@xmtp/convos-cli 0.1.0

package/dist/commands/identity/list.js

@@ -0,0 +1,59 @@
+import { getAccountAddress } from "../../utils/xmtp.js";
+import { ConvosBaseCommand } from "../../baseCommand.js";
+import { createIdentityStore } from "../../utils/identities.js";
+export default class IdentityList extends ConvosBaseCommand {
+    static description = `List all Convos identities.
+
+Each Convos conversation uses its own XMTP identity (inbox) for privacy.
+This command shows all identities, including which conversation each is
+linked to.
+
+Identities without a conversation ID are "unlinked" — available for
+use with new conversations.`;
+    static examples = [
+        {
+            command: "<%= config.bin %> <%= command.id %>",
+            description: "List all identities",
+        },
+        {
+            command: "<%= config.bin %> <%= command.id %> --json",
+            description: "Output as JSON",
+        },
+    ];
+    static flags = {
+        ...ConvosBaseCommand.baseFlags,
+    };
+    async run() {
+        const store = createIdentityStore();
+        const identities = store.list();
+        if (identities.length === 0) {
+            this.output({
+                message: "No identities found. Create one with: convos identity create",
+                count: 0,
+            });
+            return;
+        }
+        // Detect duplicate identities per conversation
+        const convCounts = new Map();
+        for (const identity of identities) {
+            if (identity.conversationId) {
+                convCounts.set(identity.conversationId, (convCounts.get(identity.conversationId) ?? 0) + 1);
+            }
+        }
+        const output = identities.map((identity) => ({
+            id: identity.id,
+            address: getAccountAddress(identity.walletKey),
+            inboxId: identity.inboxId ?? "(not yet registered)",
+            conversationId: identity.conversationId ?? "(unlinked)",
+            inviteTag: identity.inviteTag ?? "",
+            label: identity.label ?? "",
+            profileName: identity.profileName ?? "",
+            createdAt: identity.createdAt,
+            ...(identity.conversationId &&
+                (convCounts.get(identity.conversationId) ?? 0) > 1
+                ? { duplicate: true }
+                : {}),
+        }));
+        this.output(output);
+    }
+}

package/dist/commands/identity/remove.d.ts

@@ -0,0 +1,23 @@
+import { ConvosBaseCommand } from "../../baseCommand.js";
+export default class IdentityRemove extends ConvosBaseCommand {
+    static description: string;
+    static examples: {
+        command: string;
+        description: string;
+    }[];
+    static args: {
+        id: import("@oclif/core/interfaces").Arg<string, Record<string, unknown>>;
+    };
+    static flags: {
+        force: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+        "log-level": import("@oclif/core/interfaces").OptionFlag<"off" | "error" | "warn" | "info" | "debug" | "trace" | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        "structured-logging": import("@oclif/core/interfaces").BooleanFlag<boolean>;
+        "app-version": import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        "env-file": import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        env: import("@oclif/core/interfaces").OptionFlag<"local" | "dev" | "production" | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        "gateway-host": import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        json: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+        verbose: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+    };
+    run(): Promise<void>;
+}

package/dist/commands/identity/remove.js

@@ -0,0 +1,51 @@
+import { Args, Flags } from "@oclif/core";
+import { ConvosBaseCommand } from "../../baseCommand.js";
+import { createIdentityStore } from "../../utils/identities.js";
+export default class IdentityRemove extends ConvosBaseCommand {
+    static description = `Remove an identity and all associated data.
+
+Permanently deletes the identity's wallet key, database encryption key,
+XMTP database files, and all local data. This is irreversible.
+
+Per ADR 002 and ADR 004: destroying an identity destroys the
+cryptographic material needed to participate in its conversation.`;
+    static examples = [
+        {
+            command: "<%= config.bin %> <%= command.id %> <identity-id> --force",
+            description: "Remove an identity",
+        },
+    ];
+    static args = {
+        id: Args.string({
+            description: "The identity ID to remove",
+            required: true,
+        }),
+    };
+    static flags = {
+        ...ConvosBaseCommand.baseFlags,
+        force: Flags.boolean({
+            char: "f",
+            description: "Skip confirmation prompt",
+            default: false,
+        }),
+    };
+    async run() {
+        const { args, flags } = await this.parse(IdentityRemove);
+        const store = createIdentityStore();
+        const identity = store.get(args.id);
+        if (!identity) {
+            this.error(`Identity not found: ${args.id}`);
+        }
+        await this.confirmAction(`This will permanently delete identity ${args.id}` +
+            (identity.conversationId
+                ? ` and its conversation ${identity.conversationId}`
+                : "") +
+            ". All cryptographic keys will be destroyed.", flags.force);
+        store.remove(args.id);
+        this.output({
+            success: true,
+            removedIdentityId: args.id,
+            removedConversationId: identity.conversationId ?? null,
+        });
+    }
+}

package/dist/commands/init.d.ts

@@ -0,0 +1,16 @@
+import { Command } from "@oclif/core";
+export default class Init extends Command {
+    static description: string;
+    static examples: {
+        command: string;
+        description: string;
+    }[];
+    static flags: {
+        stdout: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+        output: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        env: import("@oclif/core/interfaces").OptionFlag<"local" | "dev" | "production", import("@oclif/core/interfaces").CustomOptions>;
+        force: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+    };
+    catch(error: Error): never;
+    run(): Promise<void>;
+}

package/dist/commands/init.js

@@ -0,0 +1,91 @@
+import { access, mkdir, writeFile } from "node:fs/promises";
+import { homedir } from "node:os";
+import { dirname, join, resolve } from "node:path";
+import { Command, Errors, Flags } from "@oclif/core";
+import { VALID_ENVS } from "../utils/xmtp.js";
+const CONVOS_HOME = join(homedir(), ".convos");
+const DEFAULT_ENV_PATH = join(CONVOS_HOME, ".env");
+export default class Init extends Command {
+    static description = `Initialize Convos CLI configuration.
+
+Sets up the ~/.convos directory structure and default environment.
+Unlike standard XMTP, Convos does not generate a single wallet key.
+Each conversation creates its own identity (see 'convos identity create').
+
+This command creates:
+- The ~/.convos directory
+- A .env file with default environment settings
+- The identities storage directory`;
+    static examples = [
+        {
+            command: "<%= config.bin %> <%= command.id %>",
+            description: `Initialize with default settings`,
+        },
+        {
+            command: "<%= config.bin %> <%= command.id %> --env production",
+            description: "Initialize with production environment",
+        },
+        {
+            command: "<%= config.bin %> <%= command.id %> --force",
+            description: "Overwrite existing configuration",
+        },
+    ];
+    static flags = {
+        stdout: Flags.boolean({
+            description: "Output configuration to stdout instead of writing to file",
+            default: false,
+        }),
+        output: Flags.string({
+            char: "o",
+            description: "Path to write .env file",
+            helpValue: "<path>",
+        }),
+        env: Flags.option({
+            options: [...VALID_ENVS],
+            description: "XMTP environment",
+            default: "dev",
+        })(),
+        force: Flags.boolean({
+            char: "f",
+            description: "Overwrite existing configuration",
+            default: false,
+        }),
+    };
+    catch(error) {
+        if (error instanceof Errors.CLIError) {
+            error.showHelp = false;
+            throw error;
+        }
+        const cliError = new Errors.CLIError(error.message);
+        cliError.showHelp = false;
+        throw cliError;
+    }
+    async run() {
+        const { flags } = await this.parse(Init);
+        const envContent = `# Convos CLI Configuration
+# Each conversation creates its own identity — no global wallet key needed.
+CONVOS_ENV=${flags.env}
+`;
+        if (flags.stdout) {
+            this.log(envContent);
+            return;
+        }
+        const outputPath = resolve(flags.output ?? DEFAULT_ENV_PATH);
+        await mkdir(dirname(outputPath), { recursive: true });
+        await mkdir(join(CONVOS_HOME, "identities"), { recursive: true });
+        let fileExists = false;
+        try {
+            await access(outputPath);
+            fileExists = true;
+        }
+        catch { }
+        if (fileExists && !flags.force) {
+            this.error(`File already exists: ${outputPath}\nUse --force to overwrite.`);
+        }
+        await writeFile(outputPath, envContent, "utf-8");
+        this.log(`Configuration written to ${outputPath}`);
+        this.log(`\nNext steps:`);
+        this.log(`  convos conversations create --name "My Group"  # Create a conversation`);
+        this.log(`  convos identity list                           # See all identities`);
+    }
+}

package/dist/commands/reset.d.ts

@@ -0,0 +1,17 @@
+import { ConvosBaseCommand } from "../baseCommand.js";
+export default class Reset extends ConvosBaseCommand {
+    static description: string;
+    static examples: {
+        command: string;
+        description: string;
+    }[];
+    static flags: {
+        force: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+        "env-file": import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        env: import("@oclif/core/interfaces").OptionFlag<"local" | "dev" | "production" | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        "gateway-host": import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        json: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+        verbose: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+    };
+    run(): Promise<void>;
+}

package/dist/commands/reset.js

@@ -0,0 +1,93 @@
+import { existsSync, readdirSync, rmSync } from "node:fs";
+import { homedir } from "node:os";
+import { join } from "node:path";
+import { Flags } from "@oclif/core";
+import { ConvosBaseCommand } from "../baseCommand.js";
+import { createIdentityStore } from "../utils/identities.js";
+const CONVOS_HOME = join(homedir(), ".convos");
+export default class Reset extends ConvosBaseCommand {
+    static description = `Reset Convos by deleting all identities and conversation data.
+
+Permanently removes all per-conversation identities (wallet keys,
+database encryption keys) and all XMTP databases. The .env
+configuration file is preserved.
+
+This is irreversible — all cryptographic keys will be destroyed
+and conversations cannot be recovered.`;
+    static examples = [
+        {
+            command: "<%= config.bin %> <%= command.id %>",
+            description: "Reset with confirmation prompt",
+        },
+        {
+            command: "<%= config.bin %> <%= command.id %> --force",
+            description: "Reset without confirmation",
+        },
+    ];
+    static flags = {
+        ...ConvosBaseCommand.commonFlags,
+        force: Flags.boolean({
+            char: "f",
+            description: "Skip confirmation prompt",
+            default: false,
+        }),
+    };
+    async run() {
+        const { flags } = await this.parse(Reset);
+        const store = createIdentityStore();
+        const identities = store.list();
+        const identitiesDir = join(CONVOS_HOME, "identities");
+        const dbDir = join(CONVOS_HOME, "db");
+        // Count what will be deleted
+        const identityCount = identities.length;
+        const conversationCount = identities.filter((i) => i.conversationId).length;
+        let dbFileCount = 0;
+        if (existsSync(dbDir)) {
+            for (const envDir of readdirSync(dbDir)) {
+                const envPath = join(dbDir, envDir);
+                try {
+                    dbFileCount += readdirSync(envPath).length;
+                }
+                catch {
+                    // skip non-directories
+                }
+            }
+        }
+        if (identityCount === 0 && dbFileCount === 0) {
+            this.output({
+                success: true,
+                message: "Nothing to reset — no identities or databases found.",
+            });
+            return;
+        }
+        await this.confirmAction(`This will permanently delete:\n` +
+            `  • ${identityCount} ${identityCount === 1 ? "identity" : "identities"}\n` +
+            `  • ${conversationCount} linked ${conversationCount === 1 ? "conversation" : "conversations"}\n` +
+            `  • ${dbFileCount} database ${dbFileCount === 1 ? "file" : "files"}\n\n` +
+            `All cryptographic keys will be destroyed. This cannot be undone.`, flags.force);
+        // Delete all identity files
+        let identitiesRemoved = 0;
+        if (existsSync(identitiesDir)) {
+            for (const file of readdirSync(identitiesDir)) {
+                if (file.endsWith(".json")) {
+                    rmSync(join(identitiesDir, file));
+                    identitiesRemoved++;
+                }
+            }
+        }
+        // Delete all database files
+        let dbFilesRemoved = 0;
+        if (existsSync(dbDir)) {
+            rmSync(dbDir, { recursive: true, force: true });
+            dbFilesRemoved = dbFileCount;
+        }
+        this.output({
+            success: true,
+            identitiesRemoved,
+            conversationsRemoved: conversationCount,
+            dbFilesRemoved,
+            message: "All identities and conversation data have been destroyed. " +
+                "Your .env configuration has been preserved.",
+        });
+    }
+}

package/dist/help.d.ts

@@ -0,0 +1,4 @@
+import { Help } from "@oclif/core";
+export default class ConvosHelp extends Help {
+    showRootHelp(): Promise<void>;
+}

package/dist/help.js

@@ -0,0 +1,31 @@
+import { Help } from "@oclif/core";
+export default class ConvosHelp extends Help {
+    async showRootHelp() {
+        await super.showRootHelp();
+        this.log(this.section("GETTING STARTED", this.wrap([
+            "Initialize your Convos configuration:",
+            "",
+            "  $ convos init",
+            "",
+            "Create a conversation (auto-creates a per-conversation identity):",
+            "",
+            "  $ convos conversations create --name 'My Group'",
+            "",
+            "Send a message:",
+            "",
+            "  $ convos conversation send-text <conversation-id> 'Hello!'",
+            "",
+            "List all conversations across all identities:",
+            "",
+            "  $ convos conversations list",
+            "",
+            "PRIVACY MODEL",
+            "",
+            "  Convos creates a unique XMTP identity (inbox) for each conversation.",
+            "  Conversations cannot be linked or correlated by external observers.",
+            "",
+            "  Run 'convos <command> --help' for more information on a command.",
+        ].join("\n"))));
+        this.log("");
+    }
+}

package/dist/index.d.ts

@@ -0,0 +1,9 @@
+export { run } from "@oclif/core";
+export { ConvosBaseCommand } from "./baseCommand.js";
+export { createIdentityStore, type Identity, type IdentityStore, } from "./utils/identities.js";
+export { createClientForIdentity } from "./utils/client.js";
+export type { ConvosConfig } from "./utils/config.js";
+export { createInviteSlug, parseInvite, verifyInvite, verifyInviteSignature, recoverInvitePublicKey, inviteToSlug, encryptConversationToken, decryptConversationToken, type InviteOptions, type ParsedInvite, } from "./utils/invite.js";
+export { parseAppData, serializeAppData, upsertProfile, removeProfile, getProfile, type ConversationProfile, type ConversationCustomMetadata, } from "./utils/metadata.js";
+export { randomAlphanumeric } from "./utils/random.js";
+export { getAccountAddress, toHexBytes, isGroup, isDm, requireGroup, requireDm, formatSections, formatHuman, jsonStringify, buildProfileMap, isDisplayableMessage, normalizeMessageContent, type ProfileMap, isTTY, VALID_ENVS, type Section, } from "./utils/xmtp.js";

package/dist/index.js

@@ -0,0 +1,15 @@
+export { run } from "@oclif/core";
+// Base command for plugin extension
+export { ConvosBaseCommand } from "./baseCommand.js";
+// Identity management
+export { createIdentityStore, } from "./utils/identities.js";
+// Client creation
+export { createClientForIdentity } from "./utils/client.js";
+// Invite system
+export { createInviteSlug, parseInvite, verifyInvite, verifyInviteSignature, recoverInvitePublicKey, inviteToSlug, encryptConversationToken, decryptConversationToken, } from "./utils/invite.js";
+// Metadata / profiles
+export { parseAppData, serializeAppData, upsertProfile, removeProfile, getProfile, } from "./utils/metadata.js";
+// Random utilities
+export { randomAlphanumeric } from "./utils/random.js";
+// Re-export XMTP utilities for downstream consumers
+export { getAccountAddress, toHexBytes, isGroup, isDm, requireGroup, requireDm, formatSections, formatHuman, jsonStringify, buildProfileMap, isDisplayableMessage, normalizeMessageContent, isTTY, VALID_ENVS, } from "./utils/xmtp.js";

package/dist/utils/client.d.ts

@@ -0,0 +1,8 @@
+import { Client } from "@xmtp/node-sdk";
+import type { ConvosConfig } from "./config.js";
+import type { Identity } from "./identities.js";
+/**
+ * Create an XMTP client for a specific Convos identity.
+ * Each conversation gets its own identity and client (ADR 002).
+ */
+export declare function createClientForIdentity(identity: Identity, config: ConvosConfig): Promise<Client>;

package/dist/utils/client.js

@@ -0,0 +1,58 @@
+import { readFileSync } from "node:fs";
+import { mkdir } from "node:fs/promises";
+import { dirname, join } from "node:path";
+import { fileURLToPath } from "node:url";
+import { AttachmentCodec, RemoteAttachmentCodec, } from "@xmtp/content-type-remote-attachment";
+import { Client } from "@xmtp/node-sdk";
+import { toHexBytes, hexToBytes } from "./xmtp.js";
+import { privateKeyToAccount } from "viem/accounts";
+import { createIdentityStore } from "./identities.js";
+const __dirname = fileURLToPath(new URL(".", import.meta.url));
+const pkg = JSON.parse(readFileSync(join(__dirname, "..", "..", "package.json"), "utf-8"));
+const DEFAULT_APP_VERSION = `convos-cli/${pkg.version}`;
+const LOG_LEVELS = {
+    off: "Off" /* LogLevel.Off */,
+    error: "Error" /* LogLevel.Error */,
+    warn: "Warn" /* LogLevel.Warn */,
+    info: "Info" /* LogLevel.Info */,
+    debug: "Debug" /* LogLevel.Debug */,
+    trace: "Trace" /* LogLevel.Trace */,
+};
+/**
+ * Create an XMTP client for a specific Convos identity.
+ * Each conversation gets its own identity and client (ADR 002).
+ */
+export async function createClientForIdentity(identity, config) {
+    const store = createIdentityStore();
+    const env = config.env ?? "dev";
+    const dbPath = store.getDbPath(identity.id, env);
+    const account = privateKeyToAccount(identity.walletKey);
+    const signer = {
+        type: "EOA",
+        getIdentifier: () => ({
+            identifierKind: 0 /* IdentifierKind.Ethereum */,
+            identifier: account.address.toLowerCase(),
+        }),
+        signMessage: async (message) => {
+            const signature = await account.signMessage({ message });
+            return hexToBytes(signature);
+        },
+    };
+    await mkdir(dirname(dbPath), { recursive: true });
+    const client = await Client.create(signer, {
+        env,
+        codecs: [new AttachmentCodec(), new RemoteAttachmentCodec()],
+        dbEncryptionKey: toHexBytes(identity.dbEncryptionKey),
+        dbPath,
+        gatewayHost: config.gatewayHost,
+        loggingLevel: config.logLevel ? LOG_LEVELS[config.logLevel] : undefined,
+        structuredLogging: config.structuredLogging,
+        disableDeviceSync: true, // Per ADR 002: each conversation is independent
+        appVersion: config.appVersion ?? DEFAULT_APP_VERSION,
+    });
+    // Cache the inbox ID on the identity
+    if (!identity.inboxId) {
+        store.update(identity.id, { inboxId: client.inboxId });
+    }
+    return client;
+}

package/dist/utils/config.d.ts

@@ -0,0 +1,15 @@
+import type { XmtpEnv } from "@xmtp/node-sdk";
+/**
+ * Convos-specific config. The per-identity wallet/db keys are not here —
+ * they live in each Identity. This holds global settings only.
+ */
+export interface ConvosConfig {
+    env?: XmtpEnv;
+    logLevel?: string;
+    structuredLogging?: boolean;
+    gatewayHost?: string;
+    appVersion?: string;
+    uploadProvider?: string;
+    uploadProviderToken?: string;
+    uploadProviderGateway?: string;
+}

package/dist/utils/config.js

@@ -0,0 +1 @@
+export {};

package/dist/utils/identities.d.ts

@@ -0,0 +1,49 @@
+import type { XmtpEnv } from "@xmtp/node-sdk";
+/**
+ * A Convos identity represents a single XMTP inbox used for one conversation.
+ * Following ADR 002: Per-Conversation Identity Model.
+ *
+ * Each identity has its own:
+ *  - Wallet private key (secp256k1)
+ *  - Database encryption key (32 bytes)
+ *  - XMTP database (SQLite)
+ *  - Conversation association (once linked)
+ */
+export interface Identity {
+    /** Unique identifier for this identity (hex) */
+    id: string;
+    /** Wallet private key (hex with 0x prefix) */
+    walletKey: string;
+    /** Database encryption key (hex) */
+    dbEncryptionKey: string;
+    /** XMTP inbox ID (set after first client creation) */
+    inboxId?: string;
+    /** Conversation ID this identity is linked to */
+    conversationId?: string;
+    /** Invite tag used to join/create this conversation */
+    inviteTag?: string;
+    /** Human-readable label */
+    label?: string;
+    /** Profile name shared with conversation members */
+    profileName?: string;
+    /** Profile image URL */
+    profileImageUrl?: string;
+    /** Creation timestamp */
+    createdAt: string;
+}
+export interface IdentityStore {
+    list(): Identity[];
+    get(id: string): Identity | undefined;
+    getByConversationId(conversationId: string): Identity | undefined;
+    getAllByConversationId(conversationId: string): Identity[];
+    getByInviteTag(tag: string): Identity | undefined;
+    getUnlinked(): Identity[];
+    create(opts?: {
+        label?: string;
+        profileName?: string;
+    }): Identity;
+    update(id: string, updates: Partial<Identity>): Identity;
+    remove(id: string): void;
+    getDbPath(id: string, env: XmtpEnv): string;
+}
+export declare function createIdentityStore(baseDir?: string): IdentityStore;

package/dist/utils/identities.js

@@ -0,0 +1,92 @@
+import { randomBytes } from "node:crypto";
+import { existsSync, mkdirSync, readFileSync, readdirSync, rmSync, writeFileSync, } from "node:fs";
+import { join } from "node:path";
+import { generatePrivateKey } from "viem/accounts";
+const DEFAULT_CONVOS_HOME = join(process.env.HOME ?? process.env.USERPROFILE ?? ".", ".convos");
+export function createIdentityStore(baseDir) {
+    const home = baseDir ?? DEFAULT_CONVOS_HOME;
+    function identitiesDir() {
+        const dir = join(home, "identities");
+        mkdirSync(dir, { recursive: true });
+        return dir;
+    }
+    function identityPath(id) {
+        return join(identitiesDir(), `${id}.json`);
+    }
+    return {
+        list() {
+            const dir = identitiesDir();
+            if (!existsSync(dir))
+                return [];
+            return readdirSync(dir)
+                .filter((f) => f.endsWith(".json"))
+                .map((f) => JSON.parse(readFileSync(join(dir, f), "utf-8")))
+                .sort((a, b) => new Date(b.createdAt).getTime() - new Date(a.createdAt).getTime());
+        },
+        get(id) {
+            const path = identityPath(id);
+            if (!existsSync(path))
+                return undefined;
+            return JSON.parse(readFileSync(path, "utf-8"));
+        },
+        getByConversationId(conversationId) {
+            // Return the oldest identity for this conversation (first-created = most likely original)
+            const matches = this.list().filter((i) => i.conversationId === conversationId);
+            return matches.length > 0
+                ? matches[matches.length - 1] // list() sorts newest-first, so last = oldest
+                : undefined;
+        },
+        getAllByConversationId(conversationId) {
+            return this.list().filter((i) => i.conversationId === conversationId);
+        },
+        getByInviteTag(tag) {
+            return this.list().find((i) => i.inviteTag === tag);
+        },
+        getUnlinked() {
+            return this.list().filter((i) => !i.conversationId);
+        },
+        create(opts) {
+            const id = randomBytes(16).toString("hex");
+            const identity = {
+                id,
+                walletKey: generatePrivateKey(),
+                dbEncryptionKey: randomBytes(32).toString("hex"),
+                label: opts?.label,
+                profileName: opts?.profileName,
+                createdAt: new Date().toISOString(),
+            };
+            writeFileSync(identityPath(id), JSON.stringify(identity, null, 2));
+            return identity;
+        },
+        update(id, updates) {
+            const existing = this.get(id);
+            if (!existing)
+                throw new Error(`Identity not found: ${id}`);
+            const updated = { ...existing, ...updates, id: existing.id };
+            writeFileSync(identityPath(id), JSON.stringify(updated, null, 2));
+            return updated;
+        },
+        remove(id) {
+            const path = identityPath(id);
+            if (existsSync(path))
+                rmSync(path);
+            // Clean up XMTP database files
+            const dbBaseDir = join(home, "db");
+            if (existsSync(dbBaseDir)) {
+                for (const envDir of readdirSync(dbBaseDir)) {
+                    const envPath = join(dbBaseDir, envDir);
+                    for (const file of readdirSync(envPath)) {
+                        if (file.startsWith(id)) {
+                            rmSync(join(envPath, file));
+                        }
+                    }
+                }
+            }
+        },
+        getDbPath(id, env) {
+            const dir = join(home, "db", env);
+            mkdirSync(dir, { recursive: true });
+            return join(dir, `${id}.db3`);
+        },
+    };
+}