@obol/cli 0.1.2 → 0.2.1

package/bin/obol.js

@@ -4,7 +4,7 @@ import { runSetup } from '../src/setup.js';
 import { runStatus } from '../src/status.js';
 import { runConnect } from '../src/connect.js';
 import { runCreditsBuy } from '../src/credits.js';
-import { getBalance, getTiers } from '../src/api.js';
+import { getBalance, getTiers, createReferralCode, getReferralStats, listEndpoints, listConnections, refreshToken } from '../src/api.js';
 import { loadEnv } from '../src/config.js';
 import pc from 'picocolors';
 
@@ -35,6 +35,34 @@ async function main() {
       }
       break;
 
+    case 'token': {
+      const env = loadEnv();
+      if (!env.OBOL_JWT_TOKEN) {
+        console.log(pc.red('\n  No agent configured yet. Run: npx @obol/cli setup\n'));
+        process.exit(1);
+      }
+      // Try to refresh the token (in case it's expired)
+      let token = env.OBOL_JWT_TOKEN;
+      const gwUrl = env.OBOL_GATEWAY_URL || 'https://www.obolagents.com';
+      try {
+        const data = await refreshToken(gwUrl, token);
+        if (data.token) {
+          token = data.token;
+          // Save refreshed token to .env
+          const { saveEnv } = await import('../src/config.js');
+          saveEnv({ OBOL_GATEWAY_URL: gwUrl, OBOL_AGENT_ID: env.OBOL_AGENT_ID, OBOL_JWT_TOKEN: token });
+          console.log(`\n  ${pc.green('Token refreshed!')} Expires: ${pc.dim(new Date(data.expires_at * 1000).toLocaleDateString())}`);
+        }
+      } catch {
+        // Refresh failed — show existing token anyway
+      }
+      console.log(`\n  ${pc.bold('Your Agent Token')}`);
+      console.log(`  ${pc.dim('Agent:')} ${pc.green(env.OBOL_AGENT_ID || '(unknown)')}`);
+      console.log(`\n  ${pc.dim('Copy this token and paste it into the dashboard at obolagents.com/dashboard')}`);
+      console.log(`\n  ${pc.cyan(token)}\n`);
+      break;
+    }
+
     case 'balance': {
       const env = loadEnv();
       if (!env.OBOL_GATEWAY_URL || !env.OBOL_JWT_TOKEN) {
@@ -74,20 +102,122 @@ async function main() {
       break;
     }
 
+    case 'referral': {
+      const env = loadEnv();
+      if (!env.OBOL_GATEWAY_URL || !env.OBOL_JWT_TOKEN) {
+        console.log(pc.red('No agent configured. Run: obol setup'));
+        process.exit(1);
+      }
+      if (subcommand === 'code') {
+        try {
+          const data = await createReferralCode(env.OBOL_GATEWAY_URL, env.OBOL_JWT_TOKEN);
+          console.log(`\n  ${pc.bold('Your Referral Code')}`);
+          console.log(`  ${pc.green(pc.bold(data.code))}`);
+          console.log(`\n  Share this code. Both you and the new agent earn free credits!`);
+          console.log();
+        } catch (err) {
+          console.log(pc.red(`  ${err.message}`));
+          process.exit(1);
+        }
+      } else if (subcommand === 'stats') {
+        try {
+          const data = await getReferralStats(env.OBOL_GATEWAY_URL, env.OBOL_JWT_TOKEN);
+          console.log(`\n  ${pc.bold('Referral Stats')}`);
+          console.log(`  Code:           ${data.referral_code ? pc.green(data.referral_code) : pc.dim('(none yet)')}`);
+          console.log(`  Eligible:       ${data.referral_eligible ? pc.green('Yes') : pc.yellow('No — make a purchase first')}`);
+          const pending = data.direct_referrals_pending || 0;
+          const active = data.direct_referrals - pending;
+          console.log(`  Direct refs:    ${pc.bold(String(active))} active${pending > 0 ? `, ${pc.yellow(String(pending) + ' pending first payment')}` : ''}`);
+          console.log(`  2nd-level refs: ${pc.bold(String(data.second_level_referrals))}`);
+          console.log(`  Commissions:    ${pc.green('$' + data.total_commission_earned_usdc.toFixed(2))}`);
+          console.log(`  Signup bonuses: ${pc.green('$' + data.total_signup_bonuses_earned_usdc.toFixed(2))}`);
+          console.log(`  Total earned:   ${pc.green(pc.bold('$' + data.total_earned_usdc.toFixed(2)))}`);
+          if (data.own_bonus_status === 'pending') {
+            console.log(`\n  ${pc.yellow('Your signup bonus is pending — make your first API call to unlock it!')}`);
+          }
+          console.log();
+        } catch (err) {
+          console.log(pc.red(`  ${err.message}`));
+          process.exit(1);
+        }
+      } else {
+        console.log(`\n  ${pc.bold('obol referral')} commands:\n`);
+        console.log(`    ${pc.green('code')}    Generate or show your referral code`);
+        console.log(`    ${pc.green('stats')}   View referral earnings and stats\n`);
+      }
+      break;
+    }
+
+    case 'test': {
+      const env = loadEnv();
+      if (!env.OBOL_GATEWAY_URL || !env.OBOL_JWT_TOKEN) {
+        console.log(pc.red('\n  No account configured. Run: npx @obol/cli setup\n'));
+        process.exit(1);
+      }
+      console.log(`\n  ${pc.bold('Obol Connection Test')}\n`);
+
+      // Test gateway connectivity + endpoints
+      try {
+        const epData = await listEndpoints(env.OBOL_GATEWAY_URL, env.OBOL_JWT_TOKEN);
+        const eps = epData.endpoints || [];
+        const names = eps.map(e => e.provider || e.name).filter(Boolean);
+        console.log(`  ${pc.green('✓')} Connection     Connected to Obol Gateway`);
+        console.log(`  ${pc.green('✓')} Account        ${pc.bold(env.OBOL_AGENT_ID || '(unknown)')}`);
+        console.log(`  ${pc.green('✓')} Endpoints      ${eps.length} available${names.length ? ` (${names.join(', ')})` : ''}`);
+      } catch (err) {
+        console.log(`  ${pc.red('✗')} Connection     ${err.message}`);
+        process.exit(1);
+      }
+
+      // Check balance
+      try {
+        const bal = await getBalance(env.OBOL_GATEWAY_URL, env.OBOL_JWT_TOKEN);
+        const balStr = '$' + (bal.balance_usdc || 0).toFixed(2);
+        const color = bal.balance_usdc > 0 ? pc.green : pc.yellow;
+        console.log(`  ${color(bal.balance_usdc > 0 ? '✓' : '!')} Balance        ${color(balStr)} USDC`);
+        if (bal.balance_usdc === 0) {
+          console.log(`\n  ${pc.yellow('Buy credits to start executing:')} ${pc.green('npx @obol/cli credits buy')}`);
+        }
+      } catch {
+        console.log(`  ${pc.dim('-')} Balance        ${pc.dim('could not fetch')}`);
+      }
+
+      // Check connections
+      try {
+        const connData = await listConnections(env.OBOL_GATEWAY_URL, env.OBOL_JWT_TOKEN);
+        const conns = connData.connections || connData || [];
+        if (Array.isArray(conns) && conns.length > 0) {
+          const connNames = conns.map(c => c.provider).filter(Boolean);
+          console.log(`  ${pc.green('✓')} Connections    ${conns.length} active${connNames.length ? ` (${connNames.join(', ')})` : ''}`);
+        } else {
+          console.log(`  ${pc.dim('-')} Connections    none yet`);
+        }
+      } catch {
+        console.log(`  ${pc.dim('-')} Connections    ${pc.dim('could not fetch')}`);
+      }
+
+      console.log();
+      break;
+    }
+
     case 'help':
     case '--help':
     case '-h':
     case undefined:
       console.log(`
-  ${pc.bold(pc.green('obol'))} — CLI for the Obol Agent Execution Gateway
+  ${pc.bold(pc.green('obol'))} — Connect your agent to the Obol Execution Gateway
 
   ${pc.bold('Commands:')}
-    ${pc.green('setup')}              Set up a new agent (interactive wizard)
+    ${pc.green('setup')}              Connect your agent to Obol (interactive wizard)
+    ${pc.green('test')}               Verify your Obol connection is working
     ${pc.green('status')}             Check agent health, balance & connections
+    ${pc.green('token')}              Show your JWT token (for the dashboard)
     ${pc.green('connect')} ${pc.dim('<provider>')}  Add a service API key (github, slack, etc.)
     ${pc.green('credits buy')}        Purchase credits via Stripe
     ${pc.green('balance')}            Check your credit balance
     ${pc.green('tiers')}              Show credit purchase tiers
+    ${pc.green('referral code')}     Generate or show your referral code
+    ${pc.green('referral stats')}    View referral earnings
     ${pc.green('help')}               Show this help message
 
   ${pc.bold('Quick start:')}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@obol/cli",
-  "version": "0.1.2",
+  "version": "0.2.1",
   "description": "CLI for the Obol Agent Execution Gateway",
   "type": "module",
   "bin": {

package/src/api.js

@@ -25,7 +25,10 @@ async function request(url, options = {}) {
     } catch { detail = res.statusText; }
     throw new ApiError(detail, res.status);
   }
-  return res.json();
+  const ct = res.headers.get('content-type') || '';
+  if (ct.includes('application/json')) return res.json();
+  const text = await res.text();
+  return text ? { raw: text } : {};
 }
 
 function adminHeaders(adminKey) {
@@ -42,9 +45,21 @@ export async function checkHealth(gatewayUrl) {
   return request(`${gatewayUrl}/healthz`);
 }
 
-export async function registerAgent(gatewayUrl, adminKey, agentId, secret, ownerId) {
+export async function signup(gatewayUrl, agentId, services, referralCode) {
+  const body = { agent_id: agentId };
+  if (services && services.length > 0) body.services = services;
+  if (referralCode) body.referral_code = referralCode;
+  return request(`${gatewayUrl}/v1/signup`, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify(body),
+  });
+}
+
+export async function registerAgent(gatewayUrl, adminKey, agentId, secret, ownerId, referralCode) {
   const body = { agent_id: agentId, secret };
   if (ownerId) body.owner_id = ownerId;
+  if (referralCode) body.referral_code = referralCode;
   return request(`${gatewayUrl}/v1/agents`, {
     method: 'POST',
     headers: adminHeaders(adminKey),
@@ -104,8 +119,46 @@ export async function createCheckout(gatewayUrl, jwt, amountUsd) {
   });
 }
 
+export async function createWebCheckout(gatewayUrl, agentId, amountUsd) {
+  return request(`${gatewayUrl}/v1/credits/web-checkout`, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({ agent_id: agentId, amount_usdc: amountUsd }),
+  });
+}
+
+export async function createReferralCode(gatewayUrl, jwt) {
+  return request(`${gatewayUrl}/v1/referrals/code`, {
+    method: 'POST',
+    headers: jwtHeaders(jwt),
+  });
+}
+
+export async function getReferralStats(gatewayUrl, jwt) {
+  return request(`${gatewayUrl}/v1/referrals/stats`, { headers: jwtHeaders(jwt) });
+}
+
+export async function validateReferralCode(gatewayUrl, code) {
+  return request(`${gatewayUrl}/v1/referrals/validate`, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({ code }),
+  });
+}
+
+export async function listEndpoints(gatewayUrl, jwt) {
+  return request(`${gatewayUrl}/v1/endpoints`, { headers: jwtHeaders(jwt) });
+}
+
 export async function getAgentInfo(gatewayUrl, adminKey, agentId) {
   return request(`${gatewayUrl}/v1/agents/${agentId}`, {
     headers: adminHeaders(adminKey),
   });
 }
+
+export async function refreshToken(gatewayUrl, jwt) {
+  return request(`${gatewayUrl}/v1/token/refresh`, {
+    method: 'POST',
+    headers: jwtHeaders(jwt),
+  });
+}

package/src/config.js

@@ -12,7 +12,6 @@ const OBOL_KEYS = [
   'OBOL_AGENT_ID',
   'OBOL_JWT_TOKEN',
   'OBOL_WALLET_ADDRESS',
-  'OBOL_ADMIN_API_KEY',
 ];
 
 export function loadEnv(path) {

package/src/connect.js

@@ -9,7 +9,8 @@ const providerInfo = {
   slack: { name: 'Slack', keyHint: 'Bot token (xoxb-...)', prefix: 'xoxb-' },
   notion: { name: 'Notion', keyHint: 'Internal integration token (ntn_ or secret_)', prefix: '' },
   discord: { name: 'Discord', keyHint: 'Bot token from Discord Developer Portal', prefix: '' },
-  twitter: { name: 'Twitter/X', keyHint: 'Bearer token from Twitter Developer Portal', prefix: '' },
+  twitter: { name: 'Twitter/X', keyHint: 'OAuth 2.0 user access token (for posting tweets)', prefix: '' },
+  agentmail: { name: 'AgentMail', keyHint: 'API key (am_...)', prefix: 'am_' },
 };
 
 export async function runConnect(providerArg) {

package/src/credits.js

@@ -1,12 +1,12 @@
 import * as p from '@clack/prompts';
 import pc from 'picocolors';
-import { getTiers, createCheckout } from './api.js';
+import { getTiers, createWebCheckout } from './api.js';
 import { loadEnv } from './config.js';
 
 export async function runCreditsBuy() {
   const env = loadEnv();
 
-  if (!env.OBOL_GATEWAY_URL || !env.OBOL_JWT_TOKEN) {
+  if (!env.OBOL_GATEWAY_URL || !env.OBOL_AGENT_ID) {
     console.log();
     p.log.warn('No agent configured yet.');
     p.log.info(`Run ${pc.green('npx @obol/cli setup')} first.`);
@@ -48,18 +48,23 @@ export async function runCreditsBuy() {
   });
   if (p.isCancel(confirmed) || !confirmed) { p.cancel('Cancelled.'); return; }
 
-  // Create checkout
+  // Create checkout session (returns a Stripe checkout URL)
   s.start('Creating Stripe checkout...');
   try {
-    const result = await createCheckout(url, env.OBOL_JWT_TOKEN, tier.price_usd);
-    s.stop(pc.green('Checkout created!'));
+    const result = await createWebCheckout(url, env.OBOL_AGENT_ID, tier.price_usd);
+    s.stop(pc.green('Checkout ready!'));
 
     console.log();
-    p.log.info(`Tier: ${pc.bold(result.tier)} — $${result.amount_usd} → ${pc.green(result.credits_usdc + ' credits')}`);
-    p.log.info(`Payment Intent: ${pc.dim(result.payment_intent_id)}`);
+    p.log.info(`Tier: ${pc.bold(tier.name)} — $${tier.price_usd} → ${pc.green(tier.credits_usdc + ' credits')}`);
     console.log();
-    p.log.warn('Stripe Checkout requires a browser to complete payment.');
-    p.log.info(`Use the Stripe Dashboard or integrate Stripe.js in your app to confirm payment intent: ${pc.cyan(result.payment_intent_id)}`);
+    p.log.info(`Open this link to complete payment:`);
+    console.log(`  ${pc.cyan(result.checkout_url)}`);
+    console.log();
+
+    // Try to open in browser
+    const { exec } = await import('node:child_process');
+    const cmd = process.platform === 'darwin' ? 'open' : process.platform === 'win32' ? 'start' : 'xdg-open';
+    exec(`${cmd} "${result.checkout_url}"`);
   } catch (err) {
     s.stop(pc.red(`Couldn't create checkout: ${err.message}`));
   }

package/src/setup.js

@@ -1,7 +1,9 @@
+import { execSync } from 'node:child_process';
+import { existsSync, writeFileSync } from 'node:fs';
+import { resolve } from 'node:path';
 import * as p from '@clack/prompts';
 import pc from 'picocolors';
-import { randomBytes } from 'node:crypto';
-import { checkHealth, registerAgent, issueToken, createPolicy } from './api.js';
+import { checkHealth, signup, storeBYOK, validateReferralCode, listEndpoints } from './api.js';
 import { saveEnv } from './config.js';
 
 const cheers = ['Nice!', 'Boom!', "Let's go.", 'Easy.', 'Done.'];
@@ -11,39 +13,30 @@ export async function runSetup() {
   console.log();
   p.intro(pc.bgGreen(pc.black(' Welcome to Obol! ')));
 
-  p.log.info("Let's get your agent connected. This takes about 60 seconds.");
+  p.log.info("Let's connect your agent to Obol. Takes about 60 seconds.");
 
   const url = 'https://www.obolagents.com';
 
   // Verify connectivity
   const healthSpin = p.spinner();
-  healthSpin.start('Saying hello to the gateway...');
+  healthSpin.start('Connecting to Obol...');
   try {
     await checkHealth(url);
-    healthSpin.stop(pc.green('Gateway is up and running! ') + cheer());
+    healthSpin.stop(pc.green('Connected! ') + cheer());
   } catch (err) {
     healthSpin.stop(pc.red('Hmm, couldn\'t reach the gateway.'));
-    p.log.error(`Make sure it's running at ${pc.bold(url)}`);
+    p.log.error(`Make sure you have an internet connection.`);
     p.log.error(`Details: ${err.message}`);
-    p.outro(pc.dim('Fix the URL and try again.'));
+    p.outro(pc.dim('Try again in a moment.'));
     process.exit(1);
   }
 
-  // --- Admin Key ---
-  const adminKey = await p.password({
-    message: 'Paste your admin API key',
-    validate: (val) => {
-      if (!val || val.length < 8) return 'That looks too short. Check your Render dashboard → Environment Variables → OBOL_ADMIN_API_KEY';
-    },
-  });
-  if (p.isCancel(adminKey)) return cancelled();
-
-  // --- Agent Name ---
+  // --- Account Name ---
   const agentId = await p.text({
-    message: 'Give your agent a name',
+    message: 'Pick a name for your Obol account',
     placeholder: 'my-agent',
     validate: (val) => {
-      if (!val) return 'Your agent needs a name!';
+      if (!val) return 'Your account needs a name!';
       if (!/^[a-zA-Z0-9][a-zA-Z0-9_-]{1,62}[a-zA-Z0-9]$/.test(val)) {
         return 'Letters, numbers, hyphens, and underscores only (3-64 chars)';
       }
@@ -51,18 +44,31 @@ export async function runSetup() {
   });
   if (p.isCancel(agentId)) return cancelled();
 
-  // --- Wallet Address ---
-  const walletAddress = await p.text({
-    message: `Got a USDC wallet on Base? ${pc.dim('(recommended for automatic micropayments)')}`,
-    placeholder: '0x... or press Enter to skip',
+  // --- Referral Code ---
+  let referralCode = await p.text({
+    message: `Got a referral code? ${pc.dim('(earns you $5 in free credits — press Enter to skip)')}`,
+    placeholder: 'e.g. X7K9M2QP',
     validate: (val) => {
-      if (!val) return;  // optional
-      if (!/^0x[0-9a-fA-F]{40}$/.test(val)) {
-        return 'That doesn\'t look like an EVM address. Should be 0x followed by 40 hex characters.';
+      if (!val) return;
+      if (!/^[A-Za-z0-9]{6,12}$/.test(val.trim())) {
+        return 'Referral codes are 6-12 alphanumeric characters';
       }
     },
   });
-  if (p.isCancel(walletAddress)) return cancelled();
+  if (p.isCancel(referralCode)) return cancelled();
+
+  // --- Validate Referral Code ---
+  if (referralCode && referralCode.trim()) {
+    const valSpin = p.spinner();
+    valSpin.start('Checking referral code...');
+    try {
+      const validation = await validateReferralCode(url, referralCode.trim());
+      valSpin.stop(pc.green(`Referral code valid! You'll get $${validation.signup_bonus_usdc} in credits after your first API call.`));
+    } catch (err) {
+      valSpin.stop(pc.yellow('That referral code isn\'t valid — continuing without it.'));
+      referralCode = undefined;
+    }
+  }
 
   // --- Services ---
   const services = await p.multiselect({
@@ -74,94 +80,294 @@ export async function runSetup() {
       { value: 'notion', label: 'Notion', hint: 'pages, databases' },
       { value: 'discord', label: 'Discord', hint: 'messages, servers' },
       { value: 'twitter', label: 'Twitter/X', hint: 'tweets, threads' },
+      { value: 'agentmail', label: 'AgentMail', hint: 'email inboxes, send & receive' },
     ],
     required: true,
   });
   if (p.isCancel(services)) return cancelled();
 
-  // --- Confirm ---
-  const confirmed = await p.confirm({
-    message: `Register ${pc.bold(pc.green(agentId))} with ${services.length} service${services.length > 1 ? 's' : ''}?`,
+  // --- API Keys (optional) ---
+  const keyHints = {
+    stripe: 'Starts with sk_live_ or sk_test_',
+    github: 'Personal access token (ghp_ or github_pat_)',
+    slack: 'Bot token (xoxb-...)',
+    notion: 'Internal integration token (ntn_ or secret_)',
+    discord: 'Bot token from Discord Developer Portal',
+    twitter: 'OAuth 2.0 user access token',
+    agentmail: 'API key (am_...)',
+  };
+  const serviceNames = {
+    stripe: 'Stripe', github: 'GitHub', slack: 'Slack', notion: 'Notion',
+    discord: 'Discord', twitter: 'Twitter/X', agentmail: 'AgentMail',
+  };
+
+  const addKeys = await p.confirm({
+    message: 'Want to add your API keys now? (you can also do this later)',
+    initialValue: true,
   });
+  if (p.isCancel(addKeys)) return cancelled();
+
+  const apiKeys = {};
+  if (addKeys) {
+    for (const svc of services) {
+      const key = await p.password({
+        message: `${serviceNames[svc] || svc} API key ${pc.dim(`(${keyHints[svc] || 'paste key'})`)}`,
+        validate: (val) => {
+          if (!val) return; // allow skip
+          if (val.length < 10) return 'That looks too short — press Enter to skip';
+        },
+      });
+      if (p.isCancel(key)) return cancelled();
+      if (key && key.trim()) apiKeys[svc] = key.trim();
+    }
+  }
+
+  // --- Confirm ---
+  const keyCount = Object.keys(apiKeys).length;
+  const confirmMsg = keyCount
+    ? `Create Obol account ${pc.bold(pc.green(agentId))} with ${services.length} service${services.length > 1 ? 's' : ''} and ${keyCount} API key${keyCount > 1 ? 's' : ''}?`
+    : `Create Obol account ${pc.bold(pc.green(agentId))} with ${services.length} service${services.length > 1 ? 's' : ''}?`;
+  const confirmed = await p.confirm({ message: confirmMsg });
   if (p.isCancel(confirmed) || !confirmed) return cancelled();
 
   // --- Execute! ---
   console.log();
   const s = p.spinner();
 
-  // 1. Register agent
-  s.start('Registering your agent...');
-  const secret = randomBytes(32).toString('base64url');
+  // 1. Sign up
+  s.start('Creating your account...');
+  let jwt;
+  let expiresAt;
   try {
-    await registerAgent(url, adminKey, agentId, secret);
-    s.stop(pc.green(`Agent "${agentId}" registered. `) + cheer());
+    const result = await signup(url, agentId, services, referralCode?.trim() || undefined);
+    jwt = result.token;
+    expiresAt = new Date(result.expires_at * 1000);
+
+    if (result.referral) {
+      s.stop(pc.green(`Account "${agentId}" created with referral! $${result.referral.signup_bonus_referee} bonus unlocks after your first API call `) + cheer());
+    } else {
+      s.stop(pc.green(`Account "${agentId}" created! `) + cheer());
+    }
   } catch (err) {
     if (err.status === 409) {
-      s.stop(pc.yellow(`Agent "${agentId}" already exists — that's fine, we'll keep going.`));
+      s.stop(pc.red(`That account name was revoked — try a different name.`));
     } else {
-      s.stop(pc.red(`Couldn't register agent: ${err.message}`));
-      p.outro(pc.dim('Check your admin key and try again.'));
-      process.exit(1);
+      s.stop(pc.red(`Couldn't create account: ${err.message}`));
     }
-  }
-
-  // 2. Issue JWT
-  s.start('Getting your agent a JWT token...');
-  let jwt;
-  try {
-    const tokenData = await issueToken(url, adminKey, agentId);
-    jwt = tokenData.token;
-    const expiresAt = new Date(tokenData.expires_at * 1000);
-    s.stop(pc.green('JWT issued ') + pc.dim(`(expires ${expiresAt.toLocaleDateString()})`));
-  } catch (err) {
-    s.stop(pc.red(`Couldn't issue token: ${err.message}`));
-    p.outro(pc.dim('Something went wrong. Try again or check the gateway logs.'));
+    p.outro(pc.dim('Try again.'));
     process.exit(1);
   }
 
-  // 3. Create default policy
-  s.start('Setting up execution policy...');
-  try {
-    await createPolicy(url, adminKey, agentId, services);
-    s.stop(pc.green(`Policy created for ${services.join(', ')}. `) + cheer());
-  } catch (err) {
-    // Non-fatal — agent can still work without a named policy
-    s.stop(pc.yellow(`Couldn't create policy (${err.message}) — no worries, defaults apply.`));
+  // 2. Store API keys (if any)
+  if (Object.keys(apiKeys).length > 0) {
+    for (const [svc, key] of Object.entries(apiKeys)) {
+      s.start(`Encrypting ${serviceNames[svc] || svc} key...`);
+      try {
+        await storeBYOK(url, jwt, svc, key);
+        s.stop(pc.green(`${serviceNames[svc] || svc} connected! `) + cheer());
+      } catch (err) {
+        s.stop(pc.yellow(`Couldn't store ${serviceNames[svc] || svc} key: ${err.message}`));
+      }
+    }
   }
 
-  // 4. Save config
+  // 3. Save config
   s.start('Saving configuration...');
   const vars = {
     OBOL_GATEWAY_URL: url,
     OBOL_AGENT_ID: agentId,
     OBOL_JWT_TOKEN: jwt,
   };
-  if (walletAddress) {
-    vars.OBOL_WALLET_ADDRESS = walletAddress;
-  }
   const envPath = saveEnv(vars);
   s.stop(pc.green(`Saved to ${envPath}`));
 
-  // --- Celebration! ---
+  // 4. Detect project type and install SDK
+  let lang = detectProject();
+  let sdkInstalled = false;
+  let integrationFile = null;
+
+  if (!lang) {
+    lang = await p.select({
+      message: 'What language is your agent built in?',
+      options: [
+        { value: 'js', label: 'JavaScript / TypeScript' },
+        { value: 'python', label: 'Python' },
+      ],
+    });
+    if (p.isCancel(lang)) return cancelled();
+  }
+
+  const hasPackageJson = existsSync(resolve(process.cwd(), 'package.json'));
+
+  if (lang === 'js') {
+    if (hasPackageJson) {
+      s.start('Installing @obol/sdk...');
+      try {
+        execSync('npm install @obol/sdk', { stdio: 'pipe', timeout: 60000 });
+        s.stop(pc.green('SDK installed! ') + cheer());
+        sdkInstalled = true;
+      } catch {
+        s.stop(pc.yellow('Could not auto-install SDK. Run manually: npm install @obol/sdk'));
+      }
+    } else {
+      p.log.info(`Install the SDK when you're ready: ${pc.green('npm install @obol/sdk')}`);
+    }
+
+    // Generate integration file
+    const obolFile = resolve(process.cwd(), 'obol.js');
+    if (!existsSync(obolFile)) {
+      s.start('Generating integration file...');
+      writeFileSync(obolFile, jsIntegrationFile(agentId, services));
+      s.stop(pc.green('Created obol.js'));
+      integrationFile = 'obol.js';
+    }
+  } else if (lang === 'python') {
+    s.start('Installing obol-sdk...');
+    try {
+      execSync('pip install obol-sdk', { stdio: 'pipe', timeout: 60000 });
+      s.stop(pc.green('SDK installed! ') + cheer());
+      sdkInstalled = true;
+    } catch {
+      s.stop(pc.yellow('Could not auto-install SDK. Run manually: pip install obol-sdk'));
+    }
+
+    // Generate integration file
+    const obolFile = resolve(process.cwd(), 'obol_setup.py');
+    if (!existsSync(obolFile)) {
+      s.start('Generating integration file...');
+      writeFileSync(obolFile, pyIntegrationFile(agentId, services));
+      s.stop(pc.green('Created obol_setup.py'));
+      integrationFile = 'obol_setup.py';
+    }
+  }
+
+  // 5. Test connectivity
+  s.start('Testing connection...');
+  try {
+    const epData = await listEndpoints(url, jwt);
+    const eps = epData.endpoints || [];
+    const names = eps.map(e => e.provider || e.name).filter(Boolean);
+    s.stop(pc.green(`Connected! ${eps.length} endpoints available`) + (names.length ? ` (${names.join(', ')})` : ''));
+  } catch {
+    s.stop(pc.yellow('Could not verify connection — run obol test later to check'));
+  }
+
+  // --- Summary ---
   console.log();
-  p.log.success(pc.bold(`Your agent "${agentId}" is live on Obol!`));
+  p.log.success(pc.bold(`Your agent is connected to Obol!`));
   console.log();
 
-  if (walletAddress) {
-    p.log.info(`Micropayments enabled — your agent pays a few cents per call from ${pc.cyan(walletAddress.slice(0, 6) + '...' + walletAddress.slice(-4))}.`);
-  } else {
-    p.log.info(`No wallet linked. Buy credits with ${pc.green('obol tiers')} or add a wallet later.`);
+  if (sdkInstalled) {
+    console.log(`  ${pc.dim('SDK installed:')}     ${pc.green(lang === 'js' ? '@obol/sdk' : 'obol-sdk')}`);
+  }
+  if (integrationFile) {
+    console.log(`  ${pc.dim('Integration file:')} ${pc.green('./' + integrationFile)}`);
   }
+  console.log(`  ${pc.dim('Config saved:')}     ${pc.green(envPath)}`);
+  console.log();
 
+  // Prominent $0 balance warning
+  p.log.warn(pc.bold(pc.yellow('Your balance is $0.00 — you need credits before your agent can execute.')));
   console.log();
-  console.log(`  ${pc.dim('Check status:')}  ${pc.green('npx @obol/cli status')}`);
-  console.log(`  ${pc.dim('Add a key:')}     ${pc.green('npx @obol/cli connect github')}`);
-  console.log(`  ${pc.dim('View balance:')}  ${pc.green('npx @obol/cli balance')}`);
+
+  console.log(`  ${pc.bold('Next steps:')}`);
+  console.log(`    ${pc.dim('1.')} ${pc.bold('Buy credits')} ${pc.dim('(required)')}: ${pc.green('npx @obol/cli credits buy')}`);
+  console.log(`       ${pc.dim('or visit:')} ${pc.cyan('obolagents.com/dashboard')}`);
+  if (lang === 'js' && integrationFile) {
+    console.log(`    ${pc.dim('2.')} Use in your code:`);
+    console.log(`         ${pc.cyan("import { obol } from './obol.js';")}`);
+    console.log(`         ${pc.cyan("const result = await obol.execute(2, 'Create issue ...');")}`);
+  } else if (lang === 'python' && integrationFile) {
+    console.log(`    ${pc.dim('2.')} Use in your code:`);
+    console.log(`         ${pc.cyan("from obol_setup import obol")}`);
+    console.log(`         ${pc.cyan("result = obol.execute(2, 'Create issue ...', idempotency_key='...')")}`);
+  }
+  console.log();
+  console.log(`  ${pc.dim('Dashboard:')}  ${pc.green('npx @obol/cli token')} → paste at ${pc.cyan('obolagents.com/dashboard')}`);
+  console.log(`  ${pc.dim('Token:')}      Refreshes automatically — run ${pc.green('npx @obol/cli test')} anytime to verify.`);
+  console.log();
+
+  p.log.info(`${pc.bold('Earn credits by referring other agents!')} Run ${pc.green('npx @obol/cli referral code')} to get started.`);
   console.log();
 
   p.outro('Go build something awesome. ' + pc.green('⚡'));
 }
 
+function detectProject() {
+  const cwd = process.cwd();
+  if (existsSync(resolve(cwd, 'package.json'))) return 'js';
+  if (existsSync(resolve(cwd, 'requirements.txt'))) return 'python';
+  if (existsSync(resolve(cwd, 'pyproject.toml'))) return 'python';
+  return null;
+}
+
+function jsIntegrationFile(agentId, services) {
+  const providerMap = { stripe: 1, github: 2, slack: 3, notion: 4, discord: 5, twitter: 6, agentmail: 7 };
+  const examples = services
+    .map(svc => {
+      const id = providerMap[svc];
+      const ex = {
+        stripe: `await obol.execute(${id}, 'Create invoice for $50 to customer@example.com');`,
+        github: `await obol.execute(${id}, 'Create issue titled "Bug report" in owner/repo');`,
+        slack: `await obol.execute(${id}, 'Send message "Hello team" to #general');`,
+        notion: `await obol.execute(${id}, 'Create page titled "Meeting Notes"');`,
+        discord: `await obol.execute(${id}, 'Send message "Hello" to channel 123456');`,
+        twitter: `await obol.execute(${id}, 'Post tweet: Just shipped a new feature!');`,
+        agentmail: `await obol.execute(${id}, 'Send email to user@example.com subject "Hello"');`,
+      };
+      return `//   ${ex[svc] || `await obol.execute(${id}, 'your intent here');`}`;
+    })
+    .join('\n');
+
+  return `import { ObolClient } from '@obol/sdk';
+
+// Pre-configured Obol client — reads OBOL_JWT_TOKEN from .env automatically
+export const obol = new ObolClient();
+
+// Provider IDs: 1=Stripe, 2=GitHub, 3=Slack, 4=Notion, 5=Discord, 6=Twitter, 7=AgentMail
+//
+// Usage:
+//   import { obol } from './obol.js';
+${examples}
+`;
+}
+
+function pyIntegrationFile(agentId, services) {
+  const providerMap = { stripe: 1, github: 2, slack: 3, notion: 4, discord: 5, twitter: 6, agentmail: 7 };
+  const examples = services
+    .map(svc => {
+      const id = providerMap[svc];
+      const ex = {
+        stripe: `# obol.execute(${id}, 'Create invoice for $50 to customer@example.com', idempotency_key='unique-key')`,
+        github: `# obol.execute(${id}, 'Create issue titled "Bug report" in owner/repo', idempotency_key='unique-key')`,
+        slack: `# obol.execute(${id}, 'Send message "Hello team" to #general', idempotency_key='unique-key')`,
+        notion: `# obol.execute(${id}, 'Create page titled "Meeting Notes"', idempotency_key='unique-key')`,
+        discord: `# obol.execute(${id}, 'Send message "Hello" to channel 123456', idempotency_key='unique-key')`,
+        twitter: `# obol.execute(${id}, 'Post tweet: Just shipped a new feature!', idempotency_key='unique-key')`,
+        agentmail: `# obol.execute(${id}, 'Send email to user@example.com subject "Hello"', idempotency_key='unique-key')`,
+      };
+      return ex[svc] || `# obol.execute(${id}, 'your intent here', idempotency_key='unique-key')`;
+    })
+    .join('\n');
+
+  return `import os
+from obol_sdk import ObolClient
+
+# Pre-configured Obol client — reads from environment variables
+obol = ObolClient(
+    gateway_url=os.getenv("OBOL_GATEWAY_URL", "https://www.obolagents.com"),
+    agent_id=os.getenv("OBOL_AGENT_ID", "${agentId}"),
+    jwt_token=os.getenv("OBOL_JWT_TOKEN", ""),
+)
+
+# Provider IDs: 1=Stripe, 2=GitHub, 3=Slack, 4=Notion, 5=Discord, 6=Twitter, 7=AgentMail
+#
+# Usage:
+#   from obol_setup import obol
+${examples}
+`;
+}
+
 function cancelled() {
   p.cancel('Setup cancelled. Come back anytime!');
   process.exit(0);