@ilalv3/cli 0.2.15 → 0.2.17

package/README.md

@@ -53,7 +53,7 @@ PRIVATE_KEY=0x... ilal credential mint \
   --chain 84532
 
 # Or, with the MockEAS owner key, create a fresh test attestation:
-PRIVATE_KEY=0x... ilal demo attest --wallet 0xYourWallet
+PRIVATE_KEY=0x... ilal issuer attest --wallet 0xYourWallet
 PRIVATE_KEY=0xYourWalletKey ilal credential mint --attestation <uid>
 
 # If the wallet needs more demo tokens:
@@ -132,8 +132,13 @@ ILAL_ARTIFACT_CACHE=/opt/ilal/artifacts/ilal-v1
 | `ilal status` | Dashboard: credential · issuer config · pool policy |
 | `ilal credential zk-root` | Operator helper: compute the ZK Merkle root for a demo wallet/expiry |
 | `ilal credential prove` | Trader flow: hosted/cached ZK artifacts → local proof → mint or renew CNF |
-| `ilal credential mint` | Mint CNF via Coinbase EAS attestation |
+| `ilal credential mint` | Mint CNF via the issuer-configured EAS schema |
 | `ilal credential renew` | Renew CNF via EAS attestation |
+| `ilal issuer create` | Create issuer standard profile and return `standard_id` |
+| `ilal issuer set-jurisdiction` | Set allowed jurisdictions |
+| `ilal issuer set-type` | Set accredited-only requirement |
+| `ilal issuer get` | Read standard profile and `credentialType` |
+| `ilal issuer attest` | Issuer backend command: create an EAS attestation for a wallet |
 | `ilal swap` | Compliant swap via ILALRouter with optional `--min-amount-out` |
 | `ilal pool add-liquidity` | Add liquidity to a compliant pool |
 | `ilal pool remove-liquidity` | Remove liquidity from a compliant pool |
@@ -146,12 +151,25 @@ ILAL_ARTIFACT_CACHE=/opt/ilal/artifacts/ilal-v1
 | `ilal session sign` | Sign a standalone SessionToken |
 | `ilal proof mint` | Mint CNF from existing proof.json + public.json |
 | `ilal deploy --mock` | Deploy a seeded testnet demo stack with MockEAS, tokens, router, hook, and policy |
-| `ilal demo attest` | Create a MockEAS test attestation so a wallet can mint CNF |
+| `ilal demo attest` | Legacy testnet alias for MockEAS attestation |
 | `ilal demo faucet` | Mint mock demo TOKA/TOKB to a wallet |
 | `ilal deploy` | Deploy full ILAL contract stack |
 
 Session note: ILAL hookData is a one-time EIP-712 authorization with a deadline and nonce. The expensive compliance step is the CNF issuance or renewal; swaps do not verify a fresh ZK proof. Use `ilal session sign` to export hookData, and `ilal swap --hook-data <hex>` to execute with an externally signed authorization.
 
+## Issuer standards
+
+External issuers can define a compliance standard and use its `standard_id` as the on-chain `credentialType` for pool policy registration:
+
+```bash
+ilal issuer create --standard "Goldfinch Accredited Investor"
+ilal issuer set-jurisdiction --allow US,EU,SG
+ilal issuer set-type --accredited-only true
+ilal issuer get
+```
+
+Profiles are stored in `.ilal-issuer-standards.json`. Pools enforce the returned `standard_id` through `PolicyRegistry.requiredCredentialType`.
+
 ## Configuration
 
 The CLI reads `.ilal.json` in the current directory. Run `ilal init` to create it, or pass flags directly:

package/dist/commands/credential.js

@@ -39,9 +39,9 @@ export async function credentialStatus(opts) {
         console.log();
         console.log(fmt.bold("  How to get a CNF credential:"));
         console.log();
-        console.log(fmt.bold("  Demo path — issuer-created MockEAS attestation"));
+        console.log(fmt.bold("  Issuer path — issuer-created EAS attestation"));
         console.log(`  ${fmt.gray("1.")} Ask the issuer/operator to run:`);
-        console.log(`       ${fmt.cyan("PRIVATE_KEY=<issuer-owner> ilal demo attest --wallet " + cfg.wallet)}`);
+        console.log(`       ${fmt.cyan("PRIVATE_KEY=<issuer-key> ilal issuer attest --wallet " + cfg.wallet)}`);
         console.log(`  ${fmt.gray("2.")} Then mint with your wallet key:`);
         console.log(`       ${fmt.cyan("PRIVATE_KEY=<wallet-key> ilal credential mint --attestation <uid>")}`);
         console.log();

package/dist/commands/demo.js

@@ -444,7 +444,7 @@ export async function demoCheck(opts) {
         log.command(`ilal status --wallet ${wallet}`);
         if (!credentialReady) {
             log.info("Credential missing: the issuer must create an attestation before the wallet can mint CNF.");
-            log.command(`PRIVATE_KEY=<issuer-owner> ilal demo attest --wallet ${wallet}`);
+            log.command(`PRIVATE_KEY=<issuer-key> ilal issuer attest --wallet ${wallet}`);
             log.command("PRIVATE_KEY=<wallet-key> ilal credential mint --attestation <uid>");
         }
         log.command(`ilal session sign --pool ${cfg.poolId ?? "<poolId>"} --action swap --hook ${cfg.hook ?? "<hook>"} --issuer ${cfg.issuer ?? "<issuer>"} --caller ${cfg.router ?? "<router>"}`);
@@ -512,7 +512,7 @@ export async function demoAttest(opts) {
             ], functionName: "trustedAttester" }),
     ]);
     if (eas === ZERO)
-        die("Configured issuer has no EAS/MockEAS path. Use a mock demo issuer or Coinbase EAS attestation.");
+        die("Configured issuer has no EAS path. Use an issuer with EAS configured or mint through ZK proof.");
     const days = BigInt(parseInt(opts.expiresInDays ?? "90", 10));
     const expiration = BigInt(Math.floor(Date.now() / 1000)) + days * 24n * 60n * 60n;
     header("ILAL Demo Attestation", chain.name);

package/dist/commands/issuer.d.ts

@@ -0,0 +1,26 @@
+export declare function issuerCreate(opts: {
+    standard: string;
+}): Promise<void>;
+export declare function issuerSetJurisdiction(opts: {
+    id?: string;
+    allow: string;
+}): Promise<void>;
+export declare function issuerSetType(opts: {
+    id?: string;
+    accreditedOnly: string | boolean;
+}): Promise<void>;
+export declare function issuerGet(opts: {
+    id?: string;
+}): Promise<void>;
+export declare function issuerAttest(opts: {
+    wallet: string;
+    schema?: string;
+    eas?: string;
+    issuer?: string;
+    expiresInDays?: string;
+    data?: string;
+    revocable?: boolean;
+    chain?: string;
+    rpc?: string;
+    privateKey?: string;
+}): Promise<void>;

package/dist/commands/issuer.js

@@ -0,0 +1,340 @@
+import { existsSync, readFileSync, writeFileSync } from "fs";
+import { resolve } from "path";
+import { createPublicClient, createWalletClient, decodeEventLog, http, isAddress, keccak256, stringToBytes, isHex, } from "viem";
+import { privateKeyToAccount } from "viem/accounts";
+import { base, baseSepolia } from "viem/chains";
+import { fmt, header, log, die, Spinner, dieOnContract, requirePrivateKey } from "../ui.js";
+import { withConfig } from "../config.js";
+const STORE_FILE = ".ilal-issuer-standards.json";
+const ZERO = "0x0000000000000000000000000000000000000000";
+const CHAINS = { "8453": base, "84532": baseSepolia };
+const CNF_ISSUER_ATTEST_ABI = [
+    { name: "eas", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "address" }] },
+    { name: "schemaUID", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "bytes32" }] },
+    { name: "trustedAttester", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "address" }] },
+];
+const OWNABLE_ABI = [
+    { name: "owner", type: "function", stateMutability: "view", inputs: [], outputs: [{ type: "address" }] },
+];
+const MOCK_EAS_ABI = [
+    {
+        type: "event",
+        name: "AttestationCreated",
+        inputs: [
+            { name: "uid", type: "bytes32", indexed: true },
+            { name: "recipient", type: "address", indexed: true },
+            { name: "attester", type: "address", indexed: true },
+        ],
+    },
+    {
+        name: "attest",
+        type: "function",
+        stateMutability: "nonpayable",
+        inputs: [
+            { name: "schema", type: "bytes32" },
+            { name: "recipient", type: "address" },
+            { name: "attester", type: "address" },
+            { name: "expirationTime", type: "uint64" },
+            { name: "data", type: "bytes" },
+        ],
+        outputs: [{ name: "uid", type: "bytes32" }],
+    },
+];
+const EAS_ABI = [
+    {
+        type: "event",
+        name: "Attested",
+        inputs: [
+            { name: "recipient", type: "address", indexed: true },
+            { name: "attester", type: "address", indexed: true },
+            { name: "uid", type: "bytes32", indexed: false },
+            { name: "schemaUID", type: "bytes32", indexed: true },
+        ],
+    },
+    {
+        name: "attest",
+        type: "function",
+        stateMutability: "payable",
+        inputs: [{
+                name: "request",
+                type: "tuple",
+                components: [
+                    { name: "schema", type: "bytes32" },
+                    {
+                        name: "data",
+                        type: "tuple",
+                        components: [
+                            { name: "recipient", type: "address" },
+                            { name: "expirationTime", type: "uint64" },
+                            { name: "revocable", type: "bool" },
+                            { name: "refUID", type: "bytes32" },
+                            { name: "data", type: "bytes" },
+                            { name: "value", type: "uint256" },
+                        ],
+                    },
+                ],
+            }],
+        outputs: [{ name: "uid", type: "bytes32" }],
+    },
+];
+function storePath() {
+    return resolve(process.cwd(), STORE_FILE);
+}
+function loadStore() {
+    const path = storePath();
+    if (!existsSync(path))
+        return { version: 1, standards: {} };
+    try {
+        const parsed = JSON.parse(readFileSync(path, "utf8"));
+        return {
+            version: 1,
+            latest: parsed.latest,
+            standards: parsed.standards ?? {},
+        };
+    }
+    catch {
+        die(`Could not parse ${STORE_FILE}. Fix or remove the file and try again.`);
+    }
+}
+function saveStore(store) {
+    writeFileSync(storePath(), JSON.stringify(store, null, 2) + "\n");
+}
+function normalizeId(id, store) {
+    const resolved = id ?? store?.latest;
+    if (!resolved)
+        die("Standard id required. Pass --id <standard_id> or run `ilal issuer create` first.");
+    if (!isHex(resolved) || resolved.length !== 66)
+        die("standard_id must be 0x + 32 bytes.");
+    return resolved;
+}
+function parseJurisdictions(raw) {
+    const list = raw.split(",").map((item) => item.trim()).filter(Boolean);
+    if (list.length === 0)
+        die("--allow must include at least one jurisdiction, e.g. US,EU,SG");
+    return [...new Set(list)];
+}
+function parseBool(raw) {
+    if (typeof raw === "boolean")
+        return raw;
+    const value = raw.trim().toLowerCase();
+    if (["true", "1", "yes", "y"].includes(value))
+        return true;
+    if (["false", "0", "no", "n"].includes(value))
+        return false;
+    die("--accredited-only must be true or false");
+}
+function printStandard(item) {
+    log.kv("standard_id", fmt.cyan(item.id));
+    log.kv("standard", item.standard);
+    log.kv("jurisdictions", item.allowedJurisdictions.length ? item.allowedJurisdictions.join(", ") : fmt.badge("unset", "yellow"));
+    log.kv("accredited only", item.accreditedOnly === null ? fmt.badge("unset", "yellow") : String(item.accreditedOnly));
+    log.kv("credentialType", fmt.cyan(item.id));
+    log.kv("updated", fmt.gray(item.updatedAt));
+}
+function txUrl(chain, hash) {
+    const baseUrl = chain.blockExplorers?.default?.url;
+    return baseUrl ? `${baseUrl}/tx/${hash}` : undefined;
+}
+function parseHexBytes(raw) {
+    if (!raw)
+        return "0x";
+    if (!isHex(raw))
+        die("--data must be hex bytes, e.g. 0x1234");
+    return raw;
+}
+async function isMockEAS(client, eas) {
+    try {
+        await client.readContract({ address: eas, abi: OWNABLE_ABI, functionName: "owner" });
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+export async function issuerCreate(opts) {
+    const standard = opts.standard.trim();
+    if (!standard)
+        die("--standard <name> required");
+    const store = loadStore();
+    const now = new Date().toISOString();
+    const id = keccak256(stringToBytes(`ILAL_STANDARD_V1:${standard}`));
+    const existing = store.standards[id];
+    const item = existing ?? {
+        id,
+        standard,
+        allowedJurisdictions: [],
+        accreditedOnly: null,
+        createdAt: now,
+        updatedAt: now,
+    };
+    item.standard = standard;
+    item.updatedAt = now;
+    store.standards[id] = item;
+    store.latest = id;
+    saveStore(store);
+    header("Issuer Standard Created");
+    log.section("Standard");
+    printStandard(item);
+    log.line();
+    log.callout("Use this id as credentialType", `ilal pool policy set --cred-type ${id}`, "green");
+    log.kv("file", fmt.gray(storePath()));
+    console.log();
+}
+export async function issuerSetJurisdiction(opts) {
+    const store = loadStore();
+    const id = normalizeId(opts.id, store);
+    const item = store.standards[id];
+    if (!item)
+        die(`Unknown standard_id ${id}. Run \`ilal issuer create --standard <name>\` first.`);
+    item.allowedJurisdictions = parseJurisdictions(opts.allow);
+    item.updatedAt = new Date().toISOString();
+    store.latest = id;
+    saveStore(store);
+    header("Issuer Jurisdiction Updated");
+    log.section("Standard");
+    printStandard(item);
+    log.kv("file", fmt.gray(storePath()));
+    console.log();
+}
+export async function issuerSetType(opts) {
+    const store = loadStore();
+    const id = normalizeId(opts.id, store);
+    const item = store.standards[id];
+    if (!item)
+        die(`Unknown standard_id ${id}. Run \`ilal issuer create --standard <name>\` first.`);
+    item.accreditedOnly = parseBool(opts.accreditedOnly);
+    item.updatedAt = new Date().toISOString();
+    store.latest = id;
+    saveStore(store);
+    header("Issuer Investor Type Updated");
+    log.section("Standard");
+    printStandard(item);
+    log.kv("file", fmt.gray(storePath()));
+    console.log();
+}
+export async function issuerGet(opts) {
+    const store = loadStore();
+    const id = normalizeId(opts.id, store);
+    const item = store.standards[id];
+    if (!item)
+        die(`Unknown standard_id ${id}. Available standards: ${Object.keys(store.standards).length}`);
+    header("Issuer Standard");
+    log.section("Standard");
+    printStandard(item);
+    log.line();
+    log.info("This CLI profile is the issuer-side descriptor. Pools enforce the matching credentialType on-chain via PolicyRegistry.");
+    log.command(`ilal pool policy set --cred-type ${item.id} --issuer <CNFIssuer> --registry <PolicyRegistry> --pool <poolId>`);
+    console.log();
+}
+export async function issuerAttest(opts) {
+    const cfg = withConfig(opts);
+    const rawKey = requirePrivateKey(cfg.privateKey ?? process.env["PRIVATE_KEY"]);
+    if (!isAddress(opts.wallet))
+        die(`Invalid wallet address: ${opts.wallet}`);
+    const chain = CHAINS[cfg.chain ?? "84532"] ?? baseSepolia;
+    const account = privateKeyToAccount(rawKey);
+    const transport = cfg.rpc ? http(cfg.rpc) : http();
+    const client = createPublicClient({ chain, transport });
+    const walletClient = createWalletClient({ account, chain, transport });
+    let eas = opts.eas;
+    let schema = opts.schema;
+    let trustedAttester = account.address;
+    if (cfg.issuer) {
+        if (!isAddress(cfg.issuer))
+            die(`Invalid issuer address: ${cfg.issuer}`);
+        const [issuerEAS, issuerSchema, issuerAttester] = await Promise.all([
+            client.readContract({ address: cfg.issuer, abi: CNF_ISSUER_ATTEST_ABI, functionName: "eas" }),
+            client.readContract({ address: cfg.issuer, abi: CNF_ISSUER_ATTEST_ABI, functionName: "schemaUID" }),
+            client.readContract({ address: cfg.issuer, abi: CNF_ISSUER_ATTEST_ABI, functionName: "trustedAttester" }),
+        ]);
+        if (!eas && issuerEAS !== ZERO)
+            eas = issuerEAS;
+        if (!schema)
+            schema = issuerSchema;
+        trustedAttester = issuerAttester;
+    }
+    if (!eas || !isAddress(eas))
+        die("EAS contract required. Use --eas <address> or configure an issuer with eas().");
+    if (!schema || !isHex(schema) || schema.length !== 66)
+        die("Schema UID required. Use --schema <bytes32> or configure an issuer with schemaUID().");
+    const days = BigInt(parseInt(opts.expiresInDays ?? "365", 10));
+    if (days <= 0n)
+        die("--expires-in-days must be greater than 0");
+    const expiration = BigInt(Math.floor(Date.now() / 1000)) + days * 24n * 60n * 60n;
+    const data = parseHexBytes(opts.data);
+    const mock = await isMockEAS(client, eas);
+    header("Issuer Attestation", chain.name);
+    log.kv("issuer", cfg.issuer ? fmt.addr(cfg.issuer) : fmt.badge("direct EAS", "yellow"));
+    log.kv("eas", fmt.addr(eas));
+    log.kv("schema", fmt.hash(schema));
+    log.kv("recipient", fmt.addr(opts.wallet));
+    log.kv("signer", fmt.addr(account.address));
+    log.kv("attester", mock ? fmt.addr(trustedAttester) : fmt.addr(account.address));
+    log.kv("expires", new Date(Number(expiration) * 1000).toISOString());
+    log.kv("mode", mock ? "MockEAS compatibility" : "EAS attest()");
+    log.line();
+    const spin = new Spinner("Creating issuer attestation…").start();
+    let hash;
+    try {
+        if (mock) {
+            hash = await walletClient.writeContract({
+                address: eas,
+                abi: MOCK_EAS_ABI,
+                functionName: "attest",
+                args: [schema, opts.wallet, trustedAttester, expiration, data],
+            });
+        }
+        else {
+            hash = await walletClient.writeContract({
+                address: eas,
+                abi: EAS_ABI,
+                functionName: "attest",
+                args: [{
+                        schema: schema,
+                        data: {
+                            recipient: opts.wallet,
+                            expirationTime: expiration,
+                            revocable: opts.revocable ?? true,
+                            refUID: `0x${"0".repeat(64)}`,
+                            data,
+                            value: 0n,
+                        },
+                    }],
+                value: 0n,
+            });
+        }
+    }
+    catch (e) {
+        spin.fail("attest failed");
+        dieOnContract(e);
+    }
+    const receipt = await client.waitForTransactionReceipt({ hash });
+    spin.succeed(`Attestation tx confirmed ${fmt.gray(fmt.hash(hash))}`);
+    let uid;
+    for (const logItem of receipt.logs) {
+        if (logItem.address.toLowerCase() !== eas.toLowerCase())
+            continue;
+        try {
+            const decoded = decodeEventLog({ abi: mock ? MOCK_EAS_ABI : EAS_ABI, data: logItem.data, topics: logItem.topics });
+            if (decoded.eventName === "AttestationCreated" || decoded.eventName === "Attested") {
+                uid = decoded.args.uid;
+                break;
+            }
+        }
+        catch { }
+    }
+    log.line();
+    if (uid)
+        log.kv("attestation", fmt.cyan(uid));
+    else
+        log.warn("Could not decode attestation UID from logs; inspect the tx in the explorer.");
+    log.kv("tx", fmt.gray(hash));
+    const explorer = txUrl(chain, hash);
+    if (explorer)
+        log.kv("explorer", fmt.cyan(explorer));
+    if (uid) {
+        log.callout("CNF mint path ready", "recipient can mint CNF without issuer involvement", "green");
+        log.command(`PRIVATE_KEY=<wallet-key> ilal credential mint --issuer ${cfg.issuer ?? "<CNFIssuer>"} --attestation ${uid} --chain ${chain.id}`);
+    }
+    console.log();
+}

package/dist/commands/liquidity.js

@@ -197,7 +197,7 @@ async function executeLiquidity(action, opts) {
     if (tokenId === 0n) {
         preflightErrors.push("wallet has no CNF credential; mint one before changing liquidity.");
         if (hasEASPath)
-            preflightErrors.push("issuer supports EAS/mock attestation minting: first ask issuer to run `ilal demo attest --wallet <wallet>`, then run `ilal credential mint --attestation <uid>`.");
+            preflightErrors.push("issuer supports EAS attestation minting: first ask issuer to run `ilal issuer attest --wallet <wallet>`, then run `ilal credential mint --attestation <uid>`.");
         else if (hasZKPath)
             preflightErrors.push(`issuer supports ZK minting: run \`ilal credential prove --wallet ${account.address}\`.`);
         else

package/dist/commands/swap.js

@@ -221,7 +221,7 @@ export async function swap(opts) {
     if (tokenId === 0n) {
         preflightErrors.push(`wallet has no CNF credential; mint one before trading.`);
         if (hasEASPath)
-            preflightErrors.push("issuer supports EAS/mock attestation minting: first ask issuer to run `ilal demo attest --wallet <wallet>`, then run `ilal credential mint --attestation <uid>`.");
+            preflightErrors.push("issuer supports EAS attestation minting: first ask issuer to run `ilal issuer attest --wallet <wallet>`, then run `ilal credential mint --attestation <uid>`.");
         else if (hasZKPath)
             preflightErrors.push(`issuer supports ZK minting: run \`ilal credential prove --wallet ${account.address}\`.`);
         else

package/dist/index.js

@@ -13,13 +13,14 @@ import { init } from "./commands/init.js";
 import { status } from "./commands/status.js";
 import { swap } from "./commands/swap.js";
 import { addLiquidity, removeLiquidity } from "./commands/liquidity.js";
+import { issuerAttest, issuerCreate, issuerGet, issuerSetJurisdiction, issuerSetType } from "./commands/issuer.js";
 import { fmt } from "./ui.js";
 import { COINBASE_SCHEMA_UID } from "./constants.js";
 const program = new Command();
 program
     .name("ilal")
     .description("ILAL Protocol CLI — Uniswap v4 compliance hook toolkit")
-    .version("0.2.15")
+    .version("0.2.17")
     .addHelpText("before", `\n  ${fmt.bold(fmt.cyan("◆"))} ${fmt.bold("ILAL Protocol")}  ${fmt.gray("Uniswap v4 Compliance Hook")}\n`);
 // ─── init ─────────────────────────────────────────────────────────────────────
 program
@@ -85,7 +86,7 @@ demoCommand
 });
 demoCommand
     .command("attest")
-    .description("Create a MockEAS test attestation for a wallet (demo issuer owner only)")
+    .description("Legacy testnet alias: create a MockEAS attestation for a wallet")
     .requiredOption("-w, --wallet <address>", "Recipient wallet that will mint the CNF")
     .option("--expires-in-days <days>", "Attestation lifetime in days", "90")
     .option("-k, --private-key <hex>", "MockEAS owner private key")
@@ -96,6 +97,54 @@ const err = (e) => {
     console.error(fmt.red(`\nError: ${e instanceof Error ? e.message : String(e)}\n`));
     process.exit(1);
 };
+// ─── issuer ──────────────────────────────────────────────────────────────────
+const issuer = program.command("issuer").description("Issuer standard management");
+issuer
+    .command("attest")
+    .description("Create an issuer EAS attestation for a wallet")
+    .requiredOption("-w, --wallet <address>", "Recipient wallet that will mint the CNF")
+    .option("--schema <bytes32>", "EAS schema UID (defaults to CNFIssuer.schemaUID)")
+    .option("--eas <address>", "EAS contract address (defaults to CNFIssuer.eas)")
+    .option("-i, --issuer <address>", "CNFIssuer contract address (or set in .ilal.json)")
+    .option("--expires-in-days <days>", "Attestation lifetime in days", "365")
+    .option("--data <hex>", "Optional attestation payload bytes", "0x")
+    .option("--no-revocable", "Create a non-revocable EAS attestation")
+    .option("-c, --chain <chainId>", "Chain ID", "84532")
+    .option("-r, --rpc <url>", "Custom RPC URL")
+    .option("-k, --private-key <hex>", "Issuer attester private key")
+    .action(async (opts) => {
+    await issuerAttest(opts).catch(err);
+});
+issuer
+    .command("create")
+    .description("Create an issuer compliance standard profile and return a standard_id")
+    .requiredOption("--standard <name>", "Compliance standard name, e.g. Goldfinch Accredited Investor")
+    .action(async (opts) => {
+    await issuerCreate(opts).catch(err);
+});
+issuer
+    .command("set-jurisdiction")
+    .description("Set allowed jurisdictions for an issuer standard")
+    .option("--id <standard_id>", "Standard id (defaults to latest created standard)")
+    .requiredOption("--allow <list>", "Comma-separated jurisdictions, e.g. US,EU,SG")
+    .action(async (opts) => {
+    await issuerSetJurisdiction(opts).catch(err);
+});
+issuer
+    .command("set-type")
+    .description("Set investor type requirements for an issuer standard")
+    .option("--id <standard_id>", "Standard id (defaults to latest created standard)")
+    .requiredOption("--accredited-only <bool>", "true or false")
+    .action(async (opts) => {
+    await issuerSetType(opts).catch(err);
+});
+issuer
+    .command("get")
+    .description("Read an issuer standard profile")
+    .option("--id <standard_id>", "Standard id (defaults to latest created standard)")
+    .action(async (opts) => {
+    await issuerGet(opts).catch(err);
+});
 // ─── credential ───────────────────────────────────────────────────────────────
 const credential = program.command("credential").description("Manage compliance credentials (CNF)");
 credential
@@ -136,7 +185,7 @@ credential
 });
 credential
     .command("mint")
-    .description("Mint a CNF credential using a Coinbase EAS attestation")
+    .description("Mint a CNF credential using the issuer-configured EAS schema")
     .requiredOption("-a, --attestation <uid>", "EAS attestation UID (0x + 64 hex chars)")
     .option("-i, --issuer <address>", "CNFIssuer contract address (or set in .ilal.json)")
     .option("-c, --chain <chainId>", "Chain ID", "84532")

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ilalv3/cli",
-  "version": "0.2.15",
+  "version": "0.2.17",
   "description": "ILAL Protocol CLI — compliant swaps and credential management for Uniswap v4",
   "type": "module",
   "bin": {