@paylobster/cli 4.2.0 → 4.3.0

package/src/commands/treasury.ts

@@ -0,0 +1,907 @@
+import { Command } from 'commander';
+import { type Address, formatUnits, parseUnits, decodeEventLog } from 'viem';
+import { base } from 'viem/chains';
+import { getWalletAddress, loadWallet } from '../lib/wallet';
+import { getPublicClient } from '../lib/contracts';
+import { success, error, info, withSpinner, outputJSON, confirm, createTable, formatAddress } from '../lib/display';
+import chalk from 'chalk';
+import type { OutputOptions } from '../lib/types';
+
+// Treasury contracts
+const TREASURY_FACTORY_ADDRESS = '0x171a685f28546a0ebb13059184db1f808b915066' as Address;
+const BASE_CHAIN_ID = 8453;
+
+// Role enum mapping
+enum Role {
+  NONE = 0,
+  VIEWER = 1,
+  OPERATOR = 2,
+  ADMIN = 3,
+}
+
+const ROLE_NAMES: Record<number, string> = {
+  0: 'None',
+  1: 'Viewer',
+  2: 'Operator',
+  3: 'Admin',
+};
+
+// ABIs
+const TREASURY_FACTORY_ABI = [
+  {
+    type: 'function',
+    name: 'createTreasury',
+    inputs: [{ name: '_name', type: 'string' }],
+    outputs: [{ name: '', type: 'address' }],
+    stateMutability: 'nonpayable',
+  },
+  {
+    type: 'function',
+    name: 'treasuries',
+    inputs: [{ name: '', type: 'address' }],
+    outputs: [{ name: '', type: 'address' }],
+    stateMutability: 'view',
+  },
+  {
+    type: 'event',
+    name: 'TreasuryCreated',
+    inputs: [
+      { name: 'owner', type: 'address', indexed: true },
+      { name: 'treasury', type: 'address', indexed: true },
+      { name: 'name', type: 'string', indexed: false },
+    ],
+  },
+] as const;
+
+const TREASURY_ABI = [
+  {
+    type: 'function',
+    name: 'getSummary',
+    inputs: [],
+    outputs: [
+      { name: '_name', type: 'string' },
+      { name: '_owner', type: 'address' },
+      { name: 'ethBalance', type: 'uint256' },
+      { name: 'tokenCount', type: 'uint256' },
+      { name: 'memberCount', type: 'uint256' },
+      { name: '_totalDeposited', type: 'uint256' },
+      { name: '_totalWithdrawn', type: 'uint256' },
+      { name: '_reserveLockBps', type: 'uint256' },
+      { name: '_createdAt', type: 'uint256' },
+    ],
+    stateMutability: 'view',
+  },
+  {
+    type: 'function',
+    name: 'getBalances',
+    inputs: [],
+    outputs: [
+      {
+        name: '',
+        type: 'tuple[]',
+        components: [
+          { name: 'token', type: 'address' },
+          { name: 'balance', type: 'uint256' },
+        ],
+      },
+    ],
+    stateMutability: 'view',
+  },
+  {
+    type: 'function',
+    name: 'deposit',
+    inputs: [
+      { name: 'token', type: 'address' },
+      { name: 'amount', type: 'uint256' },
+    ],
+    outputs: [],
+    stateMutability: 'nonpayable',
+  },
+  {
+    type: 'function',
+    name: 'withdraw',
+    inputs: [
+      { name: 'token', type: 'address' },
+      { name: 'to', type: 'address' },
+      { name: 'amount', type: 'uint256' },
+      { name: 'reason', type: 'string' },
+    ],
+    outputs: [],
+    stateMutability: 'nonpayable',
+  },
+  {
+    type: 'function',
+    name: 'setBudget',
+    inputs: [
+      { name: 'operationsBps', type: 'uint256' },
+      { name: 'growthBps', type: 'uint256' },
+      { name: 'reservesBps', type: 'uint256' },
+      { name: 'yieldBps', type: 'uint256' },
+    ],
+    outputs: [],
+    stateMutability: 'nonpayable',
+  },
+  {
+    type: 'function',
+    name: 'budget',
+    inputs: [],
+    outputs: [
+      { name: 'operationsBps', type: 'uint256' },
+      { name: 'growthBps', type: 'uint256' },
+      { name: 'reservesBps', type: 'uint256' },
+      { name: 'yieldBps', type: 'uint256' },
+    ],
+    stateMutability: 'view',
+  },
+  {
+    type: 'function',
+    name: 'getMembers',
+    inputs: [],
+    outputs: [
+      { name: '', type: 'address[]' },
+      { name: '', type: 'uint8[]' },
+    ],
+    stateMutability: 'view',
+  },
+  {
+    type: 'function',
+    name: 'grantRole',
+    inputs: [
+      { name: 'account', type: 'address' },
+      { name: 'role', type: 'uint8' },
+    ],
+    outputs: [],
+    stateMutability: 'nonpayable',
+  },
+  {
+    type: 'function',
+    name: 'setSpendLimit',
+    inputs: [
+      { name: 'operator', type: 'address' },
+      { name: 'maxPerTx', type: 'uint256' },
+      { name: 'maxPerDay', type: 'uint256' },
+    ],
+    outputs: [],
+    stateMutability: 'nonpayable',
+  },
+  {
+    type: 'function',
+    name: 'spendLimits',
+    inputs: [{ name: '', type: 'address' }],
+    outputs: [
+      { name: 'maxPerTx', type: 'uint256' },
+      { name: 'maxPerDay', type: 'uint256' },
+      { name: 'spentToday', type: 'uint256' },
+      { name: 'dayStart', type: 'uint256' },
+    ],
+    stateMutability: 'view',
+  },
+] as const;
+
+const ERC20_ABI = [
+  {
+    type: 'function',
+    name: 'approve',
+    inputs: [
+      { name: 'spender', type: 'address' },
+      { name: 'amount', type: 'uint256' },
+    ],
+    outputs: [{ name: '', type: 'bool' }],
+    stateMutability: 'nonpayable',
+  },
+  {
+    type: 'function',
+    name: 'symbol',
+    inputs: [],
+    outputs: [{ name: '', type: 'string' }],
+    stateMutability: 'view',
+  },
+  {
+    type: 'function',
+    name: 'decimals',
+    inputs: [],
+    outputs: [{ name: '', type: 'uint8' }],
+    stateMutability: 'view',
+  },
+] as const;
+
+/**
+ * Get treasury address for the connected wallet
+ */
+async function getTreasuryAddress(address?: string): Promise<Address> {
+  if (address) {
+    return address as Address;
+  }
+
+  const walletAddress = getWalletAddress() as Address;
+  const publicClient = getPublicClient('mainnet');
+
+  const treasuryAddress = await publicClient.readContract({
+    address: TREASURY_FACTORY_ADDRESS,
+    abi: TREASURY_FACTORY_ABI,
+    functionName: 'treasuries',
+    args: [walletAddress],
+  });
+
+  if (treasuryAddress === '0x0000000000000000000000000000000000000000') {
+    throw new Error('No treasury found for connected wallet. Create one with: plob treasury create <name>');
+  }
+
+  return treasuryAddress;
+}
+
+/**
+ * Format time ago
+ */
+function timeAgo(timestamp: bigint): string {
+  const now = Math.floor(Date.now() / 1000);
+  const secondsAgo = now - Number(timestamp);
+  
+  if (secondsAgo < 60) return `${secondsAgo}s ago`;
+  if (secondsAgo < 3600) return `${Math.floor(secondsAgo / 60)}m ago`;
+  if (secondsAgo < 86400) return `${Math.floor(secondsAgo / 3600)}h ago`;
+  return `${Math.floor(secondsAgo / 86400)}d ago`;
+}
+
+/**
+ * Get token price in USD (mock for now, can integrate with price oracle)
+ */
+async function getTokenPriceUSD(token: Address): Promise<number> {
+  // ETH address
+  if (token === '0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE') {
+    return 3000; // Mock ETH price
+  }
+  // USDC
+  if (token.toLowerCase() === '0x833589fcd6edb6e08f4c7c32d4f71b54bda02913') {
+    return 1;
+  }
+  // Default
+  return 0;
+}
+
+/**
+ * Parse role string to enum
+ */
+function parseRole(roleStr: string): Role {
+  const normalized = roleStr.toLowerCase();
+  switch (normalized) {
+    case 'viewer':
+      return Role.VIEWER;
+    case 'operator':
+      return Role.OPERATOR;
+    case 'admin':
+      return Role.ADMIN;
+    default:
+      throw new Error(`Invalid role: ${roleStr}. Must be one of: viewer, operator, admin`);
+  }
+}
+
+/**
+ * Create treasury command
+ */
+export function createTreasuryCommand(): Command {
+  const cmd = new Command('treasury')
+    .description('Manage agent treasuries on Base');
+
+  // Create treasury
+  cmd
+    .command('create')
+    .description('Create a new treasury')
+    .argument('<name>', 'Treasury name')
+    .option('--json', 'Output as JSON')
+    .action(async (name: string, options: OutputOptions) => {
+      try {
+        const { client, account } = await loadWallet();
+        
+        const hash = await withSpinner(
+          'Creating treasury...',
+          async () =>
+            client.writeContract({
+              address: TREASURY_FACTORY_ADDRESS,
+              abi: TREASURY_FACTORY_ABI,
+              functionName: 'createTreasury',
+              args: [name],
+              account,
+              chain: base,
+            })
+        );
+
+        // Wait for transaction and get receipt
+        const publicClient = getPublicClient('mainnet');
+        const receipt = await publicClient.waitForTransactionReceipt({ hash });
+
+        // Parse logs to get treasury address
+        let treasuryAddress: Address | null = null;
+        for (const log of receipt.logs) {
+          if (log.address.toLowerCase() === TREASURY_FACTORY_ADDRESS.toLowerCase()) {
+            try {
+              const decoded = decodeEventLog({
+                abi: TREASURY_FACTORY_ABI,
+                data: log.data,
+                topics: log.topics,
+              });
+              if (decoded.eventName === 'TreasuryCreated') {
+                treasuryAddress = (decoded.args as any).treasury;
+                break;
+              }
+            } catch {}
+          }
+        }
+
+        if (outputJSON({
+          name,
+          treasuryAddress,
+          transactionHash: hash,
+        }, options)) {
+          return;
+        }
+
+        console.log();
+        success('Treasury created successfully!');
+        console.log();
+        console.log('   Name:    ', chalk.white.bold(name));
+        console.log('   Address: ', chalk.cyan(treasuryAddress || 'Check transaction receipt'));
+        console.log('   Tx Hash: ', chalk.gray(hash));
+        console.log();
+        info(`View on BaseScan: https://basescan.org/tx/${hash}`);
+        console.log();
+      } catch (err) {
+        error(`Failed to create treasury: ${err}`);
+        process.exit(1);
+      }
+    });
+
+  // Get treasury info
+  cmd
+    .command('info')
+    .description('Show treasury summary')
+    .argument('[address]', 'Treasury address (defaults to your treasury)')
+    .option('--json', 'Output as JSON')
+    .action(async (address: string | undefined, options: OutputOptions) => {
+      try {
+        const treasuryAddress = await getTreasuryAddress(address);
+        const publicClient = getPublicClient('mainnet');
+
+        const summary = await withSpinner(
+          'Fetching treasury info...',
+          async () =>
+            publicClient.readContract({
+              address: treasuryAddress,
+              abi: TREASURY_ABI,
+              functionName: 'getSummary',
+            })
+        );
+
+        const [name, owner, ethBalance, tokenCount, memberCount, totalDeposited, totalWithdrawn, reserveLockBps, createdAt] = summary;
+
+        if (outputJSON({
+          address: treasuryAddress,
+          name,
+          owner,
+          ethBalance: ethBalance.toString(),
+          tokenCount: Number(tokenCount),
+          memberCount: Number(memberCount),
+          totalDeposited: totalDeposited.toString(),
+          totalWithdrawn: totalWithdrawn.toString(),
+          reserveLockBps: Number(reserveLockBps),
+          createdAt: Number(createdAt),
+          age: timeAgo(createdAt),
+        }, options)) {
+          return;
+        }
+
+        console.log();
+        console.log(chalk.bold.cyan('🏛️  Treasury Summary'));
+        console.log();
+        console.log('   Name:           ', chalk.white.bold(name));
+        console.log('   Address:        ', chalk.gray(treasuryAddress));
+        console.log('   Owner:          ', chalk.gray(owner));
+        console.log('   ETH Balance:    ', chalk.white(formatUnits(ethBalance, 18)), chalk.gray('ETH'));
+        console.log('   Token Count:    ', chalk.white(tokenCount.toString()));
+        console.log('   Members:        ', chalk.white(memberCount.toString()));
+        console.log('   Total Deposited:', chalk.green(`$${formatUnits(totalDeposited, 6)}`));
+        console.log('   Total Withdrawn:', chalk.yellow(`$${formatUnits(totalWithdrawn, 6)}`));
+        console.log('   Reserve Lock:   ', chalk.white(`${Number(reserveLockBps) / 100}%`));
+        console.log('   Age:            ', chalk.gray(timeAgo(createdAt)));
+        console.log();
+      } catch (err) {
+        error(`Failed to get treasury info: ${err}`);
+        process.exit(1);
+      }
+    });
+
+  // Get balances
+  cmd
+    .command('balances')
+    .description('Show all token balances')
+    .argument('[address]', 'Treasury address (defaults to your treasury)')
+    .option('--json', 'Output as JSON')
+    .action(async (address: string | undefined, options: OutputOptions) => {
+      try {
+        const treasuryAddress = await getTreasuryAddress(address);
+        const publicClient = getPublicClient('mainnet');
+
+        const balances = await withSpinner(
+          'Fetching balances...',
+          async () =>
+            publicClient.readContract({
+              address: treasuryAddress,
+              abi: TREASURY_ABI,
+              functionName: 'getBalances',
+            })
+        );
+
+        // Get token symbols and decimals
+        const enrichedBalances = await Promise.all(
+          balances.map(async (bal) => {
+            try {
+              const [symbol, decimals] = await Promise.all([
+                publicClient.readContract({
+                  address: bal.token,
+                  abi: ERC20_ABI,
+                  functionName: 'symbol',
+                }),
+                publicClient.readContract({
+                  address: bal.token,
+                  abi: ERC20_ABI,
+                  functionName: 'decimals',
+                }),
+              ]);
+
+              const amount = formatUnits(bal.balance, decimals);
+              const priceUSD = await getTokenPriceUSD(bal.token);
+              const valueUSD = parseFloat(amount) * priceUSD;
+
+              return {
+                token: bal.token,
+                symbol,
+                balance: amount,
+                decimals,
+                valueUSD,
+              };
+            } catch {
+              return {
+                token: bal.token,
+                symbol: 'UNKNOWN',
+                balance: bal.balance.toString(),
+                decimals: 18,
+                valueUSD: 0,
+              };
+            }
+          })
+        );
+
+        if (outputJSON({ balances: enrichedBalances }, options)) {
+          return;
+        }
+
+        console.log();
+        console.log(chalk.bold.cyan('💰 Treasury Balances'));
+        console.log();
+
+        if (enrichedBalances.length === 0) {
+          info('No token balances');
+          return;
+        }
+
+        const table = createTable({
+          head: ['Token', 'Balance', 'Value (USD)'],
+        });
+
+        for (const bal of enrichedBalances) {
+          table.push([
+            chalk.white.bold(bal.symbol),
+            chalk.white(bal.balance),
+            chalk.green(`$${bal.valueUSD.toFixed(2)}`),
+          ]);
+        }
+
+        console.log(table.toString());
+        console.log();
+
+        const totalValue = enrichedBalances.reduce((sum, bal) => sum + bal.valueUSD, 0);
+        console.log('   Total Value: ', chalk.bold.green(`$${totalValue.toFixed(2)}`));
+        console.log();
+      } catch (err) {
+        error(`Failed to get balances: ${err}`);
+        process.exit(1);
+      }
+    });
+
+  // Deposit
+  cmd
+    .command('deposit')
+    .description('Deposit tokens into treasury')
+    .requiredOption('--token <address>', 'Token address')
+    .requiredOption('--amount <amount>', 'Amount to deposit')
+    .option('--json', 'Output as JSON')
+    .action(async (options: {
+      token: string;
+      amount: string;
+    } & OutputOptions) => {
+      try {
+        const treasuryAddress = await getTreasuryAddress();
+        const { client, account } = await loadWallet();
+        const publicClient = getPublicClient('mainnet');
+
+        const tokenAddress = options.token as Address;
+
+        // Get token decimals
+        const decimals = await publicClient.readContract({
+          address: tokenAddress,
+          abi: ERC20_ABI,
+          functionName: 'decimals',
+        });
+
+        const amount = parseUnits(options.amount, decimals);
+
+        // First approve token
+        const approveHash = await withSpinner(
+          'Approving token...',
+          async () =>
+            client.writeContract({
+              address: tokenAddress,
+              abi: ERC20_ABI,
+              functionName: 'approve',
+              args: [treasuryAddress, amount],
+              account,
+              chain: base,
+            })
+        );
+
+        await publicClient.waitForTransactionReceipt({ hash: approveHash });
+
+        // Deposit
+        const depositHash = await withSpinner(
+          'Depositing tokens...',
+          async () =>
+            client.writeContract({
+              address: treasuryAddress,
+              abi: TREASURY_ABI,
+              functionName: 'deposit',
+              args: [tokenAddress, amount],
+              account,
+              chain: base,
+            })
+        );
+
+        await publicClient.waitForTransactionReceipt({ hash: depositHash });
+
+        if (outputJSON({
+          token: tokenAddress,
+          amount: options.amount,
+          transactionHash: depositHash,
+        }, options)) {
+          return;
+        }
+
+        console.log();
+        success('Deposit successful!');
+        console.log();
+        console.log('   Amount:  ', chalk.white.bold(options.amount));
+        console.log('   Token:   ', chalk.gray(tokenAddress));
+        console.log('   Tx Hash: ', chalk.gray(depositHash));
+        console.log();
+      } catch (err) {
+        error(`Failed to deposit: ${err}`);
+        process.exit(1);
+      }
+    });
+
+  // Withdraw
+  cmd
+    .command('withdraw')
+    .description('Withdraw tokens from treasury')
+    .requiredOption('--token <address>', 'Token address')
+    .requiredOption('--to <address>', 'Recipient address')
+    .requiredOption('--amount <amount>', 'Amount to withdraw')
+    .requiredOption('--reason <string>', 'Reason for withdrawal')
+    .option('--json', 'Output as JSON')
+    .action(async (options: {
+      token: string;
+      to: string;
+      amount: string;
+      reason: string;
+    } & OutputOptions) => {
+      try {
+        const treasuryAddress = await getTreasuryAddress();
+        const { client, account } = await loadWallet();
+        const publicClient = getPublicClient('mainnet');
+
+        const tokenAddress = options.token as Address;
+        const toAddress = options.to as Address;
+
+        // Get token decimals
+        const decimals = await publicClient.readContract({
+          address: tokenAddress,
+          abi: ERC20_ABI,
+          functionName: 'decimals',
+        });
+
+        const amount = parseUnits(options.amount, decimals);
+
+        const hash = await withSpinner(
+          'Withdrawing tokens...',
+          async () =>
+            client.writeContract({
+              address: treasuryAddress,
+              abi: TREASURY_ABI,
+              functionName: 'withdraw',
+              args: [tokenAddress, toAddress, amount, options.reason],
+              account,
+              chain: base,
+            })
+        );
+
+        await publicClient.waitForTransactionReceipt({ hash });
+
+        if (outputJSON({
+          token: tokenAddress,
+          to: toAddress,
+          amount: options.amount,
+          reason: options.reason,
+          transactionHash: hash,
+        }, options)) {
+          return;
+        }
+
+        console.log();
+        success('Withdrawal successful!');
+        console.log();
+        console.log('   Amount:  ', chalk.white.bold(options.amount));
+        console.log('   To:      ', chalk.gray(toAddress));
+        console.log('   Reason:  ', chalk.white(options.reason));
+        console.log('   Tx Hash: ', chalk.gray(hash));
+        console.log();
+      } catch (err) {
+        error(`Failed to withdraw: ${err}`);
+        process.exit(1);
+      }
+    });
+
+  // Set budget
+  cmd
+    .command('budget')
+    .description('Set budget allocation (must total 10000 bps)')
+    .requiredOption('--ops <bps>', 'Operations allocation in basis points')
+    .requiredOption('--growth <bps>', 'Growth allocation in basis points')
+    .requiredOption('--reserves <bps>', 'Reserves allocation in basis points')
+    .requiredOption('--yield <bps>', 'Yield allocation in basis points')
+    .option('--json', 'Output as JSON')
+    .action(async (options: {
+      ops: string;
+      growth: string;
+      reserves: string;
+      yield: string;
+    } & OutputOptions) => {
+      try {
+        const opsBps = BigInt(options.ops);
+        const growthBps = BigInt(options.growth);
+        const reservesBps = BigInt(options.reserves);
+        const yieldBps = BigInt(options.yield);
+
+        const total = opsBps + growthBps + reservesBps + yieldBps;
+        if (total !== 10000n) {
+          throw new Error(`Budget allocations must total 10000 bps. Got: ${total}`);
+        }
+
+        const treasuryAddress = await getTreasuryAddress();
+        const { client, account } = await loadWallet();
+        const publicClient = getPublicClient('mainnet');
+
+        const hash = await withSpinner(
+          'Setting budget allocation...',
+          async () =>
+            client.writeContract({
+              address: treasuryAddress,
+              abi: TREASURY_ABI,
+              functionName: 'setBudget',
+              args: [opsBps, growthBps, reservesBps, yieldBps],
+              account,
+              chain: base,
+            })
+        );
+
+        await publicClient.waitForTransactionReceipt({ hash });
+
+        if (outputJSON({
+          operations: Number(opsBps),
+          growth: Number(growthBps),
+          reserves: Number(reservesBps),
+          yield: Number(yieldBps),
+          transactionHash: hash,
+        }, options)) {
+          return;
+        }
+
+        console.log();
+        success('Budget allocation updated!');
+        console.log();
+        console.log('   Operations: ', chalk.white(`${Number(opsBps) / 100}%`));
+        console.log('   Growth:     ', chalk.white(`${Number(growthBps) / 100}%`));
+        console.log('   Reserves:   ', chalk.white(`${Number(reservesBps) / 100}%`));
+        console.log('   Yield:      ', chalk.white(`${Number(yieldBps) / 100}%`));
+        console.log();
+      } catch (err) {
+        error(`Failed to set budget: ${err}`);
+        process.exit(1);
+      }
+    });
+
+  // List members
+  cmd
+    .command('members')
+    .description('List all treasury members with roles')
+    .argument('[address]', 'Treasury address (defaults to your treasury)')
+    .option('--json', 'Output as JSON')
+    .action(async (address: string | undefined, options: OutputOptions) => {
+      try {
+        const treasuryAddress = await getTreasuryAddress(address);
+        const publicClient = getPublicClient('mainnet');
+
+        const [addresses, roles] = await withSpinner(
+          'Fetching members...',
+          async () =>
+            publicClient.readContract({
+              address: treasuryAddress,
+              abi: TREASURY_ABI,
+              functionName: 'getMembers',
+            })
+        );
+
+        const members = addresses.map((addr, i) => ({
+          address: addr,
+          role: ROLE_NAMES[roles[i]] || 'Unknown',
+          roleValue: roles[i],
+        }));
+
+        if (outputJSON({ members }, options)) {
+          return;
+        }
+
+        console.log();
+        console.log(chalk.bold.cyan('👥 Treasury Members'));
+        console.log();
+
+        if (members.length === 0) {
+          info('No members found');
+          return;
+        }
+
+        const table = createTable({
+          head: ['Address', 'Role'],
+        });
+
+        for (const member of members) {
+          const roleColor = member.roleValue === 3 ? chalk.red : member.roleValue === 2 ? chalk.yellow : chalk.blue;
+          table.push([
+            chalk.gray(member.address),
+            roleColor(member.role),
+          ]);
+        }
+
+        console.log(table.toString());
+        console.log();
+      } catch (err) {
+        error(`Failed to get members: ${err}`);
+        process.exit(1);
+      }
+    });
+
+  // Grant role
+  cmd
+    .command('grant')
+    .description('Grant role to an address')
+    .requiredOption('--address <addr>', 'Address to grant role')
+    .requiredOption('--role <role>', 'Role to grant (viewer|operator|admin)')
+    .option('--json', 'Output as JSON')
+    .action(async (options: {
+      address: string;
+      role: string;
+    } & OutputOptions) => {
+      try {
+        const roleEnum = parseRole(options.role);
+        const memberAddress = options.address as Address;
+        const treasuryAddress = await getTreasuryAddress();
+        const { client, account } = await loadWallet();
+        const publicClient = getPublicClient('mainnet');
+
+        const hash = await withSpinner(
+          'Granting role...',
+          async () =>
+            client.writeContract({
+              address: treasuryAddress,
+              abi: TREASURY_ABI,
+              functionName: 'grantRole',
+              args: [memberAddress, roleEnum],
+              account,
+              chain: base,
+            })
+        );
+
+        await publicClient.waitForTransactionReceipt({ hash });
+
+        if (outputJSON({
+          address: memberAddress,
+          role: options.role,
+          transactionHash: hash,
+        }, options)) {
+          return;
+        }
+
+        console.log();
+        success('Role granted successfully!');
+        console.log();
+        console.log('   Address: ', chalk.gray(memberAddress));
+        console.log('   Role:    ', chalk.white.bold(options.role));
+        console.log('   Tx Hash: ', chalk.gray(hash));
+        console.log();
+      } catch (err) {
+        error(`Failed to grant role: ${err}`);
+        process.exit(1);
+      }
+    });
+
+  // Set spend limit
+  cmd
+    .command('limit')
+    .description('Set spending limits for an operator')
+    .requiredOption('--address <addr>', 'Operator address')
+    .requiredOption('--per-tx <amount>', 'Max amount per transaction (in USD)')
+    .requiredOption('--per-day <amount>', 'Max amount per day (in USD)')
+    .option('--json', 'Output as JSON')
+    .action(async (options: {
+      address: string;
+      perTx: string;
+      perDay: string;
+    } & OutputOptions) => {
+      try {
+        const operatorAddress = options.address as Address;
+        const treasuryAddress = await getTreasuryAddress();
+        const { client, account } = await loadWallet();
+        const publicClient = getPublicClient('mainnet');
+
+        // Convert USD amounts to USDC wei (6 decimals)
+        const maxPerTx = parseUnits(options.perTx, 6);
+        const maxPerDay = parseUnits(options.perDay, 6);
+
+        const hash = await withSpinner(
+          'Setting spend limits...',
+          async () =>
+            client.writeContract({
+              address: treasuryAddress,
+              abi: TREASURY_ABI,
+              functionName: 'setSpendLimit',
+              args: [operatorAddress, maxPerTx, maxPerDay],
+              account,
+              chain: base,
+            })
+        );
+
+        await publicClient.waitForTransactionReceipt({ hash });
+
+        if (outputJSON({
+          operator: operatorAddress,
+          maxPerTx: options.perTx,
+          maxPerDay: options.perDay,
+          transactionHash: hash,
+        }, options)) {
+          return;
+        }
+
+        console.log();
+        success('Spend limits set successfully!');
+        console.log();
+        console.log('   Operator:    ', chalk.gray(operatorAddress));
+        console.log('   Max Per Tx:  ', chalk.white.bold(`$${options.perTx}`));
+        console.log('   Max Per Day: ', chalk.white.bold(`$${options.perDay}`));
+        console.log('   Tx Hash:     ', chalk.gray(hash));
+        console.log();
+      } catch (err) {
+        error(`Failed to set spend limits: ${err}`);
+        process.exit(1);
+      }
+    });
+
+  return cmd;
+}