@pnlmarket/mcp-server 0.4.0

package/dist/tools/pitch-idea.js

@@ -0,0 +1,176 @@
+import { z } from 'zod';
+import { Badge, headline, code, kvTable, next, reply } from '../lib/output.js';
+// ─── pnl_pitch_idea ──────────────────────────────────────────────
+//
+// Write-prep tool. The agent calls this with everything it knows
+// about a new idea. We POST it to the public /api/markets/drafts
+// endpoint, receive a draft id, and return a deep-link the user
+// opens in their browser to confirm + sign with their own wallet.
+//
+// MCP NEVER holds keys. v0.2 is deep-link only; v0.3 will add an
+// autosign path that signs locally with the keypair set up by
+// pnl_init for amounts under the autosign cap.
+//
+// Optional `provenance` argument carries the conversation excerpt
+// and/or code snippet that birthed the idea -- pinned to IPFS by
+// the /create page alongside the market metadata, then displayed
+// on the market detail page as "this idea was born from a
+// conversation in <agent> on <date>".
+const CATEGORIES = [
+    'DeFi', 'NFT', 'Gaming', 'DAO', 'AI/ML', 'Infrastructure', 'Social', 'Meme',
+    'Creator', 'Healthcare', 'Science', 'Education', 'Finance', 'Commerce',
+    'Real Estate', 'Energy', 'Media', 'Manufacturing', 'Mobility', 'Other',
+];
+const PROJECT_TYPES = ['Protocol', 'Application', 'Platform', 'Service', 'Tool'];
+const PROJECT_STAGES = ['Idea', 'MVP', 'Beta', 'Production', 'Scaling', 'Prototype', 'Launched'];
+export const pitchIdeaInputSchema = {
+    name: z
+        .string()
+        .min(1)
+        .max(255)
+        .describe("Project name (the headline). E.g. 'AutoImport CLI'. 1-255 chars."),
+    description: z
+        .string()
+        .min(1)
+        .max(2000)
+        .describe("What the idea actually is — what gets built and why. 1-2000 chars. Treat this like a short pitch the conviction market will trade on; concrete is better than abstract."),
+    tokenSymbol: z
+        .string()
+        .min(3)
+        .max(10)
+        .regex(/^[A-Z0-9]+$/i, 'token symbol must be alphanumeric')
+        .describe("Ticker symbol the token will use if YES wins (3-10 uppercase alphanumeric). E.g. 'AUTOIMP' for AutoImport CLI."),
+    category: z
+        .enum(CATEGORIES)
+        .describe('One of the supported project categories.'),
+    projectType: z
+        .enum(PROJECT_TYPES)
+        .describe("Protocol | Application | Platform | Service | Tool. Default 'Tool' if uncertain."),
+    projectStage: z
+        .enum(PROJECT_STAGES)
+        .describe("Where the idea is today. 'Idea' for never-built, 'MVP' for proof-of-concept, etc. Be honest -- this informs how the market reads the pitch."),
+    teamSize: z
+        .number()
+        .int()
+        .min(1)
+        .max(1000)
+        .describe('How many people are working on this. Use 1 if the user is solo.'),
+    targetPoolSol: z
+        .number()
+        .positive()
+        .describe('Target pool size in SOL. Once the YES pool reaches this number, the market can resolve early. Typical range 5-50 SOL.'),
+    durationDays: z
+        .number()
+        .int()
+        .min(1)
+        .max(365)
+        .describe('How long the market stays open for voting before resolution. Typical range 7-90 days. Default 30 if uncertain.'),
+    projectImageUrl: z
+        .string()
+        .url()
+        .optional()
+        .describe("Optional URL to a project image / logo. If omitted, the market detail page renders a colored circle with the ticker initial."),
+    pitchVideoUrl: z
+        .string()
+        .url()
+        .optional()
+        .describe('Optional URL to a pitch video (YouTube, Vimeo, IPFS, etc).'),
+    twitterHandle: z
+        .string()
+        .optional()
+        .describe("Optional X/Twitter handle (without '@'). Surfaced on the market page and auto-tweet."),
+    location: z
+        .string()
+        .max(255)
+        .optional()
+        .describe("Optional location string (city / country). Defaults to founder's profile if omitted."),
+    provenance: z
+        .object({
+        source: z
+            .enum(['claude-code', 'cursor', 'cline', 'codex', 'other'])
+            .describe('Which agent the idea was born in.'),
+        excerpt: z
+            .string()
+            .max(2000)
+            .describe('The conversation excerpt that surfaced the idea. The 1-3 sentences immediately before the user said "let\'s pitch this on PNL".'),
+        codeSnippet: z
+            .string()
+            .max(2000)
+            .optional()
+            .describe('Optional code snippet that motivated the idea (e.g. a // TODO comment, a function that wanted to become its own tool).'),
+        timestamp: z
+            .string()
+            .optional()
+            .describe('ISO 8601 timestamp of the originating conversation.'),
+    })
+        .optional()
+        .describe('Optional "tribute to the idea" payload — pinned alongside the market metadata and displayed on the market detail page. Only attach when the user agrees to make the context public.'),
+};
+const PitchIdeaInput = z.object(pitchIdeaInputSchema);
+function getApiBase() {
+    const raw = process.env.PNL_API_BASE_URL?.trim();
+    if (!raw)
+        return 'https://pnl.market';
+    return raw.endsWith('/') ? raw.slice(0, -1) : raw;
+}
+export async function callPitchIdea(rawInput) {
+    const input = PitchIdeaInput.parse(rawInput ?? {});
+    // The /create page expects the same field shape as the Project schema,
+    // so we mirror its naming. socialLinks is a Map but the form accepts
+    // a simple object of {platform: url} pairs.
+    const payload = {
+        name: input.name,
+        description: input.description,
+        category: input.category,
+        projectType: input.projectType,
+        projectStage: input.projectStage,
+        tokenSymbol: input.tokenSymbol.toUpperCase(),
+        teamSize: input.teamSize,
+        targetPoolSol: input.targetPoolSol,
+        durationDays: input.durationDays,
+    };
+    if (input.projectImageUrl)
+        payload.projectImageUrl = input.projectImageUrl;
+    if (input.pitchVideoUrl)
+        payload.pitchVideoUrl = input.pitchVideoUrl;
+    if (input.twitterHandle)
+        payload.socialLinks = { twitter: input.twitterHandle.replace(/^@/, '') };
+    if (input.location)
+        payload.location = input.location;
+    const body = {
+        payload,
+        provenance: input.provenance,
+        source: 'mcp',
+    };
+    const res = await fetch(`${getApiBase()}/api/markets/drafts`, {
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json',
+            Accept: 'application/json',
+            'User-Agent': 'pnl-mcp-server/0.2.0 (+https://docs.pnl.market)',
+        },
+        body: JSON.stringify(body),
+    });
+    if (!res.ok) {
+        const errBody = await res.text().catch(() => '');
+        throw new Error(`PNL drafts API ${res.status} ${res.statusText}${errBody ? ` — ${errBody.slice(0, 300)}` : ''}`);
+    }
+    const data = (await res.json());
+    if (!data.success || !data.deepLink) {
+        throw new Error(`PNL drafts API returned no deepLink — ${data.error || 'unknown error'}`);
+    }
+    return reply(headline(`${Badge.draft} Drafted · $${input.tokenSymbol.toUpperCase()} — ${input.name}`), `Open this URL to confirm and post the market on Solana mainnet:`, code(data.deepLink), kvTable([
+        ['Idea', input.name],
+        ['Ticker', `$${input.tokenSymbol.toUpperCase()}`],
+        ['Target pool', `${input.targetPoolSol} SOL`],
+        ['Duration', `${input.durationDays} days`],
+        ['Stage', `${input.projectStage} · ${input.category}`],
+        input.provenance
+            ? ['Provenance', `${input.provenance.source}${input.provenance.timestamp ? ' · ' + input.provenance.timestamp : ''}`]
+            : null,
+        ['Draft id', `\`${data.draftId}\``],
+        ['Expires', data.expiresAt ?? '—'],
+    ].filter((r) => Array.isArray(r))), `The /create page is pre-filled with everything above. The user signs the on-chain \`create_market\` transaction in their browser wallet (or imports the keypair from \`pnl_export_keypair\` into Phantom first). Market goes live as soon as the tx confirms (~5-15s on Solana mainnet).`, input.provenance
+        ? `_Provenance attached — will be displayed on the market detail page after launch._`
+        : null, next('Open the URL in a browser and confirm.'));
+}

package/dist/tools/pitch-now.d.ts

@@ -0,0 +1,39 @@
+import { z } from 'zod';
+export declare const pitchNowInputSchema: {
+    readonly autosignCapSol: z.ZodOptional<z.ZodNumber>;
+    readonly name: z.ZodString;
+    readonly description: z.ZodString;
+    readonly tokenSymbol: z.ZodString;
+    readonly category: z.ZodEnum<["DeFi", "NFT", "Gaming", "DAO", "AI/ML", "Infrastructure", "Social", "Meme", "Creator", "Healthcare", "Science", "Education", "Finance", "Commerce", "Real Estate", "Energy", "Media", "Manufacturing", "Mobility", "Other"]>;
+    readonly projectType: z.ZodEnum<["Protocol", "Application", "Platform", "Service", "Tool"]>;
+    readonly projectStage: z.ZodEnum<["Idea", "MVP", "Beta", "Production", "Scaling", "Prototype", "Launched"]>;
+    readonly teamSize: z.ZodNumber;
+    readonly targetPoolSol: z.ZodNumber;
+    readonly durationDays: z.ZodNumber;
+    readonly projectImageUrl: z.ZodOptional<z.ZodString>;
+    readonly pitchVideoUrl: z.ZodOptional<z.ZodString>;
+    readonly twitterHandle: z.ZodOptional<z.ZodString>;
+    readonly location: z.ZodOptional<z.ZodString>;
+    readonly provenance: z.ZodOptional<z.ZodObject<{
+        source: z.ZodEnum<["claude-code", "cursor", "cline", "codex", "other"]>;
+        excerpt: z.ZodString;
+        codeSnippet: z.ZodOptional<z.ZodString>;
+        timestamp: z.ZodOptional<z.ZodString>;
+    }, "strip", z.ZodTypeAny, {
+        source: "claude-code" | "cursor" | "cline" | "codex" | "other";
+        excerpt: string;
+        codeSnippet?: string | undefined;
+        timestamp?: string | undefined;
+    }, {
+        source: "claude-code" | "cursor" | "cline" | "codex" | "other";
+        excerpt: string;
+        codeSnippet?: string | undefined;
+        timestamp?: string | undefined;
+    }>>;
+};
+export declare function callPitchNow(rawInput: unknown): Promise<{
+    content: Array<{
+        type: "text";
+        text: string;
+    }>;
+}>;

package/dist/tools/pitch-now.js

@@ -0,0 +1,179 @@
+import { z } from 'zod';
+import { PublicKey, LAMPORTS_PER_SOL } from '@solana/web3.js';
+import { requireUnlockedKeypair, loadConfig, getConnection, getBalanceSol, } from '../lib/wallet.js';
+import { signSerializedTx, sendAndConfirm, freshNonce, signChallenge, challenge, signedRequestHash, } from '../lib/sign.js';
+import { pitchIdeaInputSchema } from './pitch-idea.js';
+import { Badge, headline, code, kvTable, inline, next, reply, hr } from '../lib/output.js';
+// ─── pnl_pitch_now ───────────────────────────────────────────────
+//
+// Autosign create_market. For stakes within the autosign cap, the
+// MCP locally signs + sends the create_market tx, then calls
+// /api/mcp/markets/complete-create to persist the Project +
+// PredictionMarket docs. No browser bounce.
+//
+// Flow (six round-trips, ~6-12s end-to-end on mainnet):
+//
+//   1. requireUnlockedKeypair()          — fail fast if locked
+//   2. balance check vs autosign cap     — fail before any I/O
+//   3. POST /api/mcp/markets/build-create-tx
+//                                        — pin IPFS, build unsigned tx
+//   4. local sign + sendRawTransaction   — sign with the keypair, send
+//                                          via configured RPC, confirm
+//   5. sign canonical challenge          — for the complete-create call
+//   6. POST /api/mcp/markets/complete-create
+//                                        — persist + broadcast
+// pnl_pitch_now accepts the same payload as pnl_pitch_idea plus an
+// optional autosignCapSol override.
+export const pitchNowInputSchema = {
+    ...pitchIdeaInputSchema,
+    autosignCapSol: z
+        .number()
+        .positive()
+        .optional()
+        .describe('Optional cap override that can only LOWER the autosign limit for this call, never raise it. The ceiling is the cap from ~/.config/pnl/config.json (default 0.05 SOL). To raise the ceiling, the user must edit the config file directly — this arg cannot bypass it.'),
+};
+const PitchNowInput = z.object(pitchNowInputSchema);
+function getApiBase() {
+    const raw = process.env.PNL_API_BASE_URL?.trim();
+    if (!raw)
+        return 'https://pnl.market';
+    return raw.endsWith('/') ? raw.slice(0, -1) : raw;
+}
+export async function callPitchNow(rawInput) {
+    const input = PitchNowInput.parse(rawInput ?? {});
+    // 1. Keypair (throws helpful "wallet locked" if unavailable).
+    const keypair = requireUnlockedKeypair();
+    const walletAddress = keypair.publicKey.toBase58();
+    // 2. Balance check. We need at least the autosign cap available —
+    //    the creation fee + tx fee combined are well under 0.02 SOL but
+    //    we sanity-check against the user's configured cap to catch
+    //    "wallet only has 0.001 SOL" before pinning IPFS.
+    //
+    //    Cap policy: the user's configured cap (~/.config/pnl/config.json)
+    //    is the ceiling — the per-call autosignCapSol arg can only LOWER
+    //    it, never raise. This blocks prompt-injection where a malicious
+    //    project description coaxes the agent into passing a huge
+    //    autosignCapSol to bypass the user-set ceiling. To raise the cap
+    //    the user has to edit the config file themselves.
+    const configCap = loadConfig().autosignCapSol;
+    const cap = input.autosignCapSol != null
+        ? Math.min(input.autosignCapSol, configCap)
+        : configCap;
+    const balance = await getBalanceSol(new PublicKey(walletAddress));
+    if (balance < 0.02) {
+        throw new Error(`Wallet balance ${balance.toFixed(4)} SOL is below the minimum ~0.02 SOL needed for create_market (creation fee ~0.015 + tx fee). Fund ${walletAddress} and try again.`);
+    }
+    if (cap < 0.02) {
+        throw new Error(`Autosign cap ${cap} SOL is below the minimum 0.02 SOL needed for create_market. Either raise the cap (autosignCapSol arg) or use pnl_pitch_idea for the deep-link flow.`);
+    }
+    const base = getApiBase();
+    // 3. Build unsigned tx server-side.
+    const buildBody = {
+        walletAddress,
+        name: input.name,
+        description: input.description,
+        category: input.category,
+        projectType: input.projectType,
+        projectStage: input.projectStage,
+        tokenSymbol: input.tokenSymbol.toUpperCase(),
+        teamSize: input.teamSize,
+        targetPoolSol: input.targetPoolSol,
+        durationDays: input.durationDays,
+    };
+    if (input.projectImageUrl)
+        buildBody.projectImageUrl = input.projectImageUrl;
+    if (input.pitchVideoUrl)
+        buildBody.pitchVideoUrl = input.pitchVideoUrl;
+    if (input.twitterHandle)
+        buildBody.socialLinks = { twitter: input.twitterHandle.replace(/^@/, '') };
+    if (input.location)
+        buildBody.location = input.location;
+    const buildRes = await fetch(`${base}/api/mcp/markets/build-create-tx`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json', Accept: 'application/json' },
+        body: JSON.stringify(buildBody),
+    });
+    const buildJson = (await buildRes.json());
+    if (!buildRes.ok || !buildJson.success || !buildJson.data) {
+        throw new Error(`build-create-tx failed (${buildRes.status}): ${buildJson.error || 'unknown error'}`);
+    }
+    const built = buildJson.data;
+    // Final cost check now that we have the actual creation fee from
+    // the program config. cap is in SOL; creationFee is in lamports.
+    const creationFeeSol = built.creationFee / LAMPORTS_PER_SOL;
+    if (creationFeeSol > cap) {
+        throw new Error(`create_market creation fee ${creationFeeSol.toFixed(4)} SOL exceeds autosign cap ${cap} SOL. Raise the cap with autosignCapSol arg or use pnl_pitch_idea for the deep-link flow.`);
+    }
+    // 4. Sign locally and send.
+    const rawTx = signSerializedTx(built.tx, keypair);
+    const { signature: txSignature } = await sendAndConfirm(rawTx, getConnection(), {
+        confirmTimeoutMs: 90_000,
+    });
+    // 5. Build the complete-create body first, then sign a challenge that
+    //    folds in a SHA-256 of the body. The hash binds the sig to the
+    //    exact payload — a captured sig cannot be replayed with a tampered
+    //    project name / description / cid before our own complete-create
+    //    call lands (5min nonce window).
+    const nonce = freshNonce();
+    const completeBodyCore = {
+        txSignature,
+        marketAddress: built.marketPda,
+        ipfsCid: built.ipfsCid,
+        metadataUri: built.metadataUri,
+        targetPool: Math.floor(input.targetPoolSol * 1_000_000_000),
+        expiryTime: built.expiryTime,
+        payload: {
+            name: input.name,
+            description: input.description,
+            category: input.category,
+            projectType: input.projectType,
+            projectStage: input.projectStage,
+            tokenSymbol: input.tokenSymbol.toUpperCase(),
+            teamSize: input.teamSize,
+            targetPoolSol: input.targetPoolSol,
+            durationDays: input.durationDays,
+            location: input.location,
+            projectImageUrl: input.projectImageUrl,
+            pitchVideoUrl: input.pitchVideoUrl,
+            socialLinks: input.twitterHandle
+                ? { twitter: input.twitterHandle.replace(/^@/, '') }
+                : undefined,
+        },
+        provenance: input.provenance,
+    };
+    const payloadHash = signedRequestHash(completeBodyCore);
+    const sig = signChallenge(challenge('complete-create', txSignature, nonce, payloadHash), keypair);
+    // 6. Persist + broadcast via complete-create.
+    const completeBody = {
+        walletAddress,
+        nonce,
+        signature: sig,
+        ...completeBodyCore,
+    };
+    const completeRes = await fetch(`${base}/api/mcp/markets/complete-create`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json', Accept: 'application/json' },
+        body: JSON.stringify(completeBody),
+    });
+    const completeJson = (await completeRes.json());
+    if (!completeRes.ok || !completeJson.success || !completeJson.data) {
+        // Tx confirmed on-chain but persistence failed. Surface the tx so
+        // the user can manually replay / contact support, then throw.
+        throw new Error(`Tx confirmed on-chain (${txSignature}) but complete-create failed (${completeRes.status}): ${completeJson.error || 'unknown error'}. The market exists on Solana — re-running pnl_pitch_now with the same args will be safe (the endpoint is idempotent on marketAddress).`);
+    }
+    const done = completeJson.data;
+    return reply(headline(`${Badge.live} Market live · $${input.tokenSymbol.toUpperCase()} — ${input.name}`), kvTable([
+        ['Market', `${base}${done.marketUrl}`],
+        ['Token', `$${input.tokenSymbol.toUpperCase()}`],
+        ['Target pool', `${input.targetPoolSol} SOL`],
+        ['Duration', `${input.durationDays} days`],
+        ['Stage', `${input.projectStage} · ${input.category}`],
+        ['Founder', inline(walletAddress)],
+        ['Creation fee', `${creationFeeSol.toFixed(4)} SOL`],
+        input.provenance
+            ? ['Provenance', `${input.provenance.source}${input.provenance.timestamp ? ' · ' + input.provenance.timestamp : ''}`]
+            : null,
+        ['Tx', `[${txSignature.slice(0, 8)}…${txSignature.slice(-6)}](${done.solscan})`],
+        done.alreadyExists ? ['Note', 'idempotent retry — market was already persisted'] : null,
+    ].filter((r) => Array.isArray(r))), hr, `The MCP signed and sent the \`create_market\` transaction locally — no browser bounce needed because the cost (${creationFeeSol.toFixed(4)} SOL) was within the autosign cap (${cap} SOL).`, code(`Tx: ${txSignature}`), next(`Share the market URL or open ${inline(`${base}${done.marketUrl}`)} to watch the first votes come in.`));
+}

package/dist/tools/restore.d.ts

@@ -0,0 +1,11 @@
+import { z } from 'zod';
+export declare const restoreInputSchema: {
+    readonly mnemonic: z.ZodString;
+    readonly allowOverwrite: z.ZodOptional<z.ZodBoolean>;
+};
+export declare function callRestore(rawInput: unknown): Promise<{
+    content: Array<{
+        type: "text";
+        text: string;
+    }>;
+}>;

package/dist/tools/restore.js

@@ -0,0 +1,45 @@
+import { z } from 'zod';
+import { hasWallet, restoreWallet, isValidMnemonic, unlockWith } from '../lib/wallet.js';
+import { promptPassphrase } from '../lib/passphrase.js';
+import { Badge, headline, next, reply, truncAddress, inline } from '../lib/output.js';
+export const restoreInputSchema = {
+    mnemonic: z
+        .string()
+        .min(1)
+        .describe('The 12 or 24 word BIP39 phrase from pnl_init. Standard recovery format Phantom / Solflare / Backpack / Solana CLI all accept.'),
+    allowOverwrite: z
+        .boolean()
+        .optional()
+        .describe('Set to true to replace an existing wallet on this machine. Default false — refuses if one exists so the user can back it up first with pnl_export_keypair.'),
+};
+const RestoreInput = z.object(restoreInputSchema);
+export async function callRestore(rawInput) {
+    const { mnemonic, allowOverwrite } = RestoreInput.parse(rawInput ?? {});
+    if (!isValidMnemonic(mnemonic.trim())) {
+        return reply(headline(`${Badge.err} Not a valid BIP39 phrase.`), 'Check spelling, word count (must be 12 or 24), and that all words are from the BIP39 wordlist.', next('Re-run `/pnl-restore` with the correct phrase.'));
+    }
+    if (hasWallet() && !allowOverwrite) {
+        return reply(headline(`${Badge.warn} A wallet already exists on this machine.`), `Refusing to overwrite. Back it up first with ${inline('pnl_export_keypair')}, then call \`pnl_restore\` again with \`allowOverwrite: true\`.`, next('`/pnl-export` to back up, then re-run `/pnl-restore`.'));
+    }
+    let passphrase;
+    try {
+        passphrase = promptPassphrase({
+            title: 'PNL Wallet — Restore',
+            prompt: 'Choose a passphrase to encrypt the restored wallet on this machine.',
+            confirm: true,
+        });
+    }
+    catch (e) {
+        return reply(headline(`${Badge.err} Couldn't read passphrase.`), e instanceof Error ? e.message : String(e));
+    }
+    try {
+        const { address } = restoreWallet(mnemonic.trim(), passphrase, {
+            allowOverwrite: !!allowOverwrite,
+        });
+        unlockWith(passphrase, 30);
+        return reply(headline(`${Badge.ok} Restored · ${truncAddress(address)} · unlocked 30m`), `On-chain history is preserved — markets, votes, balances tied to this address are visible immediately.`, `Full address: \`${address}\``, next('`/pnl-wallet` to see balance, `/pnl-pitch` to post an idea.'));
+    }
+    catch (e) {
+        return reply(headline(`${Badge.err} Restore failed.`), e instanceof Error ? e.message : String(e));
+    }
+}

package/dist/tools/set-username.d.ts

@@ -0,0 +1,10 @@
+import { z } from 'zod';
+export declare const setUsernameInputSchema: {
+    readonly username: z.ZodString;
+};
+export declare function callSetUsername(rawInput: unknown): Promise<{
+    content: Array<{
+        type: "text";
+        text: string;
+    }>;
+}>;

package/dist/tools/set-username.js

@@ -0,0 +1,87 @@
+import { z } from 'zod';
+import nacl from 'tweetnacl';
+import bs58 from 'bs58';
+import { randomBytes } from 'node:crypto';
+import { hasWallet, isUnlocked, requireUnlockedKeypair } from '../lib/wallet.js';
+import { Badge, headline, kvTable, next, reply, truncAddress, code } from '../lib/output.js';
+// ─── pnl_set_username ────────────────────────────────────────────
+//
+// Claim or rename the PNL username for the local wallet. Signs a
+// time-bounded challenge with the local keypair so the backend can
+// verify ownership without a Privy session.
+//
+// Username constraints (enforced server-side too):
+//   - 3-20 characters
+//   - Letters, numbers, underscores, hyphens
+//   - Must not already be taken by another wallet
+//
+// Idempotent: setting the same username twice is a no-op.
+export const setUsernameInputSchema = {
+    username: z
+        .string()
+        .min(3)
+        .max(20)
+        .regex(/^[A-Za-z0-9_-]+$/, 'username must be letters, numbers, underscores, or hyphens only')
+        .describe("The username to claim on PNL. 3-20 characters of letters, numbers, underscores, or hyphens. Shown on the user's market detail pages, profile, and any markets they create."),
+};
+const SetUsernameInput = z.object(setUsernameInputSchema);
+function getApiBase() {
+    const raw = process.env.PNL_API_BASE_URL?.trim();
+    if (!raw)
+        return 'https://pnl.market';
+    return raw.endsWith('/') ? raw.slice(0, -1) : raw;
+}
+export async function callSetUsername(rawInput) {
+    const { username } = SetUsernameInput.parse(rawInput ?? {});
+    if (!hasWallet()) {
+        return {
+            content: [
+                {
+                    type: 'text',
+                    text: 'No PNL wallet on this machine yet. Run pnl_init first — the username gets attached to your wallet address.',
+                },
+            ],
+        };
+    }
+    if (!isUnlocked()) {
+        return {
+            content: [
+                {
+                    type: 'text',
+                    text: 'Wallet is locked. Call pnl_unlock first — claiming a username requires a signature from your wallet. Passphrase is read from PNL_PASSPHRASE env or via an OS-native dialog.',
+                },
+            ],
+        };
+    }
+    const keypair = requireUnlockedKeypair();
+    const walletAddress = keypair.publicKey.toBase58();
+    // Nonce: timestamped (ms) + hex randomness. Server checks the
+    // timestamp is within 5 minutes of receipt to prevent replay.
+    const nonce = `${Date.now()}-${randomBytes(8).toString('hex')}`;
+    const challenge = `pnl-set-username:${username}:${walletAddress}:${nonce}`;
+    const messageBytes = new TextEncoder().encode(challenge);
+    const signatureBytes = nacl.sign.detached(messageBytes, keypair.secretKey);
+    const signatureB58 = bs58.encode(signatureBytes);
+    const res = await fetch(`${getApiBase()}/api/mcp/profile`, {
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json',
+            Accept: 'application/json',
+            'User-Agent': 'pnl-mcp-server/0.2.0 (+https://docs.pnl.market)',
+        },
+        body: JSON.stringify({ walletAddress, username, nonce, signature: signatureB58 }),
+    });
+    const data = (await res.json().catch(() => ({})));
+    if (res.status === 409) {
+        return reply(headline(`${Badge.warn} Username \`${username}\` already taken.`), `Suggest variations like \`${username}_pnl\`, \`${username}2\`, or different separators — then call \`pnl_set_username\` again.`, next('Pick a different name and re-run.'));
+    }
+    if (!res.ok || !data.success) {
+        throw new Error(`PNL profile API ${res.status} ${res.statusText}${data.error ? ` — ${data.error}` : ''}`);
+    }
+    const profile = data.data;
+    return reply(headline(`${Badge.ok} Username set · ${profile?.username}`), kvTable([
+        ['Username', profile?.username ?? null],
+        ['Wallet', profile?.walletAddress ? `\`${truncAddress(profile.walletAddress)}\`` : null],
+        ['Avatar', profile?.profilePhotoUrl ? `\`${profile.profilePhotoUrl}\`` : null],
+    ]), profile?.walletAddress ? code(profile.walletAddress) : null, `This name shows on the market detail page for any market you create, in place of the truncated wallet address.`, next('`/pnl-pitch` to post an idea under your new name.'));
+}

package/dist/tools/unlock.d.ts

@@ -0,0 +1,17 @@
+import { z } from 'zod';
+export declare const unlockInputSchema: {
+    readonly ttlMinutes: z.ZodOptional<z.ZodNumber>;
+};
+export declare function callUnlock(rawInput: unknown): Promise<{
+    content: Array<{
+        type: "text";
+        text: string;
+    }>;
+}>;
+export declare const lockInputSchema: {};
+export declare function callLock(_rawInput: unknown): Promise<{
+    content: Array<{
+        type: "text";
+        text: string;
+    }>;
+}>;

package/dist/tools/unlock.js

@@ -0,0 +1,47 @@
+import { z } from 'zod';
+import { hasWallet, unlockWith, lock, unlockStatus } from '../lib/wallet.js';
+import { promptPassphrase } from '../lib/passphrase.js';
+import { Badge, headline, inline, next, reply, truncAddress } from '../lib/output.js';
+// ─── pnl_unlock / pnl_lock ───────────────────────────────────────
+export const unlockInputSchema = {
+    ttlMinutes: z
+        .number()
+        .int()
+        .min(1)
+        .max(60)
+        .optional()
+        .describe('How long to keep the wallet unlocked, in minutes. Default 5, max 60. The cached secret is wiped on TTL expiry, on pnl_lock, and on process exit.'),
+};
+const UnlockInput = z.object(unlockInputSchema);
+export async function callUnlock(rawInput) {
+    const { ttlMinutes } = UnlockInput.parse(rawInput ?? {});
+    const ttl = ttlMinutes ?? 5;
+    if (!hasWallet()) {
+        return reply(headline('No PNL wallet to unlock.'), `Run ${inline('pnl_init')} first to create one, or ${inline('pnl_restore')} if you have a BIP39 mnemonic.`, next('`/pnl-init` or `/pnl-restore`.'));
+    }
+    let passphrase;
+    try {
+        passphrase = promptPassphrase({
+            title: 'PNL Wallet — Unlock',
+            prompt: 'Enter your PNL wallet passphrase to unlock for signing:',
+        });
+    }
+    catch (e) {
+        return reply(headline(`${Badge.err} Couldn't read passphrase.`), e instanceof Error ? e.message : String(e));
+    }
+    try {
+        const { address } = unlockWith(passphrase, ttl);
+        return reply(headline(`${Badge.unlocked} ${truncAddress(address)} unlocked for ${ttl}m`), `Signing tools (\`pnl_set_username\`, \`pnl_export_keypair\`, future write-prep) are available until lock expires.`, next('`/pnl-pitch` to post an idea, or `/pnl-lock` to wipe early.'));
+    }
+    catch (e) {
+        return reply(headline(`${Badge.err} Unlock failed.`), e instanceof Error ? e.message : String(e), next('Re-run `/pnl-unlock` to try again.'));
+    }
+}
+export const lockInputSchema = {};
+export async function callLock(_rawInput) {
+    const before = unlockStatus();
+    lock();
+    return reply(headline(before.unlocked
+        ? `${Badge.locked} Wallet locked. Cached secret wiped from memory.`
+        : `${Badge.locked} Wallet was already locked.`), before.unlocked ? next('Run `/pnl-unlock` next time you need to sign.') : null);
+}

package/dist/tools/vote-now.d.ts

@@ -0,0 +1,13 @@
+import { z } from 'zod';
+export declare const voteNowInputSchema: {
+    readonly marketId: z.ZodString;
+    readonly vote: z.ZodEnum<["yes", "no"]>;
+    readonly amountSol: z.ZodNumber;
+    readonly autosignCapSol: z.ZodOptional<z.ZodNumber>;
+};
+export declare function callVoteNow(rawInput: unknown): Promise<{
+    content: Array<{
+        type: "text";
+        text: string;
+    }>;
+}>;