@prktsol/prkt 1.0.0

package/dist/policy/emergencyLock.js

@@ -0,0 +1,164 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getEmergencyLockStatus = getEmergencyLockStatus;
+const crypto_1 = require("crypto");
+const fs_1 = require("fs");
+const path_1 = __importDefault(require("path"));
+const EMERGENCY_FLAG_ENV = "POLICY_EMERGENCY_LOCK";
+const EMERGENCY_LOCK_PATH_ENV = "POLICY_EMERGENCY_LOCK_PATH";
+const EMERGENCY_COMMAND_PATH_ENV = "POLICY_EMERGENCY_COMMAND_PATH";
+const EMERGENCY_COMMAND_SECRET_ENV = "POLICY_EMERGENCY_ADMIN_SECRET";
+const EMERGENCY_COMMAND_MAX_AGE_SECONDS_ENV = "POLICY_EMERGENCY_MAX_AGE_SECONDS";
+const DEFAULT_EMERGENCY_LOCK_PATH = path_1.default.join(process.cwd(), "emergency_lock.json");
+const DEFAULT_EMERGENCY_COMMAND_PATH = path_1.default.join(process.cwd(), "emergency_command.json");
+function getEmergencyLockStatus() {
+    const flag = process.env[EMERGENCY_FLAG_ENV]?.trim().toLowerCase();
+    if (flag === "true" || flag === "1") {
+        return {
+            locked: true,
+            reason: `Human-in-the-loop Override engaged via ${EMERGENCY_FLAG_ENV}.`
+        };
+    }
+    const signedCommandStatus = getSignedEmergencyCommandStatus();
+    if (signedCommandStatus.locked) {
+        return signedCommandStatus;
+    }
+    const emergencyLockPath = getEmergencyLockPath();
+    if (!(0, fs_1.existsSync)(emergencyLockPath)) {
+        return {
+            locked: false,
+            reason: null
+        };
+    }
+    try {
+        const raw = (0, fs_1.readFileSync)(emergencyLockPath, "utf8").trim();
+        if (raw.length === 0) {
+            return {
+                locked: true,
+                reason: `Human-in-the-loop Override engaged via ${path_1.default.basename(emergencyLockPath)}.`
+            };
+        }
+        const parsed = JSON.parse(raw);
+        const enabled = parsed.enabled ?? parsed.locked ?? false;
+        if (enabled) {
+            return {
+                locked: true,
+                reason: parsed.reason?.trim() ||
+                    `Human-in-the-loop Override engaged via ${path_1.default.basename(emergencyLockPath)}.`
+            };
+        }
+        return {
+            locked: false,
+            reason: null
+        };
+    }
+    catch {
+        return {
+            locked: true,
+            reason: `Human-in-the-loop Override engaged because ${path_1.default.basename(emergencyLockPath)} is invalid.`
+        };
+    }
+}
+function getEmergencyLockPath() {
+    const override = process.env[EMERGENCY_LOCK_PATH_ENV]?.trim();
+    if (!override) {
+        return DEFAULT_EMERGENCY_LOCK_PATH;
+    }
+    return path_1.default.isAbsolute(override) ? override : path_1.default.join(process.cwd(), override);
+}
+function getEmergencyCommandPath() {
+    const override = process.env[EMERGENCY_COMMAND_PATH_ENV]?.trim();
+    if (!override) {
+        return DEFAULT_EMERGENCY_COMMAND_PATH;
+    }
+    return path_1.default.isAbsolute(override) ? override : path_1.default.join(process.cwd(), override);
+}
+function getEmergencyCommandMaxAgeMs() {
+    const raw = process.env[EMERGENCY_COMMAND_MAX_AGE_SECONDS_ENV]?.trim();
+    if (!raw) {
+        return 10 * 60 * 1000;
+    }
+    const parsed = Number(raw);
+    if (!Number.isFinite(parsed) || parsed <= 0) {
+        return 10 * 60 * 1000;
+    }
+    return parsed * 1000;
+}
+function getSignedEmergencyCommandStatus() {
+    const commandPath = getEmergencyCommandPath();
+    if (!(0, fs_1.existsSync)(commandPath)) {
+        return {
+            locked: false,
+            reason: null
+        };
+    }
+    const secret = process.env[EMERGENCY_COMMAND_SECRET_ENV]?.trim();
+    if (!secret) {
+        return {
+            locked: true,
+            reason: `Human-in-the-loop Override engaged because ${path_1.default.basename(commandPath)} exists but ${EMERGENCY_COMMAND_SECRET_ENV} is not configured.`
+        };
+    }
+    try {
+        const raw = (0, fs_1.readFileSync)(commandPath, "utf8").trim();
+        if (!raw) {
+            return {
+                locked: true,
+                reason: `Human-in-the-loop Override engaged because ${path_1.default.basename(commandPath)} is empty.`
+            };
+        }
+        const command = JSON.parse(raw);
+        const payload = `${command.enabled}:${command.issuedAtIso8601}:${command.reason ?? ""}`;
+        if (!verifySignature(payload, command.signature, secret)) {
+            return {
+                locked: true,
+                reason: `Human-in-the-loop Override engaged because ${path_1.default.basename(commandPath)} signature verification failed.`
+            };
+        }
+        const issuedAt = Date.parse(command.issuedAtIso8601);
+        if (Number.isNaN(issuedAt)) {
+            return {
+                locked: true,
+                reason: `Human-in-the-loop Override engaged because ${path_1.default.basename(commandPath)} timestamp is invalid.`
+            };
+        }
+        if (Date.now() - issuedAt > getEmergencyCommandMaxAgeMs()) {
+            return {
+                locked: true,
+                reason: `Human-in-the-loop Override engaged because ${path_1.default.basename(commandPath)} is stale.`
+            };
+        }
+        if (command.enabled) {
+            return {
+                locked: true,
+                reason: command.reason?.trim() ||
+                    `Human-in-the-loop Override engaged via signed ${path_1.default.basename(commandPath)}.`
+            };
+        }
+        return {
+            locked: false,
+            reason: null
+        };
+    }
+    catch {
+        return {
+            locked: true,
+            reason: `Human-in-the-loop Override engaged because ${path_1.default.basename(commandPath)} is invalid.`
+        };
+    }
+}
+function verifySignature(payload, signature, secret) {
+    if (!signature || !secret) {
+        return false;
+    }
+    const expected = (0, crypto_1.createHmac)("sha256", secret).update(payload).digest("hex");
+    const expectedBytes = Buffer.from(expected, "utf8");
+    const providedBytes = Buffer.from(signature, "utf8");
+    if (expectedBytes.length !== providedBytes.length) {
+        return false;
+    }
+    return (0, crypto_1.timingSafeEqual)(expectedBytes, providedBytes);
+}

package/dist/policy/engine/PolicyEngine.js

@@ -0,0 +1,237 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PolicyEngine = void 0;
+const spl_token_1 = require("@solana/spl-token");
+const web3_js_1 = require("@solana/web3.js");
+const emergencyLock_1 = require("../emergencyLock");
+const programs_1 = require("../../solana/programs");
+class PolicyEngine {
+    policyConfig;
+    sessionStart = Date.now();
+    txCountSession = 0;
+    perDayCounts = new Map();
+    auditLog = [];
+    constructor(policyConfig) {
+        this.policyConfig = policyConfig;
+    }
+    inspect(transaction, context) {
+        const reasons = [];
+        const decompiledMessage = web3_js_1.TransactionMessage.decompile(transaction.message);
+        let totalSolSpendLamports = 0n;
+        let totalSplSpendRaw = 0n;
+        const programsSeen = new Set();
+        const mintsSeen = new Set();
+        let hasUncheckedSplSpend = false;
+        const now = Date.now();
+        const emergencyStatus = (0, emergencyLock_1.getEmergencyLockStatus)();
+        if (emergencyStatus.locked) {
+            reasons.push(emergencyStatus.reason ?? "Human-in-the-loop Override engaged.");
+        }
+        const sessionExpiry = Date.parse(this.policyConfig.sessionExpiresAtIso8601);
+        if (Number.isNaN(sessionExpiry) || now > sessionExpiry) {
+            reasons.push("session expired");
+        }
+        const dayKey = new Date(now).toISOString().slice(0, 10);
+        const todaysCount = this.perDayCounts.get(dayKey) ?? 0;
+        if (this.txCountSession >= this.policyConfig.limits.maxTransactionsPerSession) {
+            reasons.push("max transactions per session exceeded");
+        }
+        if (todaysCount >= this.policyConfig.limits.maxTransactionsPerDay) {
+            reasons.push("max transactions per day exceeded");
+        }
+        for (const instruction of decompiledMessage.instructions) {
+            const programId = instruction.programId.toBase58();
+            programsSeen.add(programId);
+            if (!this.policyConfig.rules.allowedProgramIds.includes(programId)) {
+                reasons.push(`program not allowed: ${programId}`);
+                if (this.policyConfig.rules.denyUnknownInstructionsByDefault) {
+                    continue;
+                }
+            }
+            const blockedVectorReason = this.detectBlockedSpendVector(instruction);
+            if (blockedVectorReason) {
+                reasons.push(blockedVectorReason);
+                continue;
+            }
+            const spend = this.tryDecodeSpend(instruction);
+            if (!spend) {
+                if (this.policyConfig.rules.denyUnknownInstructionsByDefault &&
+                    !this.policyConfig.rules.allowOpaqueProgramIds?.includes(programId) &&
+                    !this.isKnownNonSpendInstruction(programId)) {
+                    reasons.push(`opaque instruction blocked: ${programId}`);
+                }
+                continue;
+            }
+            if (spend.kind === "sol") {
+                totalSolSpendLamports += spend.amount;
+            }
+            else {
+                totalSplSpendRaw += spend.amount;
+                hasUncheckedSplSpend ||= !spend.mintVerified;
+                if (spend.mint) {
+                    mintsSeen.add(spend.mint.toBase58());
+                }
+            }
+            if (this.policyConfig.rules.allowedTransferDestinations &&
+                this.policyConfig.rules.allowedTransferDestinations.length > 0) {
+                const destination = spend.destination.toBase58();
+                if (!this.policyConfig.rules.allowedTransferDestinations.includes(destination)) {
+                    reasons.push(`destination not allowlisted: ${destination}`);
+                }
+            }
+        }
+        if (totalSolSpendLamports > BigInt(this.policyConfig.limits.maxSolPerTxLamports)) {
+            reasons.push("max SOL per transaction exceeded");
+        }
+        if (totalSplSpendRaw > this.policyConfig.limits.maxSplPerTxRawAmount) {
+            reasons.push("max SPL per transaction exceeded");
+        }
+        if (this.policyConfig.rules.allowedMintAddresses.length > 0) {
+            if (hasUncheckedSplSpend) {
+                reasons.push("unchecked SPL transfer cannot be validated against mint allowlist");
+            }
+            for (const seenMint of mintsSeen) {
+                if (!this.policyConfig.rules.allowedMintAddresses.includes(seenMint)) {
+                    reasons.push(`mint not allowed: ${seenMint}`);
+                }
+            }
+        }
+        if (this.policyConfig.rules.rejectSuspiciousBalanceDeltas &&
+            context?.expectedBalanceDeltas &&
+            context.expectedBalanceDeltas.some((delta) => delta.maxNegativeDeltaRaw < 0n)) {
+            reasons.push("invalid expected balance delta");
+        }
+        const allowed = reasons.length === 0;
+        const result = {
+            allowed,
+            reasons,
+            details: {
+                totalSolSpendLamports,
+                totalSplSpendRaw,
+                programsSeen: Array.from(programsSeen),
+                mintsSeen: Array.from(mintsSeen)
+            }
+        };
+        this.auditLog.push({
+            agentId: this.policyConfig.agentId,
+            timestampIso8601: new Date().toISOString(),
+            decision: allowed ? "allow" : "deny",
+            reason: allowed ? "policy checks passed" : reasons.join("; ")
+        });
+        return result;
+    }
+    recordBroadcast(signature) {
+        this.txCountSession += 1;
+        const dayKey = new Date().toISOString().slice(0, 10);
+        this.perDayCounts.set(dayKey, (this.perDayCounts.get(dayKey) ?? 0) + 1);
+        this.auditLog.push({
+            agentId: this.policyConfig.agentId,
+            timestampIso8601: new Date().toISOString(),
+            decision: "allow",
+            reason: "broadcasted",
+            txSignature: signature
+        });
+    }
+    getAuditTrail() {
+        return [...this.auditLog];
+    }
+    getSessionAgeMs() {
+        return Date.now() - this.sessionStart;
+    }
+    tryDecodeSpend(instruction) {
+        if (instruction.programId.equals(web3_js_1.SystemProgram.programId)) {
+            try {
+                const transfer = web3_js_1.SystemInstruction.decodeTransfer(instruction);
+                return {
+                    kind: "sol",
+                    amount: transfer.lamports,
+                    destination: transfer.toPubkey
+                };
+            }
+            catch {
+                return null;
+            }
+        }
+        try {
+            const transfer = (0, spl_token_1.decodeTransferInstruction)(instruction);
+            return {
+                kind: "spl",
+                amount: BigInt(transfer.data.amount.toString()),
+                destination: transfer.keys.destination.pubkey,
+                mint: null,
+                mintVerified: false
+            };
+        }
+        catch {
+            // ignore
+        }
+        try {
+            const transfer = (0, spl_token_1.decodeTransferCheckedInstruction)(instruction);
+            return {
+                kind: "spl",
+                amount: BigInt(transfer.data.amount.toString()),
+                destination: transfer.keys.destination.pubkey,
+                mint: transfer.keys.mint.pubkey,
+                mintVerified: true
+            };
+        }
+        catch {
+            // ignore
+        }
+        return null;
+    }
+    detectBlockedSpendVector(instruction) {
+        try {
+            const approve = (0, spl_token_1.decodeApproveInstruction)(instruction);
+            return `delegate approval blocked: ${approve.keys.delegate.pubkey.toBase58()}`;
+        }
+        catch {
+            // ignore
+        }
+        try {
+            const approveChecked = (0, spl_token_1.decodeApproveCheckedInstruction)(instruction);
+            return `delegate approval blocked: ${approveChecked.keys.delegate.pubkey.toBase58()}`;
+        }
+        catch {
+            // ignore
+        }
+        try {
+            const revoke = (0, spl_token_1.decodeRevokeInstruction)(instruction);
+            return `delegate revoke requires explicit approval: ${revoke.keys.account.pubkey.toBase58()}`;
+        }
+        catch {
+            // ignore
+        }
+        try {
+            const closeAccount = (0, spl_token_1.decodeCloseAccountInstruction)(instruction);
+            const destination = closeAccount.keys.destination.pubkey.toBase58();
+            if (this.policyConfig.rules.allowedCloseAccountDestinations?.includes(destination) ?? false) {
+                return null;
+            }
+            return `close-account drain blocked: ${closeAccount.keys.destination.pubkey.toBase58()}`;
+        }
+        catch {
+            // ignore
+        }
+        try {
+            const setAuthority = (0, spl_token_1.decodeSetAuthorityInstruction)(instruction);
+            if (setAuthority.data.authorityType === spl_token_1.AuthorityType.AccountOwner ||
+                setAuthority.data.authorityType === spl_token_1.AuthorityType.CloseAccount ||
+                setAuthority.data.authorityType === spl_token_1.AuthorityType.MintTokens) {
+                return `authority change blocked: ${spl_token_1.AuthorityType[setAuthority.data.authorityType]}`;
+            }
+        }
+        catch {
+            // ignore
+        }
+        return null;
+    }
+    isKnownNonSpendInstruction(programId) {
+        return (programId === web3_js_1.SystemProgram.programId.toBase58() ||
+            programId === programs_1.TOKEN_PROGRAM_ID.toBase58() ||
+            programId === programs_1.ASSOCIATED_TOKEN_PROGRAM_ID.toBase58() ||
+            programId === programs_1.MEMO_PROGRAM_ID.toBase58() ||
+            (this.policyConfig.rules.allowOpaqueProgramIds?.includes(programId) ?? false));
+    }
+}
+exports.PolicyEngine = PolicyEngine;

package/dist/policy/errors.js

@@ -0,0 +1,10 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SecurityViolationError = void 0;
+class SecurityViolationError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = "SecurityViolationError";
+    }
+}
+exports.SecurityViolationError = SecurityViolationError;

package/dist/policy/index.js

@@ -0,0 +1,7 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SandboxExecutor = exports.PolicyEngine = void 0;
+var PolicyEngine_1 = require("./engine/PolicyEngine");
+Object.defineProperty(exports, "PolicyEngine", { enumerable: true, get: function () { return PolicyEngine_1.PolicyEngine; } });
+var SandboxExecutor_1 = require("./sandbox/SandboxExecutor");
+Object.defineProperty(exports, "SandboxExecutor", { enumerable: true, get: function () { return SandboxExecutor_1.SandboxExecutor; } });

package/dist/policy/sandbox/SandboxExecutor.js

@@ -0,0 +1,77 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SandboxExecutor = void 0;
+class SandboxExecutor {
+    policyEngine;
+    transactionService;
+    approvalMode;
+    approvalCallback;
+    constructor(policyEngine, transactionService, approvalMode, approvalCallback) {
+        this.policyEngine = policyEngine;
+        this.transactionService = transactionService;
+        this.approvalMode = approvalMode;
+        this.approvalCallback = approvalCallback;
+    }
+    async executePreparedTransaction(input) {
+        const inspection = this.policyEngine.inspect(input.transaction, input.inspectionContext);
+        if (!inspection.allowed) {
+            return {
+                inspection,
+                signature: null,
+                simulationLogs: null
+            };
+        }
+        const simulation = await this.transactionService.simulate(input.transaction);
+        if (simulation.err) {
+            return {
+                inspection: {
+                    ...inspection,
+                    allowed: false,
+                    reasons: [...inspection.reasons, "simulation failed"]
+                },
+                signature: null,
+                simulationLogs: simulation.logs
+            };
+        }
+        if (this.approvalMode === "live") {
+            if (!this.approvalCallback) {
+                return {
+                    inspection: {
+                        ...inspection,
+                        allowed: false,
+                        reasons: [...inspection.reasons, "live approval callback missing"]
+                    },
+                    signature: null,
+                    simulationLogs: simulation.logs
+                };
+            }
+            const approved = await this.approvalCallback({
+                agentId: this.policyEngine.getAuditTrail().at(-1)?.agentId ?? "unknown-agent",
+                inspection,
+                transaction: input.transaction
+            });
+            if (!approved) {
+                return {
+                    inspection: {
+                        ...inspection,
+                        allowed: false,
+                        reasons: [...inspection.reasons, "manual approval rejected"]
+                    },
+                    signature: null,
+                    simulationLogs: simulation.logs
+                };
+            }
+        }
+        const send = await this.transactionService.sendAndConfirm({
+            confirmationStrategy: input.confirmationStrategy,
+            transaction: input.transaction
+        });
+        this.policyEngine.recordBroadcast(send.signature);
+        return {
+            inspection,
+            signature: send.signature,
+            simulationLogs: simulation.logs
+        };
+    }
+}
+exports.SandboxExecutor = SandboxExecutor;

package/dist/policy/types/policy.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/scripts/devnetFunding.js

@@ -0,0 +1,28 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ensureWalletHasMinimumSol = ensureWalletHasMinimumSol;
+const SOL_BALANCE_TOLERANCE = 0.000001;
+async function ensureWalletHasMinimumSol(input) {
+    const funding = await input.fundingService.ensureMinimumSol({
+        airdropAmountSol: 1,
+        balanceService: input.balanceService,
+        minimumSol: input.minimumSol,
+        recipient: input.publicKey
+    });
+    if (!funding) {
+        return;
+    }
+    const updatedBalance = await input.fundingService.waitForMinimumBalance({
+        balanceService: input.balanceService,
+        minimumSol: input.minimumSol,
+        recipient: input.publicKey
+    });
+    if (updatedBalance + SOL_BALANCE_TOLERANCE >= input.minimumSol) {
+        console.log(`Funding source: ${funding.source}`);
+        console.log(`Funding signature: ${funding.signature}`);
+        console.log(`SOL after funding: ${updatedBalance.toFixed(4)}`);
+        return;
+    }
+    const finalBalance = await input.balanceService.getSolBalance(input.publicKey);
+    throw new Error(`Funding failed: wallet balance is ${finalBalance.toFixed(4)} SOL after ${funding.source}, below required ${input.minimumSol.toFixed(4)} SOL.`);
+}

package/dist/scripts/devnetWalletPreflight.js

@@ -0,0 +1,16 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MAX_STARTING_WSOL_FOR_WRAP_DEMO = exports.REQUIRED_STARTING_SOL = void 0;
+exports.assertDeterministicWrapPreflight = assertDeterministicWrapPreflight;
+exports.REQUIRED_STARTING_SOL = 0.12;
+exports.MAX_STARTING_WSOL_FOR_WRAP_DEMO = 0.0099;
+function assertDeterministicWrapPreflight(input) {
+    const requiredStartingSol = input.requiredStartingSol ?? exports.REQUIRED_STARTING_SOL;
+    const maxStartingWsol = input.maxStartingWsol ?? exports.MAX_STARTING_WSOL_FOR_WRAP_DEMO;
+    if (input.startingSolBalance < requiredStartingSol) {
+        throw new Error(`Preflight failed: wallet has ${input.startingSolBalance.toFixed(4)} SOL. Fund at least ${requiredStartingSol.toFixed(2)} SOL on devnet before running wallet:devnet.`);
+    }
+    if (input.startingWsolBalance > maxStartingWsol) {
+        throw new Error(`Preflight failed: wallet already has ${input.startingWsolBalance.toFixed(4)} wSOL. For a deterministic wrap demo, reduce wSOL below ${maxStartingWsol.toFixed(4)} and rerun.`);
+    }
+}

package/dist/scripts/localnetCheck.js

@@ -0,0 +1,27 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const web3_js_1 = require("@solana/web3.js");
+const env_1 = require("../config/env");
+const WalletManager_1 = require("../wallet/WalletManager");
+async function main() {
+    try {
+        const rpcUrl = (0, env_1.getRpcUrl)();
+        console.log(`RPC URL: ${rpcUrl}`);
+        const walletManager = WalletManager_1.WalletManager.loadConfigured();
+        console.log(`Wallet pubkey: ${walletManager.publicKey.toBase58()}`);
+        console.log(`Wallet source: ${walletManager.source}`);
+        const connection = new web3_js_1.Connection(rpcUrl, "confirmed");
+        const balance = await connection.getBalance(walletManager.publicKey);
+        console.log(`Balance: ${balance / 1_000_000_000} SOL (${balance} lamports)`);
+        console.log("Localnet connectivity check PASSED.");
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        console.error(`Localnet check FAILED: ${message}`);
+        if (error instanceof Error && error.stack) {
+            console.error(error.stack);
+        }
+        process.exitCode = 1;
+    }
+}
+main();

package/dist/scripts/managedAgentWallet.js

@@ -0,0 +1,81 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getManagedAgentName = getManagedAgentName;
+exports.getManagedOwnerId = getManagedOwnerId;
+exports.resolveManagedAgentWallet = resolveManagedAgentWallet;
+exports.ensureManagedAgentWalletFunding = ensureManagedAgentWalletFunding;
+exports.logManagedAgentWallet = logManagedAgentWallet;
+const agentRegistry_1 = require("../cli/services/agentRegistry");
+const walletRegistry_1 = require("../cli/services/walletRegistry");
+const devnetFunding_1 = require("./devnetFunding");
+const AGENT_NAME_ENV = "PRKT_AGENT_NAME";
+const OWNER_ID_ENV = "PRKT_OWNER_ID";
+function getManagedAgentName(input) {
+    const configuredName = input.env?.[AGENT_NAME_ENV]?.trim();
+    if (configuredName) {
+        return configuredName;
+    }
+    return input.defaultAgentName;
+}
+function getManagedOwnerId(env) {
+    const configuredOwnerId = env?.[OWNER_ID_ENV]?.trim();
+    return configuredOwnerId && configuredOwnerId.length > 0 ? configuredOwnerId : undefined;
+}
+function resolveManagedAgentWallet(input) {
+    const walletRegistry = input.walletRegistry ?? new walletRegistry_1.WalletRegistry();
+    const agentRegistry = input.agentRegistry ?? new agentRegistry_1.AgentRegistryStore(walletRegistry);
+    let wallet = walletRegistry.find(input.agentName);
+    let recoveryKey = null;
+    const createdWallet = !wallet;
+    if (!wallet) {
+        const provisioned = walletRegistry.create(input.agentName);
+        wallet = provisioned.record;
+        recoveryKey = provisioned.recoveryKey;
+    }
+    let agent = agentRegistry.find(input.agentName);
+    const createdAgent = !agent;
+    if (!agent) {
+        agent = agentRegistry.createAgent({
+            agentId: input.agentName,
+            ownerId: input.ownerId,
+            walletName: wallet.name
+        });
+    }
+    return {
+        agent,
+        agentName: agent.name,
+        createdAgent,
+        createdWallet,
+        recoveryKey,
+        wallet,
+        walletManager: walletRegistry.toWalletManager(wallet.name)
+    };
+}
+async function ensureManagedAgentWalletFunding(input) {
+    await (0, devnetFunding_1.ensureWalletHasMinimumSol)({
+        balanceService: input.balanceService,
+        fundingService: input.fundingService,
+        minimumSol: input.minimumSol,
+        publicKey: input.publicKey
+    });
+}
+function logManagedAgentWallet(input) {
+    console.log(`Agent: ${input.agent.name}`);
+    if (input.agent.ownerId) {
+        console.log(`Owner: ${input.agent.ownerId}`);
+    }
+    console.log(`Wallet: ${input.wallet.publicKey}`);
+    console.log(`Wallet source: managed-registry`);
+    if (input.createdWallet) {
+        console.log("Wallet provisioning: created persistent wallet for agent");
+    }
+    else {
+        console.log("Wallet provisioning: reused persistent wallet for agent");
+    }
+    if (input.createdAgent) {
+        console.log("Agent provisioning: created agent-to-wallet assignment");
+    }
+    if (input.recoveryKey) {
+        console.log(`Recovery key: ${input.recoveryKey}`);
+    }
+}

package/dist/scripts/mode.js

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.printDemoMode = printDemoMode;
+function printDemoMode(mode, detail) {
+    console.log(`Mode: ${mode} (${detail})`);
+}