npm - @useagentpay/sdk - Versions diffs - 0.1.0 - Mend

@useagentpay/sdk 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/dist/cli.js ADDED Viewed

@@ -0,0 +1,2728 @@
+#!/usr/bin/env node
+var __defProp = Object.defineProperty;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+// ../../node_modules/.pnpm/tsup@8.5.1_jiti@2.6.1_postcss@8.5.6_tsx@4.21.0_typescript@5.9.3/node_modules/tsup/assets/esm_shims.js
+import path from "path";
+import { fileURLToPath } from "url";
+var init_esm_shims = __esm({
+  "../../node_modules/.pnpm/tsup@8.5.1_jiti@2.6.1_postcss@8.5.6_tsx@4.21.0_typescript@5.9.3/node_modules/tsup/assets/esm_shims.js"() {
+    "use strict";
+  }
+});
+// src/errors.ts
+var NotSetupError, DecryptError, InsufficientBalanceError, ExceedsTxLimitError, NotApprovedError, InvalidMandateError, AlreadyExecutedError, CheckoutFailedError, TimeoutError;
+var init_errors = __esm({
+  "src/errors.ts"() {
+    "use strict";
+    init_esm_shims();
+    NotSetupError = class extends Error {
+      code = "NOT_SETUP";
+      constructor(message = "AgentPay has not been set up yet. Run `agentpay setup` first.") {
+        super(message);
+        this.name = "NotSetupError";
+      }
+    };
+    DecryptError = class extends Error {
+      code = "DECRYPT_FAILED";
+      constructor(message = "Failed to decrypt credentials. Wrong passphrase or corrupted file.") {
+        super(message);
+        this.name = "DecryptError";
+      }
+    };
+    InsufficientBalanceError = class extends Error {
+      code = "INSUFFICIENT_BALANCE";
+      constructor(amount, balance) {
+        const msg = amount !== void 0 && balance !== void 0 ? `Insufficient balance: requested $${amount.toFixed(2)} but only $${balance.toFixed(2)} available.` : "Insufficient balance for this transaction.";
+        super(msg);
+        this.name = "InsufficientBalanceError";
+      }
+    };
+    ExceedsTxLimitError = class extends Error {
+      code = "EXCEEDS_TX_LIMIT";
+      constructor(amount, limit) {
+        const msg = amount !== void 0 && limit !== void 0 ? `Amount $${amount.toFixed(2)} exceeds per-transaction limit of $${limit.toFixed(2)}.` : "Amount exceeds per-transaction limit.";
+        super(msg);
+        this.name = "ExceedsTxLimitError";
+      }
+    };
+    NotApprovedError = class extends Error {
+      code = "NOT_APPROVED";
+      constructor(txId) {
+        super(txId ? `Transaction ${txId} has not been approved.` : "Transaction has not been approved.");
+        this.name = "NotApprovedError";
+      }
+    };
+    InvalidMandateError = class extends Error {
+      code = "INVALID_MANDATE";
+      constructor(message = "Purchase mandate signature verification failed.") {
+        super(message);
+        this.name = "InvalidMandateError";
+      }
+    };
+    AlreadyExecutedError = class extends Error {
+      code = "ALREADY_EXECUTED";
+      constructor(txId) {
+        super(txId ? `Transaction ${txId} has already been executed.` : "Transaction has already been executed.");
+        this.name = "AlreadyExecutedError";
+      }
+    };
+    CheckoutFailedError = class extends Error {
+      code = "CHECKOUT_FAILED";
+      constructor(message = "Failed to complete checkout.") {
+        super(message);
+        this.name = "CheckoutFailedError";
+      }
+    };
+    TimeoutError = class extends Error {
+      code = "TIMEOUT";
+      constructor(message = "Operation timed out.") {
+        super(message);
+        this.name = "TimeoutError";
+      }
+    };
+  }
+});
+// src/utils/ids.ts
+import { randomBytes } from "crypto";
+function generateTxId() {
+  return `tx_${randomBytes(4).toString("hex")}`;
+}
+var init_ids = __esm({
+  "src/utils/ids.ts"() {
+    "use strict";
+    init_esm_shims();
+  }
+});
+// src/utils/display.ts
+function formatCurrency(amount) {
+  return `$${amount.toFixed(2)}`;
+}
+function formatTimestamp(iso) {
+  const d = new Date(iso);
+  return d.toLocaleString("en-US", {
+    month: "short",
+    day: "numeric",
+    hour: "2-digit",
+    minute: "2-digit"
+  });
+}
+function formatStatus(data) {
+  const lines = [
+    "AgentPay Status",
+    "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500",
+    `Balance:            ${formatCurrency(data.balance)} / ${formatCurrency(data.budget)}`,
+    `Per-tx limit:       ${formatCurrency(data.limitPerTx)}`,
+    `Pending purchases:  ${data.pending.length}`
+  ];
+  if (data.recent.length > 0) {
+    lines.push("", "Recent:");
+    for (const tx of data.recent) {
+      const status = `[${tx.status}]`.padEnd(12);
+      lines.push(`  ${status} ${tx.id}  ${tx.merchant.padEnd(12)} ${formatCurrency(tx.amount).padStart(8)}  ${tx.description}`);
+    }
+  }
+  return lines.join("\n");
+}
+var init_display = __esm({
+  "src/utils/display.ts"() {
+    "use strict";
+    init_esm_shims();
+  }
+});
+// src/utils/paths.ts
+import { homedir } from "os";
+import { join } from "path";
+function getHomePath() {
+  return process.env.AGENTPAY_HOME || join(homedir(), ".agentpay");
+}
+function getCredentialsPath() {
+  return join(getHomePath(), "credentials.enc");
+}
+function getKeysPath() {
+  return join(getHomePath(), "keys");
+}
+function getPublicKeyPath() {
+  return join(getKeysPath(), "public.pem");
+}
+function getPrivateKeyPath() {
+  return join(getKeysPath(), "private.pem");
+}
+function getWalletPath() {
+  return join(getHomePath(), "wallet.json");
+}
+function getTransactionsPath() {
+  return join(getHomePath(), "transactions.json");
+}
+function getAuditPath() {
+  return join(getHomePath(), "audit.log");
+}
+var init_paths = __esm({
+  "src/utils/paths.ts"() {
+    "use strict";
+    init_esm_shims();
+  }
+});
+// src/vault/vault.ts
+import { pbkdf2Sync, randomBytes as randomBytes2, createCipheriv, createDecipheriv } from "crypto";
+import { readFileSync, writeFileSync, mkdirSync } from "fs";
+import { dirname } from "path";
+function deriveKey(passphrase, salt) {
+  return pbkdf2Sync(passphrase, salt, PBKDF2_ITERATIONS, KEY_LENGTH, PBKDF2_DIGEST);
+}
+function encrypt(credentials, passphrase) {
+  const salt = randomBytes2(SALT_LENGTH);
+  const iv = randomBytes2(IV_LENGTH);
+  const key = deriveKey(passphrase, salt);
+  const cipher = createCipheriv(ALGORITHM, key, iv);
+  const plaintext = JSON.stringify(credentials);
+  const encrypted = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
+  const authTag = cipher.getAuthTag();
+  return {
+    ciphertext: Buffer.concat([encrypted, authTag]).toString("base64"),
+    salt: salt.toString("base64"),
+    iv: iv.toString("base64")
+  };
+}
+function decrypt(vault, passphrase) {
+  try {
+    const salt = Buffer.from(vault.salt, "base64");
+    const iv = Buffer.from(vault.iv, "base64");
+    const data = Buffer.from(vault.ciphertext, "base64");
+    const key = deriveKey(passphrase, salt);
+    const authTag = data.subarray(data.length - 16);
+    const ciphertext = data.subarray(0, data.length - 16);
+    const decipher = createDecipheriv(ALGORITHM, key, iv);
+    decipher.setAuthTag(authTag);
+    const decrypted = Buffer.concat([decipher.update(ciphertext), decipher.final()]);
+    return JSON.parse(decrypted.toString("utf8"));
+  } catch {
+    throw new DecryptError();
+  }
+}
+function saveVault(vault, path2) {
+  const filePath = path2 ?? getCredentialsPath();
+  mkdirSync(dirname(filePath), { recursive: true });
+  writeFileSync(filePath, JSON.stringify(vault, null, 2), { mode: 384 });
+}
+function loadVault(path2) {
+  const filePath = path2 ?? getCredentialsPath();
+  try {
+    const data = readFileSync(filePath, "utf8");
+    return JSON.parse(data);
+  } catch {
+    throw new NotSetupError();
+  }
+}
+var ALGORITHM, PBKDF2_ITERATIONS, PBKDF2_DIGEST, KEY_LENGTH, SALT_LENGTH, IV_LENGTH;
+var init_vault = __esm({
+  "src/vault/vault.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_errors();
+    init_paths();
+    ALGORITHM = "aes-256-gcm";
+    PBKDF2_ITERATIONS = 1e5;
+    PBKDF2_DIGEST = "sha512";
+    KEY_LENGTH = 32;
+    SALT_LENGTH = 32;
+    IV_LENGTH = 16;
+  }
+});
+// src/auth/keypair.ts
+import { generateKeyPairSync } from "crypto";
+import { readFileSync as readFileSync2, writeFileSync as writeFileSync2, mkdirSync as mkdirSync2 } from "fs";
+import { dirname as dirname2 } from "path";
+function generateKeyPair(passphrase) {
+  const { publicKey, privateKey } = generateKeyPairSync("ed25519", {
+    publicKeyEncoding: { type: "spki", format: "pem" },
+    privateKeyEncoding: {
+      type: "pkcs8",
+      format: "pem",
+      cipher: "aes-256-cbc",
+      passphrase
+    }
+  });
+  return { publicKey, privateKey };
+}
+function saveKeyPair(keys, publicPath, privatePath) {
+  const pubPath = publicPath ?? getPublicKeyPath();
+  const privPath = privatePath ?? getPrivateKeyPath();
+  mkdirSync2(dirname2(pubPath), { recursive: true });
+  writeFileSync2(pubPath, keys.publicKey, { mode: 420 });
+  writeFileSync2(privPath, keys.privateKey, { mode: 384 });
+}
+function loadPrivateKey(path2) {
+  return readFileSync2(path2 ?? getPrivateKeyPath(), "utf8");
+}
+var init_keypair = __esm({
+  "src/auth/keypair.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_paths();
+  }
+});
+// src/auth/mandate.ts
+import { createHash, createPrivateKey, createPublicKey as createPublicKey2, sign, verify } from "crypto";
+function hashTransactionDetails(details) {
+  const canonical = JSON.stringify({
+    txId: details.txId,
+    merchant: details.merchant,
+    amount: details.amount,
+    description: details.description,
+    timestamp: details.timestamp
+  });
+  return createHash("sha256").update(canonical).digest("hex");
+}
+function createMandate(txDetails, privateKeyPem, passphrase) {
+  const txHash = hashTransactionDetails(txDetails);
+  const data = Buffer.from(txHash);
+  const privateKey = createPrivateKey({
+    key: privateKeyPem,
+    format: "pem",
+    type: "pkcs8",
+    passphrase
+  });
+  const signature = sign(null, data, privateKey);
+  const publicKey = createPublicKey2(privateKey);
+  const publicKeyPem = publicKey.export({ type: "spki", format: "pem" });
+  return {
+    txId: txDetails.txId,
+    txHash,
+    signature: signature.toString("base64"),
+    publicKey: publicKeyPem,
+    timestamp: (/* @__PURE__ */ new Date()).toISOString()
+  };
+}
+function verifyMandate(mandate, txDetails) {
+  try {
+    const txHash = hashTransactionDetails(txDetails);
+    if (txHash !== mandate.txHash) return false;
+    const data = Buffer.from(txHash);
+    const signature = Buffer.from(mandate.signature, "base64");
+    const publicKey = createPublicKey2({
+      key: mandate.publicKey,
+      format: "pem",
+      type: "spki"
+    });
+    return verify(null, data, publicKey, signature);
+  } catch {
+    return false;
+  }
+}
+var init_mandate = __esm({
+  "src/auth/mandate.ts"() {
+    "use strict";
+    init_esm_shims();
+  }
+});
+// src/budget/budget.ts
+import { readFileSync as readFileSync3, writeFileSync as writeFileSync3, mkdirSync as mkdirSync3 } from "fs";
+import { dirname as dirname3 } from "path";
+var BudgetManager;
+var init_budget = __esm({
+  "src/budget/budget.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_errors();
+    init_paths();
+    BudgetManager = class {
+      walletPath;
+      constructor(walletPath) {
+        this.walletPath = walletPath ?? getWalletPath();
+      }
+      getWallet() {
+        try {
+          const data = readFileSync3(this.walletPath, "utf8");
+          return JSON.parse(data);
+        } catch {
+          throw new NotSetupError();
+        }
+      }
+      saveWallet(wallet) {
+        mkdirSync3(dirname3(this.walletPath), { recursive: true });
+        writeFileSync3(this.walletPath, JSON.stringify(wallet, null, 2), { mode: 384 });
+      }
+      setBudget(amount) {
+        let wallet;
+        try {
+          wallet = this.getWallet();
+        } catch {
+          wallet = { budget: 0, balance: 0, limitPerTx: 0, spent: 0 };
+        }
+        wallet.budget = amount;
+        wallet.balance = amount - wallet.spent;
+        this.saveWallet(wallet);
+      }
+      setLimitPerTx(limit) {
+        const wallet = this.getWallet();
+        wallet.limitPerTx = limit;
+        this.saveWallet(wallet);
+      }
+      deductBalance(amount) {
+        const wallet = this.getWallet();
+        if (amount > wallet.balance) {
+          throw new InsufficientBalanceError(amount, wallet.balance);
+        }
+        wallet.balance -= amount;
+        wallet.spent += amount;
+        this.saveWallet(wallet);
+      }
+      checkProposal(amount) {
+        const wallet = this.getWallet();
+        if (amount > wallet.balance) {
+          throw new InsufficientBalanceError(amount, wallet.balance);
+        }
+        if (wallet.limitPerTx > 0 && amount > wallet.limitPerTx) {
+          throw new ExceedsTxLimitError(amount, wallet.limitPerTx);
+        }
+      }
+      addFunds(amount) {
+        const wallet = this.getWallet();
+        wallet.budget += amount;
+        wallet.balance += amount;
+        this.saveWallet(wallet);
+        return wallet;
+      }
+      getBalance() {
+        const wallet = this.getWallet();
+        return {
+          budget: wallet.budget,
+          balance: wallet.balance,
+          limitPerTx: wallet.limitPerTx,
+          spent: wallet.spent
+        };
+      }
+      initWallet(budget, limitPerTx = 0) {
+        const wallet = { budget, balance: budget, limitPerTx, spent: 0 };
+        this.saveWallet(wallet);
+      }
+    };
+  }
+});
+// src/transactions/manager.ts
+import { readFileSync as readFileSync4, writeFileSync as writeFileSync4, mkdirSync as mkdirSync4 } from "fs";
+import { dirname as dirname4 } from "path";
+var TransactionManager;
+var init_manager = __esm({
+  "src/transactions/manager.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_ids();
+    init_paths();
+    TransactionManager = class {
+      txPath;
+      constructor(txPath) {
+        this.txPath = txPath ?? getTransactionsPath();
+      }
+      loadAll() {
+        try {
+          const data = readFileSync4(this.txPath, "utf8");
+          return JSON.parse(data);
+        } catch {
+          return [];
+        }
+      }
+      saveAll(transactions) {
+        mkdirSync4(dirname4(this.txPath), { recursive: true });
+        writeFileSync4(this.txPath, JSON.stringify(transactions, null, 2), { mode: 384 });
+      }
+      propose(options) {
+        const transactions = this.loadAll();
+        const tx = {
+          id: generateTxId(),
+          status: "pending",
+          merchant: options.merchant,
+          amount: options.amount,
+          description: options.description,
+          url: options.url,
+          createdAt: (/* @__PURE__ */ new Date()).toISOString()
+        };
+        transactions.push(tx);
+        this.saveAll(transactions);
+        return tx;
+      }
+      get(txId) {
+        return this.loadAll().find((tx) => tx.id === txId);
+      }
+      approve(txId, mandate) {
+        const transactions = this.loadAll();
+        const tx = transactions.find((t) => t.id === txId);
+        if (!tx) throw new Error(`Transaction ${txId} not found.`);
+        if (tx.status !== "pending") throw new Error(`Cannot approve transaction in '${tx.status}' state.`);
+        tx.status = "approved";
+        tx.mandate = mandate;
+        this.saveAll(transactions);
+      }
+      reject(txId, reason) {
+        const transactions = this.loadAll();
+        const tx = transactions.find((t) => t.id === txId);
+        if (!tx) throw new Error(`Transaction ${txId} not found.`);
+        if (tx.status !== "pending") throw new Error(`Cannot reject transaction in '${tx.status}' state.`);
+        tx.status = "rejected";
+        tx.rejectionReason = reason;
+        this.saveAll(transactions);
+      }
+      markExecuting(txId) {
+        const transactions = this.loadAll();
+        const tx = transactions.find((t) => t.id === txId);
+        if (!tx) throw new Error(`Transaction ${txId} not found.`);
+        if (tx.status !== "approved") throw new Error(`Cannot execute transaction in '${tx.status}' state.`);
+        tx.status = "executing";
+        this.saveAll(transactions);
+      }
+      markCompleted(txId, receipt) {
+        const transactions = this.loadAll();
+        const tx = transactions.find((t) => t.id === txId);
+        if (!tx) throw new Error(`Transaction ${txId} not found.`);
+        if (tx.status !== "executing") throw new Error(`Cannot complete transaction in '${tx.status}' state.`);
+        tx.status = "completed";
+        tx.receipt = receipt;
+        this.saveAll(transactions);
+      }
+      markFailed(txId, error) {
+        const transactions = this.loadAll();
+        const tx = transactions.find((t) => t.id === txId);
+        if (!tx) throw new Error(`Transaction ${txId} not found.`);
+        if (tx.status !== "executing") throw new Error(`Cannot fail transaction in '${tx.status}' state.`);
+        tx.status = "failed";
+        tx.error = error;
+        this.saveAll(transactions);
+      }
+      list() {
+        return this.loadAll();
+      }
+      getPending() {
+        return this.loadAll().filter((tx) => tx.status === "pending");
+      }
+      getHistory() {
+        return this.loadAll().filter((tx) => tx.status !== "pending");
+      }
+    };
+  }
+});
+// src/transactions/poller.ts
+var poller_exports = {};
+__export(poller_exports, {
+  waitForApproval: () => waitForApproval
+});
+async function waitForApproval(txId, manager, options) {
+  const interval = options?.pollInterval ?? 2e3;
+  const timeout = options?.timeout ?? 3e5;
+  const deadline = Date.now() + timeout;
+  while (Date.now() < deadline) {
+    const tx = manager.get(txId);
+    if (!tx) throw new Error(`Transaction ${txId} not found.`);
+    if (tx.status === "approved") return { status: "approved" };
+    if (tx.status === "rejected") return { status: "rejected", reason: tx.rejectionReason };
+    await new Promise((resolve2) => setTimeout(resolve2, interval));
+  }
+  throw new TimeoutError(`Timed out waiting for approval of ${txId}`);
+}
+var init_poller = __esm({
+  "src/transactions/poller.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_errors();
+  }
+});
+// src/audit/logger.ts
+import { appendFileSync, readFileSync as readFileSync5, mkdirSync as mkdirSync5 } from "fs";
+import { dirname as dirname5 } from "path";
+var AuditLogger;
+var init_logger = __esm({
+  "src/audit/logger.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_paths();
+    AuditLogger = class {
+      logPath;
+      constructor(logPath) {
+        this.logPath = logPath ?? getAuditPath();
+      }
+      log(action, details) {
+        const timestamp = (/* @__PURE__ */ new Date()).toISOString();
+        const detailsStr = JSON.stringify(details);
+        const entry = `${timestamp}	${action}	${detailsStr}
+`;
+        mkdirSync5(dirname5(this.logPath), { recursive: true });
+        appendFileSync(this.logPath, entry, { mode: 384 });
+      }
+      getLog() {
+        try {
+          const data = readFileSync5(this.logPath, "utf8");
+          return data.trim().split("\n").filter(Boolean);
+        } catch {
+          return [];
+        }
+      }
+    };
+  }
+});
+// src/executor/placeholder.ts
+function getPlaceholderVariables() {
+  return {
+    card_number: "%card_number%",
+    cardholder_name: "%cardholder_name%",
+    card_expiry: "%card_expiry%",
+    card_cvv: "%card_cvv%",
+    billing_street: "%billing_street%",
+    billing_city: "%billing_city%",
+    billing_state: "%billing_state%",
+    billing_zip: "%billing_zip%",
+    billing_country: "%billing_country%",
+    shipping_street: "%shipping_street%",
+    shipping_city: "%shipping_city%",
+    shipping_state: "%shipping_state%",
+    shipping_zip: "%shipping_zip%",
+    shipping_country: "%shipping_country%",
+    email: "%email%",
+    phone: "%phone%"
+  };
+}
+function credentialsToSwapMap(creds) {
+  return {
+    [PLACEHOLDER_MAP.card_number]: creds.card.number,
+    [PLACEHOLDER_MAP.cardholder_name]: creds.name,
+    [PLACEHOLDER_MAP.card_expiry]: creds.card.expiry,
+    [PLACEHOLDER_MAP.card_cvv]: creds.card.cvv,
+    [PLACEHOLDER_MAP.billing_street]: creds.billingAddress.street,
+    [PLACEHOLDER_MAP.billing_city]: creds.billingAddress.city,
+    [PLACEHOLDER_MAP.billing_state]: creds.billingAddress.state,
+    [PLACEHOLDER_MAP.billing_zip]: creds.billingAddress.zip,
+    [PLACEHOLDER_MAP.billing_country]: creds.billingAddress.country,
+    [PLACEHOLDER_MAP.shipping_street]: creds.shippingAddress.street,
+    [PLACEHOLDER_MAP.shipping_city]: creds.shippingAddress.city,
+    [PLACEHOLDER_MAP.shipping_state]: creds.shippingAddress.state,
+    [PLACEHOLDER_MAP.shipping_zip]: creds.shippingAddress.zip,
+    [PLACEHOLDER_MAP.shipping_country]: creds.shippingAddress.country,
+    [PLACEHOLDER_MAP.email]: creds.email,
+    [PLACEHOLDER_MAP.phone]: creds.phone
+  };
+}
+var PLACEHOLDER_MAP;
+var init_placeholder = __esm({
+  "src/executor/placeholder.ts"() {
+    "use strict";
+    init_esm_shims();
+    PLACEHOLDER_MAP = {
+      card_number: "{{card_number}}",
+      cardholder_name: "{{cardholder_name}}",
+      card_expiry: "{{card_expiry}}",
+      card_cvv: "{{card_cvv}}",
+      billing_street: "{{billing_street}}",
+      billing_city: "{{billing_city}}",
+      billing_state: "{{billing_state}}",
+      billing_zip: "{{billing_zip}}",
+      billing_country: "{{billing_country}}",
+      shipping_street: "{{shipping_street}}",
+      shipping_city: "{{shipping_city}}",
+      shipping_state: "{{shipping_state}}",
+      shipping_zip: "{{shipping_zip}}",
+      shipping_country: "{{shipping_country}}",
+      email: "{{email}}",
+      phone: "{{phone}}"
+    };
+  }
+});
+// src/executor/executor.ts
+import { Stagehand } from "@browserbasehq/stagehand";
+var PurchaseExecutor;
+var init_executor = __esm({
+  "src/executor/executor.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_errors();
+    init_placeholder();
+    PurchaseExecutor = class {
+      config;
+      stagehand = null;
+      constructor(config) {
+        this.config = {
+          browserbaseApiKey: config?.browserbaseApiKey ?? process.env.BROWSERBASE_API_KEY,
+          browserbaseProjectId: config?.browserbaseProjectId ?? process.env.BROWSERBASE_PROJECT_ID,
+          modelApiKey: config?.modelApiKey ?? process.env.ANTHROPIC_API_KEY
+        };
+      }
+      createStagehand() {
+        return new Stagehand({
+          env: "BROWSERBASE",
+          apiKey: this.config.browserbaseApiKey,
+          projectId: this.config.browserbaseProjectId,
+          model: this.config.modelApiKey ? { modelName: "claude-3-7-sonnet-latest", apiKey: this.config.modelApiKey } : void 0,
+          browserbaseSessionCreateParams: {
+            browserSettings: {
+              recordSession: false
+            }
+          }
+        });
+      }
+      /**
+       * Phase 1: Open browser, navigate to URL, extract price and product info.
+       * Keeps the session alive for fillAndComplete().
+       */
+      async openAndDiscover(url, instructions) {
+        this.stagehand = this.createStagehand();
+        await this.stagehand.init();
+        const page = this.stagehand.context.activePage();
+        await page.goto(url);
+        const addToCartInstructions = instructions ? `On this product page: ${instructions}. Then add the item to the cart.` : "Add this product to the cart.";
+        await this.stagehand.act(addToCartInstructions);
+        const extracted = await this.stagehand.extract(
+          'Extract the product name and the price (as a number without $ sign) from the page or cart. Return JSON: { "price": <number>, "productName": "<string>" }'
+        );
+        const price = parseFloat(extracted?.price ?? extracted?.extraction?.price ?? "0");
+        const productName = extracted?.productName ?? extracted?.extraction?.productName ?? "Unknown Product";
+        return { price, productName };
+      }
+      /**
+       * Phase 2: Proceed to checkout, fill forms, swap credentials, and submit.
+       * Must be called after openAndDiscover().
+       */
+      async fillAndComplete(credentials) {
+        if (!this.stagehand) {
+          throw new CheckoutFailedError("No active session. Call openAndDiscover() first.");
+        }
+        try {
+          await this.stagehand.act("Proceed to checkout from the cart.");
+          const variables = getPlaceholderVariables();
+          await this.stagehand.act(
+            `Fill in the checkout form with these values:
+          Name: ${variables.cardholder_name}
+          Card Number: ${variables.card_number}
+          Expiry: ${variables.card_expiry}
+          CVV: ${variables.card_cvv}
+          Email: ${variables.email}
+          Phone: ${variables.phone}
+          Billing Street: ${variables.billing_street}
+          Billing City: ${variables.billing_city}
+          Billing State: ${variables.billing_state}
+          Billing ZIP: ${variables.billing_zip}
+          Billing Country: ${variables.billing_country}
+          Shipping Street: ${variables.shipping_street}
+          Shipping City: ${variables.shipping_city}
+          Shipping State: ${variables.shipping_state}
+          Shipping ZIP: ${variables.shipping_zip}
+          Shipping Country: ${variables.shipping_country}`,
+            { variables }
+          );
+          const swapMap = credentialsToSwapMap(credentials);
+          const page = this.stagehand.context.activePage();
+          await page.evaluate((map) => {
+            const inputs = document.querySelectorAll("input, textarea, select");
+            for (const input of inputs) {
+              const el = input;
+              for (const [placeholder, value] of Object.entries(map)) {
+                if (el.value === placeholder) {
+                  el.value = value;
+                  el.dispatchEvent(new Event("input", { bubbles: true }));
+                  el.dispatchEvent(new Event("change", { bubbles: true }));
+                }
+              }
+            }
+            const submitBtn = document.querySelector('button[type="submit"], input[type="submit"]');
+            if (submitBtn) submitBtn.click();
+          }, swapMap);
+          await page.waitForTimeout(5e3);
+          const result = await this.stagehand.extract(
+            "Extract the order confirmation number or ID from the page"
+          );
+          const confirmationId = result?.extraction;
+          if (!confirmationId || confirmationId === "null" || confirmationId === "UNKNOWN") {
+            throw new CheckoutFailedError("No order confirmation found. Checkout may not have completed.");
+          }
+          return {
+            success: true,
+            confirmationId
+          };
+        } catch (err) {
+          if (err instanceof CheckoutFailedError) throw err;
+          const message = err instanceof Error ? err.message : "Unknown checkout error";
+          throw new CheckoutFailedError(message);
+        }
+      }
+      /**
+       * Convenience: single-shot execute (navigate + checkout in one call).
+       * Used by AgentPay facade when amount is already known.
+       */
+      async execute(tx, credentials) {
+        this.stagehand = this.createStagehand();
+        try {
+          await this.stagehand.init();
+          const page = this.stagehand.context.activePage();
+          await page.goto(tx.url);
+          const variables = getPlaceholderVariables();
+          await this.stagehand.act(
+            `Find the product and proceed to checkout. Fill in the checkout form with these values:
+          Name: ${variables.cardholder_name}
+          Card Number: ${variables.card_number}
+          Expiry: ${variables.card_expiry}
+          CVV: ${variables.card_cvv}
+          Email: ${variables.email}
+          Phone: ${variables.phone}
+          Billing Street: ${variables.billing_street}
+          Billing City: ${variables.billing_city}
+          Billing State: ${variables.billing_state}
+          Billing ZIP: ${variables.billing_zip}
+          Billing Country: ${variables.billing_country}
+          Shipping Street: ${variables.shipping_street}
+          Shipping City: ${variables.shipping_city}
+          Shipping State: ${variables.shipping_state}
+          Shipping ZIP: ${variables.shipping_zip}
+          Shipping Country: ${variables.shipping_country}`,
+            { variables }
+          );
+          const swapMap = credentialsToSwapMap(credentials);
+          await page.evaluate((map) => {
+            const inputs = document.querySelectorAll("input, textarea, select");
+            for (const input of inputs) {
+              const el = input;
+              for (const [placeholder, value] of Object.entries(map)) {
+                if (el.value === placeholder) {
+                  el.value = value;
+                  el.dispatchEvent(new Event("input", { bubbles: true }));
+                  el.dispatchEvent(new Event("change", { bubbles: true }));
+                }
+              }
+            }
+            const submitBtn = document.querySelector('button[type="submit"], input[type="submit"]');
+            if (submitBtn) submitBtn.click();
+          }, swapMap);
+          await page.waitForTimeout(5e3);
+          const result = await this.stagehand.extract(
+            "Extract the order confirmation number or ID from the page"
+          );
+          const confirmationId = result?.extraction;
+          if (!confirmationId || confirmationId === "null" || confirmationId === "UNKNOWN") {
+            throw new CheckoutFailedError("No order confirmation found. Checkout may not have completed.");
+          }
+          return {
+            success: true,
+            confirmationId
+          };
+        } catch (err) {
+          if (err instanceof CheckoutFailedError) throw err;
+          const message = err instanceof Error ? err.message : "Unknown checkout error";
+          throw new CheckoutFailedError(message);
+        } finally {
+          await this.close();
+        }
+      }
+      async close() {
+        try {
+          if (this.stagehand) {
+            await this.stagehand.close();
+            this.stagehand = null;
+          }
+        } catch {
+        }
+      }
+    };
+  }
+});
+// src/agentpay.ts
+import { join as join2 } from "path";
+var AgentPay;
+var init_agentpay = __esm({
+  "src/agentpay.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_budget();
+    init_manager();
+    init_logger();
+    init_executor();
+    init_mandate();
+    init_vault();
+    init_paths();
+    init_errors();
+    AgentPay = class {
+      home;
+      passphrase;
+      budgetManager;
+      txManager;
+      auditLogger;
+      executor;
+      constructor(options) {
+        this.home = options?.home ?? getHomePath();
+        this.passphrase = options?.passphrase;
+        this.budgetManager = new BudgetManager(join2(this.home, "wallet.json"));
+        this.txManager = new TransactionManager(join2(this.home, "transactions.json"));
+        this.auditLogger = new AuditLogger(join2(this.home, "audit.log"));
+        this.executor = new PurchaseExecutor(options?.executor);
+      }
+      get wallet() {
+        const bm = this.budgetManager;
+        return {
+          getBalance: () => bm.getBalance(),
+          getHistory: () => this.txManager.getHistory(),
+          getLimits: () => {
+            const w = bm.getBalance();
+            return { budget: w.budget, limitPerTx: w.limitPerTx, remaining: w.balance };
+          },
+          generateFundingQR: async (options) => {
+            const QRCode2 = await import("qrcode");
+            const params = new URLSearchParams();
+            if (options?.suggestedBudget) params.set("budget", String(options.suggestedBudget));
+            if (options?.message) params.set("msg", options.message);
+            const baseUrl = process.env.AGENTPAY_WEB_URL ?? "http://localhost:3000";
+            const url = `${baseUrl}/setup${params.toString() ? `?${params.toString()}` : ""}`;
+            const qrDataUrl = await QRCode2.toDataURL(url);
+            return { url, qrDataUrl };
+          }
+        };
+      }
+      get transactions() {
+        return {
+          propose: (options) => {
+            this.budgetManager.checkProposal(options.amount);
+            const tx = this.txManager.propose(options);
+            this.auditLogger.log("PROPOSE", { txId: tx.id, merchant: tx.merchant, amount: tx.amount });
+            return tx;
+          },
+          get: (txId) => this.txManager.get(txId),
+          waitForApproval: async (txId, options) => {
+            const { waitForApproval: waitForApproval2 } = await Promise.resolve().then(() => (init_poller(), poller_exports));
+            return waitForApproval2(txId, this.txManager, options);
+          },
+          execute: async (txId) => {
+            const tx = this.txManager.get(txId);
+            if (!tx) throw new Error(`Transaction ${txId} not found.`);
+            if (tx.status === "completed" || tx.status === "failed") {
+              throw new AlreadyExecutedError(txId);
+            }
+            if (tx.status !== "approved") {
+              throw new NotApprovedError(txId);
+            }
+            if (!tx.mandate) {
+              throw new InvalidMandateError("No mandate found on approved transaction.");
+            }
+            const txDetails = {
+              txId: tx.id,
+              merchant: tx.merchant,
+              amount: tx.amount,
+              description: tx.description,
+              timestamp: tx.createdAt
+            };
+            if (!verifyMandate(tx.mandate, txDetails)) {
+              throw new InvalidMandateError();
+            }
+            this.budgetManager.checkProposal(tx.amount);
+            this.txManager.markExecuting(txId);
+            this.auditLogger.log("EXECUTE", { txId, browserbaseSessionStarted: true });
+            try {
+              if (!this.passphrase) {
+                throw new Error("Passphrase required for execution. Pass it to AgentPay constructor.");
+              }
+              const vaultPath = join2(this.home, "credentials.enc");
+              const vault = loadVault(vaultPath);
+              const credentials = decrypt(vault, this.passphrase);
+              const result = await this.executor.execute(tx, credentials);
+              const receipt = {
+                id: `rcpt_${txId.replace("tx_", "")}`,
+                merchant: tx.merchant,
+                amount: tx.amount,
+                confirmationId: result.confirmationId ?? "UNKNOWN",
+                completedAt: (/* @__PURE__ */ new Date()).toISOString()
+              };
+              this.txManager.markCompleted(txId, receipt);
+              this.budgetManager.deductBalance(tx.amount);
+              this.auditLogger.log("COMPLETE", { txId, confirmationId: receipt.confirmationId });
+              return receipt;
+            } catch (err) {
+              this.txManager.markFailed(txId, err instanceof Error ? err.message : "Unknown error");
+              this.auditLogger.log("FAILED", { txId, error: err instanceof Error ? err.message : "Unknown" });
+              throw err;
+            }
+          },
+          getReceipt: (txId) => {
+            const tx = this.txManager.get(txId);
+            return tx?.receipt;
+          }
+        };
+      }
+      get audit() {
+        return { getLog: () => this.auditLogger.getLog() };
+      }
+      status() {
+        try {
+          const wallet = this.budgetManager.getBalance();
+          const pending = this.txManager.getPending();
+          const recent = this.txManager.list().slice(-5);
+          return {
+            balance: wallet.balance,
+            budget: wallet.budget,
+            limitPerTx: wallet.limitPerTx,
+            pending,
+            recent,
+            isSetup: true
+          };
+        } catch {
+          return {
+            balance: 0,
+            budget: 0,
+            limitPerTx: 0,
+            pending: [],
+            recent: [],
+            isSetup: false
+          };
+        }
+      }
+    };
+  }
+});
+// src/server/passphrase-html.ts
+function esc(s) {
+  return s.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;");
+}
+function formatCurrency2(n) {
+  return "$" + n.toFixed(2);
+}
+function getPassphraseHtml(token, context) {
+  const actionLabel = context?.action === "approve" ? "Approve Transaction" : "Approve Purchase";
+  const buttonLabel = context?.action === "approve" ? "Unlock &amp; Approve" : "Unlock &amp; Approve";
+  let contextHtml = "";
+  if (context) {
+    const lines = [];
+    if (context.merchant) lines.push(`<div class="detail"><span class="detail-label">Merchant</span><span class="detail-value">${esc(context.merchant)}</span></div>`);
+    if (context.amount !== void 0) lines.push(`<div class="detail"><span class="detail-label">Amount</span><span class="detail-value">${formatCurrency2(context.amount)}</span></div>`);
+    if (context.description) lines.push(`<div class="detail"><span class="detail-label">Description</span><span class="detail-value">${esc(context.description)}</span></div>`);
+    if (context.txId) lines.push(`<div class="detail"><span class="detail-label">Transaction</span><span class="detail-value" style="font-family:monospace;font-size:12px;">${esc(context.txId)}</span></div>`);
+    if (lines.length > 0) {
+      contextHtml = `<div class="card context-card">${lines.join("")}</div>`;
+    }
+  }
+  return `<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1">
+<title>AgentPay \u2014 Passphrase Required</title>
+<style>
+  *, *::before, *::after { box-sizing: border-box; margin: 0; padding: 0; }
+  body {
+    font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
+    background: #f5f5f5;
+    color: #111;
+    min-height: 100vh;
+    display: flex;
+    justify-content: center;
+    padding: 40px 16px;
+  }
+  .container { width: 100%; max-width: 420px; }
+  h1 { font-size: 24px; font-weight: 700; margin-bottom: 4px; }
+  .subtitle { color: #666; font-size: 14px; margin-bottom: 24px; }
+  .card {
+    background: #fff;
+    border-radius: 8px;
+    padding: 24px;
+    margin-bottom: 16px;
+    border: 1px solid #e0e0e0;
+  }
+  .context-card { padding: 16px 20px; }
+  .detail {
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+    padding: 8px 0;
+    border-bottom: 1px solid #f0f0f0;
+  }
+  .detail:last-child { border-bottom: none; }
+  .detail-label { font-size: 13px; color: #666; }
+  .detail-value { font-size: 14px; font-weight: 600; }
+  label { display: block; font-size: 13px; font-weight: 500; color: #333; margin-bottom: 6px; }
+  input[type="password"] {
+    width: 100%;
+    padding: 12px 14px;
+    border: 1px solid #d0d0d0;
+    border-radius: 8px;
+    font-size: 15px;
+    outline: none;
+    transition: border-color 0.15s;
+  }
+  input[type="password"]:focus { border-color: #111; }
+  button {
+    width: 100%;
+    padding: 12px;
+    border: none;
+    border-radius: 8px;
+    font-size: 14px;
+    font-weight: 600;
+    cursor: pointer;
+    transition: opacity 0.15s;
+    margin-top: 16px;
+    background: #111;
+    color: #fff;
+  }
+  button:hover { opacity: 0.85; }
+  button:disabled { opacity: 0.5; cursor: not-allowed; }
+  .error { color: #c62828; font-size: 13px; margin-top: 10px; }
+  .success-screen {
+    text-align: center;
+    padding: 40px 0;
+  }
+  .checkmark {
+    font-size: 48px;
+    margin-bottom: 16px;
+  }
+  .success-msg {
+    font-size: 16px;
+    font-weight: 600;
+    margin-bottom: 8px;
+  }
+  .success-hint {
+    font-size: 13px;
+    color: #666;
+  }
+  .hidden { display: none; }
+</style>
+</head>
+<body>
+<div class="container">
+  <div id="form-view">
+    <h1>AgentPay</h1>
+    <p class="subtitle">${esc(actionLabel)}</p>
+    ${contextHtml}
+    <div class="card">
+      <label for="passphrase">Passphrase</label>
+      <input type="password" id="passphrase" placeholder="Enter your passphrase" autofocus>
+      <div id="error" class="error hidden"></div>
+      <button id="submit">${buttonLabel}</button>
+    </div>
+  </div>
+  <div id="success-view" class="hidden">
+    <h1>AgentPay</h1>
+    <p class="subtitle">${esc(actionLabel)}</p>
+    <div class="card">
+      <div class="success-screen">
+        <div class="checkmark">&#10003;</div>
+        <div class="success-msg">Passphrase received</div>
+        <div class="success-hint">You can close this tab.</div>
+      </div>
+    </div>
+  </div>
+</div>
+<script>
+(function() {
+  var token = ${JSON.stringify(token)};
+  var form = document.getElementById('form-view');
+  var success = document.getElementById('success-view');
+  var input = document.getElementById('passphrase');
+  var btn = document.getElementById('submit');
+  var errDiv = document.getElementById('error');
+  function submit() {
+    var passphrase = input.value;
+    if (!passphrase) {
+      errDiv.textContent = 'Passphrase is required.';
+      errDiv.classList.remove('hidden');
+      return;
+    }
+    btn.disabled = true;
+    btn.textContent = 'Submitting...';
+    errDiv.classList.add('hidden');
+    fetch('/passphrase', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ token: token, passphrase: passphrase })
+    })
+    .then(function(res) { return res.json(); })
+    .then(function(data) {
+      if (data.error) {
+        errDiv.textContent = data.error;
+        errDiv.classList.remove('hidden');
+        btn.disabled = false;
+        btn.textContent = '${buttonLabel}';
+      } else {
+        form.classList.add('hidden');
+        success.classList.remove('hidden');
+      }
+    })
+    .catch(function() {
+      errDiv.textContent = 'Failed to submit. Is the CLI still running?';
+      errDiv.classList.remove('hidden');
+      btn.disabled = false;
+      btn.textContent = '${buttonLabel}';
+    });
+  }
+  btn.addEventListener('click', submit);
+  input.addEventListener('keydown', function(e) {
+    if (e.key === 'Enter') submit();
+  });
+})();
+</script>
+</body>
+</html>`;
+}
+var init_passphrase_html = __esm({
+  "src/server/passphrase-html.ts"() {
+    "use strict";
+    init_esm_shims();
+  }
+});
+// src/utils/open-browser.ts
+import { exec } from "child_process";
+import { platform } from "os";
+function openBrowser(url) {
+  const plat = platform();
+  let cmd;
+  if (plat === "darwin") cmd = `open "${url}"`;
+  else if (plat === "win32") cmd = `start "" "${url}"`;
+  else cmd = `xdg-open "${url}"`;
+  exec(cmd, (err) => {
+    if (err) {
+      console.log(`Open ${url} in your browser.`);
+    }
+  });
+}
+var init_open_browser = __esm({
+  "src/utils/open-browser.ts"() {
+    "use strict";
+    init_esm_shims();
+  }
+});
+// src/server/passphrase-server.ts
+var passphrase_server_exports = {};
+__export(passphrase_server_exports, {
+  collectPassphrase: () => collectPassphrase
+});
+import { createServer } from "http";
+import { randomBytes as randomBytes3 } from "crypto";
+function parseBody(req) {
+  return new Promise((resolve2, reject) => {
+    const chunks = [];
+    let size = 0;
+    req.on("data", (chunk) => {
+      size += chunk.length;
+      if (size > MAX_BODY) {
+        req.destroy();
+        reject(new Error("Request body too large"));
+        return;
+      }
+      chunks.push(chunk);
+    });
+    req.on("end", () => {
+      try {
+        const text = Buffer.concat(chunks).toString("utf8");
+        resolve2(text ? JSON.parse(text) : {});
+      } catch {
+        reject(new Error("Invalid JSON"));
+      }
+    });
+    req.on("error", reject);
+  });
+}
+function sendJson(res, status, body) {
+  const json = JSON.stringify(body);
+  res.writeHead(status, {
+    "Content-Type": "application/json",
+    "Content-Length": Buffer.byteLength(json)
+  });
+  res.end(json);
+}
+function sendHtml(res, html) {
+  res.writeHead(200, {
+    "Content-Type": "text/html; charset=utf-8",
+    "Content-Length": Buffer.byteLength(html)
+  });
+  res.end(html);
+}
+function collectPassphrase(context) {
+  return new Promise((resolve2, reject) => {
+    const nonce = randomBytes3(32).toString("hex");
+    let settled = false;
+    const server = createServer(async (req, res) => {
+      const url = new URL(req.url ?? "/", `http://${req.headers.host}`);
+      const method = req.method ?? "GET";
+      try {
+        if (method === "GET" && url.pathname === "/passphrase") {
+          const token = url.searchParams.get("token");
+          if (token !== nonce) {
+            sendHtml(res, "<h1>Invalid or expired link.</h1>");
+            return;
+          }
+          sendHtml(res, getPassphraseHtml(nonce, context));
+        } else if (method === "POST" && url.pathname === "/passphrase") {
+          const body = await parseBody(req);
+          if (body.token !== nonce) {
+            sendJson(res, 403, { error: "Invalid token." });
+            return;
+          }
+          const passphrase = body.passphrase;
+          if (typeof passphrase !== "string" || !passphrase) {
+            sendJson(res, 400, { error: "Passphrase is required." });
+            return;
+          }
+          sendJson(res, 200, { ok: true });
+          if (!settled) {
+            settled = true;
+            cleanup();
+            resolve2(passphrase);
+          }
+        } else {
+          sendJson(res, 404, { error: "Not found" });
+        }
+      } catch (err) {
+        const message = err instanceof Error ? err.message : "Internal error";
+        sendJson(res, 500, { error: message });
+      }
+    });
+    const timer = setTimeout(() => {
+      if (!settled) {
+        settled = true;
+        cleanup();
+        reject(new TimeoutError("Passphrase entry timed out after 5 minutes."));
+      }
+    }, TIMEOUT_MS);
+    function cleanup() {
+      clearTimeout(timer);
+      server.close();
+    }
+    server.on("error", (err) => {
+      if (!settled) {
+        settled = true;
+        cleanup();
+        reject(err);
+      }
+    });
+    server.listen(0, "127.0.0.1", () => {
+      const addr = server.address();
+      if (!addr || typeof addr === "string") {
+        if (!settled) {
+          settled = true;
+          cleanup();
+          reject(new Error("Failed to bind server"));
+        }
+        return;
+      }
+      const url = `http://127.0.0.1:${addr.port}/passphrase?token=${nonce}`;
+      console.log("Waiting for passphrase entry in browser...");
+      openBrowser(url);
+    });
+  });
+}
+var TIMEOUT_MS, MAX_BODY;
+var init_passphrase_server = __esm({
+  "src/server/passphrase-server.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_passphrase_html();
+    init_open_browser();
+    init_errors();
+    TIMEOUT_MS = 5 * 60 * 1e3;
+    MAX_BODY = 4096;
+  }
+});
+// src/utils/prompt.ts
+import { createInterface } from "readline";
+function createRl() {
+  return createInterface({ input: process.stdin, output: process.stdout });
+}
+function promptInput(question) {
+  return new Promise((resolve2) => {
+    const rl = createRl();
+    rl.question(question, (answer) => {
+      rl.close();
+      resolve2(answer.trim());
+    });
+  });
+}
+async function promptPassphrase(prompt = "Passphrase: ") {
+  return promptInput(prompt);
+}
+function promptConfirm(question) {
+  return new Promise((resolve2) => {
+    const rl = createRl();
+    rl.question(`${question} (y/N): `, (answer) => {
+      rl.close();
+      resolve2(answer.trim().toLowerCase() === "y" || answer.trim().toLowerCase() === "yes");
+    });
+  });
+}
+async function promptPassphraseSafe(context) {
+  if (process.stdin.isTTY) {
+    return promptPassphrase("Enter passphrase: ");
+  }
+  const { collectPassphrase: collectPassphrase2 } = await Promise.resolve().then(() => (init_passphrase_server(), passphrase_server_exports));
+  return collectPassphrase2(context);
+}
+var init_prompt = __esm({
+  "src/utils/prompt.ts"() {
+    "use strict";
+    init_esm_shims();
+  }
+});
+// src/commands/setup.ts
+var setup_exports = {};
+__export(setup_exports, {
+  setupCommand: () => setupCommand
+});
+import { mkdirSync as mkdirSync6 } from "fs";
+async function setupCommand() {
+  console.log("AgentPay Setup");
+  console.log("\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\n");
+  const home = getHomePath();
+  mkdirSync6(home, { recursive: true });
+  const passphrase = await promptPassphrase("Choose a passphrase: ");
+  const confirm = await promptPassphrase("Confirm passphrase: ");
+  if (passphrase !== confirm) {
+    console.error("Passphrases do not match.");
+    process.exit(1);
+  }
+  console.log("\nBilling Information");
+  console.log("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
+  const cardNumber = await promptInput("Card number: ");
+  const cardExpiry = await promptInput("Expiry (MM/YY): ");
+  const cardCvv = await promptInput("CVV: ");
+  console.log("\nPersonal Information");
+  console.log("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
+  const name = await promptInput("Full name: ");
+  const email = await promptInput("Email: ");
+  const phone = await promptInput("Phone: ");
+  console.log("\nBilling Address");
+  console.log("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
+  const billingStreet = await promptInput("Street: ");
+  const billingCity = await promptInput("City: ");
+  const billingState = await promptInput("State: ");
+  const billingZip = await promptInput("ZIP: ");
+  const billingCountry = await promptInput("Country (e.g. US): ");
+  console.log("\nShipping Address");
+  console.log("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
+  const sameAsBilling = await promptInput("Same as billing? (y/N): ");
+  let shippingStreet, shippingCity, shippingState, shippingZip, shippingCountry;
+  if (sameAsBilling.toLowerCase() === "y" || sameAsBilling.toLowerCase() === "yes") {
+    shippingStreet = billingStreet;
+    shippingCity = billingCity;
+    shippingState = billingState;
+    shippingZip = billingZip;
+    shippingCountry = billingCountry;
+  } else {
+    shippingStreet = await promptInput("Street: ");
+    shippingCity = await promptInput("City: ");
+    shippingState = await promptInput("State: ");
+    shippingZip = await promptInput("ZIP: ");
+    shippingCountry = await promptInput("Country (e.g. US): ");
+  }
+  const credentials = {
+    card: { number: cardNumber, expiry: cardExpiry, cvv: cardCvv },
+    name,
+    billingAddress: { street: billingStreet, city: billingCity, state: billingState, zip: billingZip, country: billingCountry },
+    shippingAddress: { street: shippingStreet, city: shippingCity, state: shippingState, zip: shippingZip, country: shippingCountry },
+    email,
+    phone
+  };
+  const vault = encrypt(credentials, passphrase);
+  saveVault(vault, getCredentialsPath());
+  console.log("\nCredentials encrypted and saved.");
+  const keys = generateKeyPair(passphrase);
+  mkdirSync6(getKeysPath(), { recursive: true });
+  saveKeyPair(keys);
+  console.log("Keypair generated.");
+  const bm = new BudgetManager();
+  bm.initWallet(0, 0);
+  console.log("Wallet initialized.");
+  const audit = new AuditLogger();
+  audit.log("SETUP", { message: "credentials encrypted, keypair generated, wallet initialized" });
+  console.log("\nSetup complete! Next steps:");
+  console.log("  agentpay budget --set 200      Set your spending budget");
+  console.log("  agentpay budget --limit-per-tx 50  Set per-transaction limit");
+}
+var init_setup = __esm({
+  "src/commands/setup.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_prompt();
+    init_vault();
+    init_keypair();
+    init_budget();
+    init_logger();
+    init_paths();
+  }
+});
+// src/commands/budget.ts
+var budget_exports = {};
+__export(budget_exports, {
+  budgetCommand: () => budgetCommand
+});
+function budgetCommand(options) {
+  const bm = new BudgetManager();
+  const audit = new AuditLogger();
+  if (options.set) {
+    const amount = parseFloat(options.set);
+    if (isNaN(amount) || amount < 0) {
+      console.error("Invalid amount. Provide a positive number.");
+      process.exit(1);
+    }
+    bm.setBudget(amount);
+    audit.log("BUDGET_SET", { amount });
+    console.log(`Budget set to ${formatCurrency(amount)}.`);
+  }
+  if (options.limitPerTx) {
+    const limit = parseFloat(options.limitPerTx);
+    if (isNaN(limit) || limit < 0) {
+      console.error("Invalid limit. Provide a positive number.");
+      process.exit(1);
+    }
+    bm.setLimitPerTx(limit);
+    audit.log("LIMIT_SET", { limitPerTx: limit });
+    console.log(`Per-transaction limit set to ${formatCurrency(limit)}.`);
+  }
+  if (!options.set && !options.limitPerTx) {
+    const balance = bm.getBalance();
+    console.log(`Budget:     ${formatCurrency(balance.budget)}`);
+    console.log(`Balance:    ${formatCurrency(balance.balance)}`);
+    console.log(`Spent:      ${formatCurrency(balance.spent)}`);
+    console.log(`Per-tx limit: ${balance.limitPerTx > 0 ? formatCurrency(balance.limitPerTx) : "None"}`);
+  }
+}
+var init_budget2 = __esm({
+  "src/commands/budget.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_budget();
+    init_logger();
+    init_display();
+  }
+});
+// src/commands/pending.ts
+var pending_exports = {};
+__export(pending_exports, {
+  pendingCommand: () => pendingCommand
+});
+function pendingCommand() {
+  const tm = new TransactionManager();
+  const pending = tm.getPending();
+  if (pending.length === 0) {
+    console.log("No pending purchases.");
+    return;
+  }
+  console.log("Pending Purchases:");
+  console.log("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
+  console.log("TX_ID         MERCHANT        AMOUNT    DESCRIPTION");
+  for (const tx of pending) {
+    const id = tx.id.padEnd(14);
+    const merchant = tx.merchant.padEnd(16);
+    const amount = formatCurrency(tx.amount).padStart(9);
+    console.log(`${id}${merchant}${amount}    ${tx.description}`);
+  }
+  console.log(`
+${pending.length} pending purchase${pending.length === 1 ? "" : "s"}. Use 'agentpay approve <txId>' or 'agentpay reject <txId>'.`);
+}
+var init_pending = __esm({
+  "src/commands/pending.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_manager();
+    init_display();
+  }
+});
+// src/commands/approve.ts
+var approve_exports = {};
+__export(approve_exports, {
+  approveCommand: () => approveCommand
+});
+async function approveCommand(txId) {
+  const tm = new TransactionManager();
+  const audit = new AuditLogger();
+  const tx = tm.get(txId);
+  if (!tx) {
+    console.error(`Transaction ${txId} not found.`);
+    process.exit(1);
+  }
+  if (tx.status !== "pending") {
+    console.error(`Cannot approve transaction in '${tx.status}' state.`);
+    process.exit(1);
+  }
+  console.log(`Approve purchase:`);
+  console.log(`  Merchant:    ${tx.merchant}`);
+  console.log(`  Amount:      ${formatCurrency(tx.amount)}`);
+  console.log(`  Description: ${tx.description}`);
+  console.log();
+  const passphrase = await promptPassphraseSafe({
+    action: "approve",
+    merchant: tx.merchant,
+    amount: tx.amount,
+    description: tx.description,
+    txId
+  });
+  try {
+    const privateKeyPem = loadPrivateKey();
+    const txDetails = {
+      txId: tx.id,
+      merchant: tx.merchant,
+      amount: tx.amount,
+      description: tx.description,
+      timestamp: tx.createdAt
+    };
+    const mandate = createMandate(txDetails, privateKeyPem, passphrase);
+    tm.approve(txId, mandate);
+    audit.log("APPROVE", { txId, mandateSigned: true });
+    console.log(`
+Approved! Transaction ${txId} is now ready for execution.`);
+  } catch (err) {
+    console.error(`Failed to approve: ${err instanceof Error ? err.message : "Unknown error"}`);
+    process.exit(1);
+  }
+}
+var init_approve = __esm({
+  "src/commands/approve.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_manager();
+    init_keypair();
+    init_mandate();
+    init_logger();
+    init_prompt();
+    init_display();
+  }
+});
+// src/commands/reject.ts
+var reject_exports = {};
+__export(reject_exports, {
+  rejectCommand: () => rejectCommand
+});
+function rejectCommand(txId, options) {
+  const tm = new TransactionManager();
+  const audit = new AuditLogger();
+  const tx = tm.get(txId);
+  if (!tx) {
+    console.error(`Transaction ${txId} not found.`);
+    process.exit(1);
+  }
+  if (tx.status !== "pending") {
+    console.error(`Cannot reject transaction in '${tx.status}' state.`);
+    process.exit(1);
+  }
+  tm.reject(txId, options.reason);
+  audit.log("REJECT", { txId, reason: options.reason });
+  console.log(`Rejected transaction ${txId}.${options.reason ? ` Reason: ${options.reason}` : ""}`);
+}
+var init_reject = __esm({
+  "src/commands/reject.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_manager();
+    init_logger();
+  }
+});
+// src/commands/status.ts
+var status_exports = {};
+__export(status_exports, {
+  statusCommand: () => statusCommand
+});
+function statusCommand() {
+  const ap = new AgentPay();
+  const s = ap.status();
+  if (!s.isSetup) {
+    console.log("AgentPay is not set up. Run `agentpay setup` first.");
+    return;
+  }
+  console.log(formatStatus({
+    balance: s.balance,
+    budget: s.budget,
+    limitPerTx: s.limitPerTx,
+    pending: s.pending,
+    recent: s.recent
+  }));
+}
+var init_status = __esm({
+  "src/commands/status.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_agentpay();
+    init_display();
+  }
+});
+// src/commands/history.ts
+var history_exports = {};
+__export(history_exports, {
+  historyCommand: () => historyCommand
+});
+function historyCommand() {
+  const tm = new TransactionManager();
+  const history = tm.getHistory();
+  if (history.length === 0) {
+    console.log("No transaction history.");
+    return;
+  }
+  console.log("Transaction History:");
+  console.log("\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500");
+  console.log("STATUS       TX_ID         MERCHANT        AMOUNT    DATE              DESCRIPTION");
+  for (const tx of history) {
+    const status = `[${tx.status}]`.padEnd(13);
+    const id = tx.id.padEnd(14);
+    const merchant = tx.merchant.padEnd(16);
+    const amount = formatCurrency(tx.amount).padStart(9);
+    const date = formatTimestamp(tx.createdAt).padEnd(18);
+    console.log(`${status}${id}${merchant}${amount}    ${date}${tx.description}`);
+  }
+}
+var init_history = __esm({
+  "src/commands/history.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_manager();
+    init_display();
+  }
+});
+// src/commands/qr.ts
+var qr_exports = {};
+__export(qr_exports, {
+  qrCommand: () => qrCommand
+});
+import QRCode from "qrcode";
+async function qrCommand(options) {
+  const params = new URLSearchParams();
+  if (options.budget) params.set("budget", options.budget);
+  if (options.message) params.set("msg", options.message);
+  const baseUrl = process.env.AGENTPAY_WEB_URL ?? "http://localhost:3000";
+  const url = `${baseUrl}/setup${params.toString() ? `?${params.toString()}` : ""}`;
+  console.log("Scan this QR code to set up AgentPay:\n");
+  const qrString = await QRCode.toString(url, { type: "terminal", small: true });
+  console.log(qrString);
+  console.log(`
+URL: ${url}`);
+}
+var init_qr = __esm({
+  "src/commands/qr.ts"() {
+    "use strict";
+    init_esm_shims();
+  }
+});
+// src/commands/reset.ts
+var reset_exports = {};
+__export(reset_exports, {
+  resetCommand: () => resetCommand
+});
+import { rmSync, existsSync } from "fs";
+async function resetCommand() {
+  const home = getHomePath();
+  if (!existsSync(home)) {
+    console.log("Nothing to reset. AgentPay data directory does not exist.");
+    return;
+  }
+  console.log(`This will permanently delete all AgentPay data at: ${home}`);
+  console.log("This includes encrypted credentials, keys, wallet, transactions, and audit logs.");
+  const answer = await promptInput("\nType YES to confirm: ");
+  if (answer !== "YES") {
+    console.log("Cancelled.");
+    return;
+  }
+  rmSync(home, { recursive: true, force: true });
+  console.log("All AgentPay data has been deleted.");
+}
+var init_reset = __esm({
+  "src/commands/reset.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_prompt();
+    init_paths();
+  }
+});
+// src/commands/buy.ts
+var buy_exports = {};
+__export(buy_exports, {
+  buyCommand: () => buyCommand
+});
+import { readFileSync as readFileSync6 } from "fs";
+import { resolve } from "path";
+function loadEnv() {
+  try {
+    const envPath = resolve(process.cwd(), ".env");
+    const content = readFileSync6(envPath, "utf8");
+    for (const line of content.split("\n")) {
+      const trimmed = line.trim();
+      if (!trimmed || trimmed.startsWith("#")) continue;
+      const eqIdx = trimmed.indexOf("=");
+      if (eqIdx === -1) continue;
+      const key = trimmed.slice(0, eqIdx).trim();
+      const value = trimmed.slice(eqIdx + 1).trim();
+      if (!process.env[key]) {
+        process.env[key] = value;
+      }
+    }
+  } catch {
+  }
+}
+async function buyCommand(options) {
+  loadEnv();
+  console.log("AgentPay Purchase");
+  console.log("\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\n");
+  const executor = new PurchaseExecutor();
+  const bm = new BudgetManager();
+  const tm = new TransactionManager();
+  const audit = new AuditLogger();
+  const isTTY = process.stdin.isTTY;
+  let amount;
+  let productName = options.description;
+  if (options.amount) {
+    amount = parseFloat(options.amount);
+    if (isNaN(amount) || amount <= 0) {
+      console.error("Invalid amount.");
+      process.exit(1);
+    }
+    console.log(`  Merchant:    ${options.merchant}`);
+    console.log(`  Amount:      ${formatCurrency(amount)}`);
+    console.log(`  Description: ${options.description}`);
+    console.log(`  URL:         ${options.url}`);
+    console.log();
+  } else {
+    const pickupHint = options.pickup ? "Select in-store pickup if available." : "";
+    const instructions = [pickupHint, options.description].filter(Boolean).join(" ");
+    console.log("Opening browser to discover price...\n");
+    try {
+      const discovered = await executor.openAndDiscover(options.url, instructions || void 0);
+      amount = discovered.price;
+      productName = discovered.productName || options.description;
+    } catch (err) {
+      console.error(`Failed to load product page: ${err instanceof Error ? err.message : "Unknown error"}`);
+      await executor.close();
+      process.exit(1);
+    }
+    if (amount <= 0) {
+      console.error("Could not extract price from the page.");
+      await executor.close();
+      process.exit(1);
+    }
+    console.log(`  Product:     ${productName}`);
+    console.log(`  Merchant:    ${options.merchant}`);
+    console.log(`  Amount:      ${formatCurrency(amount)}`);
+    console.log();
+  }
+  try {
+    bm.checkProposal(amount);
+  } catch (err) {
+    console.error(err instanceof Error ? err.message : "Budget check failed.");
+    await executor.close();
+    process.exit(1);
+  }
+  let passphrase;
+  if (isTTY) {
+    const confirmed = await promptConfirm("Approve this purchase?");
+    if (!confirmed) {
+      console.log("Purchase cancelled.");
+      await executor.close();
+      process.exit(0);
+    }
+    passphrase = await promptPassphraseSafe();
+  } else {
+    passphrase = await promptPassphraseSafe({
+      action: "buy",
+      merchant: options.merchant,
+      amount,
+      description: productName
+    });
+    console.log("Passphrase received. Continuing...");
+  }
+  const vault = loadVault(getCredentialsPath());
+  const credentials = decrypt(vault, passphrase);
+  console.log("\nProposing transaction...");
+  const tx = tm.propose({
+    merchant: options.merchant,
+    amount,
+    description: productName,
+    url: options.url
+  });
+  audit.log("PROPOSE", { txId: tx.id, merchant: tx.merchant, amount: tx.amount, source: "buy-command" });
+  console.log(`  Transaction ${tx.id} created.`);
+  const privateKeyPem = loadPrivateKey();
+  const mandate = createMandate(
+    { txId: tx.id, merchant: tx.merchant, amount: tx.amount, description: tx.description, timestamp: tx.createdAt },
+    privateKeyPem,
+    passphrase
+  );
+  tm.approve(tx.id, mandate);
+  audit.log("APPROVE", { txId: tx.id, source: "buy-command", mandateSigned: true });
+  console.log("  Approved and signed.\n");
+  console.log("Filling checkout...");
+  tm.markExecuting(tx.id);
+  audit.log("EXECUTE", { txId: tx.id, source: "buy-command" });
+  try {
+    let result;
+    if (!options.amount) {
+      result = await executor.fillAndComplete(credentials);
+    } else {
+      result = await executor.execute(tx, credentials);
+    }
+    const receipt = {
+      id: `rcpt_${tx.id.replace("tx_", "")}`,
+      merchant: tx.merchant,
+      amount: tx.amount,
+      confirmationId: result.confirmationId ?? "UNKNOWN",
+      completedAt: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    tm.markCompleted(tx.id, receipt);
+    bm.deductBalance(tx.amount);
+    audit.log("COMPLETE", { txId: tx.id, confirmationId: receipt.confirmationId, source: "buy-command" });
+    console.log(`
+Purchase complete!`);
+    console.log(`  Confirmation: ${receipt.confirmationId}`);
+    console.log(`  Amount:       ${formatCurrency(receipt.amount)}`);
+  } catch (err) {
+    tm.markFailed(tx.id, err instanceof Error ? err.message : "Unknown error");
+    audit.log("FAILED", { txId: tx.id, error: err instanceof Error ? err.message : "Unknown", source: "buy-command" });
+    console.error(`
+Checkout failed: ${err instanceof Error ? err.message : "Unknown error"}`);
+    process.exit(1);
+  } finally {
+    await executor.close();
+  }
+}
+var init_buy = __esm({
+  "src/commands/buy.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_prompt();
+    init_display();
+    init_executor();
+    init_budget();
+    init_manager();
+    init_logger();
+    init_keypair();
+    init_mandate();
+    init_vault();
+    init_paths();
+  }
+});
+// src/server/html.ts
+function getDashboardHtml() {
+  return `<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1">
+<title>AgentPay Dashboard</title>
+<style>
+  *, *::before, *::after { box-sizing: border-box; margin: 0; padding: 0; }
+  body {
+    font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
+    background: #f5f5f5;
+    color: #111;
+    min-height: 100vh;
+    display: flex;
+    justify-content: center;
+    padding: 40px 16px;
+  }
+  .container { width: 100%; max-width: 480px; }
+  h1 { font-size: 24px; font-weight: 700; margin-bottom: 8px; }
+  h2 { font-size: 18px; font-weight: 600; margin-bottom: 12px; }
+  .subtitle { color: #666; font-size: 14px; margin-bottom: 32px; }
+  .card {
+    background: #fff;
+    border-radius: 8px;
+    padding: 24px;
+    margin-bottom: 16px;
+    border: 1px solid #e0e0e0;
+  }
+  label { display: block; font-size: 13px; font-weight: 500; color: #333; margin-bottom: 4px; }
+  input, select {
+    width: 100%;
+    padding: 10px 12px;
+    border: 1px solid #d0d0d0;
+    border-radius: 8px;
+    font-size: 14px;
+    margin-bottom: 16px;
+    outline: none;
+    transition: border-color 0.15s;
+  }
+  input:focus { border-color: #111; }
+  .row { display: flex; gap: 12px; }
+  .row > div { flex: 1; }
+  button {
+    width: 100%;
+    padding: 12px;
+    border: none;
+    border-radius: 8px;
+    font-size: 14px;
+    font-weight: 600;
+    cursor: pointer;
+    transition: opacity 0.15s;
+  }
+  button:hover { opacity: 0.85; }
+  button:disabled { opacity: 0.5; cursor: not-allowed; }
+  .btn-primary { background: #111; color: #fff; }
+  .btn-secondary { background: #e0e0e0; color: #111; }
+  /* Progress bar for wizard */
+  .progress { display: flex; gap: 6px; margin-bottom: 24px; }
+  .progress .step {
+    flex: 1; height: 4px; border-radius: 2px; background: #e0e0e0;
+    transition: background 0.3s;
+  }
+  .progress .step.active { background: #111; }
+  /* Balance display */
+  .balance-display {
+    text-align: center;
+    padding: 32px 0;
+  }
+  .balance-amount {
+    font-size: 48px;
+    font-weight: 700;
+    letter-spacing: -1px;
+  }
+  .balance-label { font-size: 13px; color: #666; margin-top: 4px; }
+  /* Budget bar */
+  .budget-bar-container { margin: 16px 0; }
+  .budget-bar {
+    height: 8px;
+    background: #e0e0e0;
+    border-radius: 4px;
+    overflow: hidden;
+  }
+  .budget-bar-fill {
+    height: 100%;
+    background: #111;
+    border-radius: 4px;
+    transition: width 0.3s;
+  }
+  .budget-bar-labels {
+    display: flex;
+    justify-content: space-between;
+    font-size: 12px;
+    color: #666;
+    margin-top: 4px;
+  }
+  /* Stats grid */
+  .stats { display: grid; grid-template-columns: 1fr 1fr; gap: 12px; margin-bottom: 16px; }
+  .stat { text-align: center; padding: 12px; background: #f9f9f9; border-radius: 8px; }
+  .stat-value { font-size: 18px; font-weight: 700; }
+  .stat-label { font-size: 11px; color: #666; margin-top: 2px; }
+  /* Add funds inline */
+  .add-funds-row { display: flex; gap: 8px; }
+  .add-funds-row input { margin-bottom: 0; flex: 1; }
+  .add-funds-row button { width: auto; padding: 10px 20px; }
+  /* Transactions */
+  .tx-list { margin-top: 12px; }
+  .tx-item {
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+    padding: 10px 0;
+    border-bottom: 1px solid #f0f0f0;
+    font-size: 13px;
+  }
+  .tx-item:last-child { border-bottom: none; }
+  .tx-merchant { font-weight: 500; }
+  .tx-amount { font-weight: 600; }
+  .tx-status {
+    font-size: 11px;
+    padding: 2px 6px;
+    border-radius: 4px;
+    font-weight: 500;
+  }
+  .tx-status.completed { background: #e6f4ea; color: #1e7e34; }
+  .tx-status.pending { background: #fff8e1; color: #f57f17; }
+  .tx-status.failed { background: #fde8e8; color: #c62828; }
+  .tx-status.rejected { background: #fde8e8; color: #c62828; }
+  .tx-status.approved { background: #e3f2fd; color: #1565c0; }
+  .tx-status.executing { background: #e3f2fd; color: #1565c0; }
+  .error { color: #c62828; font-size: 13px; margin-top: 8px; }
+  .success { color: #1e7e34; font-size: 13px; margin-top: 8px; }
+  .hidden { display: none; }
+  /* Checkbox row for same-as-billing */
+  .checkbox-row {
+    display: flex;
+    align-items: center;
+    gap: 8px;
+    margin-bottom: 16px;
+  }
+  .checkbox-row input { width: auto; margin: 0; }
+  .checkbox-row label { margin: 0; }
+</style>
+</head>
+<body>
+<div class="container" id="app">
+  <div id="loading">Loading...</div>
+</div>
+<script>
+const App = {
+  state: { isSetup: false, wallet: null, recentTransactions: [], wizardStep: 1 },
+  async init() {
+    try {
+      const res = await fetch('/api/status');
+      const data = await res.json();
+      this.state.isSetup = data.isSetup;
+      this.state.wallet = data.wallet;
+      this.state.recentTransactions = data.recentTransactions || [];
+    } catch (e) {
+      console.error('Failed to load status', e);
+    }
+    this.render();
+  },
+  render() {
+    const app = document.getElementById('app');
+    if (this.state.isSetup && this.state.wallet) {
+      app.innerHTML = this.renderDashboard();
+      this.bindDashboard();
+    } else if (this.state.isSetup) {
+      app.innerHTML = '<div class="card"><h2>Setup detected</h2><p>Wallet data could not be loaded. Try running <code>agentpay budget --set 100</code> from the CLI.</p></div>';
+    } else {
+      app.innerHTML = this.renderWizard();
+      this.bindWizard();
+    }
+  },
+  fmt(n) {
+    return '$' + Number(n).toFixed(2);
+  },
+  renderDashboard() {
+    const w = this.state.wallet;
+    const pct = w.budget > 0 ? Math.min(100, (w.spent / w.budget) * 100) : 0;
+    const txHtml = this.state.recentTransactions.length === 0
+      ? '<p style="color:#666;font-size:13px;">No transactions yet.</p>'
+      : this.state.recentTransactions.map(tx => \`
+          <div class="tx-item">
+            <div>
+              <div class="tx-merchant">\${this.esc(tx.merchant)}</div>
+              <div style="color:#999;font-size:11px;">\${new Date(tx.createdAt).toLocaleDateString()}</div>
+            </div>
+            <div style="text-align:right">
+              <div class="tx-amount">\${this.fmt(tx.amount)}</div>
+              <span class="tx-status \${tx.status}">\${tx.status}</span>
+            </div>
+          </div>\`).join('');
+    return \`
+      <h1>AgentPay</h1>
+      <p class="subtitle">Wallet Dashboard</p>
+      <div class="card">
+        <div class="balance-display">
+          <div class="balance-amount">\${this.fmt(w.balance)}</div>
+          <div class="balance-label">Available Balance</div>
+        </div>
+        <div class="budget-bar-container">
+          <div class="budget-bar"><div class="budget-bar-fill" style="width:\${pct.toFixed(1)}%"></div></div>
+          <div class="budget-bar-labels">
+            <span>\${this.fmt(w.spent)} spent</span>
+            <span>\${this.fmt(w.budget)} budget</span>
+          </div>
+        </div>
+      </div>
+      <div class="card">
+        <div class="stats">
+          <div class="stat"><div class="stat-value">\${this.fmt(w.budget)}</div><div class="stat-label">Total Budget</div></div>
+          <div class="stat"><div class="stat-value">\${this.fmt(w.spent)}</div><div class="stat-label">Total Spent</div></div>
+          <div class="stat"><div class="stat-value">\${this.fmt(w.balance)}</div><div class="stat-label">Remaining</div></div>
+          <div class="stat"><div class="stat-value">\${w.limitPerTx > 0 ? this.fmt(w.limitPerTx) : 'None'}</div><div class="stat-label">Per-Tx Limit</div></div>
+        </div>
+      </div>
+      <div class="card">
+        <h2>Add Funds</h2>
+        <div class="add-funds-row">
+          <input type="number" id="fundAmount" placeholder="Amount" min="0.01" step="0.01">
+          <button class="btn-primary" id="fundBtn">Add</button>
+        </div>
+        <div id="fundMsg"></div>
+      </div>
+      <div class="card">
+        <h2>Recent Transactions</h2>
+        <div class="tx-list">\${txHtml}</div>
+      </div>
+    \`;
+  },
+  bindDashboard() {
+    const btn = document.getElementById('fundBtn');
+    const input = document.getElementById('fundAmount');
+    const msg = document.getElementById('fundMsg');
+    btn.addEventListener('click', async () => {
+      const amount = parseFloat(input.value);
+      if (!amount || amount <= 0) {
+        msg.innerHTML = '<p class="error">Enter a valid amount.</p>';
+        return;
+      }
+      btn.disabled = true;
+      btn.textContent = '...';
+      try {
+        const res = await fetch('/api/fund', {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({ amount }),
+        });
+        const data = await res.json();
+        if (data.error) {
+          msg.innerHTML = '<p class="error">' + this.esc(data.error) + '</p>';
+        } else {
+          this.state.wallet = data.wallet;
+          input.value = '';
+          this.render();
+        }
+      } catch (e) {
+        msg.innerHTML = '<p class="error">Request failed.</p>';
+      }
+      btn.disabled = false;
+      btn.textContent = 'Add';
+    });
+  },
+  renderWizard() {
+    const step = this.state.wizardStep;
+    const steps = [1, 2, 3, 4];
+    const progressHtml = '<div class="progress">' + steps.map(s =>
+      '<div class="step' + (s <= step ? ' active' : '') + '"></div>'
+    ).join('') + '</div>';
+    const titles = ['Create Passphrase', 'Card Information', 'Personal Details', 'Budget & Limits'];
+    let fields = '';
+    if (step === 1) {
+      fields = \`
+        <label for="w_pass">Passphrase</label>
+        <input type="password" id="w_pass" placeholder="Choose a strong passphrase">
+        <label for="w_pass2">Confirm Passphrase</label>
+        <input type="password" id="w_pass2" placeholder="Confirm your passphrase">
+      \`;
+    } else if (step === 2) {
+      fields = \`
+        <label for="w_cardNum">Card Number</label>
+        <input type="text" id="w_cardNum" placeholder="4242 4242 4242 4242">
+        <div class="row">
+          <div><label for="w_expiry">Expiry</label><input type="text" id="w_expiry" placeholder="MM/YY"></div>
+          <div><label for="w_cvv">CVV</label><input type="text" id="w_cvv" placeholder="123"></div>
+        </div>
+      \`;
+    } else if (step === 3) {
+      fields = \`
+        <label for="w_name">Full Name</label>
+        <input type="text" id="w_name" placeholder="Jane Doe">
+        <div class="row">
+          <div><label for="w_email">Email</label><input type="email" id="w_email" placeholder="jane@example.com"></div>
+          <div><label for="w_phone">Phone</label><input type="tel" id="w_phone" placeholder="+1 555 0123"></div>
+        </div>
+        <label for="w_street">Street Address</label>
+        <input type="text" id="w_street" placeholder="123 Main St">
+        <div class="row">
+          <div><label for="w_city">City</label><input type="text" id="w_city" placeholder="San Francisco"></div>
+          <div><label for="w_state">State</label><input type="text" id="w_state" placeholder="CA"></div>
+        </div>
+        <div class="row">
+          <div><label for="w_zip">ZIP</label><input type="text" id="w_zip" placeholder="94102"></div>
+          <div><label for="w_country">Country</label><input type="text" id="w_country" placeholder="US" value="US"></div>
+        </div>
+      \`;
+    } else if (step === 4) {
+      fields = \`
+        <label for="w_budget">Initial Budget ($)</label>
+        <input type="number" id="w_budget" placeholder="200" min="0" step="0.01">
+        <label for="w_limit">Per-Transaction Limit ($)</label>
+        <input type="number" id="w_limit" placeholder="50 (0 = no limit)" min="0" step="0.01">
+      \`;
+    }
+    return \`
+      <h1>AgentPay</h1>
+      <p class="subtitle">Step \${step} of 4 \u2014 \${titles[step - 1]}</p>
+      \${progressHtml}
+      <div class="card">
+        \${fields}
+        <div id="wizardError"></div>
+        <div style="display:flex;gap:8px;margin-top:8px;">
+          \${step > 1 ? '<button class="btn-secondary" id="wizBack">Back</button>' : ''}
+          <button class="btn-primary" id="wizNext">\${step === 4 ? 'Complete Setup' : 'Continue'}</button>
+        </div>
+      </div>
+    \`;
+  },
+  // Wizard form data persisted across steps
+  wizardData: {},
+  bindWizard() {
+    const step = this.state.wizardStep;
+    const errDiv = document.getElementById('wizardError');
+    const nextBtn = document.getElementById('wizNext');
+    const backBtn = document.getElementById('wizBack');
+    // Restore saved data into fields
+    this.restoreWizardFields(step);
+    if (backBtn) {
+      backBtn.addEventListener('click', () => {
+        this.saveWizardFields(step);
+        this.state.wizardStep--;
+        this.render();
+      });
+    }
+    nextBtn.addEventListener('click', async () => {
+      errDiv.innerHTML = '';
+      if (step === 1) {
+        const pass = document.getElementById('w_pass').value;
+        const pass2 = document.getElementById('w_pass2').value;
+        if (!pass) { errDiv.innerHTML = '<p class="error">Passphrase is required.</p>'; return; }
+        if (pass !== pass2) { errDiv.innerHTML = '<p class="error">Passphrases do not match.</p>'; return; }
+        this.wizardData.passphrase = pass;
+        this.state.wizardStep = 2;
+        this.render();
+      } else if (step === 2) {
+        this.saveWizardFields(step);
+        const d = this.wizardData;
+        if (!d.cardNumber) { errDiv.innerHTML = '<p class="error">Card number is required.</p>'; return; }
+        if (!d.expiry) { errDiv.innerHTML = '<p class="error">Expiry is required.</p>'; return; }
+        if (!d.cvv) { errDiv.innerHTML = '<p class="error">CVV is required.</p>'; return; }
+        this.state.wizardStep = 3;
+        this.render();
+      } else if (step === 3) {
+        this.saveWizardFields(step);
+        const d = this.wizardData;
+        if (!d.name) { errDiv.innerHTML = '<p class="error">Full name is required.</p>'; return; }
+        this.state.wizardStep = 4;
+        this.render();
+      } else if (step === 4) {
+        this.saveWizardFields(step);
+        const d = this.wizardData;
+        nextBtn.disabled = true;
+        nextBtn.textContent = 'Setting up...';
+        try {
+          const res = await fetch('/api/setup', {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({
+              passphrase: d.passphrase,
+              credentials: {
+                card: { number: d.cardNumber, expiry: d.expiry, cvv: d.cvv },
+                name: d.name,
+                billingAddress: { street: d.street || '', city: d.city || '', state: d.state || '', zip: d.zip || '', country: d.country || 'US' },
+                shippingAddress: { street: d.street || '', city: d.city || '', state: d.state || '', zip: d.zip || '', country: d.country || 'US' },
+                email: d.email || '',
+                phone: d.phone || '',
+              },
+              budget: parseFloat(d.budget) || 0,
+              limitPerTx: parseFloat(d.limit) || 0,
+            }),
+          });
+          const result = await res.json();
+          if (result.error) {
+            errDiv.innerHTML = '<p class="error">' + this.esc(result.error) + '</p>';
+            nextBtn.disabled = false;
+            nextBtn.textContent = 'Complete Setup';
+          } else {
+            this.state.isSetup = true;
+            this.state.wallet = result.wallet;
+            this.state.recentTransactions = [];
+            this.wizardData = {};
+            this.render();
+          }
+        } catch (e) {
+          errDiv.innerHTML = '<p class="error">Setup request failed.</p>';
+          nextBtn.disabled = false;
+          nextBtn.textContent = 'Complete Setup';
+        }
+      }
+    });
+  },
+  saveWizardFields(step) {
+    const val = (id) => { const el = document.getElementById(id); return el ? el.value : ''; };
+    if (step === 2) {
+      this.wizardData.cardNumber = val('w_cardNum');
+      this.wizardData.expiry = val('w_expiry');
+      this.wizardData.cvv = val('w_cvv');
+    } else if (step === 3) {
+      this.wizardData.name = val('w_name');
+      this.wizardData.email = val('w_email');
+      this.wizardData.phone = val('w_phone');
+      this.wizardData.street = val('w_street');
+      this.wizardData.city = val('w_city');
+      this.wizardData.state = val('w_state');
+      this.wizardData.zip = val('w_zip');
+      this.wizardData.country = val('w_country');
+    } else if (step === 4) {
+      this.wizardData.budget = val('w_budget');
+      this.wizardData.limit = val('w_limit');
+    }
+  },
+  restoreWizardFields(step) {
+    const set = (id, val) => { const el = document.getElementById(id); if (el && val) el.value = val; };
+    if (step === 2) {
+      set('w_cardNum', this.wizardData.cardNumber);
+      set('w_expiry', this.wizardData.expiry);
+      set('w_cvv', this.wizardData.cvv);
+    } else if (step === 3) {
+      set('w_name', this.wizardData.name);
+      set('w_email', this.wizardData.email);
+      set('w_phone', this.wizardData.phone);
+      set('w_street', this.wizardData.street);
+      set('w_city', this.wizardData.city);
+      set('w_state', this.wizardData.state);
+      set('w_zip', this.wizardData.zip);
+      set('w_country', this.wizardData.country);
+    } else if (step === 4) {
+      set('w_budget', this.wizardData.budget);
+      set('w_limit', this.wizardData.limit);
+    }
+  },
+  esc(s) {
+    const d = document.createElement('div');
+    d.textContent = s;
+    return d.innerHTML;
+  },
+};
+App.init();
+</script>
+</body>
+</html>`;
+}
+var init_html = __esm({
+  "src/server/html.ts"() {
+    "use strict";
+    init_esm_shims();
+  }
+});
+// src/server/routes.ts
+import { existsSync as existsSync2, mkdirSync as mkdirSync7 } from "fs";
+function handleGetStatus() {
+  const isSetup = existsSync2(getCredentialsPath());
+  if (!isSetup) {
+    return { status: 200, body: { isSetup: false } };
+  }
+  try {
+    const bm = new BudgetManager();
+    const wallet = bm.getBalance();
+    const tm = new TransactionManager();
+    const recent = tm.list().slice(-10).reverse();
+    return {
+      status: 200,
+      body: { isSetup: true, wallet, recentTransactions: recent }
+    };
+  } catch {
+    return { status: 200, body: { isSetup: true, wallet: null, recentTransactions: [] } };
+  }
+}
+function handlePostSetup(body) {
+  if (!body.passphrase || !body.credentials) {
+    return { status: 400, body: { error: "Missing passphrase or credentials" } };
+  }
+  try {
+    const home = getHomePath();
+    mkdirSync7(home, { recursive: true });
+    const vault = encrypt(body.credentials, body.passphrase);
+    saveVault(vault, getCredentialsPath());
+    const keys = generateKeyPair(body.passphrase);
+    mkdirSync7(getKeysPath(), { recursive: true });
+    saveKeyPair(keys);
+    const bm = new BudgetManager();
+    bm.initWallet(body.budget || 0, body.limitPerTx || 0);
+    const audit = new AuditLogger();
+    audit.log("SETUP", { source: "dashboard", message: "credentials encrypted, keypair generated, wallet initialized" });
+    const wallet = bm.getBalance();
+    return { status: 200, body: { success: true, wallet } };
+  } catch (err) {
+    const message = err instanceof Error ? err.message : "Setup failed";
+    return { status: 500, body: { error: message } };
+  }
+}
+function handlePostFund(body) {
+  if (!body.amount || body.amount <= 0) {
+    return { status: 400, body: { error: "Amount must be positive" } };
+  }
+  try {
+    const bm = new BudgetManager();
+    const wallet = bm.addFunds(body.amount);
+    const audit = new AuditLogger();
+    audit.log("ADD_FUNDS", { source: "dashboard", amount: body.amount });
+    return { status: 200, body: { success: true, wallet } };
+  } catch (err) {
+    const message = err instanceof Error ? err.message : "Failed to add funds";
+    return { status: 500, body: { error: message } };
+  }
+}
+var init_routes = __esm({
+  "src/server/routes.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_vault();
+    init_keypair();
+    init_budget();
+    init_manager();
+    init_logger();
+    init_paths();
+  }
+});
+// src/server/index.ts
+import { createServer as createServer2 } from "http";
+function parseBody2(req) {
+  return new Promise((resolve2, reject) => {
+    const chunks = [];
+    let size = 0;
+    req.on("data", (chunk) => {
+      size += chunk.length;
+      if (size > MAX_BODY2) {
+        req.destroy();
+        reject(new Error("Request body too large"));
+        return;
+      }
+      chunks.push(chunk);
+    });
+    req.on("end", () => {
+      try {
+        const text = Buffer.concat(chunks).toString("utf8");
+        resolve2(text ? JSON.parse(text) : {});
+      } catch {
+        reject(new Error("Invalid JSON"));
+      }
+    });
+    req.on("error", reject);
+  });
+}
+function sendJson2(res, status, body) {
+  const json = JSON.stringify(body);
+  res.writeHead(status, {
+    "Content-Type": "application/json",
+    "Content-Length": Buffer.byteLength(json)
+  });
+  res.end(json);
+}
+function sendHtml2(res, html) {
+  res.writeHead(200, {
+    "Content-Type": "text/html; charset=utf-8",
+    "Content-Length": Buffer.byteLength(html)
+  });
+  res.end(html);
+}
+function startServer(port) {
+  return new Promise((resolve2, reject) => {
+    const server = createServer2(async (req, res) => {
+      const url = req.url ?? "/";
+      const method = req.method ?? "GET";
+      try {
+        if (method === "GET" && url === "/api/status") {
+          const result = handleGetStatus();
+          sendJson2(res, result.status, result.body);
+        } else if (method === "POST" && url === "/api/setup") {
+          const body = await parseBody2(req);
+          const result = handlePostSetup(body);
+          sendJson2(res, result.status, result.body);
+        } else if (method === "POST" && url === "/api/fund") {
+          const body = await parseBody2(req);
+          const result = handlePostFund(body);
+          sendJson2(res, result.status, result.body);
+        } else if (method === "GET" && (url === "/" || url === "/index.html")) {
+          sendHtml2(res, getDashboardHtml());
+        } else {
+          sendJson2(res, 404, { error: "Not found" });
+        }
+      } catch (err) {
+        const message = err instanceof Error ? err.message : "Internal error";
+        sendJson2(res, 500, { error: message });
+      }
+    });
+    server.on("error", (err) => {
+      if (err.code === "EADDRINUSE") {
+        reject(new Error(`Port ${port} is already in use. Try a different port with --port <number>.`));
+      } else {
+        reject(err);
+      }
+    });
+    server.listen(port, "127.0.0.1", () => {
+      resolve2(server);
+    });
+  });
+}
+var MAX_BODY2;
+var init_server = __esm({
+  "src/server/index.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_html();
+    init_routes();
+    MAX_BODY2 = 1048576;
+  }
+});
+// src/commands/dashboard.ts
+var dashboard_exports = {};
+__export(dashboard_exports, {
+  dashboardCommand: () => dashboardCommand
+});
+async function dashboardCommand(options) {
+  const port = parseInt(options.port, 10) || 3141;
+  const url = `http://127.0.0.1:${port}`;
+  try {
+    const server = await startServer(port);
+    console.log(`AgentPay Dashboard running at ${url}`);
+    console.log("Press Ctrl+C to stop.\n");
+    openBrowser(url);
+    const shutdown = () => {
+      console.log("\nShutting down dashboard...");
+      server.close(() => process.exit(0));
+      setTimeout(() => process.exit(0), 3e3);
+    };
+    process.on("SIGINT", shutdown);
+    process.on("SIGTERM", shutdown);
+  } catch (err) {
+    const message = err instanceof Error ? err.message : "Failed to start server";
+    console.error(message);
+    process.exit(1);
+  }
+}
+var init_dashboard = __esm({
+  "src/commands/dashboard.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_server();
+    init_open_browser();
+  }
+});
+// src/commands/mcp.ts
+var mcp_exports = {};
+__export(mcp_exports, {
+  mcpCommand: () => mcpCommand
+});
+async function mcpCommand(options) {
+  try {
+    const { startServer: startServer2 } = await import("@useagentpay/mcp-server");
+    await startServer2({ http: options.http });
+  } catch (err) {
+    if (err instanceof Error && "code" in err && err.code === "ERR_MODULE_NOT_FOUND") {
+      console.error("MCP server package not installed.");
+      console.error("Run: pnpm add @useagentpay/mcp-server");
+      process.exit(1);
+    }
+    throw err;
+  }
+}
+var init_mcp = __esm({
+  "src/commands/mcp.ts"() {
+    "use strict";
+    init_esm_shims();
+  }
+});
+// src/cli.ts
+init_esm_shims();
+import { Command } from "commander";
+// src/index.ts
+init_esm_shims();
+init_errors();
+init_ids();
+init_display();
+init_paths();
+init_vault();
+init_keypair();
+init_mandate();
+init_budget();
+init_manager();
+init_poller();
+init_logger();
+init_executor();
+init_placeholder();
+init_agentpay();
+var VERSION = "0.1.0";
+// src/cli.ts
+var program = new Command();
+program.name("agentpay").description("Local-first payments SDK for AI agents").version(VERSION);
+program.command("setup").description("Set up AgentPay with your billing credentials").action(async () => {
+  const { setupCommand: setupCommand2 } = await Promise.resolve().then(() => (init_setup(), setup_exports));
+  await setupCommand2();
+});
+program.command("budget").description("View or configure spending budget").option("--set <amount>", "Set total budget").option("--limit-per-tx <amount>", "Set per-transaction limit").action(async (options) => {
+  const { budgetCommand: budgetCommand2 } = await Promise.resolve().then(() => (init_budget2(), budget_exports));
+  budgetCommand2(options);
+});
+program.command("pending").description("List pending purchase proposals").action(async () => {
+  const { pendingCommand: pendingCommand2 } = await Promise.resolve().then(() => (init_pending(), pending_exports));
+  pendingCommand2();
+});
+program.command("approve <txId>").description("Approve a pending purchase").action(async (txId) => {
+  const { approveCommand: approveCommand2 } = await Promise.resolve().then(() => (init_approve(), approve_exports));
+  await approveCommand2(txId);
+});
+program.command("reject <txId>").description("Reject a pending purchase").option("--reason <reason>", "Reason for rejection").action(async (txId, options) => {
+  const { rejectCommand: rejectCommand2 } = await Promise.resolve().then(() => (init_reject(), reject_exports));
+  rejectCommand2(txId, options);
+});
+program.command("status").description("Show wallet status and recent transactions").action(async () => {
+  const { statusCommand: statusCommand2 } = await Promise.resolve().then(() => (init_status(), status_exports));
+  statusCommand2();
+});
+program.command("history").description("Show full transaction history").action(async () => {
+  const { historyCommand: historyCommand2 } = await Promise.resolve().then(() => (init_history(), history_exports));
+  historyCommand2();
+});
+program.command("qr").description("Display QR code for web-based setup").option("--budget <amount>", "Suggested budget amount").option("--message <msg>", "Message to display on setup page").action(async (options) => {
+  const { qrCommand: qrCommand2 } = await Promise.resolve().then(() => (init_qr(), qr_exports));
+  await qrCommand2(options);
+});
+program.command("reset").description("Delete all AgentPay data").action(async () => {
+  const { resetCommand: resetCommand2 } = await Promise.resolve().then(() => (init_reset(), reset_exports));
+  await resetCommand2();
+});
+program.command("buy").description("Propose, approve, and execute a purchase").requiredOption("--merchant <name>", "Merchant name").requiredOption("--description <desc>", "Purchase description").requiredOption("--url <url>", "Product/checkout URL").option("--amount <amount>", "Purchase amount (auto-detected from page if omitted)").option("--pickup", "Select in-store pickup").action(async (options) => {
+  const { buyCommand: buyCommand2 } = await Promise.resolve().then(() => (init_buy(), buy_exports));
+  await buyCommand2(options);
+});
+program.command("dashboard").description("Open the AgentPay dashboard in your browser").option("--port <port>", "Port for dashboard server", "3141").action(async (options) => {
+  const { dashboardCommand: dashboardCommand2 } = await Promise.resolve().then(() => (init_dashboard(), dashboard_exports));
+  await dashboardCommand2(options);
+});
+program.command("mcp").description("Start AgentPay MCP server (stdio transport)").option("--http", "Use HTTP transport instead of stdio").action(async (options) => {
+  const { mcpCommand: mcpCommand2 } = await Promise.resolve().then(() => (init_mcp(), mcp_exports));
+  await mcpCommand2(options);
+});
+program.parse();
+//# sourceMappingURL=cli.js.map