@okx_ai/okx-trade-mcp 1.3.2-beta.2 → 1.3.2-beta.4

package/dist/index.js

@@ -22,18 +22,21 @@ import {
 import { homedir as homedir2 } from "os";
 import { join as join2, dirname } from "path";
 import { createHmac } from "crypto";
+import { spawn, execFile as execFile2 } from "child_process";
+import { homedir as homedir3 } from "os";
+import { join as join3 } from "path";
 import fs from "fs";
 import path from "path";
 import os from "os";
 import { writeFileSync as writeFileSync2, renameSync as renameSync2, unlinkSync as unlinkSync2, mkdirSync as mkdirSync2 } from "fs";
-import { join as join3, resolve, basename, sep } from "path";
+import { join as join4, resolve, basename, sep } from "path";
 import { randomUUID } from "crypto";
 import yauzl from "yauzl";
-import { join as join5, dirname as dirname3 } from "path";
-import { homedir as homedir3 } from "os";
-import { readFileSync as readFileSync4, writeFileSync as writeFileSync4, mkdirSync as mkdirSync5, existsSync as existsSync3 } from "fs";
-import { join as join6, dirname as dirname4 } from "path";
+import { join as join6, dirname as dirname3 } from "path";
 import { homedir as homedir4 } from "os";
+import { readFileSync as readFileSync4, writeFileSync as writeFileSync4, mkdirSync as mkdirSync5, existsSync as existsSync3 } from "fs";
+import { join as join7, dirname as dirname4 } from "path";
+import { homedir as homedir5 } from "os";
 
 // ../../node_modules/.pnpm/smol-toml@1.6.0/node_modules/smol-toml/dist/error.js
 function getLineColFromPtr(string, ptr) {
@@ -722,8 +725,8 @@ function parse(toml, { maxDepth = 1e3, integersAsBigInt } = {}) {
 
 // ../core/dist/index.js
 import { readFileSync as readFileSync5, writeFileSync as writeFileSync5, mkdirSync as mkdirSync6, existsSync as existsSync4 } from "fs";
-import { join as join7 } from "path";
-import { homedir as homedir5 } from "os";
+import { join as join8 } from "path";
+import { homedir as homedir6 } from "os";
 import fs2 from "fs";
 import path2 from "path";
 import os2 from "os";
@@ -731,6 +734,8 @@ import * as fs3 from "fs";
 import * as path3 from "path";
 import * as os3 from "os";
 import { execFileSync } from "child_process";
+import { join as join12 } from "path";
+import { homedir as homedir10 } from "os";
 var EXEC_TIMEOUT_MS = 3e4;
 var ALLOWED_DOMAIN_RE = /^[\w.-]+\.okx\.com$/;
 var PILOT_BIN_DIR = join(homedir(), ".okx", "bin");
@@ -1042,6 +1047,11 @@ var ConfigError = class extends OkxMcpError {
     super("ConfigError", message, { suggestion });
   }
 };
+var NotLoggedInError = class extends ConfigError {
+  constructor(suggestion = "Run `okx auth login` to authenticate.") {
+    super("Not logged in.", suggestion);
+  }
+};
 var ValidationError = class extends OkxMcpError {
   constructor(message, suggestion) {
     super("ValidationError", message, { suggestion });
@@ -1094,6 +1104,97 @@ function toToolErrorPayload(error, fallbackEndpoint) {
     timestamp: (/* @__PURE__ */ new Date()).toISOString()
   };
 }
+var EXIT_CODES = {
+  SUCCESS: 0,
+  UNAUTHORIZED_CALLER: 1,
+  NOT_LOGGED_IN: 2,
+  REFRESH_FAILED: 3
+};
+var EXEC_TIMEOUT_MS2 = 5e3;
+var AUTH_BIN_DIR = join3(homedir3(), ".okx", "bin");
+function getAuthBinaryPath() {
+  if (process.env.OKX_AUTH_BIN) {
+    return process.env.OKX_AUTH_BIN;
+  }
+  const ext = process.platform === "win32" ? ".exe" : "";
+  return join3(AUTH_BIN_DIR, `okx-auth${ext}`);
+}
+function execAuthToken() {
+  const binPath = getAuthBinaryPath();
+  return new Promise((resolve3, reject) => {
+    const child = spawn(binPath, ["token"], {
+      stdio: ["ignore", "ignore", "inherit", "pipe"]
+      //       stdin    stdout    stderr     fd3 (pipe)
+    });
+    const chunks = [];
+    const fd3 = child.stdio[3];
+    fd3.on("data", (chunk) => chunks.push(chunk));
+    child.on("error", (err) => {
+      reject(new ConfigError(
+        `Failed to spawn okx-auth: ${err.message}`,
+        "Ensure the okx-auth binary exists and is executable."
+      ));
+    });
+    child.on("close", (code) => {
+      if (code === EXIT_CODES.SUCCESS) {
+        const token = Buffer.concat(chunks).toString("utf-8").trim();
+        if (!token) {
+          reject(new AuthenticationError(
+            "okx-auth returned empty token.",
+            "Run `okx auth login` to re-authenticate."
+          ));
+          return;
+        }
+        resolve3(token);
+        return;
+      }
+      if (code === EXIT_CODES.NOT_LOGGED_IN) {
+        reject(new NotLoggedInError());
+        return;
+      }
+      if (code === EXIT_CODES.UNAUTHORIZED_CALLER) {
+        reject(new AuthenticationError(
+          "okx-auth rejected the caller (unauthorized).",
+          "Ensure you are running from a trusted OKX tool."
+        ));
+        return;
+      }
+      if (code === EXIT_CODES.REFRESH_FAILED) {
+        reject(new AuthenticationError(
+          "Token refresh failed.",
+          "Run `okx auth login` to re-authenticate."
+        ));
+        return;
+      }
+      reject(new AuthenticationError(
+        `okx-auth token exited with code ${code}.`,
+        "Run `okx auth login` to re-authenticate."
+      ));
+    });
+  });
+}
+function execAuthStatus() {
+  const binPath = getAuthBinaryPath();
+  return new Promise((resolve3) => {
+    execFile2(
+      binPath,
+      ["status", "--json"],
+      { timeout: EXEC_TIMEOUT_MS2, encoding: "utf-8" },
+      (error, stdout) => {
+        if (error) {
+          resolve3(null);
+          return;
+        }
+        try {
+          const result = JSON.parse(stdout);
+          resolve3(result);
+        } catch {
+          resolve3(null);
+        }
+      }
+    );
+  });
+}
 function sleep(ms) {
   return new Promise((resolve3) => {
     setTimeout(resolve3, ms);
@@ -1225,6 +1326,7 @@ function maskKey(key) {
   if (key.length <= 8) return "***";
   return `${key.slice(0, 3)}***${key.slice(-3)}`;
 }
+var TOKEN_CACHE_TTL_MS = 6e4;
 function vlog2(message) {
   process.stderr.write(`[verbose] ${message}
 `);
@@ -1233,6 +1335,8 @@ var OkxRestClient = class _OkxRestClient {
   config;
   rateLimiter;
   dispatcher;
+  cachedAccessToken;
+  cachedAccessTokenAt = 0;
   pilot;
   constructor(config) {
     this.config = config;
@@ -1247,6 +1351,51 @@ var OkxRestClient = class _OkxRestClient {
       hasCustomProxy: !!config.proxyUrl
     });
   }
+  /**
+   * Resolve OAuth access token via the okx-auth binary (fd3 pipe).
+   * Caches the token for 60 s to avoid spawning the binary on every
+   * request. The binary handles refresh internally (300s TTL lead),
+   * so periodic re-calls let it serve a fresh token when needed.
+   * Returns null when not logged in.
+   */
+  async resolveAccessToken() {
+    if (this.cachedAccessToken && Date.now() - this.cachedAccessTokenAt < TOKEN_CACHE_TTL_MS) {
+      return this.cachedAccessToken;
+    }
+    try {
+      const token = await execAuthToken();
+      this.cachedAccessToken = token;
+      this.cachedAccessTokenAt = Date.now();
+      return token;
+    } catch (e) {
+      if (e instanceof NotLoggedInError) {
+        return null;
+      }
+      throw e;
+    }
+  }
+  /**
+   * Dynamic auth — determines auth method per request.
+   *
+   * 1. API key in config → HMAC signing (no OAuth fallback)
+   * 2. OAuth token via okx-auth binary → Bearer token
+   * 3. Neither → throw ConfigError
+   */
+  async applyAuth(headers, method, requestPath, bodyJson, timestamp) {
+    if (this.config.apiKey && this.config.secretKey && this.config.passphrase) {
+      this.setAuthHeaders(headers, method, requestPath, bodyJson, timestamp);
+      return;
+    }
+    const accessToken = await this.resolveAccessToken();
+    if (accessToken) {
+      headers.set("Authorization", `Bearer ${accessToken}`);
+      return;
+    }
+    throw new ConfigError(
+      "No credentials found.",
+      "Run `okx auth login` to authenticate, or configure API key credentials."
+    );
+  }
   /** The canonical base URL for this client (e.g. https://www.okx.com). */
   get baseUrl() {
     return this.config.baseUrl;
@@ -1305,18 +1454,6 @@ var OkxRestClient = class _OkxRestClient {
     });
   }
   setAuthHeaders(headers, method, requestPath, bodyJson, timestamp) {
-    if (!this.config.hasAuth) {
-      throw new ConfigError(
-        "Private endpoint requires API credentials.",
-        "Configure OKX_API_KEY, OKX_SECRET_KEY and OKX_PASSPHRASE."
-      );
-    }
-    if (!this.config.apiKey || !this.config.secretKey || !this.config.passphrase) {
-      throw new ConfigError(
-        "Invalid private API credentials state.",
-        "Ensure all OKX credentials are set."
-      );
-    }
     const payload = `${timestamp}${method.toUpperCase()}${requestPath}${bodyJson}`;
     const signature = signOkxPayload(payload, this.config.secretKey);
     headers.set("OK-ACCESS-KEY", this.config.apiKey);
@@ -1431,7 +1568,7 @@ var OkxRestClient = class _OkxRestClient {
     const conn = this.pilot.getConnectionParams();
     this.logRequest("POST", `${conn.baseUrl}${path4}`, "private");
     const reqConfig = { method: "POST", path: path4, auth: "private" };
-    const headers = this.buildHeaders(reqConfig, path4, bodyJson, getNow());
+    const headers = await this.buildHeaders(reqConfig, path4, bodyJson, getNow());
     if (conn.userAgent) {
       headers.set("User-Agent", conn.userAgent);
     }
@@ -1552,7 +1689,7 @@ var OkxRestClient = class _OkxRestClient {
   // Header building
   // ---------------------------------------------------------------------------
   /** Build HTTP headers. reqConfig.extraHeaders must NOT contain auth keys (OK-ACCESS-*). */
-  buildHeaders(reqConfig, requestPath, bodyJson, timestamp) {
+  async buildHeaders(reqConfig, requestPath, bodyJson, timestamp) {
     const headers = new Headers({
       "Content-Type": "application/json",
       Accept: "application/json"
@@ -1561,7 +1698,7 @@ var OkxRestClient = class _OkxRestClient {
       headers.set("User-Agent", this.config.userAgent);
     }
     if (reqConfig.auth === "private") {
-      this.setAuthHeaders(headers, reqConfig.method, requestPath, bodyJson, timestamp);
+      await this.applyAuth(headers, reqConfig.method, requestPath, bodyJson, timestamp);
     }
     const useSimulated = reqConfig.simulatedTrading !== void 0 ? reqConfig.simulatedTrading : this.config.demo;
     if (useSimulated) {
@@ -1615,7 +1752,7 @@ var OkxRestClient = class _OkxRestClient {
     if (reqConfig.rateLimit) {
       await this.rateLimiter.consume(reqConfig.rateLimit);
     }
-    const headers = this.buildHeaders(reqConfig, requestPath, bodyJson, timestamp);
+    const headers = await this.buildHeaders(reqConfig, requestPath, bodyJson, timestamp);
     if (conn.userAgent) {
       headers.set("User-Agent", conn.userAgent);
     }
@@ -1767,6 +1904,23 @@ function privateRateLimit(key, rps = 10) {
     refillPerSecond: rps
   };
 }
+var CURSOR_PROPS = {
+  after: { type: "string", description: "Cursor: return older records" },
+  before: { type: "string", description: "Cursor: return newer records" }
+};
+var TIME_RANGE_PROPS = {
+  begin: { type: "string", description: "Start time (ms)" },
+  end: { type: "string", description: "End time (ms)" }
+};
+function readPaginationParams(args, readStr, readNum) {
+  return {
+    after: readStr(args, "after"),
+    before: readStr(args, "before"),
+    begin: readStr(args, "begin"),
+    end: readStr(args, "end"),
+    limit: readNum(args, "limit")
+  };
+}
 function assertNotDemo(config, endpoint) {
   if (config.demo) {
     throw new ConfigError(
@@ -2038,7 +2192,7 @@ var OKX_SITES = {
   },
   us: {
     label: "US",
-    apiBaseUrl: "https://app.okx.com",
+    apiBaseUrl: "https://us.okx.com",
     webUrl: "https://app.okx.com"
   }
 };
@@ -3557,7 +3711,7 @@ function safeWriteFile(targetDir, fileName, data) {
     throw new Error(`Invalid file name: "${fileName}"`);
   }
   const resolvedDir = resolve(targetDir);
-  const filePath = join3(resolvedDir, safeName);
+  const filePath = join4(resolvedDir, safeName);
   const resolvedPath = resolve(filePath);
   if (!resolvedPath.startsWith(resolvedDir + sep)) {
     throw new Error(`Path traversal detected: "${fileName}" resolves outside target directory`);
@@ -3600,7 +3754,7 @@ async function downloadSkillZip(client, name, targetDir, format = "zip") {
   return filePath;
 }
 var DEFAULT_MAX_TOTAL_BYTES = 100 * 1024 * 1024;
-var DEFAULT_REGISTRY_PATH = join5(homedir3(), ".okx", "skills", "registry.json");
+var DEFAULT_REGISTRY_PATH = join6(homedir4(), ".okx", "skills", "registry.json");
 function registerSkillsTools() {
   return [
     {
@@ -5998,37 +6152,45 @@ function registerEventContractTools() {
     {
       name: "event_get_orders",
       module: "event",
-      description: "Query event contract orders. state=live for open orders; omit for history. outcome pre-translated (YES/NO/UP/DOWN).",
+      description: "Query event contract orders (open, 7d history, or 3-month archive). outcome pre-translated (YES/NO/UP/DOWN). Do NOT use for trade executions \u2014 use event_get_fills for fill records and settlement outcomes.",
       isWrite: false,
       inputSchema: {
         type: "object",
         properties: {
-          instId: {
+          status: {
             type: "string",
-            description: "Event contract instrument ID"
+            enum: ["open", "history", "archive"],
+            description: "open=active, history=7d (default), archive=3mo"
           },
-          state: {
+          instId: {
             type: "string",
-            description: "live=pending orders; omit for history"
+            description: "Event contract instrument ID"
           },
-          limit: {
-            type: "number",
-            description: "Max results (default 20)"
-          }
+          ordType: { type: "string", description: "Order type filter" },
+          state: { type: "string", description: "canceled|filled (only for history/archive)" },
+          ...CURSOR_PROPS,
+          ...TIME_RANGE_PROPS,
+          limit: { type: "number", description: "Max results (default 100)" }
         }
       },
       handler: async (rawArgs, context) => {
         const args = asRecord(rawArgs);
-        const state = readString(args, "state");
-        const isPending = state === "live";
-        const endpoint = isPending ? "/api/v5/trade/orders-pending" : "/api/v5/trade/orders-history";
+        const status = readString(args, "status") ?? "history";
+        const endpointMap = {
+          open: "/api/v5/trade/orders-pending",
+          archive: "/api/v5/trade/orders-history-archive"
+        };
+        const endpoint = endpointMap[status] ?? "/api/v5/trade/orders-history";
+        const params = compactObject({
+          instType: "EVENTS",
+          instId: readString(args, "instId"),
+          ordType: readString(args, "ordType"),
+          state: readString(args, "state"),
+          ...readPaginationParams(args, readString, readNumber)
+        });
         const response = await context.client.privateGet(
           endpoint,
-          compactObject({
-            instType: "EVENTS",
-            instId: readString(args, "instId"),
-            limit: readNumber(args, "limit")
-          }),
+          params,
           privateRateLimit("event_get_orders", 20)
         );
         const base = normalizeResponse(response);
@@ -6042,41 +6204,51 @@ function registerEventContractTools() {
             stateLabel: mapOrderState(String(item["state"] ?? ""))
           };
         }) : base["data"];
-        return { ...base, data };
+        return { ...base, data, requestParams: params };
       }
     },
     {
       name: "event_get_fills",
       module: "event",
-      description: "Get event contract fill history. outcome pre-translated (YES/NO/UP/DOWN). Each record includes a 'type' field: 'fill' (subType 410, opening trade) or 'settlement' (subType 414 win / subType 415 loss, contract expiry payout). Settlement records include 'settlementResult' (win/loss) and 'pnl' fields \u2014 no separate market lookup needed to determine outcome.",
+      description: "Get event contract fill history (trade executions and settlement payouts). archive=true for up to 3mo, false (default) for last 3d. outcome pre-translated (YES/NO/UP/DOWN). Each record includes a 'type' field: 'fill' (opening trade) or 'settlement' (expiry payout with settlementResult win/loss and pnl). Do NOT use for order status \u2014 use event_get_orders instead.",
       isWrite: false,
       inputSchema: {
         type: "object",
         properties: {
+          archive: {
+            type: "boolean",
+            description: "true=up to 3mo, false=3d (default)"
+          },
           instId: {
             type: "string",
             description: "Event contract instrument ID"
           },
-          limit: {
-            type: "number",
-            description: "Max results (default 20)"
-          }
+          ordId: { type: "string", description: "Order ID filter" },
+          ...CURSOR_PROPS,
+          ...TIME_RANGE_PROPS,
+          limit: { type: "number", description: "Max results (default 100 or 20 for archive)" }
         }
       },
       handler: async (rawArgs, context) => {
         const args = asRecord(rawArgs);
+        const archive = readBoolean(args, "archive") ?? false;
+        const path4 = archive ? "/api/v5/trade/fills-history" : "/api/v5/trade/fills";
+        const paging = readPaginationParams(args, readString, readNumber);
+        const params = compactObject({
+          instType: "EVENTS",
+          instId: readString(args, "instId"),
+          ordId: readString(args, "ordId"),
+          ...paging,
+          limit: paging.limit ?? (archive ? 20 : void 0)
+        });
         const response = await context.client.privateGet(
-          "/api/v5/trade/fills",
-          compactObject({
-            instType: "EVENTS",
-            instId: readString(args, "instId"),
-            limit: readNumber(args, "limit")
-          }),
+          path4,
+          params,
           privateRateLimit("event_get_fills", 20)
         );
         const base = normalizeResponse(response);
         const data = Array.isArray(base["data"]) ? base["data"].map(enrichFill) : base["data"];
-        return { ...base, data };
+        return { ...base, data, requestParams: params };
       }
     },
     // -----------------------------------------------------------------------
@@ -6160,7 +6332,7 @@ function registerEventContractTools() {
     {
       name: "event_amend_order",
       module: "event",
-      description: "Amend a pending event contract order (change price or size). [CAUTION] Modifies a real order. Before amending, call event_get_orders(state=live) to obtain the ordId and confirm the order is still pending. Only limit/post_only orders can be amended.",
+      description: "Amend a pending event contract order (change price or size). [CAUTION] Modifies a real order. Before amending, call event_get_orders(status=open) to obtain the ordId and confirm the order is still pending. Only limit/post_only orders can be amended.",
       isWrite: true,
       inputSchema: {
         type: "object",
@@ -6191,7 +6363,7 @@ function registerEventContractTools() {
     {
       name: "event_cancel_order",
       module: "event",
-      description: "Cancel a pending event contract order. [CAUTION] Cancels a real order. Before cancelling, call event_get_orders(state=live) to obtain the ordId and confirm the order is still pending. instId must be the full event contract instrument ID (e.g. BTC-ABOVE-DAILY-260224-1600-69700), NOT a spot trading pair.",
+      description: "Cancel a pending event contract order. [CAUTION] Cancels a real order. Before cancelling, call event_get_orders(status=open) to obtain the ordId and confirm the order is still pending. instId must be the full event contract instrument ID (e.g. BTC-ABOVE-DAILY-260224-1600-69700), NOT a spot trading pair.",
       isWrite: true,
       inputSchema: {
         type: "object",
@@ -6239,27 +6411,27 @@ var PATH_SIGNAL_HISTORY = "/api/v5/journal/smartmoney/signal-history";
 var SIGNAL_POOL_FILTER_PROPS = {
   sortType: {
     type: "string",
-    description: "pnl or pnlRatio"
+    description: "Pool ranking: pnl|pnlRatio (default pnl)"
   },
   period: {
     type: "string",
-    description: "3|7|30|90 days"
+    description: "Win-rate window days: 3|7|30|90 (default 90). Not snapshot range."
   },
   pnl: {
     type: "string",
-    description: "PNL_ANY|PNL_TOP50|PNL_TOP20|PNL_TOP5"
+    description: "Top N% by PnL: PNL_ANY|PNL_TOP50|PNL_TOP20|PNL_TOP5 (default PNL_ANY)"
   },
   winRatio: {
     type: "string",
-    description: "WR_ANY|WR_GE_50|WR_GE_80"
+    description: "Min win-rate: WR_ANY|WR_GE_50|WR_GE_80 (default WR_ANY)"
   },
   maxRetreat: {
     type: "string",
-    description: "MR_ANY|MR_LE_20|MR_LE_50"
+    description: "Max drawdown: MR_ANY|MR_LE_20|MR_LE_50 (default MR_ANY)"
   },
   asset: {
     type: "string",
-    description: "AUM_ANY|AUM_TOP50|AUM_TOP20|AUM_TOP5"
+    description: "Top N% by AUM: AUM_ANY|AUM_TOP50|AUM_TOP20|AUM_TOP5 (default AUM_ANY)"
   }
 };
 var LEADERBOARD_POOL_FILTER_PROPS = {
@@ -6311,39 +6483,39 @@ function registerSmartmoneyTools() {
     {
       name: "smartmoney_get_overview",
       module: "smartmoney",
-      description: "Multi-currency smart money overview ranked by most-watched currencies. Pass ts=Date.now() for latest data, or dataVersion (yyyyMMddHHmm) from a prior call. For single-currency signal with entry prices and trend, use smartmoney_get_signal.",
+      description: "Multi-currency smart money overview, ranked by tradersWithPosition DESC (most-watched first). Requires either ts (recommended, Date.now()) or dataVersion (yyyyMMddHHmm UTC) \u2014 at least one must be set; ts wins when both are sent. For single-currency signal with entry prices and trend, use smartmoney_get_signal.",
       isWrite: false,
       inputSchema: {
         type: "object",
         properties: {
-          dataVersion: {
+          ts: {
             type: "string",
-            description: "yyyyMMddHHmm UTC (or use ts)"
+            description: "Recommended. Timestamp ms \u2014 use Date.now() for latest."
           },
-          ts: {
+          dataVersion: {
             type: "string",
-            description: "Timestamp ms (or use dataVersion)"
+            description: "Alternative. yyyyMMddHHmm UTC for prior snapshot. If both sent, ts wins."
           },
           instType: {
             type: "string",
-            description: "SPOT|MARGIN|FUTURES|SWAP|OPTION"
+            description: "SPOT|MARGIN|FUTURES|SWAP|OPTION (default SWAP)"
           },
           ...SIGNAL_POOL_FILTER_PROPS,
           lmtNum: {
             type: "string",
-            description: "Trader pool size 1-500"
+            description: "Trader pool size 1-500 (default 100)"
           },
           instCcyList: {
             type: "string",
-            description: "Comma-separated e.g. BTC,ETH,SOL"
+            description: "Comma-separated currency codes e.g. BTC,ETH,SOL (prefix-matched against instId)"
           },
           instCcy: {
             type: "string",
-            description: "Single currency e.g. BTC"
+            description: "Single currency e.g. BTC; alias for instCcyList (instCcyList wins if both set)"
           },
           topInstruments: {
             type: "string",
-            description: "Top N instruments 1-100"
+            description: "Top N instruments 1-100 (default 20)"
           }
         }
       },
@@ -6375,7 +6547,7 @@ function registerSmartmoneyTools() {
     {
       name: "smartmoney_get_signal",
       module: "smartmoney",
-      description: "Single-currency consensus signal: long/short ratio, entry prices, trend, capital flow. Prefer instId (e.g. BTC-USDT-SWAP); instCcy is accepted but may return empty \u2014 use instId for reliable results. Pass ts=Date.now() for latest data, or dataVersion from a prior call. For multi-currency overview, use smartmoney_get_overview. For timeline, use smartmoney_get_signal_history.",
+      description: "Single-currency consensus signal: long/short ratio, entry prices, trend, capital flow. Requires either instId (e.g. BTC-USDT-SWAP, recommended) or instCcy (SPOT/SWAP only) \u2014 instId wins when both are sent. Requires either ts (recommended, Date.now()) or dataVersion (yyyyMMddHHmm UTC) \u2014 at least one must be set; ts wins when both are sent. For multi-currency overview, use smartmoney_get_overview. For timeline, use smartmoney_get_signal_history.",
       isWrite: false,
       inputSchema: {
         type: "object",
@@ -6386,24 +6558,24 @@ function registerSmartmoneyTools() {
           },
           instCcy: {
             type: "string",
-            description: "e.g. BTC, SPOT/SWAP only. May return empty \u2014 prefer instId."
+            description: "e.g. BTC (SPOT/SWAP only); instId takes precedence if both set"
           },
-          dataVersion: {
+          ts: {
             type: "string",
-            description: "yyyyMMddHHmm UTC (or use ts)"
+            description: "Recommended. Timestamp ms \u2014 use Date.now() for latest."
           },
-          ts: {
+          dataVersion: {
             type: "string",
-            description: "Timestamp ms (or use dataVersion)"
+            description: "Alternative. yyyyMMddHHmm UTC for prior snapshot. If both sent, ts wins."
           },
           ...SIGNAL_POOL_FILTER_PROPS,
           lmtNum: {
             type: "string",
-            description: "Trader pool size 1-500"
+            description: "Trader pool size 1-500 (default 100)"
           },
           authorIds: {
             type: "string",
-            description: "Comma-separated user IDs e.g. 1001,1002"
+            description: "Comma-separated user IDs e.g. 1001,1002 \u2014 restricts the trader pool to these IDs only (precise filter)"
           }
         }
       },
@@ -6439,7 +6611,7 @@ function registerSmartmoneyTools() {
     {
       name: "smartmoney_get_signal_history",
       module: "smartmoney",
-      description: "Signal history timeline sorted by ts DESC for trend analysis. Requires instId. Pass ts=Date.now() for latest data, or dataVersion from a prior call. For current snapshot, use smartmoney_get_signal.",
+      description: "Signal history timeline sorted by ts DESC for trend analysis. Requires instId. Requires either ts (recommended, Date.now()) or dataVersion (yyyyMMddHHmm UTC) \u2014 at least one must be set; ts wins when both are sent. For current snapshot, use smartmoney_get_signal.",
       isWrite: false,
       inputSchema: {
         type: "object",
@@ -6448,13 +6620,13 @@ function registerSmartmoneyTools() {
             type: "string",
             description: "e.g. BTC-USDT-SWAP"
           },
-          dataVersion: {
+          ts: {
             type: "string",
-            description: "yyyyMMddHHmm UTC (or use ts)"
+            description: "Recommended. Timestamp ms \u2014 use Date.now() for latest."
           },
-          ts: {
+          dataVersion: {
             type: "string",
-            description: "Timestamp ms (or use dataVersion)"
+            description: "Alternative. yyyyMMddHHmm UTC for prior snapshot. If both sent, ts wins."
           },
           granularity: {
             type: "string",
@@ -9967,7 +10139,7 @@ function toMcpTool(tool) {
   };
 }
 function configFilePath() {
-  return join6(homedir4(), ".okx", "config.toml");
+  return join7(homedir5(), ".okx", "config.toml");
 }
 function readFullConfig() {
   const path4 = configFilePath();
@@ -9986,11 +10158,6 @@ Or re-run: okx config init`
     );
   }
 }
-function readTomlProfile(profileName) {
-  const config = readFullConfig();
-  const name = profileName ?? config.default_profile ?? "default";
-  return config.profiles?.[name] ?? {};
-}
 function expandShorthand(moduleId) {
   if (moduleId === "all") return [...MODULES];
   if (moduleId === "earn" || moduleId === "earn.all") return [...EARN_SUB_MODULE_IDS];
@@ -10024,18 +10191,24 @@ function parseModuleList(rawModules) {
   }
   return Array.from(deduped);
 }
-function loadCredentials(toml) {
+async function loadCredentials(toml) {
   const apiKey = process.env.OKX_API_KEY?.trim() ?? toml.api_key;
   const secretKey = process.env.OKX_SECRET_KEY?.trim() ?? toml.secret_key;
   const passphrase = process.env.OKX_PASSPHRASE?.trim() ?? toml.passphrase;
-  const hasAuth = Boolean(apiKey && secretKey && passphrase);
+  const hasApiKey = Boolean(apiKey && secretKey && passphrase);
   const partialAuth = Boolean(apiKey) || Boolean(secretKey) || Boolean(passphrase);
-  if (partialAuth && !hasAuth) {
+  if (partialAuth && !hasApiKey) {
     throw new ConfigError(
       "Partial API credentials detected.",
       "Set OKX_API_KEY, OKX_SECRET_KEY and OKX_PASSPHRASE together (env vars or config.toml profile)."
     );
   }
+  let hasOAuth = false;
+  if (!hasApiKey) {
+    const status = await execAuthStatus();
+    hasOAuth = status?.status === "logged_in";
+  }
+  const hasAuth = hasOAuth || hasApiKey;
   return { apiKey, secretKey, passphrase, hasAuth };
 }
 function resolveSite(cliSite, tomlSite) {
@@ -10069,9 +10242,11 @@ function resolveDemo(cli, toml) {
   if (cli.demo === true) return true;
   return process.env.OKX_DEMO === "1" || process.env.OKX_DEMO === "true" || (toml.demo ?? false);
 }
-function loadConfig(cli) {
-  const toml = readTomlProfile(cli.profile);
-  const creds = loadCredentials(toml);
+async function loadConfig(cli) {
+  const config = readFullConfig();
+  const profileName = cli.profile ?? config.default_profile ?? "default";
+  const toml = config.profiles?.[profileName] ?? {};
+  const creds = await loadCredentials(toml);
   const demo = resolveDemo(cli, toml);
   const site = resolveSite(cli.site, toml.site);
   const baseUrl = resolveBaseUrl(site, toml.base_url);
@@ -10091,6 +10266,7 @@ function loadConfig(cli) {
   }
   return {
     ...creds,
+    profile: profileName,
     baseUrl,
     timeoutMs: Math.floor(rawTimeout),
     modules: parseModuleList(cli.modules),
@@ -10103,7 +10279,7 @@ function loadConfig(cli) {
     verbose: cli.verbose ?? false
   };
 }
-var CACHE_FILE = join7(homedir5(), ".okx", "update-check.json");
+var CACHE_FILE = join8(homedir6(), ".okx", "update-check.json");
 var CHECK_INTERVAL_MS = 24 * 60 * 60 * 1e3;
 function readCache2() {
   try {
@@ -10116,7 +10292,7 @@ function readCache2() {
 }
 function writeCache2(cache) {
   try {
-    mkdirSync6(join7(homedir5(), ".okx"), { recursive: true });
+    mkdirSync6(join8(homedir6(), ".okx"), { recursive: true });
     writeFileSync5(CACHE_FILE, JSON.stringify(cache, null, 2), "utf-8");
   } catch {
   }
@@ -10270,13 +10446,13 @@ function findMsStoreClaudePath() {
 }
 function getConfigPath(client) {
   const home = os3.homedir();
-  const platform2 = process.platform;
+  const platform3 = process.platform;
   switch (client) {
     case "claude-desktop":
-      if (platform2 === "win32") {
+      if (platform3 === "win32") {
         return findMsStoreClaudePath() ?? path3.join(appData(), "Claude", CLAUDE_CONFIG_FILE);
       }
-      if (platform2 === "darwin") {
+      if (platform3 === "darwin") {
         return path3.join(home, "Library", "Application Support", "Claude", CLAUDE_CONFIG_FILE);
       }
       return path3.join(process.env.XDG_CONFIG_HOME ?? path3.join(home, ".config"), "Claude", CLAUDE_CONFIG_FILE);
@@ -10378,6 +10554,8 @@ function runSetup(options) {
 `);
   }
 }
+var CACHE_PATH = join12(homedir10(), ".okx", "auth-binary-check.json");
+var CHECK_INTERVAL_MS2 = 2 * 60 * 60 * 1e3;
 
 // src/constants.ts
 import { createRequire } from "module";
@@ -10385,7 +10563,7 @@ var _require = createRequire(import.meta.url);
 var pkg = _require("../package.json");
 var SERVER_NAME = "okx-trade-mcp";
 var SERVER_VERSION = pkg.version;
-var GIT_HASH = true ? "e0ee5a96" : "dev";
+var GIT_HASH = true ? "a4277b3" : "dev";
 
 // src/server.ts
 import { Server } from "@modelcontextprotocol/sdk/server/index.js";
@@ -10662,7 +10840,7 @@ async function main() {
 `);
     return;
   }
-  const config = loadConfig({
+  const config = await loadConfig({
     modules: cli.modules,
     profile: cli.profile,
     site: cli.site,