@phala/cloud 0.1.0 → 0.1.1-beta.1

package/dist/index.js

@@ -576,39 +576,6 @@ var CvmLegacyDetailSchema = import_zod3.z.object({
 // src/actions/get_current_user.ts
 var import_zod4 = require("zod");
 
-// src/utils/index.ts
-var import_encrypt_env_vars = require("@phala/dstack-sdk/encrypt-env-vars");
-
-// src/utils/get_error_message.ts
-function getErrorMessage(error) {
-  if (typeof error.detail === "string") {
-    return error.detail;
-  }
-  if (Array.isArray(error.detail)) {
-    if (error.detail.length > 0) {
-      return error.detail[0]?.msg || "Validation error";
-    }
-    return "Validation error";
-  }
-  if (typeof error.detail === "object" && error.detail !== null) {
-    return JSON.stringify(error.detail);
-  }
-  return "Unknown error occurred";
-}
-
-// src/utils/as-hex.ts
-var import_viem = require("viem");
-function asHex(value) {
-  if (typeof value === "string") {
-    if (value.startsWith("0x") && (0, import_viem.isHex)(value)) {
-      return value;
-    } else if ((0, import_viem.isHex)(`0x${value}`)) {
-      return `0x${value}`;
-    }
-  }
-  throw new Error(`Invalid hex value: ${value}`);
-}
-
 // src/utils/validate-parameters.ts
 function validateActionParameters(parameters) {
   if (parameters?.schema !== void 0 && parameters?.schema !== false) {
@@ -641,943 +608,958 @@ function safeValidateActionParameters(parameters) {
   return void 0;
 }
 
-// src/utils/network.ts
-var NetworkError = class extends Error {
-  constructor(message, code, details) {
-    super(message);
-    this.code = code;
-    this.details = details;
-    this.name = "NetworkError";
-  }
-};
-var WalletError = class extends Error {
-  constructor(message, code, details) {
-    super(message);
-    this.code = code;
-    this.details = details;
-    this.name = "WalletError";
-  }
-};
-var TransactionError = class extends Error {
-  constructor(message, hash, details) {
-    super(message);
-    this.hash = hash;
-    this.details = details;
-    this.name = "TransactionError";
+// src/utils/define-action.ts
+function defineSimpleAction(schema, fn) {
+  function action(client, parameters) {
+    return _actionImpl(client, parameters);
   }
-};
-function createNetworkClients(publicClient, walletClient, address, chainId) {
-  return {
-    publicClient,
-    walletClient,
-    address,
-    chainId
-  };
-}
-async function checkNetworkStatus(clients, targetChainId) {
-  try {
-    const currentChainId = await clients.walletClient.getChainId();
-    return {
-      isCorrectNetwork: currentChainId === targetChainId,
-      currentChainId
-    };
-  } catch (error) {
-    throw new NetworkError(
-      `Failed to check network status: ${error instanceof Error ? error.message : "Unknown error"}`,
-      "NETWORK_CHECK_FAILED",
-      error
-    );
+  async function _actionImpl(client, parameters) {
+    validateActionParameters(parameters);
+    const response = await fn(client);
+    if (parameters?.schema === false) {
+      return response;
+    }
+    const actualSchema = parameters?.schema || schema;
+    return actualSchema.parse(response);
   }
-}
-async function checkBalance(publicClient, address, minBalance) {
-  try {
-    const balance = await publicClient.getBalance({ address });
-    return {
-      address,
-      balance,
-      sufficient: minBalance ? balance >= minBalance : true,
-      required: minBalance
-    };
-  } catch (error) {
-    throw new NetworkError(
-      `Failed to check balance: ${error instanceof Error ? error.message : "Unknown error"}`,
-      "BALANCE_CHECK_FAILED",
-      error
-    );
+  function safeAction(client, parameters) {
+    return _safeActionImpl(client, parameters);
   }
-}
-async function waitForTransactionReceipt(publicClient, hash, options = {}) {
-  const {
-    timeout = 6e4,
-    // 60 seconds default
-    pollingInterval = 2e3,
-    // 2 seconds default
-    confirmations = 1
-  } = options;
-  const startTime = Date.now();
-  return new Promise((resolve, reject) => {
-    const poll = async () => {
+  async function _safeActionImpl(client, parameters) {
+    const parameterValidationError = safeValidateActionParameters(parameters);
+    if (parameterValidationError) {
+      return parameterValidationError;
+    }
+    const httpResult = await (async () => {
       try {
-        const receipt = await publicClient.getTransactionReceipt({ hash });
-        if (receipt) {
-          if (confirmations > 1) {
-            const currentBlock = await publicClient.getBlockNumber();
-            const confirmationCount = currentBlock - receipt.blockNumber + 1n;
-            if (confirmationCount < BigInt(confirmations)) {
-              const elapsed = Date.now() - startTime;
-              if (elapsed >= timeout) {
-                reject(
-                  new TransactionError(`Transaction confirmation timeout after ${timeout}ms`, hash)
-                );
-                return;
-              }
-              setTimeout(poll, pollingInterval);
-              return;
-            }
-          }
-          resolve(receipt);
-        } else {
-          const elapsed = Date.now() - startTime;
-          if (elapsed >= timeout) {
-            reject(new TransactionError(`Transaction receipt timeout after ${timeout}ms`, hash));
-            return;
-          }
-          setTimeout(poll, pollingInterval);
-        }
+        const data = await fn(client);
+        return { success: true, data };
       } catch (error) {
-        const elapsed = Date.now() - startTime;
-        if (elapsed >= timeout) {
-          reject(
-            new TransactionError(`Transaction receipt timeout after ${timeout}ms`, hash, error)
-          );
-          return;
+        if (error && typeof error === "object" && "isRequestError" in error) {
+          return { success: false, error };
         }
-        setTimeout(poll, pollingInterval);
+        if (error && typeof error === "object" && "issues" in error) {
+          return { success: false, error };
+        }
+        return {
+          success: false,
+          error: {
+            name: "Error",
+            message: error instanceof Error ? error.message : String(error)
+          }
+        };
       }
-    };
-    poll();
-  });
-}
-async function executeTransaction(clients, operation, args, options = {}) {
-  const { timeout = 6e4, confirmations = 1, onSubmitted, onConfirmed, onError } = options;
-  try {
-    const hash = await operation(clients, ...args);
-    onSubmitted?.(hash);
-    const receipt = await waitForTransactionReceipt(clients.publicClient, hash, {
-      timeout,
-      confirmations
-    });
-    const success = receipt.status === "success";
-    if (success) {
-      onConfirmed?.(receipt);
-    } else {
-      const error = new TransactionError("Transaction failed on-chain", hash, receipt);
-      onError?.(error, hash);
-      throw error;
+    })();
+    if (!httpResult.success) {
+      return httpResult;
     }
-    return {
-      hash,
-      receipt,
-      success
-    };
-  } catch (error) {
-    const txError = error instanceof TransactionError ? error : new TransactionError(
-      `Transaction execution failed: ${error instanceof Error ? error.message : "Unknown error"}`,
-      void 0,
-      error
-    );
-    onError?.(txError, txError.hash);
-    throw txError;
-  }
-}
-async function extractNetworkClients(publicClient, walletClient) {
-  try {
-    const address = walletClient.account?.address;
-    if (!address) {
-      throw new WalletError("WalletClient must have an account", "NO_ACCOUNT");
+    if (parameters?.schema === false) {
+      return { success: true, data: httpResult.data };
     }
-    const chainId = await walletClient.getChainId();
-    return createNetworkClients(publicClient, walletClient, address, chainId);
-  } catch (error) {
-    throw new WalletError(
-      `Failed to extract network clients: ${error instanceof Error ? error.message : "Unknown error"}`,
-      "EXTRACTION_FAILED",
-      error
-    );
+    const actualSchema = parameters?.schema || schema;
+    return actualSchema.safeParse(httpResult.data);
   }
-}
-async function validateNetworkPrerequisites(clients, requirements) {
-  const { targetChainId, minBalance, requiredAddress } = requirements;
-  const networkStatus = await checkNetworkStatus(clients, targetChainId);
-  const balanceResult = await checkBalance(clients.publicClient, clients.address, minBalance);
-  const addressValid = requiredAddress ? clients.address.toLowerCase() === requiredAddress.toLowerCase() : true;
   return {
-    networkValid: networkStatus.isCorrectNetwork,
-    balanceValid: balanceResult.sufficient,
-    addressValid,
-    details: {
-      currentChainId: networkStatus.currentChainId,
-      balance: balanceResult.balance,
-      address: clients.address
-    }
+    action,
+    safeAction
   };
 }
-
-// src/utils/transaction.ts
-function createTransactionTracker() {
-  let status = { state: "idle" };
-  let timeoutHandle;
-  let abortController;
-  const updateStatus = (newStatus) => {
-    status = { ...status, ...newStatus };
-  };
-  const reset = () => {
-    if (timeoutHandle) {
-      clearTimeout(timeoutHandle);
-      timeoutHandle = void 0;
-    }
-    if (abortController) {
-      abortController.abort();
-      abortController = void 0;
-    }
-    status = { state: "idle" };
-  };
-  const abort = () => {
-    if (abortController) {
-      abortController.abort();
+function defineAction(schema, fn) {
+  function action(client, ...args) {
+    const [params, parameters] = args;
+    return _actionImpl(client, params, parameters);
+  }
+  async function _actionImpl(client, params, parameters) {
+    validateActionParameters(parameters);
+    const response = await fn(client, params);
+    if (parameters?.schema === false) {
+      return response;
     }
-    if (timeoutHandle) {
-      clearTimeout(timeoutHandle);
-      timeoutHandle = void 0;
+    const actualSchema = parameters?.schema || schema;
+    return actualSchema.parse(response);
+  }
+  function safeAction(client, ...args) {
+    const [params, parameters] = args;
+    return _safeActionImpl(client, params, parameters);
+  }
+  async function _safeActionImpl(client, params, parameters) {
+    const parameterValidationError = safeValidateActionParameters(parameters);
+    if (parameterValidationError) {
+      return parameterValidationError;
     }
-    updateStatus({
-      state: "error",
-      aborted: true,
-      error: "Transaction aborted by user"
-    });
-  };
-  const execute = async (operation, clients, args, options = {}) => {
-    const {
-      timeout = 6e4,
-      confirmations = 1,
-      onSubmitted,
-      onConfirmed,
-      onError,
-      signal
-    } = options;
-    try {
-      reset();
-      abortController = new AbortController();
-      if (signal) {
-        if (signal.aborted) {
-          throw new TransactionError("Operation was aborted before execution");
+    const httpResult = await (async () => {
+      try {
+        const data = await fn(client, params);
+        return { success: true, data };
+      } catch (error) {
+        if (error && typeof error === "object" && "isRequestError" in error) {
+          return { success: false, error };
         }
-        signal.addEventListener("abort", () => {
-          abort();
-        });
-      }
-      updateStatus({
-        state: "submitting",
-        startTime: Date.now(),
-        error: void 0,
-        hash: void 0,
-        receipt: void 0,
-        aborted: false
-      });
-      if (abortController.signal.aborted) {
-        throw new TransactionError("Transaction aborted");
-      }
-      const hash = await operation(clients, ...args);
-      if (abortController.signal.aborted) {
-        throw new TransactionError("Transaction aborted after submission", hash);
-      }
-      updateStatus({
-        state: "pending",
-        hash,
-        submitTime: Date.now()
-      });
-      onSubmitted?.(hash);
-      if (timeout > 0) {
-        timeoutHandle = setTimeout(() => {
-          if (status.state === "pending" && !abortController?.signal.aborted) {
-            updateStatus({
-              state: "timeout",
-              error: `Transaction timeout after ${timeout}ms`
-            });
+        if (error && typeof error === "object" && "issues" in error) {
+          return { success: false, error };
+        }
+        return {
+          success: false,
+          error: {
+            name: "Error",
+            message: error instanceof Error ? error.message : String(error)
           }
-        }, timeout);
-      }
-      const receipt = await Promise.race([
-        waitForTransactionReceipt(clients.publicClient, hash, { timeout, confirmations }),
-        new Promise((_, reject) => {
-          abortController?.signal.addEventListener("abort", () => {
-            reject(new TransactionError("Transaction aborted while waiting for receipt", hash));
-          });
-        })
-      ]);
-      if (timeoutHandle) {
-        clearTimeout(timeoutHandle);
-        timeoutHandle = void 0;
-      }
-      const success = receipt.status === "success";
-      updateStatus({
-        state: success ? "success" : "error",
-        receipt,
-        confirmTime: Date.now(),
-        error: success ? void 0 : "Transaction failed on-chain"
-      });
-      if (success) {
-        onConfirmed?.(receipt);
-      } else {
-        const error = new TransactionError("Transaction failed on-chain", hash, receipt);
-        onError?.(error, hash);
-        throw error;
+        };
       }
-      return {
-        hash,
-        receipt,
-        success
-      };
-    } catch (error) {
-      const txError = error instanceof TransactionError ? error : new TransactionError(
-        `Transaction execution failed: ${error instanceof Error ? error.message : "Unknown error"}`,
-        status.hash,
-        error
-      );
-      updateStatus({
-        state: "error",
-        error: txError.message
-      });
-      onError?.(txError, status.hash);
-      throw txError;
+    })();
+    if (!httpResult.success) {
+      return httpResult;
     }
-  };
+    if (parameters?.schema === false) {
+      return { success: true, data: httpResult.data };
+    }
+    const actualSchema = parameters?.schema || schema;
+    return actualSchema.safeParse(httpResult.data);
+  }
   return {
-    get status() {
-      return { ...status };
-    },
-    get isIdle() {
-      return status.state === "idle";
-    },
-    get isSubmitting() {
-      return status.state === "submitting";
-    },
-    get isPending() {
-      return status.state === "pending";
-    },
-    get isSuccess() {
-      return status.state === "success";
-    },
-    get isError() {
-      return status.state === "error";
-    },
-    get isTimeout() {
-      return status.state === "timeout";
-    },
-    get isAborted() {
-      return status.aborted === true;
-    },
-    get isComplete() {
-      return ["success", "error", "timeout"].includes(status.state);
-    },
-    abort,
-    reset,
-    execute
+    action,
+    safeAction
   };
 }
-async function executeBatchTransactions(operations, clients, batchOptions) {
-  const { mode, failFast = false, onProgress } = batchOptions;
-  const results = [];
-  if (mode === "sequential") {
-    for (let i = 0; i < operations.length; i++) {
-      const op = operations[i];
-      if (!op) continue;
-      const { operation, args, options } = op;
-      try {
-        const tracker = createTransactionTracker();
-        const result = await tracker.execute(operation, clients, args, options);
-        results.push(result);
-        onProgress?.(i + 1, operations.length, results);
-      } catch (error) {
-        const txError = error instanceof Error ? error : new Error(String(error));
-        results.push(txError);
-        onProgress?.(i + 1, operations.length, results);
-        if (failFast) {
-          for (let j = i + 1; j < operations.length; j++) {
-            results.push(new Error("Cancelled due to previous failure"));
-          }
-          break;
-        }
+
+// src/actions/get_current_user.ts
+var CurrentUserSchema = import_zod4.z.object({
+  username: import_zod4.z.string(),
+  email: import_zod4.z.string(),
+  credits: import_zod4.z.number(),
+  granted_credits: import_zod4.z.number(),
+  avatar: import_zod4.z.string(),
+  team_name: import_zod4.z.string(),
+  team_tier: import_zod4.z.string()
+}).passthrough();
+var { action: getCurrentUser, safeAction: safeGetCurrentUser } = defineSimpleAction(
+  CurrentUserSchema,
+  async (client) => {
+    return await client.get("/auth/me");
+  }
+);
+
+// src/actions/get_available_nodes.ts
+var import_zod5 = require("zod");
+var AvailableOSImageSchema = import_zod5.z.object({
+  name: import_zod5.z.string(),
+  is_dev: import_zod5.z.boolean(),
+  version: import_zod5.z.union([
+    import_zod5.z.tuple([import_zod5.z.number(), import_zod5.z.number(), import_zod5.z.number()]),
+    import_zod5.z.tuple([import_zod5.z.number(), import_zod5.z.number(), import_zod5.z.number(), import_zod5.z.number()])
+  ]),
+  os_image_hash: import_zod5.z.string().nullable().optional()
+}).passthrough();
+var TeepodCapacitySchema = import_zod5.z.object({
+  teepod_id: import_zod5.z.number(),
+  name: import_zod5.z.string(),
+  listed: import_zod5.z.boolean(),
+  resource_score: import_zod5.z.number(),
+  remaining_vcpu: import_zod5.z.number(),
+  remaining_memory: import_zod5.z.number(),
+  remaining_cvm_slots: import_zod5.z.number(),
+  images: import_zod5.z.array(AvailableOSImageSchema),
+  support_onchain_kms: import_zod5.z.boolean().optional(),
+  fmspc: import_zod5.z.string().nullable().optional(),
+  device_id: import_zod5.z.string().nullable().optional(),
+  region_identifier: import_zod5.z.string().nullable().optional(),
+  default_kms: import_zod5.z.string().nullable().optional(),
+  kms_list: import_zod5.z.array(import_zod5.z.string()).default([])
+}).passthrough();
+var ResourceThresholdSchema = import_zod5.z.object({
+  max_instances: import_zod5.z.number().nullable().optional(),
+  max_vcpu: import_zod5.z.number().nullable().optional(),
+  max_memory: import_zod5.z.number().nullable().optional(),
+  max_disk: import_zod5.z.number().nullable().optional()
+}).passthrough();
+var AvailableNodesSchema = import_zod5.z.object({
+  tier: import_zod5.z.string(),
+  // TeamTier is string enum
+  capacity: ResourceThresholdSchema,
+  nodes: import_zod5.z.array(TeepodCapacitySchema),
+  kms_list: import_zod5.z.array(KmsInfoSchema)
+}).passthrough();
+var { action: getAvailableNodes, safeAction: safeGetAvailableNodes } = defineSimpleAction(
+  AvailableNodesSchema,
+  async (client) => {
+    return await client.get("/teepods/available");
+  }
+);
+
+// src/actions/cvms/provision_cvm.ts
+var import_zod6 = require("zod");
+var ProvisionCvmSchema = import_zod6.z.object({
+  app_id: import_zod6.z.string().nullable().optional(),
+  app_env_encrypt_pubkey: import_zod6.z.string().nullable().optional(),
+  compose_hash: import_zod6.z.string(),
+  fmspc: import_zod6.z.string().nullable().optional(),
+  device_id: import_zod6.z.string().nullable().optional(),
+  os_image_hash: import_zod6.z.string().nullable().optional(),
+  teepod_id: import_zod6.z.number().nullable().optional(),
+  // Will be transformed to node_id
+  node_id: import_zod6.z.number().nullable().optional(),
+  kms_id: import_zod6.z.string().nullable().optional()
+}).passthrough().transform((data) => {
+  if ("teepod_id" in data && data.teepod_id !== void 0) {
+    const { teepod_id, ...rest } = data;
+    return { ...rest, node_id: teepod_id };
+  }
+  return data;
+});
+var ProvisionCvmRequestSchema = import_zod6.z.object({
+  node_id: import_zod6.z.number().optional(),
+  // recommended
+  teepod_id: import_zod6.z.number().optional(),
+  // deprecated, for compatibility
+  name: import_zod6.z.string(),
+  image: import_zod6.z.string(),
+  vcpu: import_zod6.z.number(),
+  memory: import_zod6.z.number(),
+  disk_size: import_zod6.z.number(),
+  compose_file: import_zod6.z.object({
+    allowed_envs: import_zod6.z.array(import_zod6.z.string()).optional(),
+    pre_launch_script: import_zod6.z.string().optional(),
+    docker_compose_file: import_zod6.z.string().optional(),
+    name: import_zod6.z.string().optional(),
+    kms_enabled: import_zod6.z.boolean().optional(),
+    public_logs: import_zod6.z.boolean().optional(),
+    public_sysinfo: import_zod6.z.boolean().optional(),
+    gateway_enabled: import_zod6.z.boolean().optional(),
+    // recommended
+    tproxy_enabled: import_zod6.z.boolean().optional()
+    // deprecated, for compatibility
+  }),
+  listed: import_zod6.z.boolean().optional(),
+  instance_type: import_zod6.z.string().nullable().optional(),
+  kms_id: import_zod6.z.string().optional(),
+  env_keys: import_zod6.z.array(import_zod6.z.string()).optional()
+}).passthrough();
+function autofillComposeFileName(appCompose) {
+  if (appCompose.compose_file && !appCompose.compose_file.name) {
+    return {
+      ...appCompose,
+      compose_file: {
+        ...appCompose.compose_file,
+        name: appCompose.name
       }
+    };
+  }
+  return appCompose;
+}
+function handleGatewayCompatibility(appCompose) {
+  if (!appCompose.compose_file) {
+    return appCompose;
+  }
+  const composeFile = { ...appCompose.compose_file };
+  if (typeof composeFile.gateway_enabled === "boolean" && typeof composeFile.tproxy_enabled === "boolean") {
+    delete composeFile.tproxy_enabled;
+  } else if (typeof composeFile.tproxy_enabled === "boolean" && typeof composeFile.gateway_enabled === "undefined") {
+    composeFile.gateway_enabled = composeFile.tproxy_enabled;
+    delete composeFile.tproxy_enabled;
+    if (typeof window !== "undefined" ? window.console : globalThis.console) {
+      console.warn(
+        "[phala/cloud] tproxy_enabled is deprecated, please use gateway_enabled instead. See docs for migration."
+      );
     }
-  } else {
-    const promises = operations.map(async ({ operation, args, options }) => {
-      try {
-        const tracker = createTransactionTracker();
-        return await tracker.execute(operation, clients, args, options);
-      } catch (error) {
-        return error instanceof Error ? error : new Error(String(error));
-      }
-    });
-    const allResults = await Promise.allSettled(promises);
-    results.push(...allResults.map((r) => r.status === "fulfilled" ? r.value : r.reason));
-    onProgress?.(operations.length, operations.length, results);
   }
-  const successCount = results.filter((r) => !(r instanceof Error)).length;
-  const errorCount = results.length - successCount;
   return {
-    results,
-    successCount,
-    errorCount,
-    allSuccessful: errorCount === 0
+    ...appCompose,
+    compose_file: composeFile
   };
 }
-async function executeTransactionWithRetry(operation, clients, args, options = {}, retryOptions = {}) {
-  const {
-    maxRetries = 3,
-    initialDelay = 1e3,
-    maxDelay = 1e4,
-    backoffFactor = 2,
-    retryCondition = () => true
-  } = retryOptions;
-  let lastError;
-  let delay = initialDelay;
-  for (let attempt = 0; attempt <= maxRetries; attempt++) {
-    try {
-      const tracker = createTransactionTracker();
-      return await tracker.execute(operation, clients, args, options);
-    } catch (error) {
-      lastError = error instanceof Error ? error : new Error(String(error));
-      if (attempt === maxRetries) {
-        break;
-      }
-      if (!retryCondition(lastError)) {
-        break;
-      }
-      await new Promise((resolve) => setTimeout(resolve, delay));
-      delay = Math.min(delay * backoffFactor, maxDelay);
+var { action: provisionCvm, safeAction: safeProvisionCvm } = defineAction(ProvisionCvmSchema, async (client, appCompose) => {
+  const body = handleGatewayCompatibility(autofillComposeFileName(appCompose));
+  let requestBody = { ...body };
+  if (typeof body.node_id === "number") {
+    requestBody = { ...body, teepod_id: body.node_id };
+    delete requestBody.node_id;
+  } else if (typeof body.teepod_id === "number") {
+    console.warn("[phala/cloud] teepod_id is deprecated, please use node_id instead.");
+  }
+  return await client.post("/cvms/provision", requestBody);
+});
+
+// src/actions/cvms/commit_cvm_provision.ts
+var import_zod7 = require("zod");
+var CommitCvmProvisionSchema = import_zod7.z.object({
+  id: import_zod7.z.number(),
+  name: import_zod7.z.string(),
+  status: import_zod7.z.string(),
+  teepod_id: import_zod7.z.number(),
+  teepod: import_zod7.z.object({
+    id: import_zod7.z.number(),
+    name: import_zod7.z.string()
+  }).nullable(),
+  user_id: import_zod7.z.number().nullable(),
+  app_id: import_zod7.z.string().nullable(),
+  vm_uuid: import_zod7.z.string().nullable(),
+  instance_id: import_zod7.z.string().nullable(),
+  app_url: import_zod7.z.string().nullable(),
+  base_image: import_zod7.z.string().nullable(),
+  vcpu: import_zod7.z.number(),
+  memory: import_zod7.z.number(),
+  disk_size: import_zod7.z.number(),
+  manifest_version: import_zod7.z.number().nullable(),
+  version: import_zod7.z.string().nullable(),
+  runner: import_zod7.z.string().nullable(),
+  docker_compose_file: import_zod7.z.string().nullable(),
+  features: import_zod7.z.array(import_zod7.z.string()).nullable(),
+  created_at: import_zod7.z.string(),
+  encrypted_env_pubkey: import_zod7.z.string().nullable().optional(),
+  app_auth_contract_address: import_zod7.z.string().nullable().optional(),
+  deployer_address: import_zod7.z.string().nullable().optional()
+}).passthrough();
+var CommitCvmProvisionRequestSchema = import_zod7.z.object({
+  encrypted_env: import_zod7.z.string().optional().nullable(),
+  app_id: import_zod7.z.string(),
+  compose_hash: import_zod7.z.string().optional(),
+  kms_id: import_zod7.z.string().optional(),
+  contract_address: import_zod7.z.string().optional(),
+  deployer_address: import_zod7.z.string().optional(),
+  env_keys: import_zod7.z.array(import_zod7.z.string()).optional().nullable()
+}).passthrough();
+var { action: commitCvmProvision, safeAction: safeCommitCvmProvision } = defineAction(CommitCvmProvisionSchema, async (client, payload) => {
+  return await client.post("/cvms", payload);
+});
+
+// src/actions/blockchains/deploy_app_auth.ts
+var import_zod8 = require("zod");
+var import_viem3 = require("viem");
+var import_accounts2 = require("viem/accounts");
+
+// src/utils/index.ts
+var import_encrypt_env_vars = require("@phala/dstack-sdk/encrypt-env-vars");
+
+// src/utils/get_error_message.ts
+function getErrorMessage(error) {
+  if (typeof error.detail === "string") {
+    return error.detail;
+  }
+  if (Array.isArray(error.detail)) {
+    if (error.detail.length > 0) {
+      return error.detail[0]?.msg || "Validation error";
     }
+    return "Validation error";
   }
-  throw lastError;
+  if (typeof error.detail === "object" && error.detail !== null) {
+    return JSON.stringify(error.detail);
+  }
+  return "Unknown error occurred";
 }
-async function estimateTransactionGas(clients, transaction, options = {}) {
-  const {
-    gasLimitMultiplier = 1.2,
-    maxFeePerGasMultiplier = 1.1,
-    priorityFeeMultiplier = 1.1
-  } = options;
-  try {
-    const estimatedGas = await clients.publicClient.estimateGas(transaction);
-    const gasLimit = BigInt(Math.ceil(Number(estimatedGas) * gasLimitMultiplier));
-    let maxFeePerGas;
-    let maxPriorityFeePerGas;
-    try {
-      const feeData = await clients.publicClient.estimateFeesPerGas();
-      if (feeData.maxFeePerGas) {
-        maxFeePerGas = BigInt(Math.ceil(Number(feeData.maxFeePerGas) * maxFeePerGasMultiplier));
-      }
-      if (feeData.maxPriorityFeePerGas) {
-        maxPriorityFeePerGas = BigInt(
-          Math.ceil(Number(feeData.maxPriorityFeePerGas) * priorityFeeMultiplier)
-        );
-      }
-    } catch (error) {
+
+// src/utils/as-hex.ts
+var import_viem = require("viem");
+function asHex(value) {
+  if (typeof value === "string") {
+    if (value.startsWith("0x") && (0, import_viem.isHex)(value)) {
+      return value;
+    } else if ((0, import_viem.isHex)(`0x${value}`)) {
+      return `0x${value}`;
     }
-    return {
-      gasLimit,
-      maxFeePerGas,
-      maxPriorityFeePerGas
-    };
-  } catch (error) {
-    throw new TransactionError(
-      `Gas estimation failed: ${error instanceof Error ? error.message : "Unknown error"}`,
-      void 0,
-      error
-    );
   }
+  throw new Error(`Invalid hex value: ${value}`);
 }
 
-// src/utils/client-factories.ts
-var import_viem2 = require("viem");
-var import_accounts = require("viem/accounts");
-function isBrowser() {
-  return typeof window !== "undefined" && typeof window.ethereum !== "undefined";
-}
-function getEthereumProvider() {
-  if (!isBrowser()) return null;
-  const ethereum = window.ethereum;
-  return ethereum || null;
+// src/utils/network.ts
+var NetworkError = class extends Error {
+  constructor(message, code, details) {
+    super(message);
+    this.code = code;
+    this.details = details;
+    this.name = "NetworkError";
+  }
+};
+var WalletError = class extends Error {
+  constructor(message, code, details) {
+    super(message);
+    this.code = code;
+    this.details = details;
+    this.name = "WalletError";
+  }
+};
+var TransactionError = class extends Error {
+  constructor(message, hash, details) {
+    super(message);
+    this.hash = hash;
+    this.details = details;
+    this.name = "TransactionError";
+  }
+};
+function createNetworkClients(publicClient, walletClient, address, chainId) {
+  return {
+    publicClient,
+    walletClient,
+    address,
+    chainId
+  };
 }
-function createClientsFromPrivateKey(chain, privateKey, rpcUrl) {
+async function checkNetworkStatus(clients, targetChainId) {
   try {
-    const account = (0, import_accounts.privateKeyToAccount)(privateKey);
-    const publicClient = (0, import_viem2.createPublicClient)({
-      chain,
-      transport: (0, import_viem2.http)(rpcUrl || chain.rpcUrls.default.http[0])
-    });
-    const walletClient = (0, import_viem2.createWalletClient)({
-      account,
-      chain,
-      transport: (0, import_viem2.http)(rpcUrl || chain.rpcUrls.default.http[0])
-    });
-    return createNetworkClients(publicClient, walletClient, account.address, chain.id);
+    const currentChainId = await clients.walletClient.getChainId();
+    return {
+      isCorrectNetwork: currentChainId === targetChainId,
+      currentChainId
+    };
   } catch (error) {
-    throw new WalletError(
-      `Failed to create clients from private key: ${error instanceof Error ? error.message : "Unknown error"}`,
-      "CLIENT_CREATION_FAILED",
+    throw new NetworkError(
+      `Failed to check network status: ${error instanceof Error ? error.message : "Unknown error"}`,
+      "NETWORK_CHECK_FAILED",
       error
     );
   }
 }
-async function createClientsFromBrowser(chain, rpcUrl) {
-  if (!isBrowser()) {
-    throw new WalletError(
-      "Browser wallet connection is only available in browser environment",
-      "NOT_BROWSER_ENVIRONMENT"
-    );
-  }
-  const provider = getEthereumProvider();
-  if (!provider) {
-    throw new WalletError(
-      "No Ethereum provider found. Please install a wallet like MetaMask.",
-      "NO_PROVIDER"
-    );
-  }
+async function checkBalance(publicClient, address, minBalance) {
   try {
-    const accounts = await provider.request({
-      method: "eth_requestAccounts"
-    });
-    if (!accounts || accounts.length === 0) {
-      throw new WalletError("No accounts available", "NO_ACCOUNTS");
-    }
-    const address = accounts[0];
-    const chainId = await provider.request({ method: "eth_chainId" });
-    const currentChainId = parseInt(chainId, 16);
-    if (currentChainId !== chain.id) {
-      await switchToNetwork(provider, chain.id);
-    }
-    const publicClient = (0, import_viem2.createPublicClient)({
-      chain,
-      transport: (0, import_viem2.http)(rpcUrl || chain.rpcUrls.default.http[0])
-    });
-    const walletClient = (0, import_viem2.createWalletClient)({
-      account: address,
-      chain,
-      transport: (0, import_viem2.custom)(provider)
-    });
-    return createNetworkClients(publicClient, walletClient, address, chain.id);
+    const balance = await publicClient.getBalance({ address });
+    return {
+      address,
+      balance,
+      sufficient: minBalance ? balance >= minBalance : true,
+      required: minBalance
+    };
   } catch (error) {
-    if (error instanceof WalletError || error instanceof NetworkError) {
-      throw error;
-    }
-    throw new WalletError(
-      `Failed to connect browser wallet: ${error instanceof Error ? error.message : "Unknown error"}`,
-      "BROWSER_CONNECTION_FAILED",
+    throw new NetworkError(
+      `Failed to check balance: ${error instanceof Error ? error.message : "Unknown error"}`,
+      "BALANCE_CHECK_FAILED",
       error
     );
   }
 }
-async function switchToNetwork(provider, chainId) {
+async function waitForTransactionReceipt(publicClient, hash, options = {}) {
+  const {
+    timeout = 6e4,
+    // 60 seconds default
+    pollingInterval = 2e3,
+    // 2 seconds default
+    confirmations = 1
+  } = options;
+  const startTime = Date.now();
+  return new Promise((resolve, reject) => {
+    const poll = async () => {
+      try {
+        const receipt = await publicClient.getTransactionReceipt({ hash });
+        if (receipt) {
+          if (confirmations > 1) {
+            const currentBlock = await publicClient.getBlockNumber();
+            const confirmationCount = currentBlock - receipt.blockNumber + 1n;
+            if (confirmationCount < BigInt(confirmations)) {
+              const elapsed = Date.now() - startTime;
+              if (elapsed >= timeout) {
+                reject(
+                  new TransactionError(`Transaction confirmation timeout after ${timeout}ms`, hash)
+                );
+                return;
+              }
+              setTimeout(poll, pollingInterval);
+              return;
+            }
+          }
+          resolve(receipt);
+        } else {
+          const elapsed = Date.now() - startTime;
+          if (elapsed >= timeout) {
+            reject(new TransactionError(`Transaction receipt timeout after ${timeout}ms`, hash));
+            return;
+          }
+          setTimeout(poll, pollingInterval);
+        }
+      } catch (error) {
+        const elapsed = Date.now() - startTime;
+        if (elapsed >= timeout) {
+          reject(
+            new TransactionError(`Transaction receipt timeout after ${timeout}ms`, hash, error)
+          );
+          return;
+        }
+        setTimeout(poll, pollingInterval);
+      }
+    };
+    poll();
+  });
+}
+async function executeTransaction(clients, operation, args, options = {}) {
+  const { timeout = 6e4, confirmations = 1, onSubmitted, onConfirmed, onError } = options;
   try {
-    await provider.request({
-      method: "wallet_switchEthereumChain",
-      params: [{ chainId: `0x${chainId.toString(16)}` }]
+    const hash = await operation(clients, ...args);
+    onSubmitted?.(hash);
+    const receipt = await waitForTransactionReceipt(clients.publicClient, hash, {
+      timeout,
+      confirmations
     });
-  } catch (error) {
-    const errorObj = error;
-    if (errorObj.code === 4902) {
-      throw new NetworkError(
-        `Network ${chainId} not found in wallet. Please add it manually.`,
-        "NETWORK_NOT_FOUND",
-        error
-      );
+    const success = receipt.status === "success";
+    if (success) {
+      onConfirmed?.(receipt);
+    } else {
+      const error = new TransactionError("Transaction failed on-chain", hash, receipt);
+      onError?.(error, hash);
+      throw error;
     }
-    throw new NetworkError(
-      `Failed to switch network: ${errorObj.message || "Unknown error"}`,
-      "NETWORK_SWITCH_FAILED",
+    return {
+      hash,
+      receipt,
+      success
+    };
+  } catch (error) {
+    const txError = error instanceof TransactionError ? error : new TransactionError(
+      `Transaction execution failed: ${error instanceof Error ? error.message : "Unknown error"}`,
+      void 0,
       error
     );
+    onError?.(txError, txError.hash);
+    throw txError;
   }
 }
-async function addNetwork(provider, config) {
+async function extractNetworkClients(publicClient, walletClient) {
   try {
-    await provider.request({
-      method: "wallet_addEthereumChain",
-      params: [
-        {
-          chainId: `0x${config.chainId.toString(16)}`,
-          chainName: config.name,
-          rpcUrls: [config.rpcUrl],
-          blockExplorerUrls: config.blockExplorer ? [config.blockExplorer] : void 0,
-          nativeCurrency: {
-            name: "ETH",
-            symbol: "ETH",
-            decimals: 18
-          }
-        }
-      ]
-    });
+    const address = walletClient.account?.address;
+    if (!address) {
+      throw new WalletError("WalletClient must have an account", "NO_ACCOUNT");
+    }
+    const chainId = await walletClient.getChainId();
+    return createNetworkClients(publicClient, walletClient, address, chainId);
   } catch (error) {
-    const errorObj = error;
-    throw new NetworkError(
-      `Failed to add network: ${errorObj.message || "Unknown error"}`,
-      "NETWORK_ADD_FAILED",
+    throw new WalletError(
+      `Failed to extract network clients: ${error instanceof Error ? error.message : "Unknown error"}`,
+      "EXTRACTION_FAILED",
       error
     );
   }
 }
-async function autoCreateClients(chain, options = {}) {
-  const { privateKey, rpcUrl, preferBrowser = false } = options;
-  if (privateKey) {
-    return createClientsFromPrivateKey(chain, privateKey, rpcUrl);
-  }
-  if (isBrowser() && (preferBrowser || !privateKey)) {
-    return createClientsFromBrowser(chain, rpcUrl);
-  }
-  throw new WalletError(
-    "No wallet connection method available. Provide a private key for server-side usage or use in browser environment.",
-    "NO_CONNECTION_METHOD"
-  );
-}
-
-// src/actions/get_current_user.ts
-var CurrentUserSchema = import_zod4.z.object({
-  username: import_zod4.z.string(),
-  email: import_zod4.z.string(),
-  credits: import_zod4.z.number(),
-  granted_credits: import_zod4.z.number(),
-  avatar: import_zod4.z.string(),
-  team_name: import_zod4.z.string(),
-  team_tier: import_zod4.z.string()
-}).passthrough();
-async function getCurrentUser(client, parameters) {
-  validateActionParameters(parameters);
-  const response = await client.get("/auth/me");
-  if (parameters?.schema === false) {
-    return response;
-  }
-  const schema = parameters?.schema || CurrentUserSchema;
-  return schema.parse(response);
-}
-async function safeGetCurrentUser(client, parameters) {
-  const parameterValidationError = safeValidateActionParameters(parameters);
-  if (parameterValidationError) {
-    return parameterValidationError;
-  }
-  const httpResult = await client.safeGet("/auth/me");
-  if (!httpResult.success) {
-    return httpResult;
-  }
-  if (parameters?.schema === false) {
-    return { success: true, data: httpResult.data };
-  }
-  const schema = parameters?.schema || CurrentUserSchema;
-  return schema.safeParse(httpResult.data);
+async function validateNetworkPrerequisites(clients, requirements) {
+  const { targetChainId, minBalance, requiredAddress } = requirements;
+  const networkStatus = await checkNetworkStatus(clients, targetChainId);
+  const balanceResult = await checkBalance(clients.publicClient, clients.address, minBalance);
+  const addressValid = requiredAddress ? clients.address.toLowerCase() === requiredAddress.toLowerCase() : true;
+  return {
+    networkValid: networkStatus.isCorrectNetwork,
+    balanceValid: balanceResult.sufficient,
+    addressValid,
+    details: {
+      currentChainId: networkStatus.currentChainId,
+      balance: balanceResult.balance,
+      address: clients.address
+    }
+  };
 }
 
-// src/actions/get_available_nodes.ts
-var import_zod5 = require("zod");
-
-// src/utils/define-action.ts
-function defineSimpleAction(schema, fn) {
-  function action(client, parameters) {
-    return _actionImpl(client, parameters);
-  }
-  async function _actionImpl(client, parameters) {
-    validateActionParameters(parameters);
-    const response = await fn(client);
-    if (parameters?.schema === false) {
-      return response;
+// src/utils/transaction.ts
+function createTransactionTracker() {
+  let status = { state: "idle" };
+  let timeoutHandle;
+  let abortController;
+  const updateStatus = (newStatus) => {
+    status = { ...status, ...newStatus };
+  };
+  const reset = () => {
+    if (timeoutHandle) {
+      clearTimeout(timeoutHandle);
+      timeoutHandle = void 0;
     }
-    const actualSchema = parameters?.schema || schema;
-    return actualSchema.parse(response);
-  }
-  function safeAction(client, parameters) {
-    return _safeActionImpl(client, parameters);
-  }
-  async function _safeActionImpl(client, parameters) {
-    const parameterValidationError = safeValidateActionParameters(parameters);
-    if (parameterValidationError) {
-      return parameterValidationError;
+    if (abortController) {
+      abortController.abort();
+      abortController = void 0;
     }
-    const httpResult = await (async () => {
-      try {
-        const data = await fn(client);
-        return { success: true, data };
-      } catch (error) {
-        if (error && typeof error === "object" && "isRequestError" in error) {
-          return { success: false, error };
-        }
-        if (error && typeof error === "object" && "issues" in error) {
-          return { success: false, error };
+    status = { state: "idle" };
+  };
+  const abort = () => {
+    if (abortController) {
+      abortController.abort();
+    }
+    if (timeoutHandle) {
+      clearTimeout(timeoutHandle);
+      timeoutHandle = void 0;
+    }
+    updateStatus({
+      state: "error",
+      aborted: true,
+      error: "Transaction aborted by user"
+    });
+  };
+  const execute = async (operation, clients, args, options = {}) => {
+    const {
+      timeout = 6e4,
+      confirmations = 1,
+      onSubmitted,
+      onConfirmed,
+      onError,
+      signal
+    } = options;
+    try {
+      reset();
+      abortController = new AbortController();
+      if (signal) {
+        if (signal.aborted) {
+          throw new TransactionError("Operation was aborted before execution");
         }
-        return {
-          success: false,
-          error: {
-            name: "Error",
-            message: error instanceof Error ? error.message : String(error)
+        signal.addEventListener("abort", () => {
+          abort();
+        });
+      }
+      updateStatus({
+        state: "submitting",
+        startTime: Date.now(),
+        error: void 0,
+        hash: void 0,
+        receipt: void 0,
+        aborted: false
+      });
+      if (abortController.signal.aborted) {
+        throw new TransactionError("Transaction aborted");
+      }
+      const hash = await operation(clients, ...args);
+      if (abortController.signal.aborted) {
+        throw new TransactionError("Transaction aborted after submission", hash);
+      }
+      updateStatus({
+        state: "pending",
+        hash,
+        submitTime: Date.now()
+      });
+      onSubmitted?.(hash);
+      if (timeout > 0) {
+        timeoutHandle = setTimeout(() => {
+          if (status.state === "pending" && !abortController?.signal.aborted) {
+            updateStatus({
+              state: "timeout",
+              error: `Transaction timeout after ${timeout}ms`
+            });
           }
-        };
+        }, timeout);
       }
-    })();
-    if (!httpResult.success) {
-      return httpResult;
-    }
-    if (parameters?.schema === false) {
-      return { success: true, data: httpResult.data };
+      const receipt = await Promise.race([
+        waitForTransactionReceipt(clients.publicClient, hash, { timeout, confirmations }),
+        new Promise((_, reject) => {
+          abortController?.signal.addEventListener("abort", () => {
+            reject(new TransactionError("Transaction aborted while waiting for receipt", hash));
+          });
+        })
+      ]);
+      if (timeoutHandle) {
+        clearTimeout(timeoutHandle);
+        timeoutHandle = void 0;
+      }
+      const success = receipt.status === "success";
+      updateStatus({
+        state: success ? "success" : "error",
+        receipt,
+        confirmTime: Date.now(),
+        error: success ? void 0 : "Transaction failed on-chain"
+      });
+      if (success) {
+        onConfirmed?.(receipt);
+      } else {
+        const error = new TransactionError("Transaction failed on-chain", hash, receipt);
+        onError?.(error, hash);
+        throw error;
+      }
+      return {
+        hash,
+        receipt,
+        success
+      };
+    } catch (error) {
+      const txError = error instanceof TransactionError ? error : new TransactionError(
+        `Transaction execution failed: ${error instanceof Error ? error.message : "Unknown error"}`,
+        status.hash,
+        error
+      );
+      updateStatus({
+        state: "error",
+        error: txError.message
+      });
+      onError?.(txError, status.hash);
+      throw txError;
     }
-    const actualSchema = parameters?.schema || schema;
-    return actualSchema.safeParse(httpResult.data);
-  }
+  };
   return {
-    action,
-    safeAction
+    get status() {
+      return { ...status };
+    },
+    get isIdle() {
+      return status.state === "idle";
+    },
+    get isSubmitting() {
+      return status.state === "submitting";
+    },
+    get isPending() {
+      return status.state === "pending";
+    },
+    get isSuccess() {
+      return status.state === "success";
+    },
+    get isError() {
+      return status.state === "error";
+    },
+    get isTimeout() {
+      return status.state === "timeout";
+    },
+    get isAborted() {
+      return status.aborted === true;
+    },
+    get isComplete() {
+      return ["success", "error", "timeout"].includes(status.state);
+    },
+    abort,
+    reset,
+    execute
   };
 }
-function defineAction(schema, fn) {
-  function action(client, ...args) {
-    const [params, parameters] = args;
-    return _actionImpl(client, params, parameters);
-  }
-  async function _actionImpl(client, params, parameters) {
-    validateActionParameters(parameters);
-    const response = await fn(client, params);
-    if (parameters?.schema === false) {
-      return response;
-    }
-    const actualSchema = parameters?.schema || schema;
-    return actualSchema.parse(response);
-  }
-  function safeAction(client, ...args) {
-    const [params, parameters] = args;
-    return _safeActionImpl(client, params, parameters);
-  }
-  async function _safeActionImpl(client, params, parameters) {
-    const parameterValidationError = safeValidateActionParameters(parameters);
-    if (parameterValidationError) {
-      return parameterValidationError;
-    }
-    const httpResult = await (async () => {
+async function executeBatchTransactions(operations, clients, batchOptions) {
+  const { mode, failFast = false, onProgress } = batchOptions;
+  const results = [];
+  if (mode === "sequential") {
+    for (let i = 0; i < operations.length; i++) {
+      const op = operations[i];
+      if (!op) continue;
+      const { operation, args, options } = op;
       try {
-        const data = await fn(client, params);
-        return { success: true, data };
+        const tracker = createTransactionTracker();
+        const result = await tracker.execute(operation, clients, args, options);
+        results.push(result);
+        onProgress?.(i + 1, operations.length, results);
       } catch (error) {
-        if (error && typeof error === "object" && "isRequestError" in error) {
-          return { success: false, error };
-        }
-        if (error && typeof error === "object" && "issues" in error) {
-          return { success: false, error };
-        }
-        return {
-          success: false,
-          error: {
-            name: "Error",
-            message: error instanceof Error ? error.message : String(error)
+        const txError = error instanceof Error ? error : new Error(String(error));
+        results.push(txError);
+        onProgress?.(i + 1, operations.length, results);
+        if (failFast) {
+          for (let j = i + 1; j < operations.length; j++) {
+            results.push(new Error("Cancelled due to previous failure"));
           }
-        };
+          break;
+        }
       }
-    })();
-    if (!httpResult.success) {
-      return httpResult;
-    }
-    if (parameters?.schema === false) {
-      return { success: true, data: httpResult.data };
     }
-    const actualSchema = parameters?.schema || schema;
-    return actualSchema.safeParse(httpResult.data);
+  } else {
+    const promises = operations.map(async ({ operation, args, options }) => {
+      try {
+        const tracker = createTransactionTracker();
+        return await tracker.execute(operation, clients, args, options);
+      } catch (error) {
+        return error instanceof Error ? error : new Error(String(error));
+      }
+    });
+    const allResults = await Promise.allSettled(promises);
+    results.push(...allResults.map((r) => r.status === "fulfilled" ? r.value : r.reason));
+    onProgress?.(operations.length, operations.length, results);
   }
+  const successCount = results.filter((r) => !(r instanceof Error)).length;
+  const errorCount = results.length - successCount;
   return {
-    action,
-    safeAction
+    results,
+    successCount,
+    errorCount,
+    allSuccessful: errorCount === 0
   };
 }
-
-// src/actions/get_available_nodes.ts
-var AvailableOSImageSchema = import_zod5.z.object({
-  name: import_zod5.z.string(),
-  is_dev: import_zod5.z.boolean(),
-  version: import_zod5.z.union([
-    import_zod5.z.tuple([import_zod5.z.number(), import_zod5.z.number(), import_zod5.z.number()]),
-    import_zod5.z.tuple([import_zod5.z.number(), import_zod5.z.number(), import_zod5.z.number(), import_zod5.z.number()])
-  ]),
-  os_image_hash: import_zod5.z.string().nullable().optional()
-}).passthrough();
-var TeepodCapacitySchema = import_zod5.z.object({
-  teepod_id: import_zod5.z.number(),
-  name: import_zod5.z.string(),
-  listed: import_zod5.z.boolean(),
-  resource_score: import_zod5.z.number(),
-  remaining_vcpu: import_zod5.z.number(),
-  remaining_memory: import_zod5.z.number(),
-  remaining_cvm_slots: import_zod5.z.number(),
-  images: import_zod5.z.array(AvailableOSImageSchema),
-  support_onchain_kms: import_zod5.z.boolean().optional(),
-  fmspc: import_zod5.z.string().nullable().optional(),
-  device_id: import_zod5.z.string().nullable().optional(),
-  region_identifier: import_zod5.z.string().nullable().optional(),
-  default_kms: import_zod5.z.string().nullable().optional(),
-  kms_list: import_zod5.z.array(import_zod5.z.string()).default([])
-}).passthrough();
-var ResourceThresholdSchema = import_zod5.z.object({
-  max_instances: import_zod5.z.number().nullable().optional(),
-  max_vcpu: import_zod5.z.number().nullable().optional(),
-  max_memory: import_zod5.z.number().nullable().optional(),
-  max_disk: import_zod5.z.number().nullable().optional()
-}).passthrough();
-var AvailableNodesSchema = import_zod5.z.object({
-  tier: import_zod5.z.string(),
-  // TeamTier is string enum
-  capacity: ResourceThresholdSchema,
-  nodes: import_zod5.z.array(TeepodCapacitySchema),
-  kms_list: import_zod5.z.array(KmsInfoSchema)
-}).passthrough();
-var { action: getAvailableNodes, safeAction: safeGetAvailableNodes } = defineSimpleAction(
-  AvailableNodesSchema,
-  async (client) => {
-    return await client.get("/teepods/available");
-  }
-);
-
-// src/actions/provision_cvm.ts
-var import_zod6 = require("zod");
-var ProvisionCvmSchema = import_zod6.z.object({
-  app_id: import_zod6.z.string().nullable().optional(),
-  app_env_encrypt_pubkey: import_zod6.z.string().nullable().optional(),
-  compose_hash: import_zod6.z.string(),
-  fmspc: import_zod6.z.string().nullable().optional(),
-  device_id: import_zod6.z.string().nullable().optional(),
-  os_image_hash: import_zod6.z.string().nullable().optional(),
-  teepod_id: import_zod6.z.number().nullable().optional(),
-  // Will be transformed to node_id
-  node_id: import_zod6.z.number().nullable().optional(),
-  kms_id: import_zod6.z.string().nullable().optional()
-}).passthrough().transform((data) => {
-  if ("teepod_id" in data && data.teepod_id !== void 0) {
-    const { teepod_id, ...rest } = data;
-    return { ...rest, node_id: teepod_id };
-  }
-  return data;
-});
-var ProvisionCvmRequestSchema = import_zod6.z.object({
-  node_id: import_zod6.z.number().optional(),
-  // recommended
-  teepod_id: import_zod6.z.number().optional(),
-  // deprecated, for compatibility
-  name: import_zod6.z.string(),
-  image: import_zod6.z.string(),
-  vcpu: import_zod6.z.number(),
-  memory: import_zod6.z.number(),
-  disk_size: import_zod6.z.number(),
-  compose_file: import_zod6.z.object({
-    allowed_envs: import_zod6.z.array(import_zod6.z.string()).optional(),
-    pre_launch_script: import_zod6.z.string().optional(),
-    docker_compose_file: import_zod6.z.string().optional(),
-    name: import_zod6.z.string().optional(),
-    kms_enabled: import_zod6.z.boolean().optional(),
-    public_logs: import_zod6.z.boolean().optional(),
-    public_sysinfo: import_zod6.z.boolean().optional(),
-    gateway_enabled: import_zod6.z.boolean().optional(),
-    // recommended
-    tproxy_enabled: import_zod6.z.boolean().optional()
-    // deprecated, for compatibility
-  }),
-  listed: import_zod6.z.boolean().optional(),
-  instance_type: import_zod6.z.string().nullable().optional(),
-  kms_id: import_zod6.z.string().optional(),
-  env_keys: import_zod6.z.array(import_zod6.z.string()).optional()
-}).passthrough();
-function autofillComposeFileName(appCompose) {
-  if (appCompose.compose_file && !appCompose.compose_file.name) {
-    return {
-      ...appCompose,
-      compose_file: {
-        ...appCompose.compose_file,
-        name: appCompose.name
+async function executeTransactionWithRetry(operation, clients, args, options = {}, retryOptions = {}) {
+  const {
+    maxRetries = 3,
+    initialDelay = 1e3,
+    maxDelay = 1e4,
+    backoffFactor = 2,
+    retryCondition = () => true
+  } = retryOptions;
+  let lastError;
+  let delay = initialDelay;
+  for (let attempt = 0; attempt <= maxRetries; attempt++) {
+    try {
+      const tracker = createTransactionTracker();
+      return await tracker.execute(operation, clients, args, options);
+    } catch (error) {
+      lastError = error instanceof Error ? error : new Error(String(error));
+      if (attempt === maxRetries) {
+        break;
+      }
+      if (!retryCondition(lastError)) {
+        break;
+      }
+      await new Promise((resolve) => setTimeout(resolve, delay));
+      delay = Math.min(delay * backoffFactor, maxDelay);
+    }
+  }
+  throw lastError;
+}
+async function estimateTransactionGas(clients, transaction, options = {}) {
+  const {
+    gasLimitMultiplier = 1.2,
+    maxFeePerGasMultiplier = 1.1,
+    priorityFeeMultiplier = 1.1
+  } = options;
+  try {
+    const estimatedGas = await clients.publicClient.estimateGas(transaction);
+    const gasLimit = BigInt(Math.ceil(Number(estimatedGas) * gasLimitMultiplier));
+    let maxFeePerGas;
+    let maxPriorityFeePerGas;
+    try {
+      const feeData = await clients.publicClient.estimateFeesPerGas();
+      if (feeData.maxFeePerGas) {
+        maxFeePerGas = BigInt(Math.ceil(Number(feeData.maxFeePerGas) * maxFeePerGasMultiplier));
+      }
+      if (feeData.maxPriorityFeePerGas) {
+        maxPriorityFeePerGas = BigInt(
+          Math.ceil(Number(feeData.maxPriorityFeePerGas) * priorityFeeMultiplier)
+        );
       }
+    } catch (error) {
+    }
+    return {
+      gasLimit,
+      maxFeePerGas,
+      maxPriorityFeePerGas
     };
+  } catch (error) {
+    throw new TransactionError(
+      `Gas estimation failed: ${error instanceof Error ? error.message : "Unknown error"}`,
+      void 0,
+      error
+    );
   }
-  return appCompose;
 }
-function handleGatewayCompatibility(appCompose) {
-  if (!appCompose.compose_file) {
-    return appCompose;
+
+// src/utils/client-factories.ts
+var import_viem2 = require("viem");
+var import_accounts = require("viem/accounts");
+function isBrowser() {
+  return typeof window !== "undefined" && typeof window.ethereum !== "undefined";
+}
+function getEthereumProvider() {
+  if (!isBrowser()) return null;
+  const ethereum = window.ethereum;
+  return ethereum || null;
+}
+function createClientsFromPrivateKey(chain, privateKey, rpcUrl) {
+  try {
+    const account = (0, import_accounts.privateKeyToAccount)(privateKey);
+    const publicClient = (0, import_viem2.createPublicClient)({
+      chain,
+      transport: (0, import_viem2.http)(rpcUrl || chain.rpcUrls.default.http[0])
+    });
+    const walletClient = (0, import_viem2.createWalletClient)({
+      account,
+      chain,
+      transport: (0, import_viem2.http)(rpcUrl || chain.rpcUrls.default.http[0])
+    });
+    return createNetworkClients(publicClient, walletClient, account.address, chain.id);
+  } catch (error) {
+    throw new WalletError(
+      `Failed to create clients from private key: ${error instanceof Error ? error.message : "Unknown error"}`,
+      "CLIENT_CREATION_FAILED",
+      error
+    );
   }
-  const composeFile = { ...appCompose.compose_file };
-  if (typeof composeFile.gateway_enabled === "boolean" && typeof composeFile.tproxy_enabled === "boolean") {
-    delete composeFile.tproxy_enabled;
-  } else if (typeof composeFile.tproxy_enabled === "boolean" && typeof composeFile.gateway_enabled === "undefined") {
-    composeFile.gateway_enabled = composeFile.tproxy_enabled;
-    delete composeFile.tproxy_enabled;
-    if (typeof window !== "undefined" ? window.console : globalThis.console) {
-      console.warn(
-        "[phala/cloud] tproxy_enabled is deprecated, please use gateway_enabled instead. See docs for migration."
+}
+async function createClientsFromBrowser(chain, rpcUrl) {
+  if (!isBrowser()) {
+    throw new WalletError(
+      "Browser wallet connection is only available in browser environment",
+      "NOT_BROWSER_ENVIRONMENT"
+    );
+  }
+  const provider = getEthereumProvider();
+  if (!provider) {
+    throw new WalletError(
+      "No Ethereum provider found. Please install a wallet like MetaMask.",
+      "NO_PROVIDER"
+    );
+  }
+  try {
+    const accounts = await provider.request({
+      method: "eth_requestAccounts"
+    });
+    if (!accounts || accounts.length === 0) {
+      throw new WalletError("No accounts available", "NO_ACCOUNTS");
+    }
+    const address = accounts[0];
+    const chainId = await provider.request({ method: "eth_chainId" });
+    const currentChainId = parseInt(chainId, 16);
+    if (currentChainId !== chain.id) {
+      await switchToNetwork(provider, chain.id);
+    }
+    const publicClient = (0, import_viem2.createPublicClient)({
+      chain,
+      transport: (0, import_viem2.http)(rpcUrl || chain.rpcUrls.default.http[0])
+    });
+    const walletClient = (0, import_viem2.createWalletClient)({
+      account: address,
+      chain,
+      transport: (0, import_viem2.custom)(provider)
+    });
+    return createNetworkClients(publicClient, walletClient, address, chain.id);
+  } catch (error) {
+    if (error instanceof WalletError || error instanceof NetworkError) {
+      throw error;
+    }
+    throw new WalletError(
+      `Failed to connect browser wallet: ${error instanceof Error ? error.message : "Unknown error"}`,
+      "BROWSER_CONNECTION_FAILED",
+      error
+    );
+  }
+}
+async function switchToNetwork(provider, chainId) {
+  try {
+    await provider.request({
+      method: "wallet_switchEthereumChain",
+      params: [{ chainId: `0x${chainId.toString(16)}` }]
+    });
+  } catch (error) {
+    const errorObj = error;
+    if (errorObj.code === 4902) {
+      throw new NetworkError(
+        `Network ${chainId} not found in wallet. Please add it manually.`,
+        "NETWORK_NOT_FOUND",
+        error
       );
     }
+    throw new NetworkError(
+      `Failed to switch network: ${errorObj.message || "Unknown error"}`,
+      "NETWORK_SWITCH_FAILED",
+      error
+    );
   }
-  return {
-    ...appCompose,
-    compose_file: composeFile
-  };
 }
-var { action: provisionCvm, safeAction: safeProvisionCvm } = defineAction(ProvisionCvmSchema, async (client, appCompose) => {
-  const body = handleGatewayCompatibility(autofillComposeFileName(appCompose));
-  let requestBody = { ...body };
-  if (typeof body.node_id === "number") {
-    requestBody = { ...body, teepod_id: body.node_id };
-    delete requestBody.node_id;
-  } else if (typeof body.teepod_id === "number") {
-    console.warn("[phala/cloud] teepod_id is deprecated, please use node_id instead.");
+async function addNetwork(provider, config) {
+  try {
+    await provider.request({
+      method: "wallet_addEthereumChain",
+      params: [
+        {
+          chainId: `0x${config.chainId.toString(16)}`,
+          chainName: config.name,
+          rpcUrls: [config.rpcUrl],
+          blockExplorerUrls: config.blockExplorer ? [config.blockExplorer] : void 0,
+          nativeCurrency: {
+            name: "ETH",
+            symbol: "ETH",
+            decimals: 18
+          }
+        }
+      ]
+    });
+  } catch (error) {
+    const errorObj = error;
+    throw new NetworkError(
+      `Failed to add network: ${errorObj.message || "Unknown error"}`,
+      "NETWORK_ADD_FAILED",
+      error
+    );
   }
-  return await client.post("/cvms/provision", requestBody);
-});
-
-// src/actions/commit_cvm_provision.ts
-var import_zod7 = require("zod");
-var CommitCvmProvisionSchema = import_zod7.z.object({
-  id: import_zod7.z.number(),
-  name: import_zod7.z.string(),
-  status: import_zod7.z.string(),
-  teepod_id: import_zod7.z.number(),
-  teepod: import_zod7.z.object({
-    id: import_zod7.z.number(),
-    name: import_zod7.z.string()
-  }).nullable(),
-  user_id: import_zod7.z.number().nullable(),
-  app_id: import_zod7.z.string().nullable(),
-  vm_uuid: import_zod7.z.string().nullable(),
-  instance_id: import_zod7.z.string().nullable(),
-  app_url: import_zod7.z.string().nullable(),
-  base_image: import_zod7.z.string().nullable(),
-  vcpu: import_zod7.z.number(),
-  memory: import_zod7.z.number(),
-  disk_size: import_zod7.z.number(),
-  manifest_version: import_zod7.z.number().nullable(),
-  version: import_zod7.z.string().nullable(),
-  runner: import_zod7.z.string().nullable(),
-  docker_compose_file: import_zod7.z.string().nullable(),
-  features: import_zod7.z.array(import_zod7.z.string()).nullable(),
-  created_at: import_zod7.z.string(),
-  encrypted_env_pubkey: import_zod7.z.string().nullable().optional(),
-  app_auth_contract_address: import_zod7.z.string().nullable().optional(),
-  deployer_address: import_zod7.z.string().nullable().optional()
-}).passthrough();
-var CommitCvmProvisionRequestSchema = import_zod7.z.object({
-  encrypted_env: import_zod7.z.string().optional().nullable(),
-  app_id: import_zod7.z.string(),
-  compose_hash: import_zod7.z.string().optional(),
-  kms_id: import_zod7.z.string().optional(),
-  contract_address: import_zod7.z.string().optional(),
-  deployer_address: import_zod7.z.string().optional(),
-  env_keys: import_zod7.z.array(import_zod7.z.string()).optional().nullable()
-}).passthrough();
-var { action: commitCvmProvision, safeAction: safeCommitCvmProvision } = defineAction(CommitCvmProvisionSchema, async (client, payload) => {
-  return await client.post("/cvms", payload);
-});
+}
+async function autoCreateClients(chain, options = {}) {
+  const { privateKey, rpcUrl, preferBrowser = false } = options;
+  if (privateKey) {
+    return createClientsFromPrivateKey(chain, privateKey, rpcUrl);
+  }
+  if (isBrowser() && (preferBrowser || !privateKey)) {
+    return createClientsFromBrowser(chain, rpcUrl);
+  }
+  throw new WalletError(
+    "No wallet connection method available. Provide a private key for server-side usage or use in browser environment.",
+    "NO_CONNECTION_METHOD"
+  );
+}
 
-// src/actions/deploy_app_auth.ts
-var import_zod8 = require("zod");
-var import_viem3 = require("viem");
-var import_accounts2 = require("viem/accounts");
+// src/actions/blockchains/deploy_app_auth.ts
 var kmsAuthAbi = [
   {
     inputs: [
@@ -1905,7 +1887,7 @@ async function safeDeployAppAuth(request, parameters) {
   }
 }
 
-// src/actions/add_compose_hash.ts
+// src/actions/blockchains/add_compose_hash.ts
 var import_zod9 = require("zod");
 var import_viem4 = require("viem");
 var import_accounts3 = require("viem/accounts");
@@ -2166,7 +2148,7 @@ async function safeAddComposeHash(request, parameters) {
   }
 }
 
-// src/actions/get_cvm_compose_file.ts
+// src/actions/cvms/get_cvm_compose_file.ts
 var import_zod11 = require("zod");
 
 // src/types/app_compose.ts
@@ -2184,7 +2166,7 @@ var LooseAppComposeSchema = import_zod10.z.object({
   pre_launch_script: import_zod10.z.string().optional()
 }).passthrough();
 
-// src/actions/get_cvm_compose_file.ts
+// src/actions/cvms/get_cvm_compose_file.ts
 var GetCvmComposeFileRequestSchema = import_zod11.z.object({
   id: import_zod11.z.string().optional(),
   uuid: import_zod11.z.string().regex(/^[0-9a-f]{8}[-]?[0-9a-f]{4}[-]?4[0-9a-f]{3}[-]?[89ab][0-9a-f]{3}[-]?[0-9a-f]{12}$/i).optional(),
@@ -2208,7 +2190,7 @@ var { action: getCvmComposeFile, safeAction: safeGetCvmComposeFile } = defineAct
   return await client.get(`/cvms/${validatedRequest.cvmId}/compose_file`);
 });
 
-// src/actions/provision_cvm_compose_file_update.ts
+// src/actions/cvms/provision_cvm_compose_file_update.ts
 var import_zod12 = require("zod");
 var ProvisionCvmComposeFileUpdateRequestSchema = import_zod12.z.object({
   id: import_zod12.z.string().optional(),
@@ -2246,7 +2228,7 @@ var { action: provisionCvmComposeFileUpdate, safeAction: safeProvisionCvmCompose
   );
 });
 
-// src/actions/commit_cvm_compose_file_update.ts
+// src/actions/cvms/commit_cvm_compose_file_update.ts
 var import_zod13 = require("zod");
 var CommitCvmComposeFileUpdateRequestSchema = import_zod13.z.object({
   id: import_zod13.z.string().optional(),
@@ -2287,7 +2269,7 @@ var { action: commitCvmComposeFileUpdate, safeAction: safeCommitCvmComposeFileUp
   }
 );
 
-// src/actions/get_app_env_encrypt_pubkey.ts
+// src/actions/kms/get_app_env_encrypt_pubkey.ts
 var import_zod14 = require("zod");
 var GetAppEnvEncryptPubKeyRequestSchema = import_zod14.z.object({
   kms: import_zod14.z.string().min(1, "KMS ID or slug is required"),
@@ -2305,7 +2287,7 @@ var { action: getAppEnvEncryptPubKey, safeAction: safeGetAppEnvEncryptPubKey } =
   return await client.get(`/kms/${validatedRequest.kms}/pubkey/${validatedRequest.app_id}`);
 });
 
-// src/actions/get_cvm_info.ts
+// src/actions/cvms/get_cvm_info.ts
 var import_zod15 = require("zod");
 var GetCvmInfoRequestSchema = import_zod15.z.object({
   id: import_zod15.z.string().optional(),
@@ -2330,7 +2312,7 @@ var { action: getCvmInfo, safeAction: safeGetCvmInfo } = defineAction(CvmLegacyD
   return await client.get(`/cvms/${validatedRequest.cvmId}`);
 });
 
-// src/actions/get_cvm_list.ts
+// src/actions/cvms/get_cvm_list.ts
 var import_zod16 = require("zod");
 var GetCvmListRequestSchema = import_zod16.z.object({
   page: import_zod16.z.number().int().min(1).optional(),
@@ -2349,7 +2331,7 @@ var { action: getCvmList, safeAction: safeGetCvmList } = defineAction(GetCvmList
   return await client.get("/cvms/paginated", { params: validatedRequest });
 });
 
-// src/actions/get_kms_info.ts
+// src/actions/kms/get_kms_info.ts
 var import_zod17 = require("zod");
 var GetKmsInfoRequestSchema = import_zod17.z.object({
   kms_id: import_zod17.z.string().min(1, "KMS ID is required")
@@ -2359,7 +2341,7 @@ var { action: getKmsInfo, safeAction: safeGetKmsInfo } = defineAction(KmsInfoSch
   return await client.get(`/kms/${validatedRequest.kms_id}`);
 });
 
-// src/actions/get_kms_list.ts
+// src/actions/kms/get_kms_list.ts
 var import_zod18 = require("zod");
 var GetKmsListRequestSchema = import_zod18.z.object({
   page: import_zod18.z.number().int().min(1).optional(),