@useagentpay/sdk 0.1.0

package/dist/cli.cjs

@@ -0,0 +1,2758 @@
+#!/usr/bin/env node
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+
+// ../../node_modules/.pnpm/tsup@8.5.1_jiti@2.6.1_postcss@8.5.6_tsx@4.21.0_typescript@5.9.3/node_modules/tsup/assets/cjs_shims.js
+var init_cjs_shims = __esm({
+  "../../node_modules/.pnpm/tsup@8.5.1_jiti@2.6.1_postcss@8.5.6_tsx@4.21.0_typescript@5.9.3/node_modules/tsup/assets/cjs_shims.js"() {
+    "use strict";
+  }
+});
+
+// src/errors.ts
+var NotSetupError, DecryptError, InsufficientBalanceError, ExceedsTxLimitError, NotApprovedError, InvalidMandateError, AlreadyExecutedError, CheckoutFailedError, TimeoutError;
+var init_errors = __esm({
+  "src/errors.ts"() {
+    "use strict";
+    init_cjs_shims();
+    NotSetupError = class extends Error {
+      code = "NOT_SETUP";
+      constructor(message = "AgentPay has not been set up yet. Run `agentpay setup` first.") {
+        super(message);
+        this.name = "NotSetupError";
+      }
+    };
+    DecryptError = class extends Error {
+      code = "DECRYPT_FAILED";
+      constructor(message = "Failed to decrypt credentials. Wrong passphrase or corrupted file.") {
+        super(message);
+        this.name = "DecryptError";
+      }
+    };
+    InsufficientBalanceError = class extends Error {
+      code = "INSUFFICIENT_BALANCE";
+      constructor(amount, balance) {
+        const msg = amount !== void 0 && balance !== void 0 ? `Insufficient balance: requested $${amount.toFixed(2)} but only $${balance.toFixed(2)} available.` : "Insufficient balance for this transaction.";
+        super(msg);
+        this.name = "InsufficientBalanceError";
+      }
+    };
+    ExceedsTxLimitError = class extends Error {
+      code = "EXCEEDS_TX_LIMIT";
+      constructor(amount, limit) {
+        const msg = amount !== void 0 && limit !== void 0 ? `Amount $${amount.toFixed(2)} exceeds per-transaction limit of $${limit.toFixed(2)}.` : "Amount exceeds per-transaction limit.";
+        super(msg);
+        this.name = "ExceedsTxLimitError";
+      }
+    };
+    NotApprovedError = class extends Error {
+      code = "NOT_APPROVED";
+      constructor(txId) {
+        super(txId ? `Transaction ${txId} has not been approved.` : "Transaction has not been approved.");
+        this.name = "NotApprovedError";
+      }
+    };
+    InvalidMandateError = class extends Error {
+      code = "INVALID_MANDATE";
+      constructor(message = "Purchase mandate signature verification failed.") {
+        super(message);
+        this.name = "InvalidMandateError";
+      }
+    };
+    AlreadyExecutedError = class extends Error {
+      code = "ALREADY_EXECUTED";
+      constructor(txId) {
+        super(txId ? `Transaction ${txId} has already been executed.` : "Transaction has already been executed.");
+        this.name = "AlreadyExecutedError";
+      }
+    };
+    CheckoutFailedError = class extends Error {
+      code = "CHECKOUT_FAILED";
+      constructor(message = "Failed to complete checkout.") {
+        super(message);
+        this.name = "CheckoutFailedError";
+      }
+    };
+    TimeoutError = class extends Error {
+      code = "TIMEOUT";
+      constructor(message = "Operation timed out.") {
+        super(message);
+        this.name = "TimeoutError";
+      }
+    };
+  }
+});
+
+// src/utils/ids.ts
+function generateTxId() {
+  return `tx_${(0, import_node_crypto.randomBytes)(4).toString("hex")}`;
+}
+var import_node_crypto;
+var init_ids = __esm({
+  "src/utils/ids.ts"() {
+    "use strict";
+    init_cjs_shims();
+    import_node_crypto = require("crypto");
+  }
+});
+
+// src/utils/display.ts
+function formatCurrency(amount) {
+  return `$${amount.toFixed(2)}`;
+}
+function formatTimestamp(iso) {
+  const d = new Date(iso);
+  return d.toLocaleString("en-US", {
+    month: "short",
+    day: "numeric",
+    hour: "2-digit",
+    minute: "2-digit"
+  });
+}
+function formatStatus(data) {
+  const lines = [
+    "AgentPay Status",
+    "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500",
+    `Balance:            ${formatCurrency(data.balance)} / ${formatCurrency(data.budget)}`,
+    `Per-tx limit:       ${formatCurrency(data.limitPerTx)}`,
+    `Pending purchases:  ${data.pending.length}`
+  ];
+  if (data.recent.length > 0) {
+    lines.push("", "Recent:");
+    for (const tx of data.recent) {
+      const status = `[${tx.status}]`.padEnd(12);
+      lines.push(`  ${status} ${tx.id}  ${tx.merchant.padEnd(12)} ${formatCurrency(tx.amount).padStart(8)}  ${tx.description}`);
+    }
+  }
+  return lines.join("\n");
+}
+var init_display = __esm({
+  "src/utils/display.ts"() {
+    "use strict";
+    init_cjs_shims();
+  }
+});
+
+// src/utils/paths.ts
+function getHomePath() {
+  return process.env.AGENTPAY_HOME || (0, import_node_path.join)((0, import_node_os.homedir)(), ".agentpay");
+}
+function getCredentialsPath() {
+  return (0, import_node_path.join)(getHomePath(), "credentials.enc");
+}
+function getKeysPath() {
+  return (0, import_node_path.join)(getHomePath(), "keys");
+}
+function getPublicKeyPath() {
+  return (0, import_node_path.join)(getKeysPath(), "public.pem");
+}
+function getPrivateKeyPath() {
+  return (0, import_node_path.join)(getKeysPath(), "private.pem");
+}
+function getWalletPath() {
+  return (0, import_node_path.join)(getHomePath(), "wallet.json");
+}
+function getTransactionsPath() {
+  return (0, import_node_path.join)(getHomePath(), "transactions.json");
+}
+function getAuditPath() {
+  return (0, import_node_path.join)(getHomePath(), "audit.log");
+}
+var import_node_os, import_node_path;
+var init_paths = __esm({
+  "src/utils/paths.ts"() {
+    "use strict";
+    init_cjs_shims();
+    import_node_os = require("os");
+    import_node_path = require("path");
+  }
+});
+
+// src/vault/vault.ts
+function deriveKey(passphrase, salt) {
+  return (0, import_node_crypto2.pbkdf2Sync)(passphrase, salt, PBKDF2_ITERATIONS, KEY_LENGTH, PBKDF2_DIGEST);
+}
+function encrypt(credentials, passphrase) {
+  const salt = (0, import_node_crypto2.randomBytes)(SALT_LENGTH);
+  const iv = (0, import_node_crypto2.randomBytes)(IV_LENGTH);
+  const key = deriveKey(passphrase, salt);
+  const cipher = (0, import_node_crypto2.createCipheriv)(ALGORITHM, key, iv);
+  const plaintext = JSON.stringify(credentials);
+  const encrypted = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
+  const authTag = cipher.getAuthTag();
+  return {
+    ciphertext: Buffer.concat([encrypted, authTag]).toString("base64"),
+    salt: salt.toString("base64"),
+    iv: iv.toString("base64")
+  };
+}
+function decrypt(vault, passphrase) {
+  try {
+    const salt = Buffer.from(vault.salt, "base64");
+    const iv = Buffer.from(vault.iv, "base64");
+    const data = Buffer.from(vault.ciphertext, "base64");
+    const key = deriveKey(passphrase, salt);
+    const authTag = data.subarray(data.length - 16);
+    const ciphertext = data.subarray(0, data.length - 16);
+    const decipher = (0, import_node_crypto2.createDecipheriv)(ALGORITHM, key, iv);
+    decipher.setAuthTag(authTag);
+    const decrypted = Buffer.concat([decipher.update(ciphertext), decipher.final()]);
+    return JSON.parse(decrypted.toString("utf8"));
+  } catch {
+    throw new DecryptError();
+  }
+}
+function saveVault(vault, path) {
+  const filePath = path ?? getCredentialsPath();
+  (0, import_node_fs.mkdirSync)((0, import_node_path2.dirname)(filePath), { recursive: true });
+  (0, import_node_fs.writeFileSync)(filePath, JSON.stringify(vault, null, 2), { mode: 384 });
+}
+function loadVault(path) {
+  const filePath = path ?? getCredentialsPath();
+  try {
+    const data = (0, import_node_fs.readFileSync)(filePath, "utf8");
+    return JSON.parse(data);
+  } catch {
+    throw new NotSetupError();
+  }
+}
+var import_node_crypto2, import_node_fs, import_node_path2, ALGORITHM, PBKDF2_ITERATIONS, PBKDF2_DIGEST, KEY_LENGTH, SALT_LENGTH, IV_LENGTH;
+var init_vault = __esm({
+  "src/vault/vault.ts"() {
+    "use strict";
+    init_cjs_shims();
+    import_node_crypto2 = require("crypto");
+    import_node_fs = require("fs");
+    import_node_path2 = require("path");
+    init_errors();
+    init_paths();
+    ALGORITHM = "aes-256-gcm";
+    PBKDF2_ITERATIONS = 1e5;
+    PBKDF2_DIGEST = "sha512";
+    KEY_LENGTH = 32;
+    SALT_LENGTH = 32;
+    IV_LENGTH = 16;
+  }
+});
+
+// src/auth/keypair.ts
+function generateKeyPair(passphrase) {
+  const { publicKey, privateKey } = (0, import_node_crypto3.generateKeyPairSync)("ed25519", {
+    publicKeyEncoding: { type: "spki", format: "pem" },
+    privateKeyEncoding: {
+      type: "pkcs8",
+      format: "pem",
+      cipher: "aes-256-cbc",
+      passphrase
+    }
+  });
+  return { publicKey, privateKey };
+}
+function saveKeyPair(keys, publicPath, privatePath) {
+  const pubPath = publicPath ?? getPublicKeyPath();
+  const privPath = privatePath ?? getPrivateKeyPath();
+  (0, import_node_fs2.mkdirSync)((0, import_node_path3.dirname)(pubPath), { recursive: true });
+  (0, import_node_fs2.writeFileSync)(pubPath, keys.publicKey, { mode: 420 });
+  (0, import_node_fs2.writeFileSync)(privPath, keys.privateKey, { mode: 384 });
+}
+function loadPrivateKey(path) {
+  return (0, import_node_fs2.readFileSync)(path ?? getPrivateKeyPath(), "utf8");
+}
+var import_node_crypto3, import_node_fs2, import_node_path3;
+var init_keypair = __esm({
+  "src/auth/keypair.ts"() {
+    "use strict";
+    init_cjs_shims();
+    import_node_crypto3 = require("crypto");
+    import_node_fs2 = require("fs");
+    import_node_path3 = require("path");
+    init_paths();
+  }
+});
+
+// src/auth/mandate.ts
+function hashTransactionDetails(details) {
+  const canonical = JSON.stringify({
+    txId: details.txId,
+    merchant: details.merchant,
+    amount: details.amount,
+    description: details.description,
+    timestamp: details.timestamp
+  });
+  return (0, import_node_crypto4.createHash)("sha256").update(canonical).digest("hex");
+}
+function createMandate(txDetails, privateKeyPem, passphrase) {
+  const txHash = hashTransactionDetails(txDetails);
+  const data = Buffer.from(txHash);
+  const privateKey = (0, import_node_crypto4.createPrivateKey)({
+    key: privateKeyPem,
+    format: "pem",
+    type: "pkcs8",
+    passphrase
+  });
+  const signature = (0, import_node_crypto4.sign)(null, data, privateKey);
+  const publicKey = (0, import_node_crypto4.createPublicKey)(privateKey);
+  const publicKeyPem = publicKey.export({ type: "spki", format: "pem" });
+  return {
+    txId: txDetails.txId,
+    txHash,
+    signature: signature.toString("base64"),
+    publicKey: publicKeyPem,
+    timestamp: (/* @__PURE__ */ new Date()).toISOString()
+  };
+}
+function verifyMandate(mandate, txDetails) {
+  try {
+    const txHash = hashTransactionDetails(txDetails);
+    if (txHash !== mandate.txHash) return false;
+    const data = Buffer.from(txHash);
+    const signature = Buffer.from(mandate.signature, "base64");
+    const publicKey = (0, import_node_crypto4.createPublicKey)({
+      key: mandate.publicKey,
+      format: "pem",
+      type: "spki"
+    });
+    return (0, import_node_crypto4.verify)(null, data, publicKey, signature);
+  } catch {
+    return false;
+  }
+}
+var import_node_crypto4;
+var init_mandate = __esm({
+  "src/auth/mandate.ts"() {
+    "use strict";
+    init_cjs_shims();
+    import_node_crypto4 = require("crypto");
+  }
+});
+
+// src/budget/budget.ts
+var import_node_fs3, import_node_path4, BudgetManager;
+var init_budget = __esm({
+  "src/budget/budget.ts"() {
+    "use strict";
+    init_cjs_shims();
+    import_node_fs3 = require("fs");
+    import_node_path4 = require("path");
+    init_errors();
+    init_paths();
+    BudgetManager = class {
+      walletPath;
+      constructor(walletPath) {
+        this.walletPath = walletPath ?? getWalletPath();
+      }
+      getWallet() {
+        try {
+          const data = (0, import_node_fs3.readFileSync)(this.walletPath, "utf8");
+          return JSON.parse(data);
+        } catch {
+          throw new NotSetupError();
+        }
+      }
+      saveWallet(wallet) {
+        (0, import_node_fs3.mkdirSync)((0, import_node_path4.dirname)(this.walletPath), { recursive: true });
+        (0, import_node_fs3.writeFileSync)(this.walletPath, JSON.stringify(wallet, null, 2), { mode: 384 });
+      }
+      setBudget(amount) {
+        let wallet;
+        try {
+          wallet = this.getWallet();
+        } catch {
+          wallet = { budget: 0, balance: 0, limitPerTx: 0, spent: 0 };
+        }
+        wallet.budget = amount;
+        wallet.balance = amount - wallet.spent;
+        this.saveWallet(wallet);
+      }
+      setLimitPerTx(limit) {
+        const wallet = this.getWallet();
+        wallet.limitPerTx = limit;
+        this.saveWallet(wallet);
+      }
+      deductBalance(amount) {
+        const wallet = this.getWallet();
+        if (amount > wallet.balance) {
+          throw new InsufficientBalanceError(amount, wallet.balance);
+        }
+        wallet.balance -= amount;
+        wallet.spent += amount;
+        this.saveWallet(wallet);
+      }
+      checkProposal(amount) {
+        const wallet = this.getWallet();
+        if (amount > wallet.balance) {
+          throw new InsufficientBalanceError(amount, wallet.balance);
+        }
+        if (wallet.limitPerTx > 0 && amount > wallet.limitPerTx) {
+          throw new ExceedsTxLimitError(amount, wallet.limitPerTx);
+        }
+      }
+      addFunds(amount) {
+        const wallet = this.getWallet();
+        wallet.budget += amount;
+        wallet.balance += amount;
+        this.saveWallet(wallet);
+        return wallet;
+      }
+      getBalance() {
+        const wallet = this.getWallet();
+        return {
+          budget: wallet.budget,
+          balance: wallet.balance,
+          limitPerTx: wallet.limitPerTx,
+          spent: wallet.spent
+        };
+      }
+      initWallet(budget, limitPerTx = 0) {
+        const wallet = { budget, balance: budget, limitPerTx, spent: 0 };
+        this.saveWallet(wallet);
+      }
+    };
+  }
+});
+
+// src/transactions/manager.ts
+var import_node_fs4, import_node_path5, TransactionManager;
+var init_manager = __esm({
+  "src/transactions/manager.ts"() {
+    "use strict";
+    init_cjs_shims();
+    import_node_fs4 = require("fs");
+    import_node_path5 = require("path");
+    init_ids();
+    init_paths();
+    TransactionManager = class {
+      txPath;
+      constructor(txPath) {
+        this.txPath = txPath ?? getTransactionsPath();
+      }
+      loadAll() {
+        try {
+          const data = (0, import_node_fs4.readFileSync)(this.txPath, "utf8");
+          return JSON.parse(data);
+        } catch {
+          return [];
+        }
+      }
+      saveAll(transactions) {
+        (0, import_node_fs4.mkdirSync)((0, import_node_path5.dirname)(this.txPath), { recursive: true });
+        (0, import_node_fs4.writeFileSync)(this.txPath, JSON.stringify(transactions, null, 2), { mode: 384 });
+      }
+      propose(options) {
+        const transactions = this.loadAll();
+        const tx = {
+          id: generateTxId(),
+          status: "pending",
+          merchant: options.merchant,
+          amount: options.amount,
+          description: options.description,
+          url: options.url,
+          createdAt: (/* @__PURE__ */ new Date()).toISOString()
+        };
+        transactions.push(tx);
+        this.saveAll(transactions);
+        return tx;
+      }
+      get(txId) {
+        return this.loadAll().find((tx) => tx.id === txId);
+      }
+      approve(txId, mandate) {
+        const transactions = this.loadAll();
+        const tx = transactions.find((t) => t.id === txId);
+        if (!tx) throw new Error(`Transaction ${txId} not found.`);
+        if (tx.status !== "pending") throw new Error(`Cannot approve transaction in '${tx.status}' state.`);
+        tx.status = "approved";
+        tx.mandate = mandate;
+        this.saveAll(transactions);
+      }
+      reject(txId, reason) {
+        const transactions = this.loadAll();
+        const tx = transactions.find((t) => t.id === txId);
+        if (!tx) throw new Error(`Transaction ${txId} not found.`);
+        if (tx.status !== "pending") throw new Error(`Cannot reject transaction in '${tx.status}' state.`);
+        tx.status = "rejected";
+        tx.rejectionReason = reason;
+        this.saveAll(transactions);
+      }
+      markExecuting(txId) {
+        const transactions = this.loadAll();
+        const tx = transactions.find((t) => t.id === txId);
+        if (!tx) throw new Error(`Transaction ${txId} not found.`);
+        if (tx.status !== "approved") throw new Error(`Cannot execute transaction in '${tx.status}' state.`);
+        tx.status = "executing";
+        this.saveAll(transactions);
+      }
+      markCompleted(txId, receipt) {
+        const transactions = this.loadAll();
+        const tx = transactions.find((t) => t.id === txId);
+        if (!tx) throw new Error(`Transaction ${txId} not found.`);
+        if (tx.status !== "executing") throw new Error(`Cannot complete transaction in '${tx.status}' state.`);
+        tx.status = "completed";
+        tx.receipt = receipt;
+        this.saveAll(transactions);
+      }
+      markFailed(txId, error) {
+        const transactions = this.loadAll();
+        const tx = transactions.find((t) => t.id === txId);
+        if (!tx) throw new Error(`Transaction ${txId} not found.`);
+        if (tx.status !== "executing") throw new Error(`Cannot fail transaction in '${tx.status}' state.`);
+        tx.status = "failed";
+        tx.error = error;
+        this.saveAll(transactions);
+      }
+      list() {
+        return this.loadAll();
+      }
+      getPending() {
+        return this.loadAll().filter((tx) => tx.status === "pending");
+      }
+      getHistory() {
+        return this.loadAll().filter((tx) => tx.status !== "pending");
+      }
+    };
+  }
+});
+
+// src/transactions/poller.ts
+var poller_exports = {};
+__export(poller_exports, {
+  waitForApproval: () => waitForApproval
+});
+async function waitForApproval(txId, manager, options) {
+  const interval = options?.pollInterval ?? 2e3;
+  const timeout = options?.timeout ?? 3e5;
+  const deadline = Date.now() + timeout;
+  while (Date.now() < deadline) {
+    const tx = manager.get(txId);
+    if (!tx) throw new Error(`Transaction ${txId} not found.`);
+    if (tx.status === "approved") return { status: "approved" };
+    if (tx.status === "rejected") return { status: "rejected", reason: tx.rejectionReason };
+    await new Promise((resolve2) => setTimeout(resolve2, interval));
+  }
+  throw new TimeoutError(`Timed out waiting for approval of ${txId}`);
+}
+var init_poller = __esm({
+  "src/transactions/poller.ts"() {
+    "use strict";
+    init_cjs_shims();
+    init_errors();
+  }
+});
+
+// src/audit/logger.ts
+var import_node_fs5, import_node_path6, AuditLogger;
+var init_logger = __esm({
+  "src/audit/logger.ts"() {
+    "use strict";
+    init_cjs_shims();
+    import_node_fs5 = require("fs");
+    import_node_path6 = require("path");
+    init_paths();
+    AuditLogger = class {
+      logPath;
+      constructor(logPath) {
+        this.logPath = logPath ?? getAuditPath();
+      }
+      log(action, details) {
+        const timestamp = (/* @__PURE__ */ new Date()).toISOString();
+        const detailsStr = JSON.stringify(details);
+        const entry = `${timestamp}	${action}	${detailsStr}
+`;
+        (0, import_node_fs5.mkdirSync)((0, import_node_path6.dirname)(this.logPath), { recursive: true });
+        (0, import_node_fs5.appendFileSync)(this.logPath, entry, { mode: 384 });
+      }
+      getLog() {
+        try {
+          const data = (0, import_node_fs5.readFileSync)(this.logPath, "utf8");
+          return data.trim().split("\n").filter(Boolean);
+        } catch {
+          return [];
+        }
+      }
+    };
+  }
+});
+
+// src/executor/placeholder.ts
+function getPlaceholderVariables() {
+  return {
+    card_number: "%card_number%",
+    cardholder_name: "%cardholder_name%",
+    card_expiry: "%card_expiry%",
+    card_cvv: "%card_cvv%",
+    billing_street: "%billing_street%",
+    billing_city: "%billing_city%",
+    billing_state: "%billing_state%",
+    billing_zip: "%billing_zip%",
+    billing_country: "%billing_country%",
+    shipping_street: "%shipping_street%",
+    shipping_city: "%shipping_city%",
+    shipping_state: "%shipping_state%",
+    shipping_zip: "%shipping_zip%",
+    shipping_country: "%shipping_country%",
+    email: "%email%",
+    phone: "%phone%"
+  };
+}
+function credentialsToSwapMap(creds) {
+  return {
+    [PLACEHOLDER_MAP.card_number]: creds.card.number,
+    [PLACEHOLDER_MAP.cardholder_name]: creds.name,
+    [PLACEHOLDER_MAP.card_expiry]: creds.card.expiry,
+    [PLACEHOLDER_MAP.card_cvv]: creds.card.cvv,
+    [PLACEHOLDER_MAP.billing_street]: creds.billingAddress.street,
+    [PLACEHOLDER_MAP.billing_city]: creds.billingAddress.city,
+    [PLACEHOLDER_MAP.billing_state]: creds.billingAddress.state,
+    [PLACEHOLDER_MAP.billing_zip]: creds.billingAddress.zip,
+    [PLACEHOLDER_MAP.billing_country]: creds.billingAddress.country,
+    [PLACEHOLDER_MAP.shipping_street]: creds.shippingAddress.street,
+    [PLACEHOLDER_MAP.shipping_city]: creds.shippingAddress.city,
+    [PLACEHOLDER_MAP.shipping_state]: creds.shippingAddress.state,
+    [PLACEHOLDER_MAP.shipping_zip]: creds.shippingAddress.zip,
+    [PLACEHOLDER_MAP.shipping_country]: creds.shippingAddress.country,
+    [PLACEHOLDER_MAP.email]: creds.email,
+    [PLACEHOLDER_MAP.phone]: creds.phone
+  };
+}
+var PLACEHOLDER_MAP;
+var init_placeholder = __esm({
+  "src/executor/placeholder.ts"() {
+    "use strict";
+    init_cjs_shims();
+    PLACEHOLDER_MAP = {
+      card_number: "{{card_number}}",
+      cardholder_name: "{{cardholder_name}}",
+      card_expiry: "{{card_expiry}}",
+      card_cvv: "{{card_cvv}}",
+      billing_street: "{{billing_street}}",
+      billing_city: "{{billing_city}}",
+      billing_state: "{{billing_state}}",
+      billing_zip: "{{billing_zip}}",
+      billing_country: "{{billing_country}}",
+      shipping_street: "{{shipping_street}}",
+      shipping_city: "{{shipping_city}}",
+      shipping_state: "{{shipping_state}}",
+      shipping_zip: "{{shipping_zip}}",
+      shipping_country: "{{shipping_country}}",
+      email: "{{email}}",
+      phone: "{{phone}}"
+    };
+  }
+});
+
+// src/executor/executor.ts
+var import_stagehand, PurchaseExecutor;
+var init_executor = __esm({
+  "src/executor/executor.ts"() {
+    "use strict";
+    init_cjs_shims();
+    import_stagehand = require("@browserbasehq/stagehand");
+    init_errors();
+    init_placeholder();
+    PurchaseExecutor = class {
+      config;
+      stagehand = null;
+      constructor(config) {
+        this.config = {
+          browserbaseApiKey: config?.browserbaseApiKey ?? process.env.BROWSERBASE_API_KEY,
+          browserbaseProjectId: config?.browserbaseProjectId ?? process.env.BROWSERBASE_PROJECT_ID,
+          modelApiKey: config?.modelApiKey ?? process.env.ANTHROPIC_API_KEY
+        };
+      }
+      createStagehand() {
+        return new import_stagehand.Stagehand({
+          env: "BROWSERBASE",
+          apiKey: this.config.browserbaseApiKey,
+          projectId: this.config.browserbaseProjectId,
+          model: this.config.modelApiKey ? { modelName: "claude-3-7-sonnet-latest", apiKey: this.config.modelApiKey } : void 0,
+          browserbaseSessionCreateParams: {
+            browserSettings: {
+              recordSession: false
+            }
+          }
+        });
+      }
+      /**
+       * Phase 1: Open browser, navigate to URL, extract price and product info.
+       * Keeps the session alive for fillAndComplete().
+       */
+      async openAndDiscover(url, instructions) {
+        this.stagehand = this.createStagehand();
+        await this.stagehand.init();
+        const page = this.stagehand.context.activePage();
+        await page.goto(url);
+        const addToCartInstructions = instructions ? `On this product page: ${instructions}. Then add the item to the cart.` : "Add this product to the cart.";
+        await this.stagehand.act(addToCartInstructions);
+        const extracted = await this.stagehand.extract(
+          'Extract the product name and the price (as a number without $ sign) from the page or cart. Return JSON: { "price": <number>, "productName": "<string>" }'
+        );
+        const price = parseFloat(extracted?.price ?? extracted?.extraction?.price ?? "0");
+        const productName = extracted?.productName ?? extracted?.extraction?.productName ?? "Unknown Product";
+        return { price, productName };
+      }
+      /**
+       * Phase 2: Proceed to checkout, fill forms, swap credentials, and submit.
+       * Must be called after openAndDiscover().
+       */
+      async fillAndComplete(credentials) {
+        if (!this.stagehand) {
+          throw new CheckoutFailedError("No active session. Call openAndDiscover() first.");
+        }
+        try {
+          await this.stagehand.act("Proceed to checkout from the cart.");
+          const variables = getPlaceholderVariables();
+          await this.stagehand.act(
+            `Fill in the checkout form with these values:
+          Name: ${variables.cardholder_name}
+          Card Number: ${variables.card_number}
+          Expiry: ${variables.card_expiry}
+          CVV: ${variables.card_cvv}
+          Email: ${variables.email}
+          Phone: ${variables.phone}
+          Billing Street: ${variables.billing_street}
+          Billing City: ${variables.billing_city}
+          Billing State: ${variables.billing_state}
+          Billing ZIP: ${variables.billing_zip}
+          Billing Country: ${variables.billing_country}
+          Shipping Street: ${variables.shipping_street}
+          Shipping City: ${variables.shipping_city}
+          Shipping State: ${variables.shipping_state}
+          Shipping ZIP: ${variables.shipping_zip}
+          Shipping Country: ${variables.shipping_country}`,
+            { variables }
+          );
+          const swapMap = credentialsToSwapMap(credentials);
+          const page = this.stagehand.context.activePage();
+          await page.evaluate((map) => {
+            const inputs = document.querySelectorAll("input, textarea, select");
+            for (const input of inputs) {
+              const el = input;
+              for (const [placeholder, value] of Object.entries(map)) {
+                if (el.value === placeholder) {
+                  el.value = value;
+                  el.dispatchEvent(new Event("input", { bubbles: true }));
+                  el.dispatchEvent(new Event("change", { bubbles: true }));
+                }
+              }
+            }
+            const submitBtn = document.querySelector('button[type="submit"], input[type="submit"]');
+            if (submitBtn) submitBtn.click();
+          }, swapMap);
+          await page.waitForTimeout(5e3);
+          const result = await this.stagehand.extract(
+            "Extract the order confirmation number or ID from the page"
+          );
+          const confirmationId = result?.extraction;
+          if (!confirmationId || confirmationId === "null" || confirmationId === "UNKNOWN") {
+            throw new CheckoutFailedError("No order confirmation found. Checkout may not have completed.");
+          }
+          return {
+            success: true,
+            confirmationId
+          };
+        } catch (err) {
+          if (err instanceof CheckoutFailedError) throw err;
+          const message = err instanceof Error ? err.message : "Unknown checkout error";
+          throw new CheckoutFailedError(message);
+        }
+      }
+      /**
+       * Convenience: single-shot execute (navigate + checkout in one call).
+       * Used by AgentPay facade when amount is already known.
+       */
+      async execute(tx, credentials) {
+        this.stagehand = this.createStagehand();
+        try {
+          await this.stagehand.init();
+          const page = this.stagehand.context.activePage();
+          await page.goto(tx.url);
+          const variables = getPlaceholderVariables();
+          await this.stagehand.act(
+            `Find the product and proceed to checkout. Fill in the checkout form with these values:
+          Name: ${variables.cardholder_name}
+          Card Number: ${variables.card_number}
+          Expiry: ${variables.card_expiry}
+          CVV: ${variables.card_cvv}
+          Email: ${variables.email}
+          Phone: ${variables.phone}
+          Billing Street: ${variables.billing_street}
+          Billing City: ${variables.billing_city}
+          Billing State: ${variables.billing_state}
+          Billing ZIP: ${variables.billing_zip}
+          Billing Country: ${variables.billing_country}
+          Shipping Street: ${variables.shipping_street}
+          Shipping City: ${variables.shipping_city}
+          Shipping State: ${variables.shipping_state}
+          Shipping ZIP: ${variables.shipping_zip}
+          Shipping Country: ${variables.shipping_country}`,
+            { variables }
+          );
+          const swapMap = credentialsToSwapMap(credentials);
+          await page.evaluate((map) => {
+            const inputs = document.querySelectorAll("input, textarea, select");
+            for (const input of inputs) {
+              const el = input;
+              for (const [placeholder, value] of Object.entries(map)) {
+                if (el.value === placeholder) {
+                  el.value = value;
+                  el.dispatchEvent(new Event("input", { bubbles: true }));
+                  el.dispatchEvent(new Event("change", { bubbles: true }));
+                }
+              }
+            }
+            const submitBtn = document.querySelector('button[type="submit"], input[type="submit"]');
+            if (submitBtn) submitBtn.click();
+          }, swapMap);
+          await page.waitForTimeout(5e3);
+          const result = await this.stagehand.extract(
+            "Extract the order confirmation number or ID from the page"
+          );
+          const confirmationId = result?.extraction;
+          if (!confirmationId || confirmationId === "null" || confirmationId === "UNKNOWN") {
+            throw new CheckoutFailedError("No order confirmation found. Checkout may not have completed.");
+          }
+          return {
+            success: true,
+            confirmationId
+          };
+        } catch (err) {
+          if (err instanceof CheckoutFailedError) throw err;
+          const message = err instanceof Error ? err.message : "Unknown checkout error";
+          throw new CheckoutFailedError(message);
+        } finally {
+          await this.close();
+        }
+      }
+      async close() {
+        try {
+          if (this.stagehand) {
+            await this.stagehand.close();
+            this.stagehand = null;
+          }
+        } catch {
+        }
+      }
+    };
+  }
+});
+
+// src/agentpay.ts
+var import_node_path7, AgentPay;
+var init_agentpay = __esm({
+  "src/agentpay.ts"() {
+    "use strict";
+    init_cjs_shims();
+    import_node_path7 = require("path");
+    init_budget();
+    init_manager();
+    init_logger();
+    init_executor();
+    init_mandate();
+    init_vault();
+    init_paths();
+    init_errors();
+    AgentPay = class {
+      home;
+      passphrase;
+      budgetManager;
+      txManager;
+      auditLogger;
+      executor;
+      constructor(options) {
+        this.home = options?.home ?? getHomePath();
+        this.passphrase = options?.passphrase;
+        this.budgetManager = new BudgetManager((0, import_node_path7.join)(this.home, "wallet.json"));
+        this.txManager = new TransactionManager((0, import_node_path7.join)(this.home, "transactions.json"));
+        this.auditLogger = new AuditLogger((0, import_node_path7.join)(this.home, "audit.log"));
+        this.executor = new PurchaseExecutor(options?.executor);
+      }
+      get wallet() {
+        const bm = this.budgetManager;
+        return {
+          getBalance: () => bm.getBalance(),
+          getHistory: () => this.txManager.getHistory(),
+          getLimits: () => {
+            const w = bm.getBalance();
+            return { budget: w.budget, limitPerTx: w.limitPerTx, remaining: w.balance };
+          },
+          generateFundingQR: async (options) => {
+            const QRCode2 = await import("qrcode");
+            const params = new URLSearchParams();
+            if (options?.suggestedBudget) params.set("budget", String(options.suggestedBudget));
+            if (options?.message) params.set("msg", options.message);
+            const baseUrl = process.env.AGENTPAY_WEB_URL ?? "http://localhost:3000";
+            const url = `${baseUrl}/setup${params.toString() ? `?${params.toString()}` : ""}`;
+            const qrDataUrl = await QRCode2.toDataURL(url);
+            return { url, qrDataUrl };
+          }
+        };
+      }
+      get transactions() {
+        return {
+          propose: (options) => {
+            this.budgetManager.checkProposal(options.amount);
+            const tx = this.txManager.propose(options);
+            this.auditLogger.log("PROPOSE", { txId: tx.id, merchant: tx.merchant, amount: tx.amount });
+            return tx;
+          },
+          get: (txId) => this.txManager.get(txId),
+          waitForApproval: async (txId, options) => {
+            const { waitForApproval: waitForApproval2 } = await Promise.resolve().then(() => (init_poller(), poller_exports));
+            return waitForApproval2(txId, this.txManager, options);
+          },
+          execute: async (txId) => {
+            const tx = this.txManager.get(txId);
+            if (!tx) throw new Error(`Transaction ${txId} not found.`);
+            if (tx.status === "completed" || tx.status === "failed") {
+              throw new AlreadyExecutedError(txId);
+            }
+            if (tx.status !== "approved") {
+              throw new NotApprovedError(txId);
+            }
+            if (!tx.mandate) {
+              throw new InvalidMandateError("No mandate found on approved transaction.");
+            }
+            const txDetails = {
+              txId: tx.id,
+              merchant: tx.merchant,
+              amount: tx.amount,
+              description: tx.description,
+              timestamp: tx.createdAt
+            };
+            if (!verifyMandate(tx.mandate, txDetails)) {
+              throw new InvalidMandateError();
+            }
+            this.budgetManager.checkProposal(tx.amount);
+            this.txManager.markExecuting(txId);
+            this.auditLogger.log("EXECUTE", { txId, browserbaseSessionStarted: true });
+            try {
+              if (!this.passphrase) {
+                throw new Error("Passphrase required for execution. Pass it to AgentPay constructor.");
+              }
+              const vaultPath = (0, import_node_path7.join)(this.home, "credentials.enc");
+              const vault = loadVault(vaultPath);
+              const credentials = decrypt(vault, this.passphrase);
+              const result = await this.executor.execute(tx, credentials);
+              const receipt = {
+                id: `rcpt_${txId.replace("tx_", "")}`,
+                merchant: tx.merchant,
+                amount: tx.amount,
+                confirmationId: result.confirmationId ?? "UNKNOWN",
+                completedAt: (/* @__PURE__ */ new Date()).toISOString()
+              };
+              this.txManager.markCompleted(txId, receipt);
+              this.budgetManager.deductBalance(tx.amount);
+              this.auditLogger.log("COMPLETE", { txId, confirmationId: receipt.confirmationId });
+              return receipt;
+            } catch (err) {
+              this.txManager.markFailed(txId, err instanceof Error ? err.message : "Unknown error");
+              this.auditLogger.log("FAILED", { txId, error: err instanceof Error ? err.message : "Unknown" });
+              throw err;
+            }
+          },
+          getReceipt: (txId) => {
+            const tx = this.txManager.get(txId);
+            return tx?.receipt;
+          }
+        };
+      }
+      get audit() {
+        return { getLog: () => this.auditLogger.getLog() };
+      }
+      status() {
+        try {
+          const wallet = this.budgetManager.getBalance();
+          const pending = this.txManager.getPending();
+          const recent = this.txManager.list().slice(-5);
+          return {
+            balance: wallet.balance,
+            budget: wallet.budget,
+            limitPerTx: wallet.limitPerTx,
+            pending,
+            recent,
+            isSetup: true
+          };
+        } catch {
+          return {
+            balance: 0,
+            budget: 0,
+            limitPerTx: 0,
+            pending: [],
+            recent: [],
+            isSetup: false
+          };
+        }
+      }
+    };
+  }
+});
+
+// src/server/passphrase-html.ts
+function esc(s) {
+  return s.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;");
+}
+function formatCurrency2(n) {
+  return "$" + n.toFixed(2);
+}
+function getPassphraseHtml(token, context) {
+  const actionLabel = context?.action === "approve" ? "Approve Transaction" : "Approve Purchase";
+  const buttonLabel = context?.action === "approve" ? "Unlock &amp; Approve" : "Unlock &amp; Approve";
+  let contextHtml = "";
+  if (context) {
+    const lines = [];
+    if (context.merchant) lines.push(`<div class="detail"><span class="detail-label">Merchant</span><span class="detail-value">${esc(context.merchant)}</span></div>`);
+    if (context.amount !== void 0) lines.push(`<div class="detail"><span class="detail-label">Amount</span><span class="detail-value">${formatCurrency2(context.amount)}</span></div>`);
+    if (context.description) lines.push(`<div class="detail"><span class="detail-label">Description</span><span class="detail-value">${esc(context.description)}</span></div>`);
+    if (context.txId) lines.push(`<div class="detail"><span class="detail-label">Transaction</span><span class="detail-value" style="font-family:monospace;font-size:12px;">${esc(context.txId)}</span></div>`);
+    if (lines.length > 0) {
+      contextHtml = `<div class="card context-card">${lines.join("")}</div>`;
+    }
+  }
+  return `<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1">
+<title>AgentPay \u2014 Passphrase Required</title>
+<style>
+  *, *::before, *::after { box-sizing: border-box; margin: 0; padding: 0; }
+  body {
+    font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
+    background: #f5f5f5;
+    color: #111;
+    min-height: 100vh;
+    display: flex;
+    justify-content: center;
+    padding: 40px 16px;
+  }
+  .container { width: 100%; max-width: 420px; }
+  h1 { font-size: 24px; font-weight: 700; margin-bottom: 4px; }
+  .subtitle { color: #666; font-size: 14px; margin-bottom: 24px; }
+  .card {
+    background: #fff;
+    border-radius: 8px;
+    padding: 24px;
+    margin-bottom: 16px;
+    border: 1px solid #e0e0e0;
+  }
+  .context-card { padding: 16px 20px; }
+  .detail {
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+    padding: 8px 0;
+    border-bottom: 1px solid #f0f0f0;
+  }
+  .detail:last-child { border-bottom: none; }
+  .detail-label { font-size: 13px; color: #666; }
+  .detail-value { font-size: 14px; font-weight: 600; }
+  label { display: block; font-size: 13px; font-weight: 500; color: #333; margin-bottom: 6px; }
+  input[type="password"] {
+    width: 100%;
+    padding: 12px 14px;
+    border: 1px solid #d0d0d0;
+    border-radius: 8px;
+    font-size: 15px;
+    outline: none;
+    transition: border-color 0.15s;
+  }
+  input[type="password"]:focus { border-color: #111; }
+  button {
+    width: 100%;
+    padding: 12px;
+    border: none;
+    border-radius: 8px;
+    font-size: 14px;
+    font-weight: 600;
+    cursor: pointer;
+    transition: opacity 0.15s;
+    margin-top: 16px;
+    background: #111;
+    color: #fff;
+  }
+  button:hover { opacity: 0.85; }
+  button:disabled { opacity: 0.5; cursor: not-allowed; }
+  .error { color: #c62828; font-size: 13px; margin-top: 10px; }
+  .success-screen {
+    text-align: center;
+    padding: 40px 0;
+  }
+  .checkmark {
+    font-size: 48px;
+    margin-bottom: 16px;
+  }
+  .success-msg {
+    font-size: 16px;
+    font-weight: 600;
+    margin-bottom: 8px;
+  }
+  .success-hint {
+    font-size: 13px;
+    color: #666;
+  }
+  .hidden { display: none; }
+</style>
+</head>
+<body>
+<div class="container">
+  <div id="form-view">
+    <h1>AgentPay</h1>
+    <p class="subtitle">${esc(actionLabel)}</p>
+    ${contextHtml}
+    <div class="card">
+      <label for="passphrase">Passphrase</label>
+      <input type="password" id="passphrase" placeholder="Enter your passphrase" autofocus>
+      <div id="error" class="error hidden"></div>
+      <button id="submit">${buttonLabel}</button>
+    </div>
+  </div>
+  <div id="success-view" class="hidden">
+    <h1>AgentPay</h1>
+    <p class="subtitle">${esc(actionLabel)}</p>
+    <div class="card">
+      <div class="success-screen">
+        <div class="checkmark">&#10003;</div>
+        <div class="success-msg">Passphrase received</div>
+        <div class="success-hint">You can close this tab.</div>
+      </div>
+    </div>
+  </div>
+</div>
+<script>
+(function() {
+  var token = ${JSON.stringify(token)};
+  var form = document.getElementById('form-view');
+  var success = document.getElementById('success-view');
+  var input = document.getElementById('passphrase');
+  var btn = document.getElementById('submit');
+  var errDiv = document.getElementById('error');
+
+  function submit() {
+    var passphrase = input.value;
+    if (!passphrase) {
+      errDiv.textContent = 'Passphrase is required.';
+      errDiv.classList.remove('hidden');
+      return;
+    }
+    btn.disabled = true;
+    btn.textContent = 'Submitting...';
+    errDiv.classList.add('hidden');
+
+    fetch('/passphrase', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ token: token, passphrase: passphrase })
+    })
+    .then(function(res) { return res.json(); })
+    .then(function(data) {
+      if (data.error) {
+        errDiv.textContent = data.error;
+        errDiv.classList.remove('hidden');
+        btn.disabled = false;
+        btn.textContent = '${buttonLabel}';
+      } else {
+        form.classList.add('hidden');
+        success.classList.remove('hidden');
+      }
+    })
+    .catch(function() {
+      errDiv.textContent = 'Failed to submit. Is the CLI still running?';
+      errDiv.classList.remove('hidden');
+      btn.disabled = false;
+      btn.textContent = '${buttonLabel}';
+    });
+  }
+
+  btn.addEventListener('click', submit);
+  input.addEventListener('keydown', function(e) {
+    if (e.key === 'Enter') submit();
+  });
+})();
+</script>
+</body>
+</html>`;
+}
+var init_passphrase_html = __esm({
+  "src/server/passphrase-html.ts"() {
+    "use strict";
+    init_cjs_shims();
+  }
+});
+
+// src/utils/open-browser.ts
+function openBrowser(url) {
+  const plat = (0, import_node_os2.platform)();
+  let cmd;
+  if (plat === "darwin") cmd = `open "${url}"`;
+  else if (plat === "win32") cmd = `start "" "${url}"`;
+  else cmd = `xdg-open "${url}"`;
+  (0, import_node_child_process.exec)(cmd, (err) => {
+    if (err) {
+      console.log(`Open ${url} in your browser.`);
+    }
+  });
+}
+var import_node_child_process, import_node_os2;
+var init_open_browser = __esm({
+  "src/utils/open-browser.ts"() {
+    "use strict";
+    init_cjs_shims();
+    import_node_child_process = require("child_process");
+    import_node_os2 = require("os");
+  }
+});
+
+// src/server/passphrase-server.ts
+var passphrase_server_exports = {};
+__export(passphrase_server_exports, {
+  collectPassphrase: () => collectPassphrase
+});
+function parseBody(req) {
+  return new Promise((resolve2, reject) => {
+    const chunks = [];
+    let size = 0;
+    req.on("data", (chunk) => {
+      size += chunk.length;
+      if (size > MAX_BODY) {
+        req.destroy();
+        reject(new Error("Request body too large"));
+        return;
+      }
+      chunks.push(chunk);
+    });
+    req.on("end", () => {
+      try {
+        const text = Buffer.concat(chunks).toString("utf8");
+        resolve2(text ? JSON.parse(text) : {});
+      } catch {
+        reject(new Error("Invalid JSON"));
+      }
+    });
+    req.on("error", reject);
+  });
+}
+function sendJson(res, status, body) {
+  const json = JSON.stringify(body);
+  res.writeHead(status, {
+    "Content-Type": "application/json",
+    "Content-Length": Buffer.byteLength(json)
+  });
+  res.end(json);
+}
+function sendHtml(res, html) {
+  res.writeHead(200, {
+    "Content-Type": "text/html; charset=utf-8",
+    "Content-Length": Buffer.byteLength(html)
+  });
+  res.end(html);
+}
+function collectPassphrase(context) {
+  return new Promise((resolve2, reject) => {
+    const nonce = (0, import_node_crypto5.randomBytes)(32).toString("hex");
+    let settled = false;
+    const server = (0, import_node_http.createServer)(async (req, res) => {
+      const url = new URL(req.url ?? "/", `http://${req.headers.host}`);
+      const method = req.method ?? "GET";
+      try {
+        if (method === "GET" && url.pathname === "/passphrase") {
+          const token = url.searchParams.get("token");
+          if (token !== nonce) {
+            sendHtml(res, "<h1>Invalid or expired link.</h1>");
+            return;
+          }
+          sendHtml(res, getPassphraseHtml(nonce, context));
+        } else if (method === "POST" && url.pathname === "/passphrase") {
+          const body = await parseBody(req);
+          if (body.token !== nonce) {
+            sendJson(res, 403, { error: "Invalid token." });
+            return;
+          }
+          const passphrase = body.passphrase;
+          if (typeof passphrase !== "string" || !passphrase) {
+            sendJson(res, 400, { error: "Passphrase is required." });
+            return;
+          }
+          sendJson(res, 200, { ok: true });
+          if (!settled) {
+            settled = true;
+            cleanup();
+            resolve2(passphrase);
+          }
+        } else {
+          sendJson(res, 404, { error: "Not found" });
+        }
+      } catch (err) {
+        const message = err instanceof Error ? err.message : "Internal error";
+        sendJson(res, 500, { error: message });
+      }
+    });
+    const timer = setTimeout(() => {
+      if (!settled) {
+        settled = true;
+        cleanup();
+        reject(new TimeoutError("Passphrase entry timed out after 5 minutes."));
+      }
+    }, TIMEOUT_MS);
+    function cleanup() {
+      clearTimeout(timer);
+      server.close();
+    }
+    server.on("error", (err) => {
+      if (!settled) {
+        settled = true;
+        cleanup();
+        reject(err);
+      }
+    });
+    server.listen(0, "127.0.0.1", () => {
+      const addr = server.address();
+      if (!addr || typeof addr === "string") {
+        if (!settled) {
+          settled = true;
+          cleanup();
+          reject(new Error("Failed to bind server"));
+        }
+        return;
+      }
+      const url = `http://127.0.0.1:${addr.port}/passphrase?token=${nonce}`;
+      console.log("Waiting for passphrase entry in browser...");
+      openBrowser(url);
+    });
+  });
+}
+var import_node_http, import_node_crypto5, TIMEOUT_MS, MAX_BODY;
+var init_passphrase_server = __esm({
+  "src/server/passphrase-server.ts"() {
+    "use strict";
+    init_cjs_shims();
+    import_node_http = require("http");
+    import_node_crypto5 = require("crypto");
+    init_passphrase_html();
+    init_open_browser();
+    init_errors();
+    TIMEOUT_MS = 5 * 60 * 1e3;
+    MAX_BODY = 4096;
+  }
+});
+
+// src/utils/prompt.ts
+function createRl() {
+  return (0, import_node_readline.createInterface)({ input: process.stdin, output: process.stdout });
+}
+function promptInput(question) {
+  return new Promise((resolve2) => {
+    const rl = createRl();
+    rl.question(question, (answer) => {
+      rl.close();
+      resolve2(answer.trim());
+    });
+  });
+}
+async function promptPassphrase(prompt = "Passphrase: ") {
+  return promptInput(prompt);
+}
+function promptConfirm(question) {
+  return new Promise((resolve2) => {
+    const rl = createRl();
+    rl.question(`${question} (y/N): `, (answer) => {
+      rl.close();
+      resolve2(answer.trim().toLowerCase() === "y" || answer.trim().toLowerCase() === "yes");
+    });
+  });
+}
+async function promptPassphraseSafe(context) {
+  if (process.stdin.isTTY) {
+    return promptPassphrase("Enter passphrase: ");
+  }
+  const { collectPassphrase: collectPassphrase2 } = await Promise.resolve().then(() => (init_passphrase_server(), passphrase_server_exports));
+  return collectPassphrase2(context);
+}
+var import_node_readline;
+var init_prompt = __esm({
+  "src/utils/prompt.ts"() {
+    "use strict";
+    init_cjs_shims();
+    import_node_readline = require("readline");
+  }
+});
+
+// src/commands/setup.ts
+var setup_exports = {};
+__export(setup_exports, {
+  setupCommand: () => setupCommand
+});
+async function setupCommand() {
+  console.log("AgentPay Setup");
+  console.log("\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\n");
+  const home = getHomePath();
+  (0, import_node_fs6.mkdirSync)(home, { recursive: true });
+  const passphrase = await promptPassphrase("Choose a passphrase: ");
+  const confirm = await promptPassphrase("Confirm passphrase: ");
+  if (passphrase !== confirm) {
+    console.error("Passphrases do not match.");
+    process.exit(1);
+  }
+  console.log("\nBilling Information");
+  console.log("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
+  const cardNumber = await promptInput("Card number: ");
+  const cardExpiry = await promptInput("Expiry (MM/YY): ");
+  const cardCvv = await promptInput("CVV: ");
+  console.log("\nPersonal Information");
+  console.log("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
+  const name = await promptInput("Full name: ");
+  const email = await promptInput("Email: ");
+  const phone = await promptInput("Phone: ");
+  console.log("\nBilling Address");
+  console.log("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
+  const billingStreet = await promptInput("Street: ");
+  const billingCity = await promptInput("City: ");
+  const billingState = await promptInput("State: ");
+  const billingZip = await promptInput("ZIP: ");
+  const billingCountry = await promptInput("Country (e.g. US): ");
+  console.log("\nShipping Address");
+  console.log("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
+  const sameAsBilling = await promptInput("Same as billing? (y/N): ");
+  let shippingStreet, shippingCity, shippingState, shippingZip, shippingCountry;
+  if (sameAsBilling.toLowerCase() === "y" || sameAsBilling.toLowerCase() === "yes") {
+    shippingStreet = billingStreet;
+    shippingCity = billingCity;
+    shippingState = billingState;
+    shippingZip = billingZip;
+    shippingCountry = billingCountry;
+  } else {
+    shippingStreet = await promptInput("Street: ");
+    shippingCity = await promptInput("City: ");
+    shippingState = await promptInput("State: ");
+    shippingZip = await promptInput("ZIP: ");
+    shippingCountry = await promptInput("Country (e.g. US): ");
+  }
+  const credentials = {
+    card: { number: cardNumber, expiry: cardExpiry, cvv: cardCvv },
+    name,
+    billingAddress: { street: billingStreet, city: billingCity, state: billingState, zip: billingZip, country: billingCountry },
+    shippingAddress: { street: shippingStreet, city: shippingCity, state: shippingState, zip: shippingZip, country: shippingCountry },
+    email,
+    phone
+  };
+  const vault = encrypt(credentials, passphrase);
+  saveVault(vault, getCredentialsPath());
+  console.log("\nCredentials encrypted and saved.");
+  const keys = generateKeyPair(passphrase);
+  (0, import_node_fs6.mkdirSync)(getKeysPath(), { recursive: true });
+  saveKeyPair(keys);
+  console.log("Keypair generated.");
+  const bm = new BudgetManager();
+  bm.initWallet(0, 0);
+  console.log("Wallet initialized.");
+  const audit = new AuditLogger();
+  audit.log("SETUP", { message: "credentials encrypted, keypair generated, wallet initialized" });
+  console.log("\nSetup complete! Next steps:");
+  console.log("  agentpay budget --set 200      Set your spending budget");
+  console.log("  agentpay budget --limit-per-tx 50  Set per-transaction limit");
+}
+var import_node_fs6;
+var init_setup = __esm({
+  "src/commands/setup.ts"() {
+    "use strict";
+    init_cjs_shims();
+    import_node_fs6 = require("fs");
+    init_prompt();
+    init_vault();
+    init_keypair();
+    init_budget();
+    init_logger();
+    init_paths();
+  }
+});
+
+// src/commands/budget.ts
+var budget_exports = {};
+__export(budget_exports, {
+  budgetCommand: () => budgetCommand
+});
+function budgetCommand(options) {
+  const bm = new BudgetManager();
+  const audit = new AuditLogger();
+  if (options.set) {
+    const amount = parseFloat(options.set);
+    if (isNaN(amount) || amount < 0) {
+      console.error("Invalid amount. Provide a positive number.");
+      process.exit(1);
+    }
+    bm.setBudget(amount);
+    audit.log("BUDGET_SET", { amount });
+    console.log(`Budget set to ${formatCurrency(amount)}.`);
+  }
+  if (options.limitPerTx) {
+    const limit = parseFloat(options.limitPerTx);
+    if (isNaN(limit) || limit < 0) {
+      console.error("Invalid limit. Provide a positive number.");
+      process.exit(1);
+    }
+    bm.setLimitPerTx(limit);
+    audit.log("LIMIT_SET", { limitPerTx: limit });
+    console.log(`Per-transaction limit set to ${formatCurrency(limit)}.`);
+  }
+  if (!options.set && !options.limitPerTx) {
+    const balance = bm.getBalance();
+    console.log(`Budget:     ${formatCurrency(balance.budget)}`);
+    console.log(`Balance:    ${formatCurrency(balance.balance)}`);
+    console.log(`Spent:      ${formatCurrency(balance.spent)}`);
+    console.log(`Per-tx limit: ${balance.limitPerTx > 0 ? formatCurrency(balance.limitPerTx) : "None"}`);
+  }
+}
+var init_budget2 = __esm({
+  "src/commands/budget.ts"() {
+    "use strict";
+    init_cjs_shims();
+    init_budget();
+    init_logger();
+    init_display();
+  }
+});
+
+// src/commands/pending.ts
+var pending_exports = {};
+__export(pending_exports, {
+  pendingCommand: () => pendingCommand
+});
+function pendingCommand() {
+  const tm = new TransactionManager();
+  const pending = tm.getPending();
+  if (pending.length === 0) {
+    console.log("No pending purchases.");
+    return;
+  }
+  console.log("Pending Purchases:");
+  console.log("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
+  console.log("TX_ID         MERCHANT        AMOUNT    DESCRIPTION");
+  for (const tx of pending) {
+    const id = tx.id.padEnd(14);
+    const merchant = tx.merchant.padEnd(16);
+    const amount = formatCurrency(tx.amount).padStart(9);
+    console.log(`${id}${merchant}${amount}    ${tx.description}`);
+  }
+  console.log(`
+${pending.length} pending purchase${pending.length === 1 ? "" : "s"}. Use 'agentpay approve <txId>' or 'agentpay reject <txId>'.`);
+}
+var init_pending = __esm({
+  "src/commands/pending.ts"() {
+    "use strict";
+    init_cjs_shims();
+    init_manager();
+    init_display();
+  }
+});
+
+// src/commands/approve.ts
+var approve_exports = {};
+__export(approve_exports, {
+  approveCommand: () => approveCommand
+});
+async function approveCommand(txId) {
+  const tm = new TransactionManager();
+  const audit = new AuditLogger();
+  const tx = tm.get(txId);
+  if (!tx) {
+    console.error(`Transaction ${txId} not found.`);
+    process.exit(1);
+  }
+  if (tx.status !== "pending") {
+    console.error(`Cannot approve transaction in '${tx.status}' state.`);
+    process.exit(1);
+  }
+  console.log(`Approve purchase:`);
+  console.log(`  Merchant:    ${tx.merchant}`);
+  console.log(`  Amount:      ${formatCurrency(tx.amount)}`);
+  console.log(`  Description: ${tx.description}`);
+  console.log();
+  const passphrase = await promptPassphraseSafe({
+    action: "approve",
+    merchant: tx.merchant,
+    amount: tx.amount,
+    description: tx.description,
+    txId
+  });
+  try {
+    const privateKeyPem = loadPrivateKey();
+    const txDetails = {
+      txId: tx.id,
+      merchant: tx.merchant,
+      amount: tx.amount,
+      description: tx.description,
+      timestamp: tx.createdAt
+    };
+    const mandate = createMandate(txDetails, privateKeyPem, passphrase);
+    tm.approve(txId, mandate);
+    audit.log("APPROVE", { txId, mandateSigned: true });
+    console.log(`
+Approved! Transaction ${txId} is now ready for execution.`);
+  } catch (err) {
+    console.error(`Failed to approve: ${err instanceof Error ? err.message : "Unknown error"}`);
+    process.exit(1);
+  }
+}
+var init_approve = __esm({
+  "src/commands/approve.ts"() {
+    "use strict";
+    init_cjs_shims();
+    init_manager();
+    init_keypair();
+    init_mandate();
+    init_logger();
+    init_prompt();
+    init_display();
+  }
+});
+
+// src/commands/reject.ts
+var reject_exports = {};
+__export(reject_exports, {
+  rejectCommand: () => rejectCommand
+});
+function rejectCommand(txId, options) {
+  const tm = new TransactionManager();
+  const audit = new AuditLogger();
+  const tx = tm.get(txId);
+  if (!tx) {
+    console.error(`Transaction ${txId} not found.`);
+    process.exit(1);
+  }
+  if (tx.status !== "pending") {
+    console.error(`Cannot reject transaction in '${tx.status}' state.`);
+    process.exit(1);
+  }
+  tm.reject(txId, options.reason);
+  audit.log("REJECT", { txId, reason: options.reason });
+  console.log(`Rejected transaction ${txId}.${options.reason ? ` Reason: ${options.reason}` : ""}`);
+}
+var init_reject = __esm({
+  "src/commands/reject.ts"() {
+    "use strict";
+    init_cjs_shims();
+    init_manager();
+    init_logger();
+  }
+});
+
+// src/commands/status.ts
+var status_exports = {};
+__export(status_exports, {
+  statusCommand: () => statusCommand
+});
+function statusCommand() {
+  const ap = new AgentPay();
+  const s = ap.status();
+  if (!s.isSetup) {
+    console.log("AgentPay is not set up. Run `agentpay setup` first.");
+    return;
+  }
+  console.log(formatStatus({
+    balance: s.balance,
+    budget: s.budget,
+    limitPerTx: s.limitPerTx,
+    pending: s.pending,
+    recent: s.recent
+  }));
+}
+var init_status = __esm({
+  "src/commands/status.ts"() {
+    "use strict";
+    init_cjs_shims();
+    init_agentpay();
+    init_display();
+  }
+});
+
+// src/commands/history.ts
+var history_exports = {};
+__export(history_exports, {
+  historyCommand: () => historyCommand
+});
+function historyCommand() {
+  const tm = new TransactionManager();
+  const history = tm.getHistory();
+  if (history.length === 0) {
+    console.log("No transaction history.");
+    return;
+  }
+  console.log("Transaction History:");
+  console.log("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
+  console.log("STATUS       TX_ID         MERCHANT        AMOUNT    DATE              DESCRIPTION");
+  for (const tx of history) {
+    const status = `[${tx.status}]`.padEnd(13);
+    const id = tx.id.padEnd(14);
+    const merchant = tx.merchant.padEnd(16);
+    const amount = formatCurrency(tx.amount).padStart(9);
+    const date = formatTimestamp(tx.createdAt).padEnd(18);
+    console.log(`${status}${id}${merchant}${amount}    ${date}${tx.description}`);
+  }
+}
+var init_history = __esm({
+  "src/commands/history.ts"() {
+    "use strict";
+    init_cjs_shims();
+    init_manager();
+    init_display();
+  }
+});
+
+// src/commands/qr.ts
+var qr_exports = {};
+__export(qr_exports, {
+  qrCommand: () => qrCommand
+});
+async function qrCommand(options) {
+  const params = new URLSearchParams();
+  if (options.budget) params.set("budget", options.budget);
+  if (options.message) params.set("msg", options.message);
+  const baseUrl = process.env.AGENTPAY_WEB_URL ?? "http://localhost:3000";
+  const url = `${baseUrl}/setup${params.toString() ? `?${params.toString()}` : ""}`;
+  console.log("Scan this QR code to set up AgentPay:\n");
+  const qrString = await import_qrcode.default.toString(url, { type: "terminal", small: true });
+  console.log(qrString);
+  console.log(`
+URL: ${url}`);
+}
+var import_qrcode;
+var init_qr = __esm({
+  "src/commands/qr.ts"() {
+    "use strict";
+    init_cjs_shims();
+    import_qrcode = __toESM(require("qrcode"), 1);
+  }
+});
+
+// src/commands/reset.ts
+var reset_exports = {};
+__export(reset_exports, {
+  resetCommand: () => resetCommand
+});
+async function resetCommand() {
+  const home = getHomePath();
+  if (!(0, import_node_fs7.existsSync)(home)) {
+    console.log("Nothing to reset. AgentPay data directory does not exist.");
+    return;
+  }
+  console.log(`This will permanently delete all AgentPay data at: ${home}`);
+  console.log("This includes encrypted credentials, keys, wallet, transactions, and audit logs.");
+  const answer = await promptInput("\nType YES to confirm: ");
+  if (answer !== "YES") {
+    console.log("Cancelled.");
+    return;
+  }
+  (0, import_node_fs7.rmSync)(home, { recursive: true, force: true });
+  console.log("All AgentPay data has been deleted.");
+}
+var import_node_fs7;
+var init_reset = __esm({
+  "src/commands/reset.ts"() {
+    "use strict";
+    init_cjs_shims();
+    import_node_fs7 = require("fs");
+    init_prompt();
+    init_paths();
+  }
+});
+
+// src/commands/buy.ts
+var buy_exports = {};
+__export(buy_exports, {
+  buyCommand: () => buyCommand
+});
+function loadEnv() {
+  try {
+    const envPath = (0, import_node_path8.resolve)(process.cwd(), ".env");
+    const content = (0, import_node_fs8.readFileSync)(envPath, "utf8");
+    for (const line of content.split("\n")) {
+      const trimmed = line.trim();
+      if (!trimmed || trimmed.startsWith("#")) continue;
+      const eqIdx = trimmed.indexOf("=");
+      if (eqIdx === -1) continue;
+      const key = trimmed.slice(0, eqIdx).trim();
+      const value = trimmed.slice(eqIdx + 1).trim();
+      if (!process.env[key]) {
+        process.env[key] = value;
+      }
+    }
+  } catch {
+  }
+}
+async function buyCommand(options) {
+  loadEnv();
+  console.log("AgentPay Purchase");
+  console.log("\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\n");
+  const executor = new PurchaseExecutor();
+  const bm = new BudgetManager();
+  const tm = new TransactionManager();
+  const audit = new AuditLogger();
+  const isTTY = process.stdin.isTTY;
+  let amount;
+  let productName = options.description;
+  if (options.amount) {
+    amount = parseFloat(options.amount);
+    if (isNaN(amount) || amount <= 0) {
+      console.error("Invalid amount.");
+      process.exit(1);
+    }
+    console.log(`  Merchant:    ${options.merchant}`);
+    console.log(`  Amount:      ${formatCurrency(amount)}`);
+    console.log(`  Description: ${options.description}`);
+    console.log(`  URL:         ${options.url}`);
+    console.log();
+  } else {
+    const pickupHint = options.pickup ? "Select in-store pickup if available." : "";
+    const instructions = [pickupHint, options.description].filter(Boolean).join(" ");
+    console.log("Opening browser to discover price...\n");
+    try {
+      const discovered = await executor.openAndDiscover(options.url, instructions || void 0);
+      amount = discovered.price;
+      productName = discovered.productName || options.description;
+    } catch (err) {
+      console.error(`Failed to load product page: ${err instanceof Error ? err.message : "Unknown error"}`);
+      await executor.close();
+      process.exit(1);
+    }
+    if (amount <= 0) {
+      console.error("Could not extract price from the page.");
+      await executor.close();
+      process.exit(1);
+    }
+    console.log(`  Product:     ${productName}`);
+    console.log(`  Merchant:    ${options.merchant}`);
+    console.log(`  Amount:      ${formatCurrency(amount)}`);
+    console.log();
+  }
+  try {
+    bm.checkProposal(amount);
+  } catch (err) {
+    console.error(err instanceof Error ? err.message : "Budget check failed.");
+    await executor.close();
+    process.exit(1);
+  }
+  let passphrase;
+  if (isTTY) {
+    const confirmed = await promptConfirm("Approve this purchase?");
+    if (!confirmed) {
+      console.log("Purchase cancelled.");
+      await executor.close();
+      process.exit(0);
+    }
+    passphrase = await promptPassphraseSafe();
+  } else {
+    passphrase = await promptPassphraseSafe({
+      action: "buy",
+      merchant: options.merchant,
+      amount,
+      description: productName
+    });
+    console.log("Passphrase received. Continuing...");
+  }
+  const vault = loadVault(getCredentialsPath());
+  const credentials = decrypt(vault, passphrase);
+  console.log("\nProposing transaction...");
+  const tx = tm.propose({
+    merchant: options.merchant,
+    amount,
+    description: productName,
+    url: options.url
+  });
+  audit.log("PROPOSE", { txId: tx.id, merchant: tx.merchant, amount: tx.amount, source: "buy-command" });
+  console.log(`  Transaction ${tx.id} created.`);
+  const privateKeyPem = loadPrivateKey();
+  const mandate = createMandate(
+    { txId: tx.id, merchant: tx.merchant, amount: tx.amount, description: tx.description, timestamp: tx.createdAt },
+    privateKeyPem,
+    passphrase
+  );
+  tm.approve(tx.id, mandate);
+  audit.log("APPROVE", { txId: tx.id, source: "buy-command", mandateSigned: true });
+  console.log("  Approved and signed.\n");
+  console.log("Filling checkout...");
+  tm.markExecuting(tx.id);
+  audit.log("EXECUTE", { txId: tx.id, source: "buy-command" });
+  try {
+    let result;
+    if (!options.amount) {
+      result = await executor.fillAndComplete(credentials);
+    } else {
+      result = await executor.execute(tx, credentials);
+    }
+    const receipt = {
+      id: `rcpt_${tx.id.replace("tx_", "")}`,
+      merchant: tx.merchant,
+      amount: tx.amount,
+      confirmationId: result.confirmationId ?? "UNKNOWN",
+      completedAt: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    tm.markCompleted(tx.id, receipt);
+    bm.deductBalance(tx.amount);
+    audit.log("COMPLETE", { txId: tx.id, confirmationId: receipt.confirmationId, source: "buy-command" });
+    console.log(`
+Purchase complete!`);
+    console.log(`  Confirmation: ${receipt.confirmationId}`);
+    console.log(`  Amount:       ${formatCurrency(receipt.amount)}`);
+  } catch (err) {
+    tm.markFailed(tx.id, err instanceof Error ? err.message : "Unknown error");
+    audit.log("FAILED", { txId: tx.id, error: err instanceof Error ? err.message : "Unknown", source: "buy-command" });
+    console.error(`
+Checkout failed: ${err instanceof Error ? err.message : "Unknown error"}`);
+    process.exit(1);
+  } finally {
+    await executor.close();
+  }
+}
+var import_node_fs8, import_node_path8;
+var init_buy = __esm({
+  "src/commands/buy.ts"() {
+    "use strict";
+    init_cjs_shims();
+    import_node_fs8 = require("fs");
+    import_node_path8 = require("path");
+    init_prompt();
+    init_display();
+    init_executor();
+    init_budget();
+    init_manager();
+    init_logger();
+    init_keypair();
+    init_mandate();
+    init_vault();
+    init_paths();
+  }
+});
+
+// src/server/html.ts
+function getDashboardHtml() {
+  return `<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1">
+<title>AgentPay Dashboard</title>
+<style>
+  *, *::before, *::after { box-sizing: border-box; margin: 0; padding: 0; }
+  body {
+    font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
+    background: #f5f5f5;
+    color: #111;
+    min-height: 100vh;
+    display: flex;
+    justify-content: center;
+    padding: 40px 16px;
+  }
+  .container { width: 100%; max-width: 480px; }
+  h1 { font-size: 24px; font-weight: 700; margin-bottom: 8px; }
+  h2 { font-size: 18px; font-weight: 600; margin-bottom: 12px; }
+  .subtitle { color: #666; font-size: 14px; margin-bottom: 32px; }
+  .card {
+    background: #fff;
+    border-radius: 8px;
+    padding: 24px;
+    margin-bottom: 16px;
+    border: 1px solid #e0e0e0;
+  }
+  label { display: block; font-size: 13px; font-weight: 500; color: #333; margin-bottom: 4px; }
+  input, select {
+    width: 100%;
+    padding: 10px 12px;
+    border: 1px solid #d0d0d0;
+    border-radius: 8px;
+    font-size: 14px;
+    margin-bottom: 16px;
+    outline: none;
+    transition: border-color 0.15s;
+  }
+  input:focus { border-color: #111; }
+  .row { display: flex; gap: 12px; }
+  .row > div { flex: 1; }
+  button {
+    width: 100%;
+    padding: 12px;
+    border: none;
+    border-radius: 8px;
+    font-size: 14px;
+    font-weight: 600;
+    cursor: pointer;
+    transition: opacity 0.15s;
+  }
+  button:hover { opacity: 0.85; }
+  button:disabled { opacity: 0.5; cursor: not-allowed; }
+  .btn-primary { background: #111; color: #fff; }
+  .btn-secondary { background: #e0e0e0; color: #111; }
+
+  /* Progress bar for wizard */
+  .progress { display: flex; gap: 6px; margin-bottom: 24px; }
+  .progress .step {
+    flex: 1; height: 4px; border-radius: 2px; background: #e0e0e0;
+    transition: background 0.3s;
+  }
+  .progress .step.active { background: #111; }
+
+  /* Balance display */
+  .balance-display {
+    text-align: center;
+    padding: 32px 0;
+  }
+  .balance-amount {
+    font-size: 48px;
+    font-weight: 700;
+    letter-spacing: -1px;
+  }
+  .balance-label { font-size: 13px; color: #666; margin-top: 4px; }
+
+  /* Budget bar */
+  .budget-bar-container { margin: 16px 0; }
+  .budget-bar {
+    height: 8px;
+    background: #e0e0e0;
+    border-radius: 4px;
+    overflow: hidden;
+  }
+  .budget-bar-fill {
+    height: 100%;
+    background: #111;
+    border-radius: 4px;
+    transition: width 0.3s;
+  }
+  .budget-bar-labels {
+    display: flex;
+    justify-content: space-between;
+    font-size: 12px;
+    color: #666;
+    margin-top: 4px;
+  }
+
+  /* Stats grid */
+  .stats { display: grid; grid-template-columns: 1fr 1fr; gap: 12px; margin-bottom: 16px; }
+  .stat { text-align: center; padding: 12px; background: #f9f9f9; border-radius: 8px; }
+  .stat-value { font-size: 18px; font-weight: 700; }
+  .stat-label { font-size: 11px; color: #666; margin-top: 2px; }
+
+  /* Add funds inline */
+  .add-funds-row { display: flex; gap: 8px; }
+  .add-funds-row input { margin-bottom: 0; flex: 1; }
+  .add-funds-row button { width: auto; padding: 10px 20px; }
+
+  /* Transactions */
+  .tx-list { margin-top: 12px; }
+  .tx-item {
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+    padding: 10px 0;
+    border-bottom: 1px solid #f0f0f0;
+    font-size: 13px;
+  }
+  .tx-item:last-child { border-bottom: none; }
+  .tx-merchant { font-weight: 500; }
+  .tx-amount { font-weight: 600; }
+  .tx-status {
+    font-size: 11px;
+    padding: 2px 6px;
+    border-radius: 4px;
+    font-weight: 500;
+  }
+  .tx-status.completed { background: #e6f4ea; color: #1e7e34; }
+  .tx-status.pending { background: #fff8e1; color: #f57f17; }
+  .tx-status.failed { background: #fde8e8; color: #c62828; }
+  .tx-status.rejected { background: #fde8e8; color: #c62828; }
+  .tx-status.approved { background: #e3f2fd; color: #1565c0; }
+  .tx-status.executing { background: #e3f2fd; color: #1565c0; }
+
+  .error { color: #c62828; font-size: 13px; margin-top: 8px; }
+  .success { color: #1e7e34; font-size: 13px; margin-top: 8px; }
+  .hidden { display: none; }
+
+  /* Checkbox row for same-as-billing */
+  .checkbox-row {
+    display: flex;
+    align-items: center;
+    gap: 8px;
+    margin-bottom: 16px;
+  }
+  .checkbox-row input { width: auto; margin: 0; }
+  .checkbox-row label { margin: 0; }
+</style>
+</head>
+<body>
+<div class="container" id="app">
+  <div id="loading">Loading...</div>
+</div>
+
+<script>
+const App = {
+  state: { isSetup: false, wallet: null, recentTransactions: [], wizardStep: 1 },
+
+  async init() {
+    try {
+      const res = await fetch('/api/status');
+      const data = await res.json();
+      this.state.isSetup = data.isSetup;
+      this.state.wallet = data.wallet;
+      this.state.recentTransactions = data.recentTransactions || [];
+    } catch (e) {
+      console.error('Failed to load status', e);
+    }
+    this.render();
+  },
+
+  render() {
+    const app = document.getElementById('app');
+    if (this.state.isSetup && this.state.wallet) {
+      app.innerHTML = this.renderDashboard();
+      this.bindDashboard();
+    } else if (this.state.isSetup) {
+      app.innerHTML = '<div class="card"><h2>Setup detected</h2><p>Wallet data could not be loaded. Try running <code>agentpay budget --set 100</code> from the CLI.</p></div>';
+    } else {
+      app.innerHTML = this.renderWizard();
+      this.bindWizard();
+    }
+  },
+
+  fmt(n) {
+    return '$' + Number(n).toFixed(2);
+  },
+
+  renderDashboard() {
+    const w = this.state.wallet;
+    const pct = w.budget > 0 ? Math.min(100, (w.spent / w.budget) * 100) : 0;
+    const txHtml = this.state.recentTransactions.length === 0
+      ? '<p style="color:#666;font-size:13px;">No transactions yet.</p>'
+      : this.state.recentTransactions.map(tx => \`
+          <div class="tx-item">
+            <div>
+              <div class="tx-merchant">\${this.esc(tx.merchant)}</div>
+              <div style="color:#999;font-size:11px;">\${new Date(tx.createdAt).toLocaleDateString()}</div>
+            </div>
+            <div style="text-align:right">
+              <div class="tx-amount">\${this.fmt(tx.amount)}</div>
+              <span class="tx-status \${tx.status}">\${tx.status}</span>
+            </div>
+          </div>\`).join('');
+
+    return \`
+      <h1>AgentPay</h1>
+      <p class="subtitle">Wallet Dashboard</p>
+
+      <div class="card">
+        <div class="balance-display">
+          <div class="balance-amount">\${this.fmt(w.balance)}</div>
+          <div class="balance-label">Available Balance</div>
+        </div>
+        <div class="budget-bar-container">
+          <div class="budget-bar"><div class="budget-bar-fill" style="width:\${pct.toFixed(1)}%"></div></div>
+          <div class="budget-bar-labels">
+            <span>\${this.fmt(w.spent)} spent</span>
+            <span>\${this.fmt(w.budget)} budget</span>
+          </div>
+        </div>
+      </div>
+
+      <div class="card">
+        <div class="stats">
+          <div class="stat"><div class="stat-value">\${this.fmt(w.budget)}</div><div class="stat-label">Total Budget</div></div>
+          <div class="stat"><div class="stat-value">\${this.fmt(w.spent)}</div><div class="stat-label">Total Spent</div></div>
+          <div class="stat"><div class="stat-value">\${this.fmt(w.balance)}</div><div class="stat-label">Remaining</div></div>
+          <div class="stat"><div class="stat-value">\${w.limitPerTx > 0 ? this.fmt(w.limitPerTx) : 'None'}</div><div class="stat-label">Per-Tx Limit</div></div>
+        </div>
+      </div>
+
+      <div class="card">
+        <h2>Add Funds</h2>
+        <div class="add-funds-row">
+          <input type="number" id="fundAmount" placeholder="Amount" min="0.01" step="0.01">
+          <button class="btn-primary" id="fundBtn">Add</button>
+        </div>
+        <div id="fundMsg"></div>
+      </div>
+
+      <div class="card">
+        <h2>Recent Transactions</h2>
+        <div class="tx-list">\${txHtml}</div>
+      </div>
+    \`;
+  },
+
+  bindDashboard() {
+    const btn = document.getElementById('fundBtn');
+    const input = document.getElementById('fundAmount');
+    const msg = document.getElementById('fundMsg');
+
+    btn.addEventListener('click', async () => {
+      const amount = parseFloat(input.value);
+      if (!amount || amount <= 0) {
+        msg.innerHTML = '<p class="error">Enter a valid amount.</p>';
+        return;
+      }
+      btn.disabled = true;
+      btn.textContent = '...';
+      try {
+        const res = await fetch('/api/fund', {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({ amount }),
+        });
+        const data = await res.json();
+        if (data.error) {
+          msg.innerHTML = '<p class="error">' + this.esc(data.error) + '</p>';
+        } else {
+          this.state.wallet = data.wallet;
+          input.value = '';
+          this.render();
+        }
+      } catch (e) {
+        msg.innerHTML = '<p class="error">Request failed.</p>';
+      }
+      btn.disabled = false;
+      btn.textContent = 'Add';
+    });
+  },
+
+  renderWizard() {
+    const step = this.state.wizardStep;
+    const steps = [1, 2, 3, 4];
+    const progressHtml = '<div class="progress">' + steps.map(s =>
+      '<div class="step' + (s <= step ? ' active' : '') + '"></div>'
+    ).join('') + '</div>';
+
+    const titles = ['Create Passphrase', 'Card Information', 'Personal Details', 'Budget & Limits'];
+
+    let fields = '';
+    if (step === 1) {
+      fields = \`
+        <label for="w_pass">Passphrase</label>
+        <input type="password" id="w_pass" placeholder="Choose a strong passphrase">
+        <label for="w_pass2">Confirm Passphrase</label>
+        <input type="password" id="w_pass2" placeholder="Confirm your passphrase">
+      \`;
+    } else if (step === 2) {
+      fields = \`
+        <label for="w_cardNum">Card Number</label>
+        <input type="text" id="w_cardNum" placeholder="4242 4242 4242 4242">
+        <div class="row">
+          <div><label for="w_expiry">Expiry</label><input type="text" id="w_expiry" placeholder="MM/YY"></div>
+          <div><label for="w_cvv">CVV</label><input type="text" id="w_cvv" placeholder="123"></div>
+        </div>
+      \`;
+    } else if (step === 3) {
+      fields = \`
+        <label for="w_name">Full Name</label>
+        <input type="text" id="w_name" placeholder="Jane Doe">
+        <div class="row">
+          <div><label for="w_email">Email</label><input type="email" id="w_email" placeholder="jane@example.com"></div>
+          <div><label for="w_phone">Phone</label><input type="tel" id="w_phone" placeholder="+1 555 0123"></div>
+        </div>
+        <label for="w_street">Street Address</label>
+        <input type="text" id="w_street" placeholder="123 Main St">
+        <div class="row">
+          <div><label for="w_city">City</label><input type="text" id="w_city" placeholder="San Francisco"></div>
+          <div><label for="w_state">State</label><input type="text" id="w_state" placeholder="CA"></div>
+        </div>
+        <div class="row">
+          <div><label for="w_zip">ZIP</label><input type="text" id="w_zip" placeholder="94102"></div>
+          <div><label for="w_country">Country</label><input type="text" id="w_country" placeholder="US" value="US"></div>
+        </div>
+      \`;
+    } else if (step === 4) {
+      fields = \`
+        <label for="w_budget">Initial Budget ($)</label>
+        <input type="number" id="w_budget" placeholder="200" min="0" step="0.01">
+        <label for="w_limit">Per-Transaction Limit ($)</label>
+        <input type="number" id="w_limit" placeholder="50 (0 = no limit)" min="0" step="0.01">
+      \`;
+    }
+
+    return \`
+      <h1>AgentPay</h1>
+      <p class="subtitle">Step \${step} of 4 \u2014 \${titles[step - 1]}</p>
+      \${progressHtml}
+      <div class="card">
+        \${fields}
+        <div id="wizardError"></div>
+        <div style="display:flex;gap:8px;margin-top:8px;">
+          \${step > 1 ? '<button class="btn-secondary" id="wizBack">Back</button>' : ''}
+          <button class="btn-primary" id="wizNext">\${step === 4 ? 'Complete Setup' : 'Continue'}</button>
+        </div>
+      </div>
+    \`;
+  },
+
+  // Wizard form data persisted across steps
+  wizardData: {},
+
+  bindWizard() {
+    const step = this.state.wizardStep;
+    const errDiv = document.getElementById('wizardError');
+    const nextBtn = document.getElementById('wizNext');
+    const backBtn = document.getElementById('wizBack');
+
+    // Restore saved data into fields
+    this.restoreWizardFields(step);
+
+    if (backBtn) {
+      backBtn.addEventListener('click', () => {
+        this.saveWizardFields(step);
+        this.state.wizardStep--;
+        this.render();
+      });
+    }
+
+    nextBtn.addEventListener('click', async () => {
+      errDiv.innerHTML = '';
+
+      if (step === 1) {
+        const pass = document.getElementById('w_pass').value;
+        const pass2 = document.getElementById('w_pass2').value;
+        if (!pass) { errDiv.innerHTML = '<p class="error">Passphrase is required.</p>'; return; }
+        if (pass !== pass2) { errDiv.innerHTML = '<p class="error">Passphrases do not match.</p>'; return; }
+        this.wizardData.passphrase = pass;
+        this.state.wizardStep = 2;
+        this.render();
+      } else if (step === 2) {
+        this.saveWizardFields(step);
+        const d = this.wizardData;
+        if (!d.cardNumber) { errDiv.innerHTML = '<p class="error">Card number is required.</p>'; return; }
+        if (!d.expiry) { errDiv.innerHTML = '<p class="error">Expiry is required.</p>'; return; }
+        if (!d.cvv) { errDiv.innerHTML = '<p class="error">CVV is required.</p>'; return; }
+        this.state.wizardStep = 3;
+        this.render();
+      } else if (step === 3) {
+        this.saveWizardFields(step);
+        const d = this.wizardData;
+        if (!d.name) { errDiv.innerHTML = '<p class="error">Full name is required.</p>'; return; }
+        this.state.wizardStep = 4;
+        this.render();
+      } else if (step === 4) {
+        this.saveWizardFields(step);
+        const d = this.wizardData;
+
+        nextBtn.disabled = true;
+        nextBtn.textContent = 'Setting up...';
+
+        try {
+          const res = await fetch('/api/setup', {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({
+              passphrase: d.passphrase,
+              credentials: {
+                card: { number: d.cardNumber, expiry: d.expiry, cvv: d.cvv },
+                name: d.name,
+                billingAddress: { street: d.street || '', city: d.city || '', state: d.state || '', zip: d.zip || '', country: d.country || 'US' },
+                shippingAddress: { street: d.street || '', city: d.city || '', state: d.state || '', zip: d.zip || '', country: d.country || 'US' },
+                email: d.email || '',
+                phone: d.phone || '',
+              },
+              budget: parseFloat(d.budget) || 0,
+              limitPerTx: parseFloat(d.limit) || 0,
+            }),
+          });
+          const result = await res.json();
+          if (result.error) {
+            errDiv.innerHTML = '<p class="error">' + this.esc(result.error) + '</p>';
+            nextBtn.disabled = false;
+            nextBtn.textContent = 'Complete Setup';
+          } else {
+            this.state.isSetup = true;
+            this.state.wallet = result.wallet;
+            this.state.recentTransactions = [];
+            this.wizardData = {};
+            this.render();
+          }
+        } catch (e) {
+          errDiv.innerHTML = '<p class="error">Setup request failed.</p>';
+          nextBtn.disabled = false;
+          nextBtn.textContent = 'Complete Setup';
+        }
+      }
+    });
+  },
+
+  saveWizardFields(step) {
+    const val = (id) => { const el = document.getElementById(id); return el ? el.value : ''; };
+    if (step === 2) {
+      this.wizardData.cardNumber = val('w_cardNum');
+      this.wizardData.expiry = val('w_expiry');
+      this.wizardData.cvv = val('w_cvv');
+    } else if (step === 3) {
+      this.wizardData.name = val('w_name');
+      this.wizardData.email = val('w_email');
+      this.wizardData.phone = val('w_phone');
+      this.wizardData.street = val('w_street');
+      this.wizardData.city = val('w_city');
+      this.wizardData.state = val('w_state');
+      this.wizardData.zip = val('w_zip');
+      this.wizardData.country = val('w_country');
+    } else if (step === 4) {
+      this.wizardData.budget = val('w_budget');
+      this.wizardData.limit = val('w_limit');
+    }
+  },
+
+  restoreWizardFields(step) {
+    const set = (id, val) => { const el = document.getElementById(id); if (el && val) el.value = val; };
+    if (step === 2) {
+      set('w_cardNum', this.wizardData.cardNumber);
+      set('w_expiry', this.wizardData.expiry);
+      set('w_cvv', this.wizardData.cvv);
+    } else if (step === 3) {
+      set('w_name', this.wizardData.name);
+      set('w_email', this.wizardData.email);
+      set('w_phone', this.wizardData.phone);
+      set('w_street', this.wizardData.street);
+      set('w_city', this.wizardData.city);
+      set('w_state', this.wizardData.state);
+      set('w_zip', this.wizardData.zip);
+      set('w_country', this.wizardData.country);
+    } else if (step === 4) {
+      set('w_budget', this.wizardData.budget);
+      set('w_limit', this.wizardData.limit);
+    }
+  },
+
+  esc(s) {
+    const d = document.createElement('div');
+    d.textContent = s;
+    return d.innerHTML;
+  },
+};
+
+App.init();
+</script>
+</body>
+</html>`;
+}
+var init_html = __esm({
+  "src/server/html.ts"() {
+    "use strict";
+    init_cjs_shims();
+  }
+});
+
+// src/server/routes.ts
+function handleGetStatus() {
+  const isSetup = (0, import_node_fs9.existsSync)(getCredentialsPath());
+  if (!isSetup) {
+    return { status: 200, body: { isSetup: false } };
+  }
+  try {
+    const bm = new BudgetManager();
+    const wallet = bm.getBalance();
+    const tm = new TransactionManager();
+    const recent = tm.list().slice(-10).reverse();
+    return {
+      status: 200,
+      body: { isSetup: true, wallet, recentTransactions: recent }
+    };
+  } catch {
+    return { status: 200, body: { isSetup: true, wallet: null, recentTransactions: [] } };
+  }
+}
+function handlePostSetup(body) {
+  if (!body.passphrase || !body.credentials) {
+    return { status: 400, body: { error: "Missing passphrase or credentials" } };
+  }
+  try {
+    const home = getHomePath();
+    (0, import_node_fs9.mkdirSync)(home, { recursive: true });
+    const vault = encrypt(body.credentials, body.passphrase);
+    saveVault(vault, getCredentialsPath());
+    const keys = generateKeyPair(body.passphrase);
+    (0, import_node_fs9.mkdirSync)(getKeysPath(), { recursive: true });
+    saveKeyPair(keys);
+    const bm = new BudgetManager();
+    bm.initWallet(body.budget || 0, body.limitPerTx || 0);
+    const audit = new AuditLogger();
+    audit.log("SETUP", { source: "dashboard", message: "credentials encrypted, keypair generated, wallet initialized" });
+    const wallet = bm.getBalance();
+    return { status: 200, body: { success: true, wallet } };
+  } catch (err) {
+    const message = err instanceof Error ? err.message : "Setup failed";
+    return { status: 500, body: { error: message } };
+  }
+}
+function handlePostFund(body) {
+  if (!body.amount || body.amount <= 0) {
+    return { status: 400, body: { error: "Amount must be positive" } };
+  }
+  try {
+    const bm = new BudgetManager();
+    const wallet = bm.addFunds(body.amount);
+    const audit = new AuditLogger();
+    audit.log("ADD_FUNDS", { source: "dashboard", amount: body.amount });
+    return { status: 200, body: { success: true, wallet } };
+  } catch (err) {
+    const message = err instanceof Error ? err.message : "Failed to add funds";
+    return { status: 500, body: { error: message } };
+  }
+}
+var import_node_fs9;
+var init_routes = __esm({
+  "src/server/routes.ts"() {
+    "use strict";
+    init_cjs_shims();
+    import_node_fs9 = require("fs");
+    init_vault();
+    init_keypair();
+    init_budget();
+    init_manager();
+    init_logger();
+    init_paths();
+  }
+});
+
+// src/server/index.ts
+function parseBody2(req) {
+  return new Promise((resolve2, reject) => {
+    const chunks = [];
+    let size = 0;
+    req.on("data", (chunk) => {
+      size += chunk.length;
+      if (size > MAX_BODY2) {
+        req.destroy();
+        reject(new Error("Request body too large"));
+        return;
+      }
+      chunks.push(chunk);
+    });
+    req.on("end", () => {
+      try {
+        const text = Buffer.concat(chunks).toString("utf8");
+        resolve2(text ? JSON.parse(text) : {});
+      } catch {
+        reject(new Error("Invalid JSON"));
+      }
+    });
+    req.on("error", reject);
+  });
+}
+function sendJson2(res, status, body) {
+  const json = JSON.stringify(body);
+  res.writeHead(status, {
+    "Content-Type": "application/json",
+    "Content-Length": Buffer.byteLength(json)
+  });
+  res.end(json);
+}
+function sendHtml2(res, html) {
+  res.writeHead(200, {
+    "Content-Type": "text/html; charset=utf-8",
+    "Content-Length": Buffer.byteLength(html)
+  });
+  res.end(html);
+}
+function startServer(port) {
+  return new Promise((resolve2, reject) => {
+    const server = (0, import_node_http2.createServer)(async (req, res) => {
+      const url = req.url ?? "/";
+      const method = req.method ?? "GET";
+      try {
+        if (method === "GET" && url === "/api/status") {
+          const result = handleGetStatus();
+          sendJson2(res, result.status, result.body);
+        } else if (method === "POST" && url === "/api/setup") {
+          const body = await parseBody2(req);
+          const result = handlePostSetup(body);
+          sendJson2(res, result.status, result.body);
+        } else if (method === "POST" && url === "/api/fund") {
+          const body = await parseBody2(req);
+          const result = handlePostFund(body);
+          sendJson2(res, result.status, result.body);
+        } else if (method === "GET" && (url === "/" || url === "/index.html")) {
+          sendHtml2(res, getDashboardHtml());
+        } else {
+          sendJson2(res, 404, { error: "Not found" });
+        }
+      } catch (err) {
+        const message = err instanceof Error ? err.message : "Internal error";
+        sendJson2(res, 500, { error: message });
+      }
+    });
+    server.on("error", (err) => {
+      if (err.code === "EADDRINUSE") {
+        reject(new Error(`Port ${port} is already in use. Try a different port with --port <number>.`));
+      } else {
+        reject(err);
+      }
+    });
+    server.listen(port, "127.0.0.1", () => {
+      resolve2(server);
+    });
+  });
+}
+var import_node_http2, MAX_BODY2;
+var init_server = __esm({
+  "src/server/index.ts"() {
+    "use strict";
+    init_cjs_shims();
+    import_node_http2 = require("http");
+    init_html();
+    init_routes();
+    MAX_BODY2 = 1048576;
+  }
+});
+
+// src/commands/dashboard.ts
+var dashboard_exports = {};
+__export(dashboard_exports, {
+  dashboardCommand: () => dashboardCommand
+});
+async function dashboardCommand(options) {
+  const port = parseInt(options.port, 10) || 3141;
+  const url = `http://127.0.0.1:${port}`;
+  try {
+    const server = await startServer(port);
+    console.log(`AgentPay Dashboard running at ${url}`);
+    console.log("Press Ctrl+C to stop.\n");
+    openBrowser(url);
+    const shutdown = () => {
+      console.log("\nShutting down dashboard...");
+      server.close(() => process.exit(0));
+      setTimeout(() => process.exit(0), 3e3);
+    };
+    process.on("SIGINT", shutdown);
+    process.on("SIGTERM", shutdown);
+  } catch (err) {
+    const message = err instanceof Error ? err.message : "Failed to start server";
+    console.error(message);
+    process.exit(1);
+  }
+}
+var init_dashboard = __esm({
+  "src/commands/dashboard.ts"() {
+    "use strict";
+    init_cjs_shims();
+    init_server();
+    init_open_browser();
+  }
+});
+
+// src/commands/mcp.ts
+var mcp_exports = {};
+__export(mcp_exports, {
+  mcpCommand: () => mcpCommand
+});
+async function mcpCommand(options) {
+  try {
+    const { startServer: startServer2 } = await import("@useagentpay/mcp-server");
+    await startServer2({ http: options.http });
+  } catch (err) {
+    if (err instanceof Error && "code" in err && err.code === "ERR_MODULE_NOT_FOUND") {
+      console.error("MCP server package not installed.");
+      console.error("Run: pnpm add @useagentpay/mcp-server");
+      process.exit(1);
+    }
+    throw err;
+  }
+}
+var init_mcp = __esm({
+  "src/commands/mcp.ts"() {
+    "use strict";
+    init_cjs_shims();
+  }
+});
+
+// src/cli.ts
+init_cjs_shims();
+var import_commander = require("commander");
+
+// src/index.ts
+init_cjs_shims();
+init_errors();
+init_ids();
+init_display();
+init_paths();
+init_vault();
+init_keypair();
+init_mandate();
+init_budget();
+init_manager();
+init_poller();
+init_logger();
+init_executor();
+init_placeholder();
+init_agentpay();
+var VERSION = "0.1.0";
+
+// src/cli.ts
+var program = new import_commander.Command();
+program.name("agentpay").description("Local-first payments SDK for AI agents").version(VERSION);
+program.command("setup").description("Set up AgentPay with your billing credentials").action(async () => {
+  const { setupCommand: setupCommand2 } = await Promise.resolve().then(() => (init_setup(), setup_exports));
+  await setupCommand2();
+});
+program.command("budget").description("View or configure spending budget").option("--set <amount>", "Set total budget").option("--limit-per-tx <amount>", "Set per-transaction limit").action(async (options) => {
+  const { budgetCommand: budgetCommand2 } = await Promise.resolve().then(() => (init_budget2(), budget_exports));
+  budgetCommand2(options);
+});
+program.command("pending").description("List pending purchase proposals").action(async () => {
+  const { pendingCommand: pendingCommand2 } = await Promise.resolve().then(() => (init_pending(), pending_exports));
+  pendingCommand2();
+});
+program.command("approve <txId>").description("Approve a pending purchase").action(async (txId) => {
+  const { approveCommand: approveCommand2 } = await Promise.resolve().then(() => (init_approve(), approve_exports));
+  await approveCommand2(txId);
+});
+program.command("reject <txId>").description("Reject a pending purchase").option("--reason <reason>", "Reason for rejection").action(async (txId, options) => {
+  const { rejectCommand: rejectCommand2 } = await Promise.resolve().then(() => (init_reject(), reject_exports));
+  rejectCommand2(txId, options);
+});
+program.command("status").description("Show wallet status and recent transactions").action(async () => {
+  const { statusCommand: statusCommand2 } = await Promise.resolve().then(() => (init_status(), status_exports));
+  statusCommand2();
+});
+program.command("history").description("Show full transaction history").action(async () => {
+  const { historyCommand: historyCommand2 } = await Promise.resolve().then(() => (init_history(), history_exports));
+  historyCommand2();
+});
+program.command("qr").description("Display QR code for web-based setup").option("--budget <amount>", "Suggested budget amount").option("--message <msg>", "Message to display on setup page").action(async (options) => {
+  const { qrCommand: qrCommand2 } = await Promise.resolve().then(() => (init_qr(), qr_exports));
+  await qrCommand2(options);
+});
+program.command("reset").description("Delete all AgentPay data").action(async () => {
+  const { resetCommand: resetCommand2 } = await Promise.resolve().then(() => (init_reset(), reset_exports));
+  await resetCommand2();
+});
+program.command("buy").description("Propose, approve, and execute a purchase").requiredOption("--merchant <name>", "Merchant name").requiredOption("--description <desc>", "Purchase description").requiredOption("--url <url>", "Product/checkout URL").option("--amount <amount>", "Purchase amount (auto-detected from page if omitted)").option("--pickup", "Select in-store pickup").action(async (options) => {
+  const { buyCommand: buyCommand2 } = await Promise.resolve().then(() => (init_buy(), buy_exports));
+  await buyCommand2(options);
+});
+program.command("dashboard").description("Open the AgentPay dashboard in your browser").option("--port <port>", "Port for dashboard server", "3141").action(async (options) => {
+  const { dashboardCommand: dashboardCommand2 } = await Promise.resolve().then(() => (init_dashboard(), dashboard_exports));
+  await dashboardCommand2(options);
+});
+program.command("mcp").description("Start AgentPay MCP server (stdio transport)").option("--http", "Use HTTP transport instead of stdio").action(async (options) => {
+  const { mcpCommand: mcpCommand2 } = await Promise.resolve().then(() => (init_mcp(), mcp_exports));
+  await mcpCommand2(options);
+});
+program.parse();
+//# sourceMappingURL=cli.cjs.map