@vouchagents/cli 0.1.0

package/.turbo/turbo-build.log

@@ -0,0 +1,4 @@
+
+> @vouchagents/cli@0.1.0 build /Users/momentumadmin/Desktop/Personal Projects/agent-signup/packages/cli
+> tsc
+

package/dist/bin.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=bin.d.ts.map

package/dist/bin.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"bin.d.ts","sourceRoot":"","sources":["../src/bin.ts"],"names":[],"mappings":""}

package/dist/bin.js

@@ -0,0 +1,59 @@
+#!/usr/bin/env node
+import { initCommand } from "./commands/init.js";
+import { statusCommand } from "./commands/status.js";
+import { exportCommand } from "./commands/export.js";
+const args = process.argv.slice(2);
+const command = args[0];
+// Parse --vault flag
+const vaultIdx = args.indexOf("--vault");
+const vaultPath = vaultIdx !== -1 ? args[vaultIdx + 1] : undefined;
+switch (command) {
+    case "init":
+        await initCommand(vaultPath);
+        break;
+    case "status":
+        await statusCommand(vaultPath);
+        break;
+    case "export": {
+        const output = args[1];
+        if (!output || output.startsWith("--")) {
+            console.log("\n  Usage: vouch export <output-path>\n");
+            process.exit(1);
+        }
+        await exportCommand(output, vaultPath);
+        break;
+    }
+    case "help":
+    case "--help":
+    case "-h":
+    case undefined:
+        printHelp();
+        break;
+    default:
+        console.log(`\n  Unknown command: ${command}`);
+        printHelp();
+        process.exit(1);
+}
+function printHelp() {
+    console.log(`
+  \x1b[1mvouch\x1b[0m - Manage your Vouch identity vault
+
+  \x1b[1mUsage:\x1b[0m
+    vouch <command> [options]
+
+  \x1b[1mCommands:\x1b[0m
+    init      Create a new encrypted vault
+    status    Show vault contents and recent signups
+    export    Export vault to a file (still encrypted)
+    help      Show this help
+
+  \x1b[1mOptions:\x1b[0m
+    --vault <path>   Custom vault path (default: ~/.vouch/vault.json)
+
+  \x1b[1mExamples:\x1b[0m
+    vouch init
+    vouch status
+    vouch export ~/backup-vault.json
+`);
+}
+//# sourceMappingURL=bin.js.map

package/dist/bin.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"bin.js","sourceRoot":"","sources":["../src/bin.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAErD,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACnC,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;AAExB,qBAAqB;AACrB,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;AACzC,MAAM,SAAS,GAAG,QAAQ,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;AAEnE,QAAQ,OAAO,EAAE,CAAC;IAChB,KAAK,MAAM;QACT,MAAM,WAAW,CAAC,SAAS,CAAC,CAAC;QAC7B,MAAM;IAER,KAAK,QAAQ;QACX,MAAM,aAAa,CAAC,SAAS,CAAC,CAAC;QAC/B,MAAM;IAER,KAAK,QAAQ,CAAC,CAAC,CAAC;QACd,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YACvC,OAAO,CAAC,GAAG,CAAC,yCAAyC,CAAC,CAAC;YACvD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,MAAM,aAAa,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;QACvC,MAAM;IACR,CAAC;IAED,KAAK,MAAM,CAAC;IACZ,KAAK,QAAQ,CAAC;IACd,KAAK,IAAI,CAAC;IACV,KAAK,SAAS;QACZ,SAAS,EAAE,CAAC;QACZ,MAAM;IAER;QACE,OAAO,CAAC,GAAG,CAAC,wBAAwB,OAAO,EAAE,CAAC,CAAC;QAC/C,SAAS,EAAE,CAAC;QACZ,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AACpB,CAAC;AAED,SAAS,SAAS;IAChB,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;;CAmBb,CAAC,CAAC;AACH,CAAC"}

package/dist/commands/export.d.ts

@@ -0,0 +1,2 @@
+export declare function exportCommand(outputPath: string, vaultPath?: string): Promise<void>;
+//# sourceMappingURL=export.d.ts.map

package/dist/commands/export.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"export.d.ts","sourceRoot":"","sources":["../../src/commands/export.ts"],"names":[],"mappings":"AAIA,wBAAsB,aAAa,CAAC,UAAU,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,iBA+BzE"}

package/dist/commands/export.js

@@ -0,0 +1,32 @@
+import { Vault, FileStorage, defaultVaultPath } from "@vouchagents/client";
+import { writeFile } from "node:fs/promises";
+import { askSecret, close } from "../prompt.js";
+export async function exportCommand(outputPath, vaultPath) {
+    const path = vaultPath ?? defaultVaultPath();
+    const storage = new FileStorage(path);
+    if (!(await storage.exists())) {
+        console.log(`\n  No vault found at ${path}\n`);
+        close();
+        return;
+    }
+    const password = await askSecret("  Vault password: ");
+    close();
+    try {
+        // Verify the password works by opening
+        await Vault.open({ passphrase: password, storage });
+        // Export the raw encrypted file
+        const data = await storage.read();
+        if (!data) {
+            console.log("\n  Failed to read vault.\n");
+            process.exit(1);
+        }
+        await writeFile(outputPath, data, "utf-8");
+        console.log(`\n  \x1b[32mVault exported to ${outputPath}\x1b[0m`);
+        console.log("  This file is encrypted. You need your password to use it.\n");
+    }
+    catch {
+        console.log("\n  Wrong password.\n");
+        process.exit(1);
+    }
+}
+//# sourceMappingURL=export.js.map

package/dist/commands/export.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"export.js","sourceRoot":"","sources":["../../src/commands/export.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAC3E,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,cAAc,CAAC;AAEhD,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,UAAkB,EAAE,SAAkB;IACxE,MAAM,IAAI,GAAG,SAAS,IAAI,gBAAgB,EAAE,CAAC;IAC7C,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC,IAAI,CAAC,CAAC;IAEtC,IAAI,CAAC,CAAC,MAAM,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,CAAC;QAC9B,OAAO,CAAC,GAAG,CAAC,yBAAyB,IAAI,IAAI,CAAC,CAAC;QAC/C,KAAK,EAAE,CAAC;QACR,OAAO;IACT,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,oBAAoB,CAAC,CAAC;IACvD,KAAK,EAAE,CAAC;IAER,IAAI,CAAC;QACH,uCAAuC;QACvC,MAAM,KAAK,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;QAEpD,gCAAgC;QAChC,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,CAAC;QAClC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;YAC3C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,CAAC,GAAG,CAAC,iCAAiC,UAAU,SAAS,CAAC,CAAC;QAClE,OAAO,CAAC,GAAG,CAAC,+DAA+D,CAAC,CAAC;IAC/E,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;QACrC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC"}

package/dist/commands/init.d.ts

@@ -0,0 +1,2 @@
+export declare function initCommand(vaultPath?: string): Promise<void>;
+//# sourceMappingURL=init.d.ts.map

package/dist/commands/init.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"init.d.ts","sourceRoot":"","sources":["../../src/commands/init.ts"],"names":[],"mappings":"AAGA,wBAAsB,WAAW,CAAC,SAAS,CAAC,EAAE,MAAM,iBAuDnD"}

package/dist/commands/init.js

@@ -0,0 +1,50 @@
+import { Vault, FileStorage, defaultVaultPath } from "@vouchagents/client";
+import { ask, askSecret, close } from "../prompt.js";
+export async function initCommand(vaultPath) {
+    const path = vaultPath ?? defaultVaultPath();
+    const storage = new FileStorage(path);
+    // Check if vault already exists
+    if (await storage.exists()) {
+        console.log(`\n  A vault already exists at ${path}`);
+        console.log("  Run `vouch status` to see what's stored.");
+        console.log("  Run `vouch init --force` to overwrite.\n");
+        close();
+        return;
+    }
+    console.log("\n  Setting up Vouch...\n");
+    const name = await ask("  What name should we use? ");
+    if (!name) {
+        console.log("  Name is required.");
+        close();
+        process.exit(1);
+    }
+    const email = await ask("  Email? ");
+    if (!email) {
+        console.log("  Email is required.");
+        close();
+        process.exit(1);
+    }
+    const password = await askSecret("  Set a password to protect your vault: ");
+    if (!password || password.length < 6) {
+        console.log("\n  Password must be at least 6 characters.");
+        close();
+        process.exit(1);
+    }
+    console.log("\n  Creating vault...");
+    try {
+        const vault = await Vault.create({ passphrase: password, storage });
+        await vault.setField("name", name);
+        await vault.setField("email", email);
+        const identity = vault.getIdentity();
+        console.log(`\n  \x1b[32mVault created at ${path}\x1b[0m`);
+        console.log(`  \x1b[32mEd25519 signing key generated\x1b[0m`);
+        console.log(`\n  Key ID: ${identity.keyId}`);
+        console.log("  Your details are encrypted. Run `vouch status` to check.\n");
+    }
+    catch (err) {
+        console.error(`\n  Failed to create vault: ${err instanceof Error ? err.message : err}\n`);
+        process.exit(1);
+    }
+    close();
+}
+//# sourceMappingURL=init.js.map

package/dist/commands/init.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"init.js","sourceRoot":"","sources":["../../src/commands/init.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAC3E,OAAO,EAAE,GAAG,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,cAAc,CAAC;AAErD,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,SAAkB;IAClD,MAAM,IAAI,GAAG,SAAS,IAAI,gBAAgB,EAAE,CAAC;IAC7C,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC,IAAI,CAAC,CAAC;IAEtC,gCAAgC;IAChC,IAAI,MAAM,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC;QAC3B,OAAO,CAAC,GAAG,CAAC,iCAAiC,IAAI,EAAE,CAAC,CAAC;QACrD,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAC;QAC1D,KAAK,EAAE,CAAC;QACR,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;IAEzC,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,6BAA6B,CAAC,CAAC;IACtD,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;QACnC,KAAK,EAAE,CAAC;QACR,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,WAAW,CAAC,CAAC;IACrC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;QACpC,KAAK,EAAE,CAAC;QACR,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,0CAA0C,CAAC,CAAC;IAC7E,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;QAC3D,KAAK,EAAE,CAAC;QACR,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;IAErC,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;QACpE,MAAM,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QACnC,MAAM,KAAK,CAAC,QAAQ,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAErC,MAAM,QAAQ,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;QAErC,OAAO,CAAC,GAAG,CAAC,gCAAgC,IAAI,SAAS,CAAC,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;QAC9D,OAAO,CAAC,GAAG,CAAC,eAAe,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC;QAC7C,OAAO,CAAC,GAAG,CAAC,8DAA8D,CAAC,CAAC;IAC9E,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,+BAA+B,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QAC3F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,KAAK,EAAE,CAAC;AACV,CAAC"}

package/dist/commands/status.d.ts

@@ -0,0 +1,2 @@
+export declare function statusCommand(vaultPath?: string): Promise<void>;
+//# sourceMappingURL=status.d.ts.map

package/dist/commands/status.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"status.d.ts","sourceRoot":"","sources":["../../src/commands/status.ts"],"names":[],"mappings":"AAGA,wBAAsB,aAAa,CAAC,SAAS,CAAC,EAAE,MAAM,iBAmDrD"}

package/dist/commands/status.js

@@ -0,0 +1,55 @@
+import { Vault, FileStorage, defaultVaultPath } from "@vouchagents/client";
+import { askSecret, close } from "../prompt.js";
+export async function statusCommand(vaultPath) {
+    const path = vaultPath ?? defaultVaultPath();
+    const storage = new FileStorage(path);
+    if (!(await storage.exists())) {
+        console.log(`\n  No vault found at ${path}`);
+        console.log("  Run `vouch init` to create one.\n");
+        close();
+        return;
+    }
+    const password = await askSecret("  Vault password: ");
+    close();
+    try {
+        const vault = await Vault.open({ passphrase: password, storage });
+        const fields = await vault.listFields();
+        const identity = vault.getIdentity();
+        const history = await vault.getHistory({ limit: 5 });
+        console.log("\n  \x1b[1mVouch Vault\x1b[0m");
+        console.log(`  Location: ${path}`);
+        console.log(`  Key ID:   ${identity.keyId}\n`);
+        console.log("  \x1b[1mStored fields:\x1b[0m");
+        for (const field of fields) {
+            const val = await vault.getField(field);
+            const masked = val && field === "email"
+                ? maskEmail(val.unsafeUnwrap())
+                : val
+                    ? val.unsafeUnwrap().slice(0, 2) + "***"
+                    : "(empty)";
+            console.log(`    ${field}: ${masked}`);
+        }
+        if (history.length > 0) {
+            console.log(`\n  \x1b[1mRecent signups:\x1b[0m`);
+            for (const entry of history) {
+                const date = new Date(entry.timestamp).toLocaleDateString();
+                console.log(`    ${date}  ${entry.site}  ${entry.status}`);
+            }
+        }
+        else {
+            console.log("\n  No signups yet.");
+        }
+        console.log();
+    }
+    catch {
+        console.log("\n  Wrong password.\n");
+        process.exit(1);
+    }
+}
+function maskEmail(email) {
+    const [local, domain] = email.split("@");
+    if (!local || !domain)
+        return "***";
+    return local.slice(0, 2) + "***@" + domain;
+}
+//# sourceMappingURL=status.js.map

package/dist/commands/status.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"status.js","sourceRoot":"","sources":["../../src/commands/status.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAC3E,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,cAAc,CAAC;AAEhD,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,SAAkB;IACpD,MAAM,IAAI,GAAG,SAAS,IAAI,gBAAgB,EAAE,CAAC;IAC7C,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC,IAAI,CAAC,CAAC;IAEtC,IAAI,CAAC,CAAC,MAAM,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,CAAC;QAC9B,OAAO,CAAC,GAAG,CAAC,yBAAyB,IAAI,EAAE,CAAC,CAAC;QAC7C,OAAO,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC;QACnD,KAAK,EAAE,CAAC;QACR,OAAO;IACT,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,oBAAoB,CAAC,CAAC;IACvD,KAAK,EAAE,CAAC;IAER,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;QAClE,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,UAAU,EAAE,CAAC;QACxC,MAAM,QAAQ,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,OAAO,GAAG,MAAM,KAAK,CAAC,UAAU,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;QAErD,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;QAC7C,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,eAAe,QAAQ,CAAC,KAAK,IAAI,CAAC,CAAC;QAE/C,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;QAC9C,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YACxC,MAAM,MAAM,GACV,GAAG,IAAI,KAAK,KAAK,OAAO;gBACtB,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;gBAC/B,CAAC,CAAC,GAAG;oBACH,CAAC,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK;oBACxC,CAAC,CAAC,SAAS,CAAC;YAClB,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,KAAK,MAAM,EAAE,CAAC,CAAC;QACzC,CAAC;QAED,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;YACjD,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;gBAC5B,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,kBAAkB,EAAE,CAAC;gBAC5D,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,KAAK,KAAK,CAAC,IAAI,KAAK,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;YAC7D,CAAC;QACH,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;QACrC,CAAC;QAED,OAAO,CAAC,GAAG,EAAE,CAAC;IAChB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;QACrC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,SAAS,SAAS,CAAC,KAAa;IAC9B,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACzC,IAAI,CAAC,KAAK,IAAI,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IACpC,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,MAAM,GAAG,MAAM,CAAC;AAC7C,CAAC"}

package/dist/prompt.d.ts

@@ -0,0 +1,4 @@
+export declare function ask(question: string): Promise<string>;
+export declare function askSecret(question: string): Promise<string>;
+export declare function close(): void;
+//# sourceMappingURL=prompt.d.ts.map

package/dist/prompt.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"prompt.d.ts","sourceRoot":"","sources":["../src/prompt.ts"],"names":[],"mappings":"AAOA,wBAAgB,GAAG,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAIrD;AAED,wBAAgB,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CA+B3D;AAED,wBAAgB,KAAK,SAEpB"}

package/dist/prompt.js

@@ -0,0 +1,50 @@
+import * as readline from "node:readline";
+const rl = readline.createInterface({
+    input: process.stdin,
+    output: process.stderr, // prompts to stderr so stdout stays clean
+});
+export function ask(question) {
+    return new Promise((resolve) => {
+        rl.question(question, (answer) => resolve(answer.trim()));
+    });
+}
+export function askSecret(question) {
+    return new Promise((resolve) => {
+        process.stderr.write(question);
+        const stdin = process.stdin;
+        const wasRaw = stdin.isRaw;
+        if (stdin.isTTY)
+            stdin.setRawMode(true);
+        let input = "";
+        const onData = (chunk) => {
+            const char = chunk.toString();
+            if (char === "\n" || char === "\r") {
+                if (stdin.isTTY)
+                    stdin.setRawMode(wasRaw ?? false);
+                stdin.removeListener("data", onData);
+                process.stderr.write("\n");
+                resolve(input);
+            }
+            else if (char === "\u007f" || char === "\b") {
+                // backspace
+                if (input.length > 0) {
+                    input = input.slice(0, -1);
+                    process.stderr.write("\b \b");
+                }
+            }
+            else if (char === "\u0003") {
+                // ctrl+c
+                process.exit(1);
+            }
+            else {
+                input += char;
+                process.stderr.write("*");
+            }
+        };
+        stdin.on("data", onData);
+    });
+}
+export function close() {
+    rl.close();
+}
+//# sourceMappingURL=prompt.js.map

package/dist/prompt.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"prompt.js","sourceRoot":"","sources":["../src/prompt.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,QAAQ,MAAM,eAAe,CAAC;AAE1C,MAAM,EAAE,GAAG,QAAQ,CAAC,eAAe,CAAC;IAClC,KAAK,EAAE,OAAO,CAAC,KAAK;IACpB,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,0CAA0C;CACnE,CAAC,CAAC;AAEH,MAAM,UAAU,GAAG,CAAC,QAAgB;IAClC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;IAC5D,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,QAAgB;IACxC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAC/B,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;QAC5B,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC;QAC3B,IAAI,KAAK,CAAC,KAAK;YAAE,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAExC,IAAI,KAAK,GAAG,EAAE,CAAC;QACf,MAAM,MAAM,GAAG,CAAC,KAAa,EAAE,EAAE;YAC/B,MAAM,IAAI,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC9B,IAAI,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;gBACnC,IAAI,KAAK,CAAC,KAAK;oBAAE,KAAK,CAAC,UAAU,CAAC,MAAM,IAAI,KAAK,CAAC,CAAC;gBACnD,KAAK,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;gBACrC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC3B,OAAO,CAAC,KAAK,CAAC,CAAC;YACjB,CAAC;iBAAM,IAAI,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;gBAC9C,YAAY;gBACZ,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACrB,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;oBAC3B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;gBAChC,CAAC;YACH,CAAC;iBAAM,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC7B,SAAS;gBACT,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;iBAAM,CAAC;gBACN,KAAK,IAAI,IAAI,CAAC;gBACd,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC5B,CAAC;QACH,CAAC,CAAC;QACF,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC3B,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,KAAK;IACnB,EAAE,CAAC,KAAK,EAAE,CAAC;AACb,CAAC"}

package/package.json

@@ -0,0 +1,21 @@
+{
+  "name": "@vouchagents/cli",
+  "version": "0.1.0",
+  "type": "module",
+  "bin": {
+    "vouch": "./dist/bin.js"
+  },
+  "scripts": {
+    "build": "tsc",
+    "typecheck": "tsc --noEmit",
+    "clean": "rm -rf dist"
+  },
+  "dependencies": {
+    "@vouchagents/protocol": "0.1.0",
+    "@vouchagents/client": "0.1.0"
+  },
+  "devDependencies": {
+    "typescript": "^5.7.0",
+    "@types/node": "^25.5.0"
+  }
+}

package/src/bin.ts

@@ -0,0 +1,67 @@
+#!/usr/bin/env node
+
+import { initCommand } from "./commands/init.js";
+import { statusCommand } from "./commands/status.js";
+import { exportCommand } from "./commands/export.js";
+
+const args = process.argv.slice(2);
+const command = args[0];
+
+// Parse --vault flag
+const vaultIdx = args.indexOf("--vault");
+const vaultPath = vaultIdx !== -1 ? args[vaultIdx + 1] : undefined;
+
+switch (command) {
+  case "init":
+    await initCommand(vaultPath);
+    break;
+
+  case "status":
+    await statusCommand(vaultPath);
+    break;
+
+  case "export": {
+    const output = args[1];
+    if (!output || output.startsWith("--")) {
+      console.log("\n  Usage: vouch export <output-path>\n");
+      process.exit(1);
+    }
+    await exportCommand(output, vaultPath);
+    break;
+  }
+
+  case "help":
+  case "--help":
+  case "-h":
+  case undefined:
+    printHelp();
+    break;
+
+  default:
+    console.log(`\n  Unknown command: ${command}`);
+    printHelp();
+    process.exit(1);
+}
+
+function printHelp() {
+  console.log(`
+  \x1b[1mvouch\x1b[0m - Manage your Vouch identity vault
+
+  \x1b[1mUsage:\x1b[0m
+    vouch <command> [options]
+
+  \x1b[1mCommands:\x1b[0m
+    init      Create a new encrypted vault
+    status    Show vault contents and recent signups
+    export    Export vault to a file (still encrypted)
+    help      Show this help
+
+  \x1b[1mOptions:\x1b[0m
+    --vault <path>   Custom vault path (default: ~/.vouch/vault.json)
+
+  \x1b[1mExamples:\x1b[0m
+    vouch init
+    vouch status
+    vouch export ~/backup-vault.json
+`);
+}

package/src/commands/export.ts

@@ -0,0 +1,36 @@
+import { Vault, FileStorage, defaultVaultPath } from "@vouchagents/client";
+import { writeFile } from "node:fs/promises";
+import { askSecret, close } from "../prompt.js";
+
+export async function exportCommand(outputPath: string, vaultPath?: string) {
+  const path = vaultPath ?? defaultVaultPath();
+  const storage = new FileStorage(path);
+
+  if (!(await storage.exists())) {
+    console.log(`\n  No vault found at ${path}\n`);
+    close();
+    return;
+  }
+
+  const password = await askSecret("  Vault password: ");
+  close();
+
+  try {
+    // Verify the password works by opening
+    await Vault.open({ passphrase: password, storage });
+
+    // Export the raw encrypted file
+    const data = await storage.read();
+    if (!data) {
+      console.log("\n  Failed to read vault.\n");
+      process.exit(1);
+    }
+
+    await writeFile(outputPath, data, "utf-8");
+    console.log(`\n  \x1b[32mVault exported to ${outputPath}\x1b[0m`);
+    console.log("  This file is encrypted. You need your password to use it.\n");
+  } catch {
+    console.log("\n  Wrong password.\n");
+    process.exit(1);
+  }
+}

package/src/commands/init.ts

@@ -0,0 +1,59 @@
+import { Vault, FileStorage, defaultVaultPath } from "@vouchagents/client";
+import { ask, askSecret, close } from "../prompt.js";
+
+export async function initCommand(vaultPath?: string) {
+  const path = vaultPath ?? defaultVaultPath();
+  const storage = new FileStorage(path);
+
+  // Check if vault already exists
+  if (await storage.exists()) {
+    console.log(`\n  A vault already exists at ${path}`);
+    console.log("  Run `vouch status` to see what's stored.");
+    console.log("  Run `vouch init --force` to overwrite.\n");
+    close();
+    return;
+  }
+
+  console.log("\n  Setting up Vouch...\n");
+
+  const name = await ask("  What name should we use? ");
+  if (!name) {
+    console.log("  Name is required.");
+    close();
+    process.exit(1);
+  }
+
+  const email = await ask("  Email? ");
+  if (!email) {
+    console.log("  Email is required.");
+    close();
+    process.exit(1);
+  }
+
+  const password = await askSecret("  Set a password to protect your vault: ");
+  if (!password || password.length < 6) {
+    console.log("\n  Password must be at least 6 characters.");
+    close();
+    process.exit(1);
+  }
+
+  console.log("\n  Creating vault...");
+
+  try {
+    const vault = await Vault.create({ passphrase: password, storage });
+    await vault.setField("name", name);
+    await vault.setField("email", email);
+
+    const identity = vault.getIdentity();
+
+    console.log(`\n  \x1b[32mVault created at ${path}\x1b[0m`);
+    console.log(`  \x1b[32mEd25519 signing key generated\x1b[0m`);
+    console.log(`\n  Key ID: ${identity.keyId}`);
+    console.log("  Your details are encrypted. Run `vouch status` to check.\n");
+  } catch (err) {
+    console.error(`\n  Failed to create vault: ${err instanceof Error ? err.message : err}\n`);
+    process.exit(1);
+  }
+
+  close();
+}

package/src/commands/status.ts

@@ -0,0 +1,61 @@
+import { Vault, FileStorage, defaultVaultPath } from "@vouchagents/client";
+import { askSecret, close } from "../prompt.js";
+
+export async function statusCommand(vaultPath?: string) {
+  const path = vaultPath ?? defaultVaultPath();
+  const storage = new FileStorage(path);
+
+  if (!(await storage.exists())) {
+    console.log(`\n  No vault found at ${path}`);
+    console.log("  Run `vouch init` to create one.\n");
+    close();
+    return;
+  }
+
+  const password = await askSecret("  Vault password: ");
+  close();
+
+  try {
+    const vault = await Vault.open({ passphrase: password, storage });
+    const fields = await vault.listFields();
+    const identity = vault.getIdentity();
+    const history = await vault.getHistory({ limit: 5 });
+
+    console.log("\n  \x1b[1mVouch Vault\x1b[0m");
+    console.log(`  Location: ${path}`);
+    console.log(`  Key ID:   ${identity.keyId}\n`);
+
+    console.log("  \x1b[1mStored fields:\x1b[0m");
+    for (const field of fields) {
+      const val = await vault.getField(field);
+      const masked =
+        val && field === "email"
+          ? maskEmail(val.unsafeUnwrap())
+          : val
+            ? val.unsafeUnwrap().slice(0, 2) + "***"
+            : "(empty)";
+      console.log(`    ${field}: ${masked}`);
+    }
+
+    if (history.length > 0) {
+      console.log(`\n  \x1b[1mRecent signups:\x1b[0m`);
+      for (const entry of history) {
+        const date = new Date(entry.timestamp).toLocaleDateString();
+        console.log(`    ${date}  ${entry.site}  ${entry.status}`);
+      }
+    } else {
+      console.log("\n  No signups yet.");
+    }
+
+    console.log();
+  } catch {
+    console.log("\n  Wrong password.\n");
+    process.exit(1);
+  }
+}
+
+function maskEmail(email: string): string {
+  const [local, domain] = email.split("@");
+  if (!local || !domain) return "***";
+  return local.slice(0, 2) + "***@" + domain;
+}

package/src/prompt.ts

@@ -0,0 +1,49 @@
+import * as readline from "node:readline";
+
+const rl = readline.createInterface({
+  input: process.stdin,
+  output: process.stderr, // prompts to stderr so stdout stays clean
+});
+
+export function ask(question: string): Promise<string> {
+  return new Promise((resolve) => {
+    rl.question(question, (answer) => resolve(answer.trim()));
+  });
+}
+
+export function askSecret(question: string): Promise<string> {
+  return new Promise((resolve) => {
+    process.stderr.write(question);
+    const stdin = process.stdin;
+    const wasRaw = stdin.isRaw;
+    if (stdin.isTTY) stdin.setRawMode(true);
+
+    let input = "";
+    const onData = (chunk: Buffer) => {
+      const char = chunk.toString();
+      if (char === "\n" || char === "\r") {
+        if (stdin.isTTY) stdin.setRawMode(wasRaw ?? false);
+        stdin.removeListener("data", onData);
+        process.stderr.write("\n");
+        resolve(input);
+      } else if (char === "\u007f" || char === "\b") {
+        // backspace
+        if (input.length > 0) {
+          input = input.slice(0, -1);
+          process.stderr.write("\b \b");
+        }
+      } else if (char === "\u0003") {
+        // ctrl+c
+        process.exit(1);
+      } else {
+        input += char;
+        process.stderr.write("*");
+      }
+    };
+    stdin.on("data", onData);
+  });
+}
+
+export function close() {
+  rl.close();
+}

package/tsconfig.json

@@ -0,0 +1,9 @@
+{
+  "extends": "../../tsconfig.json",
+  "compilerOptions": {
+    "outDir": "dist",
+    "rootDir": "src",
+    "lib": ["ES2022", "DOM"]
+  },
+  "include": ["src"]
+}