --amount-in 0.001 --token-in ${suggestedTokenIn}`);
     console.log();
 }
+export async function demoFaucet(opts) {
+    const cfg = loadConfig();
+    const chain = CHAINS[cfg.chain ?? "84532"] ?? baseSepolia;
+    const rawKey = opts.privateKey ?? process.env["PRIVATE_KEY"];
+    if (!rawKey || !isHex(rawKey) || rawKey.length !== 66) {
+        die("Private key required. Use --private-key or set PRIVATE_KEY env var.");
+    }
+    if (!cfg.tokenA || !cfg.tokenB || !isAddress(cfg.tokenA) || !isAddress(cfg.tokenB)) {
+        die("tokenA/tokenB required. Run `ilal init` with demo token addresses first.");
+    }
+    const account = privateKeyToAccount(rawKey);
+    const wallet = opts.wallet ?? account.address;
+    if (!isAddress(wallet))
+        die(`Invalid wallet address: ${wallet}`);
+    const client = createPublicClient({ chain, transport: http(cfg.rpc) });
+    const walletClient = createWalletClient({ account, chain, transport: http(cfg.rpc) });
+    header("ILAL Demo Faucet", chain.name);
+    log.kv("recipient", fmt.addr(wallet));
+    log.line();
+    for (const token of [cfg.tokenA, cfg.tokenB]) {
+        const [symbol, decimals] = await Promise.all([
+            client.readContract({ address: token, abi: ERC20_ABI, functionName: "symbol" }),
+            client.readContract({ address: token, abi: ERC20_ABI, functionName: "decimals" }),
+        ]);
+        const amount = parseUnits(opts.amount ?? "10000", decimals);
+        const spin = new Spinner(`Minting ${opts.amount ?? "10000"} ${symbol}…`).start();
+        const hash = await walletClient.writeContract({
+            address: token,
+            abi: ERC20_ABI,
+            functionName: "mint",
+            args: [wallet, amount],
+        });
+        await client.waitForTransactionReceipt({ hash });
+        spin.succeed(`Minted ${symbol} ${fmt.hash(hash)}`);
+    }
+    log.callout("Demo tokens ready", "wallet can now pass token-balance preflight checks", "green");
+    console.log();
+}

package/dist/commands/deploy.js

@@ -58,13 +58,15 @@ export async function deploy(opts) {
     };
     if (isMock) {
         env["WALLET_TO_SEED"] = opts.walletToSeed;
+        env["WALLET"] = opts.walletToSeed;
+        env["MOCK_EAS"] = "true";
     }
     else {
         env["EAS_ADDRESS"] = easAddress;
         env["SCHEMA_UID"] = COINBASE_SCHEMA_UID;
         env["TRUSTED_ATTESTER"] = COINBASE_ATTESTER;
     }
-    const script = isMock ? "script/DeployMock.s.sol" : "script/Deploy.s.sol";
+    const script = isMock ? "script/DeployDemo.s.sol" : "script/Deploy.s.sol";
     const flags = [
         `--rpc-url ${rpc}`,
         opts.broadcast ? "--broadcast" : "",

package/dist/commands/init.js

@@ -10,9 +10,16 @@ import { fmt, log, header, die } from "../ui.js";
 // Known testnet / mainnet addresses for quick init
 const PRESETS = {
     "84532": {
-        issuer: "0x319c0F1cb46c85B42E051251c4db04BA6BD265a2",
-        hook: "0xdFF2ebBAc963f5Ed0B0EBCf021aB5EA16d57ea94",
-        registry: "0x72A425672c1D0FA95C75F5073e6DAf72194A1E0F",
+        issuer: "0xc4E032A7574016bd0e3d1a5BbFdE886af09CeD9A",
+        hook: "0xF5066ad9c25F3f54cfb19609A60187C48C184A80",
+        registry: "0x910a3efDc426f3216738106dd0DC6EA696477233",
+        router: "0x7727F0f3EBe99A558487394D001950ee6B33BB86",
+        treasury: "0x1804c8AB1F12E6bbf3894d4083f33e07309d1f38",
+        tokenA: "0x582362E608F36850F6f641510d5D19C1EaB4cb27",
+        tokenB: "0x6eBBdAC70EC422C512727B25c7F0D9120ed101Ff",
+        poolId: "0xc1c8f29d6f03b5cd18bf2b862d48f45cc338022a154945b89c4bcb0a3e11e87f",
+        fee: "8388608",
+        tickSpacing: "60",
         rpc: "https://sepolia.base.org",
     },
     "8453": {
@@ -35,13 +42,13 @@ export async function init(opts) {
         issuer: opts.issuer ?? preset["issuer"],
         hook: opts.hook ?? preset["hook"],
         registry: opts.registry ?? preset["registry"],
-        router: opts.router,
-        treasury: opts.treasury,
-        tokenA: opts.tokenA,
-        tokenB: opts.tokenB,
-        poolId: opts.poolId,
-        fee: opts.fee,
-        tickSpacing: opts.tickSpacing,
+        router: opts.router ?? preset["router"],
+        treasury: opts.treasury ?? preset["treasury"],
+        tokenA: opts.tokenA ?? preset["tokenA"],
+        tokenB: opts.tokenB ?? preset["tokenB"],
+        poolId: opts.poolId ?? preset["poolId"],
+        fee: opts.fee ?? preset["fee"],
+        tickSpacing: opts.tickSpacing ?? preset["tickSpacing"],
         rpc: opts.rpc ?? preset["rpc"],
         ...(opts.circuitDir ? { circuitDir: opts.circuitDir } : {}),
     };

package/dist/commands/liquidity.js

@@ -23,9 +23,17 @@ const CHAINS = { "8453": base, "84532": baseSepolia };
 const ERC20_ABI = [
     { name: "symbol", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "string" }] },
     { name: "decimals", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "uint8" }] },
+    { name: "balanceOf", type: "function", stateMutability: "view", inputs: [{ name: "owner", type: "address" }], outputs: [{ type: "uint256" }] },
     { name: "allowance", type: "function", stateMutability: "view", inputs: [{ name: "owner", type: "address" }, { name: "spender", type: "address" }], outputs: [{ type: "uint256" }] },
     { name: "approve", type: "function", stateMutability: "nonpayable", inputs: [{ name: "spender", type: "address" }, { name: "amount", type: "uint256" }], outputs: [{ type: "bool" }] },
 ];
+const CNF_ABI = [
+    { name: "isValid", type: "function", stateMutability: "view", inputs: [{ name: "wallet", type: "address" }], outputs: [{ type: "bool" }] },
+    { name: "credentialOf", type: "function", stateMutability: "view", inputs: [{ name: "wallet", type: "address" }], outputs: [{ type: "uint256" }] },
+    { name: "merkleRoot", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "uint256" }] },
+    { name: "zkVerifier", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "address" }] },
+    { name: "eas", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "address" }] },
+];
 const ROUTER_LIQUIDITY_ABI = [
     {
         name: "addLiquidity", type: "function", stateMutability: "payable",
@@ -94,6 +102,7 @@ function txUrl(chain, hash) {
     const baseUrl = chain.blockExplorers?.default?.url;
     return baseUrl ? `${baseUrl}/tx/${hash}` : undefined;
 }
+const ZERO_ADDRESS = "0x0000000000000000000000000000000000000000";
 // ─── Shared core ──────────────────────────────────────────────────────────────
 async function executeLiquidity(action, opts) {
     const cfg = withConfig(opts);
@@ -143,11 +152,51 @@ async function executeLiquidity(action, opts) {
     log.kv("tickUpper", tickUpper.toString());
     log.kv("liquidity", liquidity.toString());
     log.line();
+    if (liquidity <= 0n) {
+        die("liquidity must be greater than 0. No approval or liquidity transaction was sent.");
+    }
+    const preflightSpin = new Spinner("Running preflight checks…").start();
+    const [root, verifier, eas, valid, tokenId, sym0, sym1, bal0, bal1] = await Promise.all([
+        pubClient.readContract({ address: cfg.issuer, abi: CNF_ABI, functionName: "merkleRoot" }),
+        pubClient.readContract({ address: cfg.issuer, abi: CNF_ABI, functionName: "zkVerifier" }),
+        pubClient.readContract({ address: cfg.issuer, abi: CNF_ABI, functionName: "eas" }),
+        pubClient.readContract({ address: cfg.issuer, abi: CNF_ABI, functionName: "isValid", args: [account.address] }),
+        pubClient.readContract({ address: cfg.issuer, abi: CNF_ABI, functionName: "credentialOf", args: [account.address] }),
+        pubClient.readContract({ address: c0, abi: ERC20_ABI, functionName: "symbol" }),
+        pubClient.readContract({ address: c1, abi: ERC20_ABI, functionName: "symbol" }),
+        pubClient.readContract({ address: c0, abi: ERC20_ABI, functionName: "balanceOf", args: [account.address] }),
+        pubClient.readContract({ address: c1, abi: ERC20_ABI, functionName: "balanceOf", args: [account.address] }),
+    ]);
+    preflightSpin.stop();
+    const preflightErrors = [];
+    const hasEASPath = eas !== ZERO_ADDRESS;
+    const hasZKPath = verifier !== ZERO_ADDRESS && root !== 0n;
+    if (tokenId === 0n) {
+        preflightErrors.push("wallet has no CNF credential; mint one before changing liquidity.");
+        if (hasEASPath)
+            preflightErrors.push("issuer supports EAS/mock attestation minting: run `ilal credential mint --attestation <uid>`.");
+        else if (hasZKPath)
+            preflightErrors.push(`issuer supports ZK minting: run \`ilal credential prove --wallet ${account.address}\`.`);
+        else
+            preflightErrors.push("issuer has no active issuance path: EAS is unset and ZK verifier/root are not both configured.");
+    }
+    else if (!valid)
+        preflightErrors.push("wallet CNF credential exists but is not valid.");
+    if (action === "add" && (bal0 === 0n || bal1 === 0n)) {
+        preflightErrors.push(`token balances are not ready for adding liquidity: ${sym0}=${bal0.toString()} wei, ${sym1}=${bal1.toString()} wei.`);
+    }
+    if (preflightErrors.length > 0) {
+        log.section("Preflight Failed");
+        for (const error of preflightErrors)
+            log.warn(error);
+        console.log();
+        die(`${verb} liquidity not sent. Fix the preflight issues above.`);
+    }
     // Approve both tokens if adding liquidity
     if (action === "add") {
         const MAX = 2n ** 256n - 1n;
         for (const token of [c0, c1]) {
-            const sym = await pubClient.readContract({ address: token, abi: ERC20_ABI, functionName: "symbol" });
+            const sym = token.toLowerCase() === c0.toLowerCase() ? sym0 : sym1;
             const allowed = await pubClient.readContract({
                 address: token, abi: ERC20_ABI, functionName: "allowance",
                 args: [account.address, cfg.router],

package/dist/commands/mint.js

@@ -26,7 +26,11 @@ const CNF_ISSUER_ABI = [
         inputs: [{ name: "wallet", type: "address" }],
         outputs: [{ type: "bool" }],
     },
+    { name: "eas", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "address" }] },
+    { name: "schemaUID", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "bytes32" }] },
+    { name: "trustedAttester", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "address" }] },
 ];
+const ZERO_ADDRESS = "0x0000000000000000000000000000000000000000";
 async function sendMintTx(mode, opts) {
     const rawKey = opts.privateKey ?? process.env["PRIVATE_KEY"];
     if (!rawKey)
@@ -54,9 +58,14 @@ async function sendMintTx(mode, opts) {
     log.line();
     // Verify EAS attestation exists on-chain before sending tx
     log.step("Verifying attestation on EAS…");
-    const easAddress = EAS_ADDRESSES[chain.id];
+    const [issuerEAS, issuerSchema, issuerAttester] = await Promise.all([
+        publicClient.readContract({ address: opts.issuer, abi: CNF_ISSUER_ABI, functionName: "eas" }),
+        publicClient.readContract({ address: opts.issuer, abi: CNF_ISSUER_ABI, functionName: "schemaUID" }),
+        publicClient.readContract({ address: opts.issuer, abi: CNF_ISSUER_ABI, functionName: "trustedAttester" }),
+    ]);
+    const easAddress = issuerEAS !== ZERO_ADDRESS ? issuerEAS : EAS_ADDRESSES[chain.id];
     if (!easAddress)
-        die(`No EAS contract known for chain ${chain.id}. Use --rpc with a custom setup.`);
+        die(`No EAS contract known for chain ${chain.id}. Use an issuer with eas() configured.`);
     const EAS_ABI = [
         {
             name: "getAttestation",
@@ -95,18 +104,24 @@ async function sendMintTx(mode, opts) {
     if (attestation.recipient.toLowerCase() !== account.address.toLowerCase())
         die(`Attestation recipient (${attestation.recipient}) does not match your wallet (${account.address}).`);
     log.ok(`Attester: ${attestation.attester}`);
-    if (attestation.attester.toLowerCase() === COINBASE_ATTESTER.toLowerCase()) {
+    if (attestation.attester.toLowerCase() === issuerAttester.toLowerCase()) {
+        log.ok("Issuer trusted attester confirmed");
+    }
+    else if (attestation.attester.toLowerCase() === COINBASE_ATTESTER.toLowerCase()) {
         log.ok("Coinbase Verifications attester confirmed");
     }
     else {
-        log.warn(`Unknown attester — not Coinbase Verifications (${COINBASE_ATTESTER})`);
+        log.warn(`Attester mismatch — issuer expects ${issuerAttester}`);
     }
-    if (attestation.schema.toLowerCase() !== COINBASE_SCHEMA_UID.toLowerCase()) {
-        log.warn(`Schema mismatch — expected Coinbase schema, got ${attestation.schema}`);
+    if (attestation.schema.toLowerCase() !== issuerSchema.toLowerCase()) {
+        log.warn(`Schema mismatch — issuer expects ${issuerSchema}, got ${attestation.schema}`);
     }
-    else {
+    else if (attestation.schema.toLowerCase() === COINBASE_SCHEMA_UID.toLowerCase()) {
         log.ok("Coinbase Account Verification schema confirmed");
     }
+    else {
+        log.ok("Issuer schema confirmed");
+    }
     log.line();
     if (opts.simulate) {
         log.ok("Simulation complete — attestation valid, tx would succeed");

package/dist/commands/oracle.d.ts

@@ -12,11 +12,11 @@
  *   # Step 1 — queue a new root (requires owner key, executes immediately)
  *   PRIVATE_KEY=0x... ilal oracle propose-root \
  *     --root 0xDEADBEEF... \
- *     --issuer 0x319c0...
+ *     --issuer 0xc4E032...
  *
  *   # Step 2 — after ROOT_DELAY (48 h) has elapsed, activate it
  *   PRIVATE_KEY=0x... ilal oracle activate-root \
- *     --issuer 0x319c0...
+ *     --issuer 0xc4E032...
  *
  *   # Same pattern for the ZK verifier (VERIFIER_DELAY = 72 h)
  *   PRIVATE_KEY=0x... ilal oracle propose-verifier --verifier 0x... --issuer 0x...

package/dist/commands/oracle.js

@@ -12,11 +12,11 @@
  *   # Step 1 — queue a new root (requires owner key, executes immediately)
  *   PRIVATE_KEY=0x... ilal oracle propose-root \
  *     --root 0xDEADBEEF... \
- *     --issuer 0x319c0...
+ *     --issuer 0xc4E032...
  *
  *   # Step 2 — after ROOT_DELAY (48 h) has elapsed, activate it
  *   PRIVATE_KEY=0x... ilal oracle activate-root \
- *     --issuer 0x319c0...
+ *     --issuer 0xc4E032...
  *
  *   # Same pattern for the ZK verifier (VERIFIER_DELAY = 72 h)
  *   PRIVATE_KEY=0x... ilal oracle propose-verifier --verifier 0x... --issuer 0x...

package/dist/commands/prove.d.ts

@@ -7,7 +7,7 @@
  * Usage:
  *   ilal credential prove \
  *     --wallet  0x1b869... \
- *     --issuer  0x319c0... \
+ *     --issuer  0xc4E032... \
  *     --chain   84532 \
  *     --action  mint          # or renew (default: auto-detect)
  *     --circuit-dir ./circuits/build

package/dist/commands/prove.js

@@ -7,7 +7,7 @@
  * Usage:
  *   ilal credential prove \
  *     --wallet  0x1b869... \
- *     --issuer  0x319c0... \
+ *     --issuer  0xc4E032... \
  *     --chain   84532 \
  *     --action  mint          # or renew (default: auto-detect)
  *     --circuit-dir ./circuits/build

package/dist/commands/status.js

@@ -14,6 +14,7 @@ const CNF_ABI = [
     { name: "getCredential", type: "function", stateMutability: "view", inputs: [{ name: "tokenId", type: "uint256" }], outputs: [{ type: "tuple", components: [{ name: "holder", type: "address" }, { name: "issuer", type: "address" }, { name: "credentialType", type: "bytes32" }, { name: "issuedAt", type: "uint64" }, { name: "expiresAt", type: "uint64" }, { name: "revoked", type: "bool" }] }] },
     { name: "merkleRoot", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "uint256" }] },
     { name: "zkVerifier", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "address" }] },
+    { name: "eas", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "address" }] },
 ];
 const HOOK_ABI = [
     { name: "issuer", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "address" }] },
@@ -21,6 +22,7 @@ const HOOK_ABI = [
 const REGISTRY_ABI = [
     { name: "getPolicy", type: "function", stateMutability: "view", inputs: [{ name: "poolId", type: "bytes32" }], outputs: [{ type: "tuple", components: [{ name: "cnfIssuer", type: "address" }, { name: "requiredCredentialType", type: "bytes32" }, { name: "enabled", type: "bool" }] }] },
 ];
+const ZERO_ADDRESS = "0x0000000000000000000000000000000000000000";
 function daysUntil(unixSec) {
     return Math.floor((unixSec * 1000 - Date.now()) / 86_400_000);
 }
@@ -88,20 +90,28 @@ export async function status(opts) {
     if (cfg.issuer && isAddress(cfg.issuer)) {
         const spin = new Spinner("Fetching issuer config…").start();
         try {
-            const [root, verifier] = await Promise.all([
+            const [root, verifier, eas] = await Promise.all([
                 client.readContract({ address: cfg.issuer, abi: CNF_ABI, functionName: "merkleRoot" }),
                 client.readContract({ address: cfg.issuer, abi: CNF_ABI, functionName: "zkVerifier" }),
+                client.readContract({ address: cfg.issuer, abi: CNF_ABI, functionName: "eas" }),
             ]);
             spin.stop();
+            const hasEASPath = eas !== ZERO_ADDRESS;
+            const hasZKPath = root !== 0n && verifier !== ZERO_ADDRESS;
             log.section("Issuer");
             log.kv("address", fmt.cyan(cfg.issuer));
-            log.kv("zkVerifier", verifier === "0x0000000000000000000000000000000000000000"
+            log.kv("issuance", hasEASPath
+                ? `${fmt.badge("EAS", "green")} ${fmt.addr(eas)}`
+                : hasZKPath
+                    ? fmt.badge("ZK", "green")
+                    : fmt.badge("not ready", "red"));
+            log.kv("zkVerifier", verifier === ZERO_ADDRESS
                 ? fmt.badge("not set", "red")
                 : fmt.green(fmt.addr(verifier)));
             log.kv("merkleRoot", root === 0n
                 ? fmt.badge("not set", "red")
                 : fmt.gray(root.toString().slice(0, 20) + "…"));
-            issuerReady = root !== 0n && verifier !== "0x0000000000000000000000000000000000000000";
+            issuerReady = hasEASPath || hasZKPath;
         }
         catch (e) {
             spin.stop();

package/dist/commands/swap.js

@@ -56,6 +56,13 @@ const ROUTER_ABI = [
         outputs: [{ name: "delta", type: "int256" }],
     },
 ];
+const CNF_ABI = [
+    { name: "isValid", type: "function", stateMutability: "view", inputs: [{ name: "wallet", type: "address" }], outputs: [{ type: "bool" }] },
+    { name: "credentialOf", type: "function", stateMutability: "view", inputs: [{ name: "wallet", type: "address" }], outputs: [{ type: "uint256" }] },
+    { name: "merkleRoot", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "uint256" }] },
+    { name: "zkVerifier", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "address" }] },
+    { name: "eas", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "address" }] },
+];
 // ─── Session helpers ──────────────────────────────────────────────────────────
 const SESSION_TOKEN_TYPE = [
     { name: "user", type: "address" },
@@ -77,6 +84,7 @@ const MIN_SQRT_PRICE = 4295128740n; // TickMath.MIN_SQRT_PRICE + 1
 const MAX_SQRT_PRICE = 1461446703485210103287273052203988822378723970341n; // MAX - 1
 const DYNAMIC_FEE_FLAG = 8388608;
 const PIPS_DENOMINATOR = 1000000n;
+const ZERO_ADDRESS = "0x0000000000000000000000000000000000000000";
 function txUrl(chain, hash) {
     const baseUrl = chain.blockExplorers?.default?.url;
     return baseUrl ? `${baseUrl}/tx/${hash}` : undefined;
@@ -148,6 +156,9 @@ export async function swap(opts) {
     ]);
     spin.stop();
     const amountIn = parseUnits(opts.amountIn, decimals);
+    if (amountIn <= 0n) {
+        die("amount-in must be greater than 0. Use `ilal swap --simulate` for a dry run.");
+    }
     log.kv("amount", `${opts.amountIn} ${fmt.cyan(symbol)} (${amountIn.toString()} wei)`);
     let protocolFeePips = 0;
     let treasury;
@@ -162,34 +173,47 @@ export async function swap(opts) {
     }
     const protocolFeeAmount = amountIn * BigInt(protocolFeePips) / PIPS_DENOMINATOR;
     const totalDebit = amountIn + protocolFeeAmount;
+    const preflightSpin = new Spinner("Running preflight checks…").start();
+    const [root, verifier, eas, valid, tokenId, balance] = await Promise.all([
+        pubClient.readContract({ address: cfg.issuer, abi: CNF_ABI, functionName: "merkleRoot" }),
+        pubClient.readContract({ address: cfg.issuer, abi: CNF_ABI, functionName: "zkVerifier" }),
+        pubClient.readContract({ address: cfg.issuer, abi: CNF_ABI, functionName: "eas" }),
+        pubClient.readContract({ address: cfg.issuer, abi: CNF_ABI, functionName: "isValid", args: [account.address] }),
+        pubClient.readContract({ address: cfg.issuer, abi: CNF_ABI, functionName: "credentialOf", args: [account.address] }),
+        pubClient.readContract({ address: tokenIn, abi: ERC20_ABI, functionName: "balanceOf", args: [account.address] }),
+    ]);
+    preflightSpin.stop();
+    const preflightErrors = [];
+    const hasEASPath = eas !== ZERO_ADDRESS;
+    const hasZKPath = verifier !== ZERO_ADDRESS && root !== 0n;
+    if (tokenId === 0n) {
+        preflightErrors.push(`wallet has no CNF credential; mint one before trading.`);
+        if (hasEASPath)
+            preflightErrors.push("issuer supports EAS/mock attestation minting: run `ilal credential mint --attestation <uid>`.");
+        else if (hasZKPath)
+            preflightErrors.push(`issuer supports ZK minting: run \`ilal credential prove --wallet ${account.address}\`.`);
+        else
+            preflightErrors.push("issuer has no active issuance path: EAS is unset and ZK verifier/root are not both configured.");
+    }
+    else if (!valid)
+        preflightErrors.push("wallet CNF credential exists but is not valid.");
+    if (balance < totalDebit)
+        preflightErrors.push(`insufficient ${symbol} balance: need ${totalDebit.toString()} wei including ILAL fee, have ${balance.toString()} wei.`);
+    if (preflightErrors.length > 0) {
+        log.section("Preflight Failed");
+        for (const error of preflightErrors)
+            log.warn(error);
+        console.log();
+        if (!opts.simulate) {
+            die("Swap not sent. Fix the preflight issues above, or use --simulate to inspect session/hookData only.");
+        }
+    }
     log.deal([
         { label: "verified input", value: `${opts.amountIn} ${symbol}`, note: "exact-in swap", tone: "cyan" },
         { label: "LP fee", value: poolFeePercent(parseInt(cfg.fee ?? "3000")), note: "hook-priced flow", tone: "green" },
         { label: "ILAL fee", value: protocolFeePips > 0 ? pipsToPercent(protocolFeePips) : "off", note: protocolFeePips > 0 ? "protocol revenue" : "legacy router", tone: protocolFeePips > 0 ? "cyan" : "gray" },
     ]);
     log.line();
-    // Check allowance — approve if needed
-    const approveSpin = new Spinner("Checking allowance…").start();
-    const allowed = await pubClient.readContract({
-        address: tokenIn,
-        abi: ERC20_ABI,
-        functionName: "allowance",
-        args: [account.address, cfg.router],
-    });
-    if (allowed < totalDebit) {
-        approveSpin.update(`Approving ${symbol} for ILALRouter…`);
-        const approveHash = await walClient.writeContract({
-            address: tokenIn,
-            abi: ERC20_ABI,
-            functionName: "approve",
-            args: [cfg.router, totalDebit * 10n], // approve 10× for future swaps
-        });
-        await pubClient.waitForTransactionReceipt({ hash: approveHash });
-        approveSpin.succeed(`Approved ${symbol} ${fmt.gray(fmt.hash(approveHash))}`);
-    }
-    else {
-        approveSpin.succeed(`Allowance ok (${fmt.gray(allowed.toString())} wei)`);
-    }
     // Sign session token
     const signSpin = new Spinner("Signing session token…").start();
     const ttl = parseInt(opts.ttl ?? "600");
@@ -233,11 +257,33 @@ export async function swap(opts) {
     }
     log.line();
     if (opts.simulate) {
-        log.ok("Simulation mode — skipping on-chain tx");
+        log.ok("Simulation mode — skipping approval and on-chain tx");
         log.kv("hookData", hookData.slice(0, 22) + "…");
         console.log();
         return;
     }
+    // Check allowance — approve if needed
+    const approveSpin = new Spinner("Checking allowance…").start();
+    const allowed = await pubClient.readContract({
+        address: tokenIn,
+        abi: ERC20_ABI,
+        functionName: "allowance",
+        args: [account.address, cfg.router],
+    });
+    if (allowed < totalDebit) {
+        approveSpin.update(`Approving ${symbol} for ILALRouter…`);
+        const approveHash = await walClient.writeContract({
+            address: tokenIn,
+            abi: ERC20_ABI,
+            functionName: "approve",
+            args: [cfg.router, totalDebit * 10n], // approve 10× for future swaps
+        });
+        await pubClient.waitForTransactionReceipt({ hash: approveHash });
+        approveSpin.succeed(`Approved ${symbol} ${fmt.gray(fmt.hash(approveHash))}`);
+    }
+    else {
+        approveSpin.succeed(`Allowance ok (${fmt.gray(allowed.toString())} wei)`);
+    }
     // Build PoolKey
     const poolKey = {
         currency0: c0,

package/dist/index.js

@@ -8,7 +8,7 @@ import { proofMint, proofRenew } from "./commands/proof.js";
 import { sessionSign } from "./commands/session.js";
 import { poolPolicySet, poolPolicyGet } from "./commands/pool.js";
 import { deploy } from "./commands/deploy.js";
-import { demo, demoCheck } from "./commands/demo.js";
+import { demo, demoCheck, demoFaucet } from "./commands/demo.js";
 import { init } from "./commands/init.js";
 import { status } from "./commands/status.js";
 import { swap } from "./commands/swap.js";
@@ -19,7 +19,7 @@ const program = new Command();
 program
     .name("ilal")
     .description("ILAL Protocol CLI — Uniswap v4 compliance hook toolkit")
-    .version("0.1.0")
+    .version("0.2.2")
     .addHelpText("before", `\n  ${fmt.bold(fmt.cyan("◆"))} ${fmt.bold("ILAL Protocol")}  ${fmt.gray("Uniswap v4 Compliance Hook")}\n`);
 // ─── init ─────────────────────────────────────────────────────────────────────
 program
@@ -72,6 +72,15 @@ demoCommand
     .action(async (opts) => {
     await demoCheck(opts).catch(err);
 });
+demoCommand
+    .command("faucet")
+    .description("Mint mock demo TOKA/TOKB to a wallet (testnet mock tokens only)")
+    .option("-w, --wallet <address>", "Recipient wallet (defaults to PRIVATE_KEY address)")
+    .option("--amount <tokens>", "Human token amount to mint for each token", "10000")
+    .option("-k, --private-key <hex>", "Private key that pays gas")
+    .action(async (opts) => {
+    await demoFaucet(opts).catch(err);
+});
 const err = (e) => {
     console.error(fmt.red(`\nError: ${e instanceof Error ? e.message : String(e)}\n`));
     process.exit(1);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ilalv3/cli",
-  "version": "0.2.0",
+  "version": "0.2.2",
   "description": "ILAL Protocol CLI — compliant swaps and credential management for Uniswap v4",
   "type": "module",
   "bin": {
@@ -23,9 +23,9 @@
   ],
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/ilal-protocol/ilal.git"
+    "url": "git+https://github.com/rpnny/ilal-cli.git"
   },
-  "homepage": "https://github.com/ilal-protocol/ilal#readme",
+  "homepage": "https://github.com/rpnny/ilal-cli#readme",
   "publishConfig": {
     "access": "public"
   },