@sip-protocol/cli 0.1.0 → 0.2.0

package/dist/index.js

@@ -24,7 +24,7 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
 ));
 
 // src/index.ts
-var import_commander9 = require("commander");
+var import_commander12 = require("commander");
 
 // src/commands/init.ts
 var import_commander = require("commander");
@@ -32,25 +32,24 @@ var import_types = require("@sip-protocol/types");
 
 // src/utils/config.ts
 var import_conf = __toESM(require("conf"));
-var schema = {
-  network: {
-    type: "string",
-    default: "testnet"
-  },
-  defaultPrivacy: {
-    type: "string",
-    default: "transparent"
-  }
-};
 var store = new import_conf.default({
   projectName: "sip-protocol",
-  schema
+  defaults: {
+    network: "testnet",
+    defaultPrivacy: "transparent"
+  }
 });
-function getConfig() {
+function getConfig(key) {
+  if (key) {
+    return store.get(key);
+  }
   return {
     network: store.get("network"),
     defaultPrivacy: store.get("defaultPrivacy"),
     defaultChain: store.get("defaultChain"),
+    primaryChain: store.get("primaryChain"),
+    metaAddress: store.get("metaAddress"),
+    viewingKeys: store.get("viewingKeys"),
     rpcEndpoints: store.get("rpcEndpoints")
   };
 }
@@ -115,6 +114,9 @@ function formatHash(hash, length = 8) {
   if (hash.length <= length * 2) return hash;
   return `${hash.slice(0, length)}...${hash.slice(-length)}`;
 }
+function divider() {
+  console.log(import_chalk.default.gray("  \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500"));
+}
 
 // src/commands/init.ts
 function createInitCommand() {
@@ -356,8 +358,8 @@ function createQuoteCommand() {
       const quotes = await sip.getQuotes(intent);
       spin.succeed(`Found ${quotes.length} quote(s)`);
       if (quotes.length === 0) {
-        console.log("\nNo quotes available");
-        return;
+        console.error("\nNo quotes available");
+        process.exit(1);
       }
       console.log();
       const headers = ["Solver", "Output Amount", "Fee", "Time (s)"];
@@ -385,7 +387,7 @@ function createQuoteCommand() {
 var import_commander7 = require("commander");
 var import_sdk6 = require("@sip-protocol/sdk");
 function createSwapCommand() {
-  return new import_commander7.Command("swap").description("Execute swap").argument("<from-chain>", "Source chain (e.g., ethereum, solana)").argument("<to-chain>", "Destination chain").argument("<amount>", "Amount to swap").option("-t, --token <symbol>", "Token symbol (default: native token)").option("-p, --privacy <level>", "Privacy level (transparent|shielded|compliant)").option("-r, --recipient <address>", "Recipient address (optional)").option("--solver <id>", "Specific solver to use").action(async (fromChain, toChain, amountStr, options) => {
+  return new import_commander7.Command("swap").description("Execute swap").argument("<from-chain>", "Source chain (e.g., ethereum, solana)").argument("<to-chain>", "Destination chain").argument("<amount>", "Amount to swap").option("-t, --token <symbol>", "Token symbol (default: native token)").option("-p, --privacy <level>", "Privacy level (transparent|shielded|compliant)").option("-r, --recipient <address>", "Recipient address (optional)").option("-s, --slippage <percent>", "Slippage tolerance in percent (default: 5)", parseFloat).option("--solver <id>", "Specific solver to use").action(async (fromChain, toChain, amountStr, options) => {
     try {
       heading("Execute Swap");
       const config = getConfig();
@@ -404,7 +406,10 @@ function createSwapCommand() {
         address: null,
         decimals: 18
       };
+      const slippagePercent = Math.min(Math.max(options.slippage ?? 5, 0), 100);
+      const slippageTolerance = slippagePercent / 100;
       info("Creating shielded intent...");
+      info(`Slippage tolerance: ${slippagePercent}%`);
       const intent = await sip.createIntent({
         input: {
           asset: inputAsset,
@@ -414,8 +419,8 @@ function createSwapCommand() {
           asset: outputAsset,
           minAmount: 0n,
           // Accept any amount
-          maxSlippage: 0.05
-          // 5% slippage tolerance
+          maxSlippage: slippageTolerance
+          // User-configurable slippage
         },
         privacy,
         recipientMetaAddress: options.recipient
@@ -467,9 +472,9 @@ function createScanCommand() {
       info(`Scanning ${chain} for stealth payments...`);
       info(`Using ${useEd25519 ? "ed25519" : "secp256k1"} curve`);
       if (!options.addresses || options.addresses.length === 0) {
-        warning("No addresses provided. Specify addresses with -a flag.");
-        info("Example: sip scan -c ethereum -s 0x... -v 0x... -a 0xabc... 0xdef...");
-        return;
+        console.error("No addresses provided. Specify addresses with -a flag.");
+        console.error("Example: sip scan -c ethereum -s 0x... -v 0x... -a 0xabc... 0xdef...");
+        process.exit(1);
       }
       const results = [];
       for (const address of options.addresses) {
@@ -524,11 +529,491 @@ function createScanCommand() {
   });
 }
 
+// src/commands/setup.ts
+var import_commander9 = require("commander");
+var import_prompts = __toESM(require("prompts"));
+var import_chalk2 = __toESM(require("chalk"));
+var import_ora2 = __toESM(require("ora"));
+var import_sdk8 = require("@sip-protocol/sdk");
+var import_types2 = require("@sip-protocol/types");
+var CHAINS = [
+  { title: "Solana", value: "solana", description: "Fast, low-cost transactions" },
+  { title: "Ethereum", value: "ethereum", description: "EVM mainnet" },
+  { title: "NEAR", value: "near", description: "Sharded, scalable" },
+  { title: "Arbitrum", value: "arbitrum", description: "Ethereum L2" },
+  { title: "Base", value: "base", description: "Coinbase L2" }
+];
+var PRIVACY_LEVELS = [
+  {
+    title: "Transparent",
+    value: import_types2.PrivacyLevel.TRANSPARENT,
+    description: "No privacy (like standard transactions)"
+  },
+  {
+    title: "Shielded",
+    value: import_types2.PrivacyLevel.SHIELDED,
+    description: "Full privacy - hidden sender, amount, recipient"
+  },
+  {
+    title: "Compliant",
+    value: import_types2.PrivacyLevel.COMPLIANT,
+    description: "Privacy with viewing keys for auditors"
+  }
+];
+function createSetupCommand() {
+  return new import_commander9.Command("setup").description("Interactive setup wizard for SIP Protocol").option("--quick", "Quick setup with defaults").action(async (options) => {
+    console.clear();
+    console.log();
+    console.log(import_chalk2.default.bold.magenta("  \u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557"));
+    console.log(import_chalk2.default.bold.magenta("  \u2551                                           \u2551"));
+    console.log(import_chalk2.default.bold.magenta("  \u2551") + import_chalk2.default.bold.white("   \u{1F6E1}\uFE0F  SIP Protocol Setup Wizard  \u{1F6E1}\uFE0F   ") + import_chalk2.default.bold.magenta("\u2551"));
+    console.log(import_chalk2.default.bold.magenta("  \u2551                                           \u2551"));
+    console.log(import_chalk2.default.bold.magenta("  \u255A\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255D"));
+    console.log();
+    console.log(import_chalk2.default.gray("  Privacy layer for cross-chain transactions"));
+    console.log();
+    if (options.quick) {
+      await quickSetup();
+      return;
+    }
+    console.log(import_chalk2.default.cyan.bold("  Step 1 of 4: ") + import_chalk2.default.white("Network Configuration"));
+    console.log();
+    const networkResponse = await (0, import_prompts.default)([
+      {
+        type: "select",
+        name: "network",
+        message: "Which network do you want to use?",
+        choices: [
+          { title: "Testnet / Devnet", value: "testnet", description: "For development and testing" },
+          { title: "Mainnet", value: "mainnet", description: "Production network" }
+        ],
+        initial: 0
+      }
+    ]);
+    if (!networkResponse.network) {
+      console.log(import_chalk2.default.yellow("\n  Setup cancelled."));
+      return;
+    }
+    console.log();
+    console.log(import_chalk2.default.cyan.bold("  Step 2 of 4: ") + import_chalk2.default.white("Primary Chain"));
+    console.log();
+    const chainResponse = await (0, import_prompts.default)([
+      {
+        type: "select",
+        name: "chain",
+        message: "Which chain will you use primarily?",
+        choices: CHAINS,
+        initial: 0
+      }
+    ]);
+    if (!chainResponse.chain) {
+      console.log(import_chalk2.default.yellow("\n  Setup cancelled."));
+      return;
+    }
+    console.log();
+    console.log(import_chalk2.default.cyan.bold("  Step 3 of 4: ") + import_chalk2.default.white("Default Privacy Level"));
+    console.log();
+    const privacyResponse = await (0, import_prompts.default)([
+      {
+        type: "select",
+        name: "privacy",
+        message: "What privacy level do you want by default?",
+        choices: PRIVACY_LEVELS,
+        initial: 1
+        // Default to shielded
+      }
+    ]);
+    if (!privacyResponse.privacy) {
+      console.log(import_chalk2.default.yellow("\n  Setup cancelled."));
+      return;
+    }
+    console.log();
+    console.log(import_chalk2.default.cyan.bold("  Step 4 of 4: ") + import_chalk2.default.white("Key Generation"));
+    console.log();
+    const keyResponse = await (0, import_prompts.default)([
+      {
+        type: "confirm",
+        name: "generateKeys",
+        message: "Generate stealth meta-address now?",
+        initial: true
+      }
+    ]);
+    const spinner2 = (0, import_ora2.default)("Saving configuration...").start();
+    try {
+      setConfig("network", networkResponse.network);
+      setConfig("primaryChain", chainResponse.chain);
+      setConfig("defaultPrivacy", privacyResponse.privacy);
+      spinner2.succeed("Configuration saved");
+    } catch (err) {
+      spinner2.fail("Failed to save configuration");
+      console.error(err);
+      process.exit(1);
+    }
+    if (keyResponse.generateKeys) {
+      console.log();
+      const keySpinner = (0, import_ora2.default)("Generating stealth meta-address...").start();
+      try {
+        const chain = chainResponse.chain;
+        const useEd25519 = (0, import_sdk8.isEd25519Chain)(chain);
+        const metaAddress = useEd25519 ? (0, import_sdk8.generateEd25519StealthMetaAddress)(chain) : (0, import_sdk8.generateStealthMetaAddress)(chain);
+        keySpinner.succeed("Keys generated");
+        console.log();
+        console.log(import_chalk2.default.bold.green("  \u2713 Stealth Meta-Address Generated"));
+        console.log();
+        console.log(import_chalk2.default.gray("  \u250C\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510"));
+        console.log(import_chalk2.default.gray("  \u2502 ") + import_chalk2.default.cyan("Chain:           ") + import_chalk2.default.white(chain.padEnd(30)) + import_chalk2.default.gray(" \u2502"));
+        console.log(import_chalk2.default.gray("  \u2502 ") + import_chalk2.default.cyan("Curve:           ") + import_chalk2.default.white((useEd25519 ? "ed25519" : "secp256k1").padEnd(30)) + import_chalk2.default.gray(" \u2502"));
+        console.log(import_chalk2.default.gray("  \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518"));
+        console.log();
+        const encoded = (0, import_sdk8.encodeStealthMetaAddress)(metaAddress.metaAddress);
+        console.log(import_chalk2.default.bold("  Encoded Meta-Address (share this):"));
+        console.log(import_chalk2.default.green(`  ${encoded}`));
+        console.log();
+        console.log(import_chalk2.default.bold.yellow("  \u26A0\uFE0F  PRIVATE KEYS - Store securely!"));
+        console.log();
+        console.log(import_chalk2.default.gray("  Spending Key: ") + import_chalk2.default.dim(metaAddress.spendingPrivateKey));
+        console.log(import_chalk2.default.gray("  Viewing Key:  ") + import_chalk2.default.dim(metaAddress.viewingPrivateKey));
+        console.log();
+        setConfig("metaAddress", encoded);
+      } catch (err) {
+        keySpinner.fail("Failed to generate keys");
+        console.error(err instanceof Error ? err.message : err);
+      }
+    }
+    console.log();
+    divider();
+    console.log();
+    console.log(import_chalk2.default.bold.green("  \u{1F389} Setup Complete!"));
+    console.log();
+    console.log(import_chalk2.default.gray("  Configuration:"));
+    console.log(import_chalk2.default.gray("  \u251C\u2500 Network:  ") + import_chalk2.default.white(networkResponse.network));
+    console.log(import_chalk2.default.gray("  \u251C\u2500 Chain:    ") + import_chalk2.default.white(chainResponse.chain));
+    console.log(import_chalk2.default.gray("  \u251C\u2500 Privacy:  ") + import_chalk2.default.white(privacyResponse.privacy));
+    console.log(import_chalk2.default.gray("  \u2514\u2500 Config:   ") + import_chalk2.default.dim(getConfigPath()));
+    console.log();
+    console.log(import_chalk2.default.cyan("  Next steps:"));
+    console.log(import_chalk2.default.gray("  1. ") + import_chalk2.default.white("sip keygen") + import_chalk2.default.gray(" - Generate more stealth addresses"));
+    console.log(import_chalk2.default.gray("  2. ") + import_chalk2.default.white("sip quote") + import_chalk2.default.gray("  - Get a swap quote"));
+    console.log(import_chalk2.default.gray("  3. ") + import_chalk2.default.white("sip scan") + import_chalk2.default.gray("   - Scan for incoming payments"));
+    console.log();
+  });
+}
+async function quickSetup() {
+  const spinner2 = (0, import_ora2.default)("Quick setup with defaults...").start();
+  try {
+    setConfig("network", "testnet");
+    setConfig("primaryChain", "solana");
+    setConfig("defaultPrivacy", import_types2.PrivacyLevel.SHIELDED);
+    const metaAddress = (0, import_sdk8.generateEd25519StealthMetaAddress)("solana");
+    const encoded = (0, import_sdk8.encodeStealthMetaAddress)(metaAddress.metaAddress);
+    setConfig("metaAddress", encoded);
+    spinner2.succeed("Quick setup complete");
+    console.log();
+    console.log(import_chalk2.default.green("  \u2713 Network: testnet"));
+    console.log(import_chalk2.default.green("  \u2713 Chain: solana"));
+    console.log(import_chalk2.default.green("  \u2713 Privacy: shielded"));
+    console.log(import_chalk2.default.green("  \u2713 Keys generated"));
+    console.log();
+    console.log(import_chalk2.default.bold("  Meta-Address:"));
+    console.log(import_chalk2.default.cyan(`  ${encoded}`));
+    console.log();
+    console.log(import_chalk2.default.yellow("  \u26A0\uFE0F  Run ") + import_chalk2.default.white("sip setup") + import_chalk2.default.yellow(" for full interactive setup"));
+    console.log();
+  } catch (err) {
+    spinner2.fail("Quick setup failed");
+    console.error(err);
+    process.exit(1);
+  }
+}
+
+// src/commands/stealth.ts
+var import_commander10 = require("commander");
+var import_prompts2 = __toESM(require("prompts"));
+var import_chalk3 = __toESM(require("chalk"));
+var import_ora3 = __toESM(require("ora"));
+var import_sdk9 = require("@sip-protocol/sdk");
+function createStealthCommand() {
+  const cmd = new import_commander10.Command("stealth").description("Generate one-time stealth addresses");
+  cmd.command("generate").alias("gen").description("Generate a one-time stealth address from a meta-address").option("-m, --meta <address>", "Recipient meta-address (or use saved)").option("-c, --chain <chain>", "Target chain (auto-detected from meta-address)").option("-i, --interactive", "Interactive mode").action(async (options) => {
+    heading("Generate Stealth Address");
+    let metaAddressStr = options.meta;
+    if (options.interactive || !metaAddressStr) {
+      const savedMeta = getConfig("metaAddress");
+      const response = await (0, import_prompts2.default)([
+        {
+          type: "text",
+          name: "meta",
+          message: "Enter recipient meta-address:",
+          initial: savedMeta || "",
+          validate: (value) => value.startsWith("sip:") ? true : "Must be a valid SIP meta-address (sip:...)"
+        }
+      ]);
+      if (!response.meta) {
+        console.log(import_chalk3.default.yellow("Cancelled."));
+        return;
+      }
+      metaAddressStr = response.meta;
+    }
+    const spinner2 = (0, import_ora3.default)("Generating stealth address...").start();
+    try {
+      const metaAddress = (0, import_sdk9.decodeStealthMetaAddress)(metaAddressStr);
+      const chain = metaAddress.chain;
+      const useEd25519 = (0, import_sdk9.isEd25519Chain)(chain);
+      const result = useEd25519 ? (0, import_sdk9.generateEd25519StealthAddress)(metaAddress) : (0, import_sdk9.generateStealthAddress)(metaAddress);
+      const stealthPubKey = result.stealthAddress.address;
+      const ephemeralPubKey = result.stealthAddress.ephemeralPublicKey;
+      let chainAddress;
+      if (useEd25519) {
+        if (chain === "solana") {
+          chainAddress = (0, import_sdk9.ed25519PublicKeyToSolanaAddress)(stealthPubKey);
+        } else if (chain === "near") {
+          chainAddress = (0, import_sdk9.ed25519PublicKeyToNearAddress)(stealthPubKey);
+        } else {
+          chainAddress = stealthPubKey;
+        }
+      } else {
+        chainAddress = (0, import_sdk9.publicKeyToEthAddress)(stealthPubKey);
+      }
+      spinner2.succeed("Stealth address generated");
+      console.log();
+      keyValue("Chain", chain);
+      keyValue("Curve", useEd25519 ? "ed25519" : "secp256k1");
+      console.log();
+      console.log(import_chalk3.default.bold.green("  One-Time Address (send funds here):"));
+      console.log(import_chalk3.default.cyan(`  ${chainAddress}`));
+      console.log();
+      console.log(import_chalk3.default.bold("  Ephemeral Public Key (publish for recipient):"));
+      console.log(import_chalk3.default.gray(`  ${ephemeralPubKey}`));
+      console.log();
+      warning("The ephemeral key must be published so the recipient can find and claim funds.");
+    } catch (err) {
+      spinner2.fail("Failed to generate stealth address");
+      console.error(err instanceof Error ? err.message : err);
+      process.exit(1);
+    }
+  });
+  cmd.command("derive").description("Derive spending key from stealth address (to claim funds)").requiredOption("-a, --stealth-address <address>", "Stealth address where funds were sent").requiredOption("-e, --ephemeral <key>", "Ephemeral public key from sender announcement").requiredOption("-s, --spending-key <key>", "Your spending private key (hex)").requiredOption("-v, --viewing-key <key>", "Your viewing private key (hex)").option("-c, --chain <chain>", "Chain (solana, ethereum, near)", "solana").action(async (options) => {
+    heading("Derive Stealth Spending Key");
+    warning("This is for advanced users. Keep your derived private key secure!");
+    console.log();
+    const spinner2 = (0, import_ora3.default)("Deriving stealth private key...").start();
+    try {
+      const chain = options.chain;
+      const useEd25519 = (0, import_sdk9.isEd25519Chain)(chain);
+      const spendingKey = normalizeHexKey(options.spendingKey);
+      const viewingKey = normalizeHexKey(options.viewingKey);
+      const ephemeralKey = normalizeHexKey(options.ephemeral);
+      let stealthPubKeyHex;
+      if (useEd25519 && chain === "solana") {
+        stealthPubKeyHex = (0, import_sdk9.solanaAddressToEd25519PublicKey)(options.stealthAddress);
+      } else if (options.stealthAddress.startsWith("0x")) {
+        stealthPubKeyHex = options.stealthAddress;
+      } else {
+        throw new Error("Stealth address must be base58 (Solana) or hex (0x...)");
+      }
+      const stealthAddressObj = {
+        address: stealthPubKeyHex,
+        ephemeralPublicKey: ephemeralKey,
+        viewTag: 0
+        // Not needed for derivation
+      };
+      const recovery = useEd25519 ? (0, import_sdk9.deriveEd25519StealthPrivateKey)(
+        stealthAddressObj,
+        spendingKey,
+        viewingKey
+      ) : (0, import_sdk9.deriveStealthPrivateKey)(
+        stealthAddressObj,
+        spendingKey,
+        viewingKey
+      );
+      spinner2.succeed("Stealth private key derived");
+      console.log();
+      keyValue("Chain", chain);
+      keyValue("Curve", useEd25519 ? "ed25519" : "secp256k1");
+      console.log();
+      console.log(import_chalk3.default.bold.green("  Derived Private Key (use to claim funds):"));
+      console.log(import_chalk3.default.cyan(`  ${recovery.privateKey}`));
+      console.log();
+      console.log(import_chalk3.default.bold("  Stealth Address:"));
+      console.log(import_chalk3.default.gray(`  ${recovery.stealthAddress}`));
+      console.log();
+      warning("Never share your private key! Use it to sign transactions claiming your funds.");
+      console.log();
+      info3("Next steps:");
+      console.log(import_chalk3.default.gray("  1. Import this key into a wallet or use SDK to claim"));
+      console.log(import_chalk3.default.gray("  2. Transfer funds from stealth address to your main wallet"));
+      console.log(import_chalk3.default.gray("  3. Securely delete this private key after claiming"));
+      console.log();
+    } catch (err) {
+      spinner2.fail("Failed to derive stealth key");
+      console.error(err instanceof Error ? err.message : err);
+      process.exit(1);
+    }
+  });
+  return cmd;
+}
+function info3(message) {
+  console.log(import_chalk3.default.blue("\u2139"), message);
+}
+function normalizeHexKey(key) {
+  if (key.startsWith("0x")) {
+    return key;
+  }
+  return `0x${key}`;
+}
+
+// src/commands/viewing-key.ts
+var import_commander11 = require("commander");
+var import_prompts3 = __toESM(require("prompts"));
+var import_chalk4 = __toESM(require("chalk"));
+var import_ora4 = __toESM(require("ora"));
+var import_sdk10 = require("@sip-protocol/sdk");
+function createViewingKeyCommand() {
+  const cmd = new import_commander11.Command("viewing-key").alias("vk").description("Manage viewing keys for selective disclosure");
+  cmd.command("generate").alias("gen").description("Generate a new viewing key").option("-p, --path <path>", 'Key derivation path (e.g., "payments/2024")').option("-i, --interactive", "Interactive mode").action(async (options) => {
+    heading("Generate Viewing Key");
+    let path = options.path;
+    if (options.interactive || !path) {
+      const response = await (0, import_prompts3.default)([
+        {
+          type: "text",
+          name: "path",
+          message: "Enter a label or path for this viewing key:",
+          initial: `audit/${Date.now()}`,
+          validate: (value) => value.length > 0 ? true : "Path is required"
+        },
+        {
+          type: "text",
+          name: "description",
+          message: "Description (optional):"
+        }
+      ]);
+      if (!response.path) {
+        console.log(import_chalk4.default.yellow("Cancelled."));
+        return;
+      }
+      path = response.path;
+    }
+    const spinner2 = (0, import_ora4.default)("Generating viewing key...").start();
+    try {
+      const viewingKey = (0, import_sdk10.generateViewingKey)(path);
+      spinner2.succeed("Viewing key generated");
+      console.log();
+      keyValue("Path", viewingKey.path);
+      keyValue("Hash", viewingKey.hash);
+      console.log();
+      console.log(import_chalk4.default.bold.green("  Viewing Key (share with auditors):"));
+      console.log(import_chalk4.default.cyan(`  ${viewingKey.key}`));
+      console.log();
+      console.log(import_chalk4.default.bold("  Key Hash (for verification):"));
+      console.log(import_chalk4.default.gray(`  ${viewingKey.hash}`));
+      console.log();
+      warning("Share the viewing key with authorized parties only.");
+      console.log(import_chalk4.default.gray("  They can view transactions but cannot spend funds."));
+      console.log();
+      const saveResponse = await (0, import_prompts3.default)([
+        {
+          type: "confirm",
+          name: "save",
+          message: "Save this viewing key to config?",
+          initial: false
+        }
+      ]);
+      if (saveResponse.save) {
+        const existingKeys = getConfig("viewingKeys") || {};
+        existingKeys[path] = viewingKey.key;
+        setConfig("viewingKeys", existingKeys);
+        success("Viewing key saved to config");
+      }
+    } catch (err) {
+      spinner2.fail("Failed to generate viewing key");
+      console.error(err instanceof Error ? err.message : err);
+      process.exit(1);
+    }
+  });
+  cmd.command("list").alias("ls").description("List saved viewing keys").action(async () => {
+    heading("Saved Viewing Keys");
+    const keys = getConfig("viewingKeys") || {};
+    const entries = Object.entries(keys);
+    if (entries.length === 0) {
+      console.log(import_chalk4.default.gray("  No viewing keys saved."));
+      console.log(import_chalk4.default.gray("  Run: sip viewing-key generate -i"));
+      console.log();
+      return;
+    }
+    console.log();
+    entries.forEach(([path, key]) => {
+      console.log(import_chalk4.default.cyan(`  ${path}`));
+      console.log(import_chalk4.default.gray(`    ${key.slice(0, 20)}...${key.slice(-10)}`));
+      console.log();
+    });
+  });
+  cmd.command("share").description("Create a shareable viewing key disclosure").option("-p, --path <path>", "Viewing key path to share").option("-e, --expires <date>", "Expiration date (ISO format)").option("-s, --scope <scope>", "Scope of disclosure (all, treasury, payments)").action(async (options) => {
+    heading("Create Viewing Key Disclosure");
+    const keys = getConfig("viewingKeys") || {};
+    const entries = Object.entries(keys);
+    if (entries.length === 0) {
+      console.log(import_chalk4.default.yellow("  No viewing keys saved."));
+      console.log(import_chalk4.default.gray("  Run: sip viewing-key generate -i first"));
+      console.log();
+      return;
+    }
+    const response = await (0, import_prompts3.default)([
+      {
+        type: "select",
+        name: "path",
+        message: "Select viewing key to share:",
+        choices: entries.map(([path]) => ({ title: path, value: path }))
+      },
+      {
+        type: "select",
+        name: "scope",
+        message: "Disclosure scope:",
+        choices: [
+          { title: "All transactions", value: "all" },
+          { title: "Treasury only", value: "treasury" },
+          { title: "Payments only", value: "payments" },
+          { title: "Custom time range", value: "custom" }
+        ]
+      },
+      {
+        type: "text",
+        name: "recipient",
+        message: "Recipient (auditor, regulator, etc.):"
+      }
+    ]);
+    if (!response.path) {
+      console.log(import_chalk4.default.yellow("Cancelled."));
+      return;
+    }
+    const key = keys[response.path];
+    console.log();
+    console.log(import_chalk4.default.bold.green("  \u{1F4CB} Viewing Key Disclosure"));
+    console.log();
+    console.log(import_chalk4.default.gray("  \u250C\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510"));
+    console.log(import_chalk4.default.gray("  \u2502 ") + import_chalk4.default.cyan("Path:      ") + import_chalk4.default.white(response.path.padEnd(36)) + import_chalk4.default.gray(" \u2502"));
+    console.log(import_chalk4.default.gray("  \u2502 ") + import_chalk4.default.cyan("Scope:     ") + import_chalk4.default.white(response.scope.padEnd(36)) + import_chalk4.default.gray(" \u2502"));
+    console.log(import_chalk4.default.gray("  \u2502 ") + import_chalk4.default.cyan("Recipient: ") + import_chalk4.default.white((response.recipient || "Not specified").padEnd(36)) + import_chalk4.default.gray(" \u2502"));
+    console.log(import_chalk4.default.gray("  \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518"));
+    console.log();
+    console.log(import_chalk4.default.bold("  Viewing Key:"));
+    console.log(import_chalk4.default.cyan(`  ${key}`));
+    console.log();
+    console.log(import_chalk4.default.gray("  The recipient can use this key to view transactions"));
+    console.log(import_chalk4.default.gray("  matching the specified scope, but cannot spend funds."));
+    console.log();
+  });
+  return cmd;
+}
+
 // src/index.ts
-var program = new import_commander9.Command();
-program.name("sip").description("Shielded Intents Protocol (SIP) - Privacy layer for cross-chain transactions").version("0.1.0");
+var program = new import_commander12.Command();
+program.name("sip").description("Shielded Intents Protocol (SIP) - Privacy layer for cross-chain transactions").version("0.2.0");
+program.addCommand(createSetupCommand());
 program.addCommand(createInitCommand());
 program.addCommand(createKeygenCommand());
+program.addCommand(createStealthCommand());
+program.addCommand(createViewingKeyCommand());
 program.addCommand(createCommitCommand());
 program.addCommand(createProveCommand());
 program.addCommand(createVerifyCommand());

package/dist/index.mjs

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 
 // src/index.ts
-import { Command as Command9 } from "commander";
+import { Command as Command12 } from "commander";
 
 // src/commands/init.ts
 import { Command } from "commander";
@@ -9,25 +9,24 @@ import { PrivacyLevel } from "@sip-protocol/types";
 
 // src/utils/config.ts
 import Conf from "conf";
-var schema = {
-  network: {
-    type: "string",
-    default: "testnet"
-  },
-  defaultPrivacy: {
-    type: "string",
-    default: "transparent"
-  }
-};
 var store = new Conf({
   projectName: "sip-protocol",
-  schema
+  defaults: {
+    network: "testnet",
+    defaultPrivacy: "transparent"
+  }
 });
-function getConfig() {
+function getConfig(key) {
+  if (key) {
+    return store.get(key);
+  }
   return {
     network: store.get("network"),
     defaultPrivacy: store.get("defaultPrivacy"),
     defaultChain: store.get("defaultChain"),
+    primaryChain: store.get("primaryChain"),
+    metaAddress: store.get("metaAddress"),
+    viewingKeys: store.get("viewingKeys"),
     rpcEndpoints: store.get("rpcEndpoints")
   };
 }
@@ -92,6 +91,9 @@ function formatHash(hash, length = 8) {
   if (hash.length <= length * 2) return hash;
   return `${hash.slice(0, length)}...${hash.slice(-length)}`;
 }
+function divider() {
+  console.log(chalk.gray("  \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500"));
+}
 
 // src/commands/init.ts
 function createInitCommand() {
@@ -338,8 +340,8 @@ function createQuoteCommand() {
       const quotes = await sip.getQuotes(intent);
       spin.succeed(`Found ${quotes.length} quote(s)`);
       if (quotes.length === 0) {
-        console.log("\nNo quotes available");
-        return;
+        console.error("\nNo quotes available");
+        process.exit(1);
       }
       console.log();
       const headers = ["Solver", "Output Amount", "Fee", "Time (s)"];
@@ -367,7 +369,7 @@ function createQuoteCommand() {
 import { Command as Command7 } from "commander";
 import { createSIP as createSIP2, NATIVE_TOKENS as NATIVE_TOKENS2 } from "@sip-protocol/sdk";
 function createSwapCommand() {
-  return new Command7("swap").description("Execute swap").argument("<from-chain>", "Source chain (e.g., ethereum, solana)").argument("<to-chain>", "Destination chain").argument("<amount>", "Amount to swap").option("-t, --token <symbol>", "Token symbol (default: native token)").option("-p, --privacy <level>", "Privacy level (transparent|shielded|compliant)").option("-r, --recipient <address>", "Recipient address (optional)").option("--solver <id>", "Specific solver to use").action(async (fromChain, toChain, amountStr, options) => {
+  return new Command7("swap").description("Execute swap").argument("<from-chain>", "Source chain (e.g., ethereum, solana)").argument("<to-chain>", "Destination chain").argument("<amount>", "Amount to swap").option("-t, --token <symbol>", "Token symbol (default: native token)").option("-p, --privacy <level>", "Privacy level (transparent|shielded|compliant)").option("-r, --recipient <address>", "Recipient address (optional)").option("-s, --slippage <percent>", "Slippage tolerance in percent (default: 5)", parseFloat).option("--solver <id>", "Specific solver to use").action(async (fromChain, toChain, amountStr, options) => {
     try {
       heading("Execute Swap");
       const config = getConfig();
@@ -386,7 +388,10 @@ function createSwapCommand() {
         address: null,
         decimals: 18
       };
+      const slippagePercent = Math.min(Math.max(options.slippage ?? 5, 0), 100);
+      const slippageTolerance = slippagePercent / 100;
       info("Creating shielded intent...");
+      info(`Slippage tolerance: ${slippagePercent}%`);
       const intent = await sip.createIntent({
         input: {
           asset: inputAsset,
@@ -396,8 +401,8 @@ function createSwapCommand() {
           asset: outputAsset,
           minAmount: 0n,
           // Accept any amount
-          maxSlippage: 0.05
-          // 5% slippage tolerance
+          maxSlippage: slippageTolerance
+          // User-configurable slippage
         },
         privacy,
         recipientMetaAddress: options.recipient
@@ -449,9 +454,9 @@ function createScanCommand() {
       info(`Scanning ${chain} for stealth payments...`);
       info(`Using ${useEd25519 ? "ed25519" : "secp256k1"} curve`);
       if (!options.addresses || options.addresses.length === 0) {
-        warning("No addresses provided. Specify addresses with -a flag.");
-        info("Example: sip scan -c ethereum -s 0x... -v 0x... -a 0xabc... 0xdef...");
-        return;
+        console.error("No addresses provided. Specify addresses with -a flag.");
+        console.error("Example: sip scan -c ethereum -s 0x... -v 0x... -a 0xabc... 0xdef...");
+        process.exit(1);
       }
       const results = [];
       for (const address of options.addresses) {
@@ -506,11 +511,507 @@ function createScanCommand() {
   });
 }
 
+// src/commands/setup.ts
+import { Command as Command9 } from "commander";
+import prompts from "prompts";
+import chalk2 from "chalk";
+import ora2 from "ora";
+import {
+  generateStealthMetaAddress as generateStealthMetaAddress2,
+  generateEd25519StealthMetaAddress as generateEd25519StealthMetaAddress2,
+  encodeStealthMetaAddress as encodeStealthMetaAddress2,
+  isEd25519Chain as isEd25519Chain3
+} from "@sip-protocol/sdk";
+import { PrivacyLevel as PrivacyLevel2 } from "@sip-protocol/types";
+var CHAINS = [
+  { title: "Solana", value: "solana", description: "Fast, low-cost transactions" },
+  { title: "Ethereum", value: "ethereum", description: "EVM mainnet" },
+  { title: "NEAR", value: "near", description: "Sharded, scalable" },
+  { title: "Arbitrum", value: "arbitrum", description: "Ethereum L2" },
+  { title: "Base", value: "base", description: "Coinbase L2" }
+];
+var PRIVACY_LEVELS = [
+  {
+    title: "Transparent",
+    value: PrivacyLevel2.TRANSPARENT,
+    description: "No privacy (like standard transactions)"
+  },
+  {
+    title: "Shielded",
+    value: PrivacyLevel2.SHIELDED,
+    description: "Full privacy - hidden sender, amount, recipient"
+  },
+  {
+    title: "Compliant",
+    value: PrivacyLevel2.COMPLIANT,
+    description: "Privacy with viewing keys for auditors"
+  }
+];
+function createSetupCommand() {
+  return new Command9("setup").description("Interactive setup wizard for SIP Protocol").option("--quick", "Quick setup with defaults").action(async (options) => {
+    console.clear();
+    console.log();
+    console.log(chalk2.bold.magenta("  \u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557"));
+    console.log(chalk2.bold.magenta("  \u2551                                           \u2551"));
+    console.log(chalk2.bold.magenta("  \u2551") + chalk2.bold.white("   \u{1F6E1}\uFE0F  SIP Protocol Setup Wizard  \u{1F6E1}\uFE0F   ") + chalk2.bold.magenta("\u2551"));
+    console.log(chalk2.bold.magenta("  \u2551                                           \u2551"));
+    console.log(chalk2.bold.magenta("  \u255A\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255D"));
+    console.log();
+    console.log(chalk2.gray("  Privacy layer for cross-chain transactions"));
+    console.log();
+    if (options.quick) {
+      await quickSetup();
+      return;
+    }
+    console.log(chalk2.cyan.bold("  Step 1 of 4: ") + chalk2.white("Network Configuration"));
+    console.log();
+    const networkResponse = await prompts([
+      {
+        type: "select",
+        name: "network",
+        message: "Which network do you want to use?",
+        choices: [
+          { title: "Testnet / Devnet", value: "testnet", description: "For development and testing" },
+          { title: "Mainnet", value: "mainnet", description: "Production network" }
+        ],
+        initial: 0
+      }
+    ]);
+    if (!networkResponse.network) {
+      console.log(chalk2.yellow("\n  Setup cancelled."));
+      return;
+    }
+    console.log();
+    console.log(chalk2.cyan.bold("  Step 2 of 4: ") + chalk2.white("Primary Chain"));
+    console.log();
+    const chainResponse = await prompts([
+      {
+        type: "select",
+        name: "chain",
+        message: "Which chain will you use primarily?",
+        choices: CHAINS,
+        initial: 0
+      }
+    ]);
+    if (!chainResponse.chain) {
+      console.log(chalk2.yellow("\n  Setup cancelled."));
+      return;
+    }
+    console.log();
+    console.log(chalk2.cyan.bold("  Step 3 of 4: ") + chalk2.white("Default Privacy Level"));
+    console.log();
+    const privacyResponse = await prompts([
+      {
+        type: "select",
+        name: "privacy",
+        message: "What privacy level do you want by default?",
+        choices: PRIVACY_LEVELS,
+        initial: 1
+        // Default to shielded
+      }
+    ]);
+    if (!privacyResponse.privacy) {
+      console.log(chalk2.yellow("\n  Setup cancelled."));
+      return;
+    }
+    console.log();
+    console.log(chalk2.cyan.bold("  Step 4 of 4: ") + chalk2.white("Key Generation"));
+    console.log();
+    const keyResponse = await prompts([
+      {
+        type: "confirm",
+        name: "generateKeys",
+        message: "Generate stealth meta-address now?",
+        initial: true
+      }
+    ]);
+    const spinner2 = ora2("Saving configuration...").start();
+    try {
+      setConfig("network", networkResponse.network);
+      setConfig("primaryChain", chainResponse.chain);
+      setConfig("defaultPrivacy", privacyResponse.privacy);
+      spinner2.succeed("Configuration saved");
+    } catch (err) {
+      spinner2.fail("Failed to save configuration");
+      console.error(err);
+      process.exit(1);
+    }
+    if (keyResponse.generateKeys) {
+      console.log();
+      const keySpinner = ora2("Generating stealth meta-address...").start();
+      try {
+        const chain = chainResponse.chain;
+        const useEd25519 = isEd25519Chain3(chain);
+        const metaAddress = useEd25519 ? generateEd25519StealthMetaAddress2(chain) : generateStealthMetaAddress2(chain);
+        keySpinner.succeed("Keys generated");
+        console.log();
+        console.log(chalk2.bold.green("  \u2713 Stealth Meta-Address Generated"));
+        console.log();
+        console.log(chalk2.gray("  \u250C\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510"));
+        console.log(chalk2.gray("  \u2502 ") + chalk2.cyan("Chain:           ") + chalk2.white(chain.padEnd(30)) + chalk2.gray(" \u2502"));
+        console.log(chalk2.gray("  \u2502 ") + chalk2.cyan("Curve:           ") + chalk2.white((useEd25519 ? "ed25519" : "secp256k1").padEnd(30)) + chalk2.gray(" \u2502"));
+        console.log(chalk2.gray("  \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518"));
+        console.log();
+        const encoded = encodeStealthMetaAddress2(metaAddress.metaAddress);
+        console.log(chalk2.bold("  Encoded Meta-Address (share this):"));
+        console.log(chalk2.green(`  ${encoded}`));
+        console.log();
+        console.log(chalk2.bold.yellow("  \u26A0\uFE0F  PRIVATE KEYS - Store securely!"));
+        console.log();
+        console.log(chalk2.gray("  Spending Key: ") + chalk2.dim(metaAddress.spendingPrivateKey));
+        console.log(chalk2.gray("  Viewing Key:  ") + chalk2.dim(metaAddress.viewingPrivateKey));
+        console.log();
+        setConfig("metaAddress", encoded);
+      } catch (err) {
+        keySpinner.fail("Failed to generate keys");
+        console.error(err instanceof Error ? err.message : err);
+      }
+    }
+    console.log();
+    divider();
+    console.log();
+    console.log(chalk2.bold.green("  \u{1F389} Setup Complete!"));
+    console.log();
+    console.log(chalk2.gray("  Configuration:"));
+    console.log(chalk2.gray("  \u251C\u2500 Network:  ") + chalk2.white(networkResponse.network));
+    console.log(chalk2.gray("  \u251C\u2500 Chain:    ") + chalk2.white(chainResponse.chain));
+    console.log(chalk2.gray("  \u251C\u2500 Privacy:  ") + chalk2.white(privacyResponse.privacy));
+    console.log(chalk2.gray("  \u2514\u2500 Config:   ") + chalk2.dim(getConfigPath()));
+    console.log();
+    console.log(chalk2.cyan("  Next steps:"));
+    console.log(chalk2.gray("  1. ") + chalk2.white("sip keygen") + chalk2.gray(" - Generate more stealth addresses"));
+    console.log(chalk2.gray("  2. ") + chalk2.white("sip quote") + chalk2.gray("  - Get a swap quote"));
+    console.log(chalk2.gray("  3. ") + chalk2.white("sip scan") + chalk2.gray("   - Scan for incoming payments"));
+    console.log();
+  });
+}
+async function quickSetup() {
+  const spinner2 = ora2("Quick setup with defaults...").start();
+  try {
+    setConfig("network", "testnet");
+    setConfig("primaryChain", "solana");
+    setConfig("defaultPrivacy", PrivacyLevel2.SHIELDED);
+    const metaAddress = generateEd25519StealthMetaAddress2("solana");
+    const encoded = encodeStealthMetaAddress2(metaAddress.metaAddress);
+    setConfig("metaAddress", encoded);
+    spinner2.succeed("Quick setup complete");
+    console.log();
+    console.log(chalk2.green("  \u2713 Network: testnet"));
+    console.log(chalk2.green("  \u2713 Chain: solana"));
+    console.log(chalk2.green("  \u2713 Privacy: shielded"));
+    console.log(chalk2.green("  \u2713 Keys generated"));
+    console.log();
+    console.log(chalk2.bold("  Meta-Address:"));
+    console.log(chalk2.cyan(`  ${encoded}`));
+    console.log();
+    console.log(chalk2.yellow("  \u26A0\uFE0F  Run ") + chalk2.white("sip setup") + chalk2.yellow(" for full interactive setup"));
+    console.log();
+  } catch (err) {
+    spinner2.fail("Quick setup failed");
+    console.error(err);
+    process.exit(1);
+  }
+}
+
+// src/commands/stealth.ts
+import { Command as Command10 } from "commander";
+import prompts2 from "prompts";
+import chalk3 from "chalk";
+import ora3 from "ora";
+import {
+  generateStealthAddress,
+  generateEd25519StealthAddress,
+  decodeStealthMetaAddress,
+  isEd25519Chain as isEd25519Chain4,
+  ed25519PublicKeyToSolanaAddress,
+  ed25519PublicKeyToNearAddress,
+  publicKeyToEthAddress,
+  deriveStealthPrivateKey,
+  deriveEd25519StealthPrivateKey,
+  solanaAddressToEd25519PublicKey
+} from "@sip-protocol/sdk";
+function createStealthCommand() {
+  const cmd = new Command10("stealth").description("Generate one-time stealth addresses");
+  cmd.command("generate").alias("gen").description("Generate a one-time stealth address from a meta-address").option("-m, --meta <address>", "Recipient meta-address (or use saved)").option("-c, --chain <chain>", "Target chain (auto-detected from meta-address)").option("-i, --interactive", "Interactive mode").action(async (options) => {
+    heading("Generate Stealth Address");
+    let metaAddressStr = options.meta;
+    if (options.interactive || !metaAddressStr) {
+      const savedMeta = getConfig("metaAddress");
+      const response = await prompts2([
+        {
+          type: "text",
+          name: "meta",
+          message: "Enter recipient meta-address:",
+          initial: savedMeta || "",
+          validate: (value) => value.startsWith("sip:") ? true : "Must be a valid SIP meta-address (sip:...)"
+        }
+      ]);
+      if (!response.meta) {
+        console.log(chalk3.yellow("Cancelled."));
+        return;
+      }
+      metaAddressStr = response.meta;
+    }
+    const spinner2 = ora3("Generating stealth address...").start();
+    try {
+      const metaAddress = decodeStealthMetaAddress(metaAddressStr);
+      const chain = metaAddress.chain;
+      const useEd25519 = isEd25519Chain4(chain);
+      const result = useEd25519 ? generateEd25519StealthAddress(metaAddress) : generateStealthAddress(metaAddress);
+      const stealthPubKey = result.stealthAddress.address;
+      const ephemeralPubKey = result.stealthAddress.ephemeralPublicKey;
+      let chainAddress;
+      if (useEd25519) {
+        if (chain === "solana") {
+          chainAddress = ed25519PublicKeyToSolanaAddress(stealthPubKey);
+        } else if (chain === "near") {
+          chainAddress = ed25519PublicKeyToNearAddress(stealthPubKey);
+        } else {
+          chainAddress = stealthPubKey;
+        }
+      } else {
+        chainAddress = publicKeyToEthAddress(stealthPubKey);
+      }
+      spinner2.succeed("Stealth address generated");
+      console.log();
+      keyValue("Chain", chain);
+      keyValue("Curve", useEd25519 ? "ed25519" : "secp256k1");
+      console.log();
+      console.log(chalk3.bold.green("  One-Time Address (send funds here):"));
+      console.log(chalk3.cyan(`  ${chainAddress}`));
+      console.log();
+      console.log(chalk3.bold("  Ephemeral Public Key (publish for recipient):"));
+      console.log(chalk3.gray(`  ${ephemeralPubKey}`));
+      console.log();
+      warning("The ephemeral key must be published so the recipient can find and claim funds.");
+    } catch (err) {
+      spinner2.fail("Failed to generate stealth address");
+      console.error(err instanceof Error ? err.message : err);
+      process.exit(1);
+    }
+  });
+  cmd.command("derive").description("Derive spending key from stealth address (to claim funds)").requiredOption("-a, --stealth-address <address>", "Stealth address where funds were sent").requiredOption("-e, --ephemeral <key>", "Ephemeral public key from sender announcement").requiredOption("-s, --spending-key <key>", "Your spending private key (hex)").requiredOption("-v, --viewing-key <key>", "Your viewing private key (hex)").option("-c, --chain <chain>", "Chain (solana, ethereum, near)", "solana").action(async (options) => {
+    heading("Derive Stealth Spending Key");
+    warning("This is for advanced users. Keep your derived private key secure!");
+    console.log();
+    const spinner2 = ora3("Deriving stealth private key...").start();
+    try {
+      const chain = options.chain;
+      const useEd25519 = isEd25519Chain4(chain);
+      const spendingKey = normalizeHexKey(options.spendingKey);
+      const viewingKey = normalizeHexKey(options.viewingKey);
+      const ephemeralKey = normalizeHexKey(options.ephemeral);
+      let stealthPubKeyHex;
+      if (useEd25519 && chain === "solana") {
+        stealthPubKeyHex = solanaAddressToEd25519PublicKey(options.stealthAddress);
+      } else if (options.stealthAddress.startsWith("0x")) {
+        stealthPubKeyHex = options.stealthAddress;
+      } else {
+        throw new Error("Stealth address must be base58 (Solana) or hex (0x...)");
+      }
+      const stealthAddressObj = {
+        address: stealthPubKeyHex,
+        ephemeralPublicKey: ephemeralKey,
+        viewTag: 0
+        // Not needed for derivation
+      };
+      const recovery = useEd25519 ? deriveEd25519StealthPrivateKey(
+        stealthAddressObj,
+        spendingKey,
+        viewingKey
+      ) : deriveStealthPrivateKey(
+        stealthAddressObj,
+        spendingKey,
+        viewingKey
+      );
+      spinner2.succeed("Stealth private key derived");
+      console.log();
+      keyValue("Chain", chain);
+      keyValue("Curve", useEd25519 ? "ed25519" : "secp256k1");
+      console.log();
+      console.log(chalk3.bold.green("  Derived Private Key (use to claim funds):"));
+      console.log(chalk3.cyan(`  ${recovery.privateKey}`));
+      console.log();
+      console.log(chalk3.bold("  Stealth Address:"));
+      console.log(chalk3.gray(`  ${recovery.stealthAddress}`));
+      console.log();
+      warning("Never share your private key! Use it to sign transactions claiming your funds.");
+      console.log();
+      info3("Next steps:");
+      console.log(chalk3.gray("  1. Import this key into a wallet or use SDK to claim"));
+      console.log(chalk3.gray("  2. Transfer funds from stealth address to your main wallet"));
+      console.log(chalk3.gray("  3. Securely delete this private key after claiming"));
+      console.log();
+    } catch (err) {
+      spinner2.fail("Failed to derive stealth key");
+      console.error(err instanceof Error ? err.message : err);
+      process.exit(1);
+    }
+  });
+  return cmd;
+}
+function info3(message) {
+  console.log(chalk3.blue("\u2139"), message);
+}
+function normalizeHexKey(key) {
+  if (key.startsWith("0x")) {
+    return key;
+  }
+  return `0x${key}`;
+}
+
+// src/commands/viewing-key.ts
+import { Command as Command11 } from "commander";
+import prompts3 from "prompts";
+import chalk4 from "chalk";
+import ora4 from "ora";
+import { generateViewingKey } from "@sip-protocol/sdk";
+function createViewingKeyCommand() {
+  const cmd = new Command11("viewing-key").alias("vk").description("Manage viewing keys for selective disclosure");
+  cmd.command("generate").alias("gen").description("Generate a new viewing key").option("-p, --path <path>", 'Key derivation path (e.g., "payments/2024")').option("-i, --interactive", "Interactive mode").action(async (options) => {
+    heading("Generate Viewing Key");
+    let path = options.path;
+    if (options.interactive || !path) {
+      const response = await prompts3([
+        {
+          type: "text",
+          name: "path",
+          message: "Enter a label or path for this viewing key:",
+          initial: `audit/${Date.now()}`,
+          validate: (value) => value.length > 0 ? true : "Path is required"
+        },
+        {
+          type: "text",
+          name: "description",
+          message: "Description (optional):"
+        }
+      ]);
+      if (!response.path) {
+        console.log(chalk4.yellow("Cancelled."));
+        return;
+      }
+      path = response.path;
+    }
+    const spinner2 = ora4("Generating viewing key...").start();
+    try {
+      const viewingKey = generateViewingKey(path);
+      spinner2.succeed("Viewing key generated");
+      console.log();
+      keyValue("Path", viewingKey.path);
+      keyValue("Hash", viewingKey.hash);
+      console.log();
+      console.log(chalk4.bold.green("  Viewing Key (share with auditors):"));
+      console.log(chalk4.cyan(`  ${viewingKey.key}`));
+      console.log();
+      console.log(chalk4.bold("  Key Hash (for verification):"));
+      console.log(chalk4.gray(`  ${viewingKey.hash}`));
+      console.log();
+      warning("Share the viewing key with authorized parties only.");
+      console.log(chalk4.gray("  They can view transactions but cannot spend funds."));
+      console.log();
+      const saveResponse = await prompts3([
+        {
+          type: "confirm",
+          name: "save",
+          message: "Save this viewing key to config?",
+          initial: false
+        }
+      ]);
+      if (saveResponse.save) {
+        const existingKeys = getConfig("viewingKeys") || {};
+        existingKeys[path] = viewingKey.key;
+        setConfig("viewingKeys", existingKeys);
+        success("Viewing key saved to config");
+      }
+    } catch (err) {
+      spinner2.fail("Failed to generate viewing key");
+      console.error(err instanceof Error ? err.message : err);
+      process.exit(1);
+    }
+  });
+  cmd.command("list").alias("ls").description("List saved viewing keys").action(async () => {
+    heading("Saved Viewing Keys");
+    const keys = getConfig("viewingKeys") || {};
+    const entries = Object.entries(keys);
+    if (entries.length === 0) {
+      console.log(chalk4.gray("  No viewing keys saved."));
+      console.log(chalk4.gray("  Run: sip viewing-key generate -i"));
+      console.log();
+      return;
+    }
+    console.log();
+    entries.forEach(([path, key]) => {
+      console.log(chalk4.cyan(`  ${path}`));
+      console.log(chalk4.gray(`    ${key.slice(0, 20)}...${key.slice(-10)}`));
+      console.log();
+    });
+  });
+  cmd.command("share").description("Create a shareable viewing key disclosure").option("-p, --path <path>", "Viewing key path to share").option("-e, --expires <date>", "Expiration date (ISO format)").option("-s, --scope <scope>", "Scope of disclosure (all, treasury, payments)").action(async (options) => {
+    heading("Create Viewing Key Disclosure");
+    const keys = getConfig("viewingKeys") || {};
+    const entries = Object.entries(keys);
+    if (entries.length === 0) {
+      console.log(chalk4.yellow("  No viewing keys saved."));
+      console.log(chalk4.gray("  Run: sip viewing-key generate -i first"));
+      console.log();
+      return;
+    }
+    const response = await prompts3([
+      {
+        type: "select",
+        name: "path",
+        message: "Select viewing key to share:",
+        choices: entries.map(([path]) => ({ title: path, value: path }))
+      },
+      {
+        type: "select",
+        name: "scope",
+        message: "Disclosure scope:",
+        choices: [
+          { title: "All transactions", value: "all" },
+          { title: "Treasury only", value: "treasury" },
+          { title: "Payments only", value: "payments" },
+          { title: "Custom time range", value: "custom" }
+        ]
+      },
+      {
+        type: "text",
+        name: "recipient",
+        message: "Recipient (auditor, regulator, etc.):"
+      }
+    ]);
+    if (!response.path) {
+      console.log(chalk4.yellow("Cancelled."));
+      return;
+    }
+    const key = keys[response.path];
+    console.log();
+    console.log(chalk4.bold.green("  \u{1F4CB} Viewing Key Disclosure"));
+    console.log();
+    console.log(chalk4.gray("  \u250C\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510"));
+    console.log(chalk4.gray("  \u2502 ") + chalk4.cyan("Path:      ") + chalk4.white(response.path.padEnd(36)) + chalk4.gray(" \u2502"));
+    console.log(chalk4.gray("  \u2502 ") + chalk4.cyan("Scope:     ") + chalk4.white(response.scope.padEnd(36)) + chalk4.gray(" \u2502"));
+    console.log(chalk4.gray("  \u2502 ") + chalk4.cyan("Recipient: ") + chalk4.white((response.recipient || "Not specified").padEnd(36)) + chalk4.gray(" \u2502"));
+    console.log(chalk4.gray("  \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518"));
+    console.log();
+    console.log(chalk4.bold("  Viewing Key:"));
+    console.log(chalk4.cyan(`  ${key}`));
+    console.log();
+    console.log(chalk4.gray("  The recipient can use this key to view transactions"));
+    console.log(chalk4.gray("  matching the specified scope, but cannot spend funds."));
+    console.log();
+  });
+  return cmd;
+}
+
 // src/index.ts
-var program = new Command9();
-program.name("sip").description("Shielded Intents Protocol (SIP) - Privacy layer for cross-chain transactions").version("0.1.0");
+var program = new Command12();
+program.name("sip").description("Shielded Intents Protocol (SIP) - Privacy layer for cross-chain transactions").version("0.2.0");
+program.addCommand(createSetupCommand());
 program.addCommand(createInitCommand());
 program.addCommand(createKeygenCommand());
+program.addCommand(createStealthCommand());
+program.addCommand(createViewingKeyCommand());
 program.addCommand(createCommitCommand());
 program.addCommand(createProveCommand());
 program.addCommand(createVerifyCommand());

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sip-protocol/cli",
-  "version": "0.1.0",
+  "version": "0.2.0",
   "description": "Command-line tool for Shielded Intents Protocol (SIP) operations",
   "author": "SIP Protocol <hello@sip-protocol.org>",
   "homepage": "https://sip-protocol.org",
@@ -23,15 +23,17 @@
     "dist"
   ],
   "dependencies": {
-    "@sip-protocol/sdk": "^0.6.0",
-    "@sip-protocol/types": "^0.2.0",
-    "commander": "^12.0.0",
     "chalk": "^4.1.2",
+    "commander": "^12.0.0",
+    "conf": "^10.2.0",
     "ora": "^5.4.1",
-    "conf": "^10.2.0"
+    "prompts": "^2.4.2",
+    "@sip-protocol/sdk": "0.7.2",
+    "@sip-protocol/types": "0.2.1"
   },
   "devDependencies": {
     "@types/node": "^20.10.0",
+    "@types/prompts": "^2.4.9",
     "tsup": "^8.0.0",
     "typescript": "^5.3.0",
     "vitest": "^1.1.0"
@@ -52,6 +54,6 @@
     "lint": "eslint --ext .ts src/",
     "typecheck": "tsc --noEmit",
     "clean": "rm -rf dist",
-    "test": "vitest --passWithNoTests"
+    "test": "vitest"
   }
 }