@t2000/engine 0.46.11 → 0.46.13

package/dist/index.d.ts

@@ -228,6 +228,25 @@ interface GuardConfig {
      * upstream guard (e.g. an off-process verifier).
      */
     addressSource?: boolean;
+    /**
+     * Companion to `addressSource`: blocks send_transfer that defaults to
+     * USDC when the user's recent messages clearly named a non-USDC token
+     * (SUI, USDT, WAL, etc.). Without this, the LLM would call
+     * `send_transfer({ amount, to })` for a "send my SUI" request and the
+     * tool would silently ship USDC. Default on.
+     */
+    assetIntent?: boolean;
+    /**
+     * Root-cause fix for "LLM hallucinates a stale training-data price
+     * (e.g. '$3.50/SUI') and shows the user a wildly wrong estimate before
+     * the swap card renders". When enabled (default), `swap_execute` is
+     * blocked unless a matching `swap_quote(from, to, amount)` ran in the
+     * recent past (60s window, ±1% amount tolerance). The block forces the
+     * LLM to fetch a real on-chain quote and cite its actual numbers, not
+     * a guess. Set to `false` only if the host has its own pre-execution
+     * quote requirement.
+     */
+    swapPreview?: boolean;
 }
 declare const DEFAULT_GUARD_CONFIG: GuardConfig;
 declare class BalanceTracker {
@@ -247,11 +266,39 @@ declare class RetryTracker {
         previousResult?: unknown;
     };
 }
+declare class SwapQuoteTracker {
+    /** Quotes recorded in the recent window. Trimmed lazily on every check. */
+    private quotes;
+    /** Match window: 60s is generous enough for slow LLM turns but tight enough
+     * to invalidate stale quotes from earlier in the session. */
+    private readonly windowMs;
+    /** Amount tolerance: ±1% (covers gas-padding, integer-rounding, and the
+     * rare case where the LLM rounds the input differently between quote and
+     * execute). Prices barely move in 60s so 1% is forgiving but meaningful. */
+    private readonly amountTolerance;
+    /**
+     * Normalize a token identifier so symbol vs. coinType vs. case don't
+     * cause spurious mismatches. Lowercase + trim is sufficient because the
+     * SDK's resolver itself is case-insensitive on symbols.
+     */
+    private normalize;
+    record(input: {
+        from: string;
+        to: string;
+        amount: number;
+    }): void;
+    hasMatchingQuote(input: {
+        from: string;
+        to: string;
+        amount: number;
+    }): boolean;
+}
 declare function guardArtifactPreview(result: unknown): GuardInjection | null;
 declare function guardStaleData(toolFlags: ToolFlags): GuardInjection | null;
 interface GuardRunnerState {
     balanceTracker: BalanceTracker;
     retryTracker: RetryTracker;
+    swapQuoteTracker: SwapQuoteTracker;
     lastHealthFactor: number | null;
 }
 declare function createGuardRunnerState(): GuardRunnerState;
@@ -1862,11 +1909,13 @@ declare const withdrawTool: Tool<{
 declare const sendTransferTool: Tool<{
     to: string;
     amount: number;
+    asset?: string | undefined;
     memo?: string | undefined;
 }, {
     success: boolean;
     tx: string;
     amount: number;
+    asset: "USDC" | "USDT" | "SUI" | "USDe" | "USDsui" | "WAL" | "ETH" | "NAVX" | "GOLD";
     to: string;
     contactName: string | undefined;
     gasCost: number;

package/dist/index.js

@@ -1,5 +1,5 @@
 import { z } from 'zod';
-import { resolveSymbol, getDecimalsForCoinType, assertAllowedAsset, getSwapQuote, extractTransferDetails, classifyTransaction } from '@t2000/sdk';
+import { ALL_NAVI_ASSETS, resolveSymbol, getDecimalsForCoinType, assertAllowedAsset, SUPPORTED_ASSETS, getSwapQuote, extractTransferDetails, classifyTransaction } from '@t2000/sdk';
 import { readdirSync, readFileSync } from 'fs';
 import { join } from 'path';
 import yaml from 'js-yaml';
@@ -1447,12 +1447,14 @@ var withdrawTool = buildTool({
     };
   }
 });
+var ASSET_LIST = ALL_NAVI_ASSETS.map((a) => String(a)).join(", ");
 var sendTransferTool = buildTool({
   name: "send_transfer",
-  description: "Send USDC to another Sui address or contact name. Validates the address, checks balance, and executes the on-chain transfer. Returns tx hash, gas cost, and updated balance.",
+  description: `Send ANY supported token (${ASSET_LIST}) to another Sui address or contact name. Validates the address, checks balance, and executes the on-chain transfer. MUST set the \`asset\` field to the token symbol you want to send (case-insensitive). If \`asset\` is omitted, USDC is assumed \u2014 only do this when the user explicitly asks for USDC. When the user asks to send a token by name (SUI, USDT, etc.) or to send the proceeds of a just-completed swap, you MUST pass \`asset\` matching that token. Returns tx hash, gas cost, and updated balance.`,
   inputSchema: z.object({
     to: z.string().min(1),
     amount: z.number().positive(),
+    asset: z.string().optional(),
     memo: z.string().optional()
   }),
   jsonSchema: {
@@ -1464,7 +1466,11 @@ var sendTransferTool = buildTool({
       },
       amount: {
         type: "number",
-        description: "Amount in USD to send"
+        description: "Amount of the asset to send (denominated in the asset\u2019s own units, NOT USD). For USDC this is the USDC count; for SUI this is the SUI count."
+      },
+      asset: {
+        type: "string",
+        description: `Token symbol to send. One of: ${ASSET_LIST}. Defaults to USDC if omitted. REQUIRED whenever the user names a non-USDC token or you are forwarding the proceeds of a swap.`
       },
       memo: {
         type: "string",
@@ -1487,16 +1493,27 @@ var sendTransferTool = buildTool({
     if (input.amount <= 0) {
       return { valid: false, error: "Amount must be positive." };
     }
+    if (input.asset !== void 0) {
+      const normalized = String(input.asset).toUpperCase();
+      if (!(normalized in SUPPORTED_ASSETS)) {
+        return {
+          valid: false,
+          error: `Unsupported asset "${input.asset}". send_transfer accepts: ${ASSET_LIST}.`
+        };
+      }
+    }
     return { valid: true };
   },
   async call(input, context) {
     const agent = requireAgent(context);
-    const result = await agent.send({ to: input.to, amount: input.amount });
+    const asset = input.asset ? String(input.asset).toUpperCase() : "USDC";
+    const result = await agent.send({ to: input.to, amount: input.amount, asset });
     return {
       data: {
         success: result.success,
         tx: result.tx,
         amount: result.amount,
+        asset,
         to: result.to,
         contactName: result.contactName,
         gasCost: result.gasCost,
@@ -1504,7 +1521,7 @@ var sendTransferTool = buildTool({
         balance: result.balance,
         memo: input.memo ?? null
       },
-      displayText: `Sent $${result.amount.toFixed(2)} to ${result.contactName ?? result.to.slice(0, 10)}\u2026 (tx: ${result.tx.slice(0, 8)}\u2026)`
+      displayText: `Sent ${result.amount} ${asset} to ${result.contactName ?? `${result.to.slice(0, 10)}\u2026`} (tx: ${result.tx.slice(0, 8)}\u2026)`
     };
   }
 });
@@ -3610,7 +3627,9 @@ var DEFAULT_GUARD_CONFIG = {
   costWarning: true,
   retryProtection: true,
   inputValidation: true,
-  addressSource: true
+  addressSource: true,
+  assetIntent: true,
+  swapPreview: true
 };
 var BalanceTracker = class {
   lastBalanceAt = 0;
@@ -3651,6 +3670,45 @@ var RetryTracker = class {
     return { blocked: true, previousResult: prev.result };
   }
 };
+var SwapQuoteTracker = class {
+  /** Quotes recorded in the recent window. Trimmed lazily on every check. */
+  quotes = [];
+  /** Match window: 60s is generous enough for slow LLM turns but tight enough
+   * to invalidate stale quotes from earlier in the session. */
+  windowMs = 6e4;
+  /** Amount tolerance: ±1% (covers gas-padding, integer-rounding, and the
+   * rare case where the LLM rounds the input differently between quote and
+   * execute). Prices barely move in 60s so 1% is forgiving but meaningful. */
+  amountTolerance = 0.01;
+  /**
+   * Normalize a token identifier so symbol vs. coinType vs. case don't
+   * cause spurious mismatches. Lowercase + trim is sufficient because the
+   * SDK's resolver itself is case-insensitive on symbols.
+   */
+  normalize(token) {
+    return token.trim().toLowerCase();
+  }
+  record(input) {
+    const now = Date.now();
+    this.quotes.push({
+      from: this.normalize(input.from),
+      to: this.normalize(input.to),
+      amount: input.amount,
+      ts: now
+    });
+    const cutoff = now - this.windowMs;
+    this.quotes = this.quotes.filter((q) => q.ts > cutoff);
+  }
+  hasMatchingQuote(input) {
+    const cutoff = Date.now() - this.windowMs;
+    const fromN = this.normalize(input.from);
+    const toN = this.normalize(input.to);
+    const target = input.amount;
+    return this.quotes.some(
+      (q) => q.ts > cutoff && q.from === fromN && q.to === toN && target > 0 && Math.abs(q.amount - target) / target <= this.amountTolerance
+    );
+  }
+};
 function guardRetryProtection(tool, call, retryTracker) {
   const check = retryTracker.isBlocked(tool.name, call.input);
   if (check.blocked) {
@@ -3793,6 +3851,58 @@ var SUI_ADDRESS_REGEX = /^0x[a-fA-F0-9]{64}$/;
 function normalizeAddress(addr) {
   return addr.trim().toLowerCase();
 }
+var NON_USDC_TOKEN_WORDS = [
+  // Patterns are anchored with \b on both sides. Case-insensitive.
+  { symbol: "SUI", pattern: /\bSUI\b/i },
+  { symbol: "USDT", pattern: /\bUSDT\b/i },
+  { symbol: "USDe", pattern: /\bUSDe\b/i },
+  { symbol: "USDsui", pattern: /\bUSDsui\b/i },
+  { symbol: "WAL", pattern: /\bWAL\b/i },
+  { symbol: "ETH", pattern: /\bETH\b/i },
+  { symbol: "NAVX", pattern: /\bNAVX\b/i },
+  { symbol: "GOLD", pattern: /\bGOLD\b/i }
+];
+function guardAssetIntent(tool, call, userText) {
+  if (tool.name !== "send_transfer") {
+    return { verdict: "pass", gate: "asset_intent", tier: "safety" };
+  }
+  const input = call.input;
+  const assetWasSet = !(input.asset === void 0 || input.asset === null || input.asset === "");
+  if (assetWasSet) {
+    return { verdict: "pass", gate: "asset_intent", tier: "safety" };
+  }
+  const mentioned = NON_USDC_TOKEN_WORDS.find((t) => t.pattern.test(userText));
+  if (!mentioned) {
+    return { verdict: "pass", gate: "asset_intent", tier: "safety" };
+  }
+  return {
+    verdict: "block",
+    gate: "asset_intent",
+    tier: "safety",
+    message: `Asset mismatch: the user's recent messages mention "${mentioned.symbol}" but send_transfer was called without an \`asset\` field (defaults to USDC). If the user asked you to send ${mentioned.symbol}, re-issue send_transfer with \`asset: "${mentioned.symbol}"\`. If the user really meant USDC, set \`asset: "USDC"\` explicitly to confirm intent. Never default to USDC when the user named a different token.`
+  };
+}
+function guardSwapPreview(tool, call, swapQuoteTracker) {
+  if (tool.name !== "swap_execute") {
+    return { verdict: "pass", gate: "swap_preview", tier: "safety" };
+  }
+  const input = call.input;
+  const from = typeof input.from === "string" ? input.from : "";
+  const to = typeof input.to === "string" ? input.to : "";
+  const amount = Number(input.amount ?? 0);
+  if (!from || !to || !(amount > 0)) {
+    return { verdict: "pass", gate: "swap_preview", tier: "safety" };
+  }
+  if (swapQuoteTracker.hasMatchingQuote({ from, to, amount })) {
+    return { verdict: "pass", gate: "swap_preview", tier: "safety" };
+  }
+  return {
+    verdict: "block",
+    gate: "swap_preview",
+    tier: "safety",
+    message: `swap_execute requires a recent matching swap_quote so the user sees an accurate preview. Call swap_quote({ from: "${from}", to: "${to}", amount: ${amount} }) first, then re-issue swap_execute with the same params. swap_quote is read-only and returns the real on-chain output, route, and price impact \u2014 never estimate from memory.`
+  };
+}
 function guardAddressSource(tool, call, userText, contacts, walletAddress) {
   if (tool.name !== "send_transfer") {
     return { verdict: "pass", gate: "address_source", tier: "safety" };
@@ -3848,6 +3958,7 @@ function createGuardRunnerState() {
   return {
     balanceTracker: new BalanceTracker(),
     retryTracker: new RetryTracker(),
+    swapQuoteTracker: new SwapQuoteTracker(),
     lastHealthFactor: null
   };
 }
@@ -3903,6 +4014,12 @@ function runGuards(tool, call, state, config, conversationContext, onGuardFired,
       )
     );
   }
+  if (config.assetIntent !== false) {
+    results.push(guardAssetIntent(tool, call, conversationContext.recentUserText));
+  }
+  if (config.swapPreview !== false) {
+    results.push(guardSwapPreview(tool, call, state.swapQuoteTracker));
+  }
   if (config.irreversibility !== false) {
     results.push(guardIrreversibility(tool, call, conversationContext.fullText));
   }
@@ -3969,6 +4086,15 @@ function updateGuardStateAfterToolResult(toolName, tool, input, result, isError,
       state.lastHealthFactor = hf;
     }
   }
+  if (toolName === "swap_quote" && input && typeof input === "object") {
+    const i = input;
+    const from = typeof i.from === "string" ? i.from : "";
+    const to = typeof i.to === "string" ? i.to : "";
+    const amount = Number(i.amount ?? 0);
+    if (from && to && amount > 0) {
+      state.swapQuoteTracker.record({ from, to, amount });
+    }
+  }
   state.retryTracker.record(toolName, input, result);
 }
 function extractConversationText(messages) {