@nexstone/rift-cli 0.1.1

package/dist/commands/audit.d.ts

@@ -0,0 +1,13 @@
+import { GatedCommand } from '../lib/base-command.js';
+export default class Audit extends GatedCommand {
+    static description: string;
+    static examples: string[];
+    static flags: {
+        export: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        last: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        strategy: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        output: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        json: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+    };
+    run(): Promise<void>;
+}

package/dist/commands/audit.js

@@ -0,0 +1,37 @@
+import { Flags } from '@oclif/core';
+import * as path from 'node:path';
+import { GatedCommand } from '../lib/base-command.js';
+import { passthroughToEngine } from '../lib/engine-passthrough.js';
+export default class Audit extends GatedCommand {
+    static description = 'Export compliance-grade audit trail of all live trades';
+    static examples = [
+        '$ rift audit',
+        '$ rift audit --export json --last 90',
+        '$ rift audit --strategy trend_follow --output ./audit.csv',
+    ];
+    static flags = {
+        export: Flags.string({ description: 'Export format: csv or json', default: 'csv' }),
+        last: Flags.string({ description: 'Days of history to include', default: '30' }),
+        strategy: Flags.string({ description: 'Filter by strategy name', default: '' }),
+        output: Flags.string({ description: 'Custom output path', default: '' }),
+        json: Flags.boolean({ description: 'Emit raw JSON only', default: false }),
+    };
+    async run() {
+        const { flags } = await this.parse(Audit);
+        const args = ['--export', flags.export, '--last', flags.last];
+        if (flags.strategy)
+            args.push('--strategy', flags.strategy);
+        // Resolve --output to an absolute path so the file lands where the user
+        // expects (their cwd), not in the engine subprocess's cwd (engine/).
+        if (flags.output)
+            args.push('--output', path.resolve(flags.output));
+        await passthroughToEngine({
+            command: 'audit',
+            args,
+            log: (m) => this.log(m),
+            error: (m) => this.error(m),
+            exit: (c) => this.exit(c),
+            jsonOnly: flags.json,
+        });
+    }
+}

package/dist/commands/auth-status.d.ts

@@ -0,0 +1,14 @@
+/**
+ * `rift auth-status` — show current API wallet registration + recent token activity.
+ *
+ * Thin TS wrapper around the Python `agent-status` command (which inspects
+ * ~/.rift/credentials and ~/.rift/tokens/ via rift_trade modules and emits
+ * structured NDJSON). Renders a human-readable summary; suppresses the
+ * persistent footer because this command IS the status display.
+ */
+import { GatedCommand } from '../lib/base-command.js';
+export default class AuthStatus extends GatedCommand {
+    static description: string;
+    static examples: string[];
+    run(): Promise<void>;
+}

package/dist/commands/auth-status.js

@@ -0,0 +1,118 @@
+/**
+ * `rift auth-status` — show current API wallet registration + recent token activity.
+ *
+ * Thin TS wrapper around the Python `agent-status` command (which inspects
+ * ~/.rift/credentials and ~/.rift/tokens/ via rift_trade modules and emits
+ * structured NDJSON). Renders a human-readable summary; suppresses the
+ * persistent footer because this command IS the status display.
+ */
+import { GatedCommand } from '../lib/base-command.js';
+import { runEngine } from '../lib/python-bridge.js';
+// Same ANSI helpers used elsewhere in the codebase
+const green = (s) => `\x1b[32m${s}\x1b[0m`;
+const amber = (s) => `\x1b[33m${s}\x1b[0m`;
+const gray = (s) => `\x1b[2m\x1b[37m${s}\x1b[0m`;
+const red = (s) => `\x1b[31m${s}\x1b[0m`;
+const bold = (s) => `\x1b[1m${s}\x1b[0m`;
+const dim = (s) => `\x1b[2m${s}\x1b[0m`;
+const cyan = (s) => `\x1b[36m${s}\x1b[0m`;
+function shortAddr(addr) {
+    if (!addr)
+        return '—';
+    if (addr.length < 14)
+        return addr;
+    return `${addr.slice(0, 6)}…${addr.slice(-4)}`;
+}
+export default class AuthStatus extends GatedCommand {
+    static description = 'Show RIFT auth state — API wallet + recent authorization tokens.';
+    static examples = [
+        '$ rift auth-status',
+    ];
+    async run() {
+        let result = null;
+        try {
+            await runEngine('agent-status', [], (msg) => {
+                if (msg.type === 'result' && msg.command === 'agent-status') {
+                    result = msg;
+                }
+            });
+        }
+        catch (err) {
+            this.error(`Failed to read agent status: ${err}`);
+        }
+        if (!result) {
+            this.error('No response from engine');
+        }
+        // TypeScript inference doesn't narrow through async callback assignment.
+        const r = result;
+        this.log('');
+        this.log(`  ${bold('RIFT auth status')}`);
+        this.log(`  ${dim('─'.repeat(50))}`);
+        this.log('');
+        if (!r.registered) {
+            this.log(`  ${gray('○')} ${bold('No API wallet registered.')}`);
+            this.log('');
+            this.log(`  ${dim('To enable trading:')}`);
+            this.log(`    ${cyan('rift agent-pair --local-main-key <0x...>')}`);
+            this.log('');
+            this.log(`  ${dim('Or stay in research-only mode (no wallet, no live trading):')}`);
+            this.log(`    ${cyan('rift backtest trend_follow --pair BTC --tf 4h')}`);
+            this.log('');
+            return;
+        }
+        const agent = r.agent;
+        const tokens = r.tokens;
+        const networkLabel = green('mainnet');
+        this.log(`  ${green('●')} ${bold('API wallet registered')} on ${networkLabel}`);
+        this.log('');
+        this.log(`  ${dim('Address:')}      ${cyan(agent.address)}`);
+        this.log(`  ${dim('Name (HL):')}    ${agent.name}`);
+        this.log(`  ${dim('Registered:')}   ${agent.registered_at}`);
+        if (agent.registered_tx) {
+            this.log(`  ${dim('Tx hash:')}      ${dim(agent.registered_tx)}`);
+        }
+        // Pull live HL state — mode + tradeable collateral — using the shared
+        // helper that mirrors Python's read_collateral. Best-effort: if the
+        // info endpoint is unreachable (e.g. geo-restricted) we skip silently.
+        try {
+            const { readCollateral, hlBaseUrl } = await import('../lib/account-mode.js');
+            // Main wallet address (the issuer) is what HL queries by. For an
+            // API-wallet-only context we'd need the main wallet; here we use
+            // the most-recent token's issuer if available, otherwise skip.
+            const mainAddr = (r.tokens?.recent?.[0]?.issuer) || null;
+            if (mainAddr) {
+                const c = await readCollateral(hlBaseUrl(), mainAddr);
+                const modeColor = c.mode === 'unknown' ? amber : c.mode === 'standard' ? green : cyan;
+                this.log(`  ${dim('Account mode:')} ${modeColor(c.mode)}`);
+                if (c.mode === 'standard') {
+                    this.log(`  ${dim('Tradeable:')}    $${c.total.toFixed(2)} USDC`);
+                }
+                else {
+                    this.log(`  ${dim('Tradeable:')}    $${c.total.toFixed(2)} USDC  ${dim(`(perp $${c.perpAvailable.toFixed(2)} + spot $${c.spotUsdc.toFixed(2)})`)}`);
+                }
+            }
+        }
+        catch {
+            // Best-effort; don't fail the whole status command if HL is unreachable
+        }
+        this.log('');
+        this.log(`  ${bold(`Auth tokens (${tokens.active} active / ${tokens.total} total)`)}`);
+        if (tokens.recent.length === 0) {
+            this.log(`  ${gray('No tokens issued. Issue one: rift token-issue --coins ETH --max-notional 500 --max-daily 2000')}`);
+        }
+        else {
+            this.log(`  ${dim('id')}            ${dim('coins')}       ${dim('max/trade')}  ${dim('max/day')}   ${dim('expires')}`);
+            for (const t of tokens.recent) {
+                const status = t.revoked
+                    ? red('revoked')
+                    : t.valid
+                        ? green('valid')
+                        : amber('expired');
+                const coins = Array.isArray(t.scope_coins) ? t.scope_coins.join(',') : t.scope_coins;
+                const expires = t.expires_at ? t.expires_at.slice(0, 19).replace('T', ' ') : dim('never');
+                this.log(`  ${t.id.slice(0, 8)}…  ${coins.padEnd(11)} $${t.scope_max_notional.padEnd(10)} $${t.scope_max_daily.padEnd(9)}  ${expires}  ${status}`);
+            }
+        }
+        this.log('');
+    }
+}

package/dist/commands/auth.d.ts

@@ -0,0 +1,14 @@
+import { GatedCommand } from '../lib/base-command.js';
+export default class Auth extends GatedCommand {
+    static description: string;
+    static examples: string[];
+    static args: {
+        action: import("@oclif/core/interfaces").Arg<string | undefined, Record<string, unknown>>;
+    };
+    static flags: {};
+    run(): Promise<void>;
+    private showStatus;
+    private resetCredentials;
+    private walletConnectSetup;
+    private saveAndFinish;
+}

package/dist/commands/auth.js

@@ -0,0 +1,275 @@
+import { Args } from '@oclif/core';
+import { GatedCommand } from '../lib/base-command.js';
+import { generatePrivateKey, privateKeyToAccount } from 'viem/accounts';
+import { createInterface } from 'node:readline';
+import { saveCredentials, loadCredentials, hasFullSetup, maskKey, getAccountAddress } from '../lib/credentials.js';
+import { connectWallet, requestAgentApproval, requestBuilderFeeApproval, postApprovalToHyperliquid, disconnectWallet, showQRCode, } from '../lib/walletconnect.js';
+import { BUILDER_FEE_DISPLAY, recordOnChainApproval, hasApprovedFees, approveFees } from '../lib/fees.js';
+const green = (s) => `\x1b[32m${s}\x1b[0m`;
+const red = (s) => `\x1b[31m${s}\x1b[0m`;
+const cyan = (s) => `\x1b[36m${s}\x1b[0m`;
+const bold = (s) => `\x1b[1m${s}\x1b[0m`;
+const dim = (s) => `\x1b[2m${s}\x1b[0m`;
+function ask(question) {
+    const rl = createInterface({ input: process.stdin, output: process.stdout });
+    return new Promise(resolve => {
+        rl.question(question, answer => {
+            rl.close();
+            resolve(answer.trim());
+        });
+    });
+}
+export default class Auth extends GatedCommand {
+    static description = 'Set up wallet credentials for Hyperliquid live trading';
+    static examples = [
+        '$ rift auth setup',
+        '$ rift auth status',
+        '$ rift auth reset',
+    ];
+    static args = {
+        action: Args.string({
+            description: 'Action: setup, status, or reset',
+            required: false,
+        }),
+    };
+    static flags = {};
+    async run() {
+        const { args } = await this.parse(Auth);
+        switch (args.action) {
+            case 'setup':
+                return this.walletConnectSetup();
+            case 'status':
+                return this.showStatus();
+            case 'reset':
+                return this.resetCredentials();
+            default:
+                // No action → show status or guide to setup
+                if (hasFullSetup()) {
+                    return this.showStatus();
+                }
+                return this.walletConnectSetup();
+        }
+    }
+    showStatus() {
+        const creds = loadCredentials();
+        if (!creds) {
+            this.log('');
+            this.log(`  No credentials configured.`);
+            this.log(`  Run: ${cyan('rift auth setup')}`);
+            this.log('');
+            return;
+        }
+        this.log('');
+        this.log(`  ${bold('RIFT Account Status')}`);
+        this.log(`  ${dim('─'.repeat(45))}`);
+        const mainWallet = getAccountAddress(creds);
+        const agentOk = creds.agent_approved !== false; // absent = trust file
+        const builderOk = creds.builder_fee_approved === true;
+        this.log(`  Main wallet:   ${mainWallet}`);
+        this.log(`  API wallet:    ${creds.address || maskKey(creds.private_key)}`);
+        this.log(`  Network:       ${creds.network}`);
+        this.log(`  Agent:         ${agentOk ? green('✔ approved') : red('✘ not approved')}`);
+        this.log(`  Builder fee:   ${builderOk ? green('✔ approved') : red('✘ not approved')}`);
+        this.log(`  ${dim('─'.repeat(45))}`);
+        if (!agentOk || !builderOk) {
+            this.log(`  Run ${cyan('rift auth setup')} to complete setup.`);
+        }
+        else {
+            this.log(`  ${green('Ready for live trading.')} Run: ${cyan('rift live')}`);
+        }
+        this.log('');
+    }
+    async resetCredentials() {
+        const confirm = await ask(`\n  ${red('This will remove all credentials. Continue?')} ${dim('(yes/no)')}: `);
+        if (confirm.toLowerCase() !== 'yes' && confirm.toLowerCase() !== 'y') {
+            this.log(dim('\n  Cancelled.\n'));
+            return;
+        }
+        const credPath = (process.env.HOME || '~') + '/.rift/credentials.json';
+        const fs = await import('node:fs');
+        if (fs.existsSync(credPath)) {
+            fs.unlinkSync(credPath);
+        }
+        this.log(`\n  ${green('✔')} Credentials removed. Run ${cyan('rift auth setup')} to set up again.\n`);
+    }
+    async walletConnectSetup() {
+        const isMainnet = true;
+        this.log('');
+        this.log(`  ${bold('╔═══════════════════════════════════════════╗')}`);
+        this.log(`  ${bold('║          RIFT Account Setup               ║')}`);
+        this.log(`  ${bold('╚═══════════════════════════════════════════╝')}`);
+        this.log('');
+        // Fee consent (if not already given)
+        if (!hasApprovedFees()) {
+            this.log(`  RIFT is ${bold('free')} for research, backtesting, and simulation.`);
+            this.log(`  Live trading has a ${bold(BUILDER_FEE_DISPLAY)} builder fee per trade,`);
+            this.log(`  collected on-chain by Hyperliquid to support RIFT development.`);
+            this.log('');
+            this.log(dim('  Example: $10,000 trade → $10 fee. Code is fully open-source.'));
+            this.log('');
+            const feeAnswer = await ask(`  ${cyan('Agree to continue?')} ${dim('(yes/no)')}: `);
+            if (feeAnswer.toLowerCase() !== 'yes' && feeAnswer.toLowerCase() !== 'y') {
+                this.log(`\n  ${dim('Setup cancelled.')}\n`);
+                return;
+            }
+            approveFees();
+            this.log(`  ${green('✔')} Fee acknowledged`);
+            this.log('');
+        }
+        this.log(dim('  Connect your Hyperliquid wallet to set up live trading.'));
+        this.log(dim('  You\'ll approve two actions (one-time, from your phone).'));
+        this.log('');
+        // Step 1: Connect wallet via WalletConnect QR
+        this.log(`  ${bold('Step 1:')} Connect your wallet`);
+        this.log('');
+        let session;
+        try {
+            session = await connectWallet((uri) => {
+                this.log(`  Scan this QR code with your wallet app`);
+                this.log(`  ${dim('(MetaMask, Rabby, Rainbow, Trust, etc.)')}`);
+                this.log('');
+                showQRCode(uri);
+                this.log('');
+                this.log(`  ${dim('Or paste this URI in your wallet:')}`);
+                this.log(`  ${dim(uri.slice(0, 60) + '...')}`);
+                this.log('');
+                this.log(dim('  Waiting for connection...'));
+            }, (msg) => this.log(`  ${dim(msg)}`));
+        }
+        catch (error) {
+            this.log(`  ${red('✘')} Connection failed: ${error?.message || 'Unknown error'}`);
+            this.log('');
+            this.log(`  ${dim('Make sure your wallet app supports WalletConnect (Rabby, MetaMask Mobile, etc.)')}`);
+            this.log(`  ${dim('Or paste your API wallet private key directly:')} ${cyan('rift auth setup --key 0x...')}`);
+            this.log('');
+            return;
+        }
+        this.log(`  ${green('✔')} Connected: ${bold(session.account)}`);
+        this.log('');
+        // Step 2: Check Hyperliquid account
+        this.log(`  ${bold('Step 2:')} Checking Hyperliquid account...`);
+        // Mode-aware collateral read via shared helper (mirrors Python's
+        // rift_data.account_mode.read_collateral so Python and TS surfaces
+        // agree on the same wallet's numbers).
+        let tradeable = 0;
+        let perpEquity = 0;
+        let spotUsdc = 0;
+        let mode = 'unknown';
+        try {
+            const { readCollateral, hlBaseUrl } = await import('../lib/account-mode.js');
+            const c = await readCollateral(hlBaseUrl(isMainnet), session.account);
+            tradeable = c.total;
+            perpEquity = c.perpAccountValue;
+            spotUsdc = c.spotUsdc;
+            mode = c.mode;
+        }
+        catch {
+            // If we can't check, continue anyway — user might have geo-restrictions on info endpoint
+        }
+        if (tradeable > 0) {
+            this.log(`  ${green('✔')} Hyperliquid account found (${mode} mode)`);
+            this.log(`  ${green('✔')} Tradeable: $${tradeable.toLocaleString()} USDC${mode === 'standard' ? '' : `  ${dim(`(perp $${perpEquity.toFixed(2)} + spot $${spotUsdc.toFixed(2)})`)}`}`);
+        }
+        else {
+            this.log(`  ${dim('!')} Could not verify balance (may need funds for live trading)`);
+        }
+        this.log('');
+        // Step 3: Generate API wallet and approve agent
+        this.log(`  ${bold('Step 3:')} Authorize RIFT to trade`);
+        this.log('');
+        this.log(dim('  RIFT will create a secure API wallet that can place'));
+        this.log(dim('  trades on your behalf but CANNOT withdraw your funds.'));
+        this.log('');
+        // Generate a fresh API wallet keypair
+        const apiKey = generatePrivateKey();
+        const apiAccount = privateKeyToAccount(apiKey);
+        const agentAddress = apiAccount.address;
+        this.log(dim('  Please approve in your wallet app...'));
+        const agentResult = await requestAgentApproval(session, agentAddress, isMainnet);
+        if (!agentResult.success) {
+            this.log(`  ${red('✘')} Agent approval failed: ${agentResult.error}`);
+            await disconnectWallet(session);
+            return;
+        }
+        // Post the signed approval to Hyperliquid (using the SAME nonce that was signed)
+        try {
+            await postApprovalToHyperliquid(agentResult.action, agentResult.signature, agentResult.nonce, isMainnet);
+            this.log(`  ${green('✔')} API wallet authorized`);
+        }
+        catch (error) {
+            this.log(`  ${red('✘')} Failed to submit agent approval: ${error?.message}`);
+            await disconnectWallet(session);
+            return;
+        }
+        this.log('');
+        // Step 4: Approve builder fee
+        this.log(`  ${bold('Step 4:')} Approve builder fee (${BUILDER_FEE_DISPLAY} per trade)`);
+        this.log('');
+        this.log(dim('  This supports RIFT development. Only applies to live trades.'));
+        this.log(dim('  Backtesting and simulation are free.'));
+        this.log('');
+        this.log(dim('  Please approve in your wallet app...'));
+        const builderResult = await requestBuilderFeeApproval(session, isMainnet);
+        if (!builderResult.success) {
+            this.log(`  ${red('✘')} Builder fee approval failed: ${builderResult.error}`);
+            // Still save credentials — agent is approved, just builder fee isn't
+            this.saveAndFinish(apiKey, agentAddress, session.account, isMainnet, true, false);
+            await disconnectWallet(session);
+            return;
+        }
+        // Post the signed builder fee approval (using the SAME nonce that was signed)
+        try {
+            await postApprovalToHyperliquid(builderResult.action, builderResult.signature, builderResult.nonce, isMainnet);
+            this.log(`  ${green('✔')} Builder fee approved (${BUILDER_FEE_DISPLAY})`);
+            recordOnChainApproval();
+        }
+        catch (error) {
+            this.log(`  ${red('✘')} Failed to submit builder fee: ${error?.message}`);
+            this.saveAndFinish(apiKey, agentAddress, session.account, isMainnet, true, false);
+            await disconnectWallet(session);
+            return;
+        }
+        // Save everything and finish
+        this.saveAndFinish(apiKey, agentAddress, session.account, isMainnet, true, true);
+        // Session persists — do NOT disconnect. User can withdraw/transfer later without re-scanning.
+        this.log('');
+        this.log(`  ${bold('═'.repeat(50))}`);
+        this.log('');
+        this.log(`  ${green('✔ RIFT is ready.')}`);
+        this.log('');
+        this.log(`    Main wallet:  ${session.account}`);
+        this.log(`    API wallet:   ${agentAddress}`);
+        if (tradeable > 0) {
+            this.log(`    Balance:      $${tradeable.toLocaleString()} USDC ${dim(`(${mode} mode)`)}`);
+        }
+        this.log(`    Builder fee:  ${BUILDER_FEE_DISPLAY} approved ${green('✔')}`);
+        this.log(`    Network:      mainnet`);
+        this.log('');
+        this.log(`  ${dim('Your wallet session is saved — you won\'t need to scan again.')}`);
+        this.log(`  ${dim('Trading happens silently via the API wallet.')}`);
+        this.log(`  ${dim('Withdrawals and transfers send a notification to your phone.')}`);
+        this.log('');
+        this.log(`  ${bold('Next steps:')}`);
+        this.log(`    ${cyan('rift guide')}              ${dim('— 9-step research-to-trade journey')}`);
+        this.log(`    ${cyan('rift balance')}            ${dim('— check spot + perps balances')}`);
+        this.log(`    ${cyan('rift algo --pair SUI')}    ${dim('— start algo trading')}`);
+        this.log(`    ${cyan('rift buy HYPE --amount 10')} ${dim('— buy spot tokens')}`);
+        this.log('');
+        this.log(`  ${bold('═'.repeat(50))}`);
+        this.log('');
+    }
+    saveAndFinish(apiKey, apiAddress, mainAddress, _isMainnet, // legacy positional, always true now
+    agentApproved, builderApproved) {
+        const creds = {
+            private_key: apiKey,
+            address: apiAddress,
+            account_address: mainAddress,
+            type: 'walletconnect',
+            network: 'mainnet',
+            registered_at: new Date().toISOString(),
+            agent_approved: agentApproved,
+            builder_fee_approved: builderApproved,
+        };
+        saveCredentials(creds);
+    }
+}

package/dist/commands/backtest.d.ts

@@ -0,0 +1,26 @@
+import { GatedCommand } from '../lib/base-command.js';
+export default class Backtest extends GatedCommand {
+    static description: string;
+    static examples: string[];
+    static args: {
+        strategy: import("@oclif/core/interfaces").Arg<string, Record<string, unknown>>;
+    };
+    static flags: {
+        pair: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        tf: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        equity: import("@oclif/core/interfaces").OptionFlag<number, import("@oclif/core/interfaces").CustomOptions>;
+        leverage: import("@oclif/core/interfaces").OptionFlag<number, import("@oclif/core/interfaces").CustomOptions>;
+        export: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        analyze: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+        'all-pairs': import("@oclif/core/interfaces").BooleanFlag<boolean>;
+        top: import("@oclif/core/interfaces").OptionFlag<number, import("@oclif/core/interfaces").CustomOptions>;
+    };
+    run(): Promise<void>;
+    private runAnalysis;
+    private exportResults;
+    private renderResult;
+    private row;
+    private rowColored;
+    private renderAllPairs;
+    private progressBar;
+}