aavegotchi-cli 0.1.0

package/dist/output.js

@@ -0,0 +1,112 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.outputSuccess = outputSuccess;
+exports.outputError = outputError;
+exports.outputHelp = outputHelp;
+function stringifyWithBigInt(input) {
+    return JSON.stringify(input, (_, value) => {
+        if (typeof value === "bigint") {
+            return value.toString();
+        }
+        return value;
+    }, 2);
+}
+function buildMeta(mode) {
+    return {
+        timestamp: new Date().toISOString(),
+        mode,
+    };
+}
+function outputSuccess(command, data, globals) {
+    if (globals.json) {
+        const envelope = {
+            schemaVersion: "1.0.0",
+            command,
+            status: "ok",
+            data,
+            meta: buildMeta(globals.mode),
+        };
+        console.log(stringifyWithBigInt(envelope));
+        return;
+    }
+    console.log(`[ok] ${command}`);
+    console.log(stringifyWithBigInt(data));
+}
+function outputError(command, error, globals) {
+    if (globals.json) {
+        const envelope = {
+            schemaVersion: "1.0.0",
+            command,
+            status: "error",
+            error: {
+                code: error.code,
+                message: error.message,
+                details: error.details,
+            },
+            meta: buildMeta(globals.mode),
+        };
+        console.error(stringifyWithBigInt(envelope));
+        return;
+    }
+    console.error(`[error:${error.code}] ${error.message}`);
+    if (error.details) {
+        console.error(stringifyWithBigInt(error.details));
+    }
+}
+function outputHelp() {
+    console.log(`
+Aavegotchi CLI (agent-first foundation)
+
+Usage:
+  ag <command> [options]
+
+Core commands:
+  bootstrap                         Create/update and activate a profile with RPC/signer preflight
+  profile list|show|use|export      Manage profiles
+  signer check                      Verify active profile signer backend and account readiness
+  signer keychain list|import|remove
+  policy list|show|upsert           Manage transaction policies
+  rpc check                          Verify RPC connectivity + signer backend health
+
+Tx commands:
+  tx send                            Send a raw EVM transaction with simulation + policy checks + journaling
+  tx status                          Read tx status by idempotency key/hash or list recent
+  tx resume                          Resume waiting for a previously submitted tx
+  tx watch                           Poll journal until tx is confirmed
+
+Automation commands:
+  batch run --file plan.yaml         Run a YAML execution plan (dependency-aware)
+
+Power-user commands:
+  onchain call                       Call any ABI function from --abi-file
+  onchain send                       Send any ABI function as a transaction
+
+Domain namespaces:
+  gotchi, portal, wearables, items, inventory, baazaar, lending, realm, alchemica, forge, token
+  (many write flows are mapped to onchain send aliases; unmatched commands return typed not-implemented)
+
+Global flags:
+  --mode <agent|human>               Agent mode implies --json --yes
+  --json, -j                         Emit JSON envelope output
+  --yes, -y                          Skip prompts (write commands assume explicit flags)
+  --profile NAME                     Select profile globally
+
+Bootstrap flags:
+  --profile NAME                     Profile to create or update (required)
+  --chain base|base-sepolia|<id>     Chain key or numeric chain id (default: base)
+  --rpc-url URL                      RPC endpoint (optional when chain preset exists)
+  --signer readonly|env:VAR|keychain:<id>|ledger[:path|address|bridgeEnv]|remote:<url|address|authEnv>
+  --signer-address 0x...             Optional override for remote/ledger signer address
+  --signer-auth-env-var ENV_VAR      Optional remote signer bearer token env var
+  --signer-bridge-env-var ENV_VAR    Optional ledger bridge command env var name
+  --policy NAME                      Policy label (default: default)
+  --skip-signer-check                Persist signer config without backend validation
+
+Examples:
+  ag bootstrap --mode agent --profile prod --chain base --signer env:AGCLI_PRIVATE_KEY --json
+  AGCLI_KEYCHAIN_PASSPHRASE=... AGCLI_PRIVATE_KEY=0x... ag signer keychain import --account-id bot --private-key-env AGCLI_PRIVATE_KEY --json
+  ag tx send --profile prod --to 0xabc... --value-wei 1000000000000000 --wait --json
+  ag lending create --profile prod --abi-file ./abis/GotchiLendingFacet.json --address 0xabc... --args-json '[...]' --json
+  ag batch run --file ./plan.yaml --json
+`);
+}

package/dist/policy.js

@@ -0,0 +1,38 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.enforcePolicy = enforcePolicy;
+const errors_1 = require("./errors");
+function exceeds(limit, current) {
+    if (!limit || current === undefined) {
+        return false;
+    }
+    return current > BigInt(limit);
+}
+function enforcePolicy(input) {
+    const violations = [];
+    if (input.policy.allowedTo && input.policy.allowedTo.length > 0) {
+        const normalized = input.to.toLowerCase();
+        const allowed = input.policy.allowedTo.map((value) => value.toLowerCase());
+        if (!allowed.includes(normalized)) {
+            violations.push(`to address '${input.to}' is not allowlisted by policy '${input.policy.name}'`);
+        }
+    }
+    if (exceeds(input.policy.maxValueWei, input.valueWei)) {
+        violations.push(`value exceeds maxValueWei (${input.policy.maxValueWei})`);
+    }
+    if (exceeds(input.policy.maxGasLimit, input.gasLimit)) {
+        violations.push(`gas limit exceeds maxGasLimit (${input.policy.maxGasLimit})`);
+    }
+    if (exceeds(input.policy.maxFeePerGasWei, input.maxFeePerGasWei)) {
+        violations.push(`max fee per gas exceeds maxFeePerGasWei (${input.policy.maxFeePerGasWei})`);
+    }
+    if (exceeds(input.policy.maxPriorityFeePerGasWei, input.maxPriorityFeePerGasWei)) {
+        violations.push(`max priority fee per gas exceeds maxPriorityFeePerGasWei (${input.policy.maxPriorityFeePerGasWei})`);
+    }
+    if (violations.length > 0) {
+        throw new errors_1.CliError("POLICY_VIOLATION", "Transaction blocked by policy checks.", 2, {
+            policy: input.policy.name,
+            violations,
+        });
+    }
+}

package/dist/rpc.js

@@ -0,0 +1,40 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createRpcClient = createRpcClient;
+exports.runRpcPreflight = runRpcPreflight;
+const viem_1 = require("viem");
+const chains_1 = require("./chains");
+const errors_1 = require("./errors");
+function createRpcClient(chain, rpcUrl) {
+    const viemChain = (0, chains_1.toViemChain)(chain, rpcUrl);
+    return (0, viem_1.createPublicClient)({
+        chain: viemChain,
+        transport: (0, viem_1.http)(rpcUrl),
+    });
+}
+async function runRpcPreflight(chain, rpcUrl) {
+    const client = createRpcClient(chain, rpcUrl);
+    try {
+        const [chainId, blockNumber] = await Promise.all([client.getChainId(), client.getBlockNumber()]);
+        if (chain.chainId !== chainId) {
+            throw new errors_1.CliError("CHAIN_MISMATCH", "Connected chain does not match requested chain.", 2, {
+                expectedChainId: chain.chainId,
+                actualChainId: chainId,
+            });
+        }
+        return {
+            client,
+            chainId,
+            blockNumber: blockNumber.toString(),
+            chainName: client.chain?.name || chain.key,
+        };
+    }
+    catch (error) {
+        if (error instanceof errors_1.CliError) {
+            throw error;
+        }
+        throw new errors_1.CliError("RPC_UNREACHABLE", "Failed to connect to RPC endpoint.", 2, {
+            rpcUrl,
+        });
+    }
+}

package/dist/schemas.js

@@ -0,0 +1,79 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.batchPlanSchema = exports.batchStepSchema = exports.legacyCliConfigSchema = exports.cliConfigSchema = exports.profileSchema = exports.policySchema = exports.signerSchema = void 0;
+const zod_1 = require("zod");
+const addressSchema = zod_1.z
+    .string()
+    .regex(/^0x[a-fA-F0-9]{40}$/, "Expected an EVM address")
+    .transform((value) => value.toLowerCase());
+exports.signerSchema = zod_1.z.discriminatedUnion("type", [
+    zod_1.z.object({ type: zod_1.z.literal("readonly") }),
+    zod_1.z.object({ type: zod_1.z.literal("env"), envVar: zod_1.z.string().regex(/^[A-Z_][A-Z0-9_]*$/) }),
+    zod_1.z.object({ type: zod_1.z.literal("keychain"), accountId: zod_1.z.string().min(1) }),
+    zod_1.z.object({
+        type: zod_1.z.literal("ledger"),
+        derivationPath: zod_1.z.string().optional(),
+        address: addressSchema.optional(),
+        bridgeCommandEnvVar: zod_1.z.string().regex(/^[A-Z_][A-Z0-9_]*$/).optional(),
+    }),
+    zod_1.z.object({
+        type: zod_1.z.literal("remote"),
+        url: zod_1.z.string().url(),
+        address: addressSchema.optional(),
+        authEnvVar: zod_1.z.string().regex(/^[A-Z_][A-Z0-9_]*$/).optional(),
+    }),
+]);
+exports.policySchema = zod_1.z.object({
+    name: zod_1.z.string().min(1),
+    maxValueWei: zod_1.z.string().regex(/^\d+$/).optional(),
+    maxGasLimit: zod_1.z.string().regex(/^\d+$/).optional(),
+    maxFeePerGasWei: zod_1.z.string().regex(/^\d+$/).optional(),
+    maxPriorityFeePerGasWei: zod_1.z.string().regex(/^\d+$/).optional(),
+    allowedTo: zod_1.z.array(addressSchema).optional(),
+    createdAt: zod_1.z.string().datetime(),
+    updatedAt: zod_1.z.string().datetime(),
+});
+exports.profileSchema = zod_1.z.object({
+    name: zod_1.z.string().min(1),
+    chain: zod_1.z.string().min(1),
+    chainId: zod_1.z.number().int().positive(),
+    rpcUrl: zod_1.z.string().url(),
+    signer: exports.signerSchema,
+    policy: zod_1.z.string().min(1),
+    createdAt: zod_1.z.string().datetime(),
+    updatedAt: zod_1.z.string().datetime(),
+});
+exports.cliConfigSchema = zod_1.z.object({
+    schemaVersion: zod_1.z.literal(2),
+    activeProfile: zod_1.z.string().optional(),
+    profiles: zod_1.z.record(exports.profileSchema),
+    policies: zod_1.z.record(exports.policySchema),
+});
+exports.legacyCliConfigSchema = zod_1.z.object({
+    schemaVersion: zod_1.z.literal(1),
+    activeProfile: zod_1.z.string().optional(),
+    profiles: zod_1.z.record(zod_1.z.object({
+        name: zod_1.z.string(),
+        chain: zod_1.z.string(),
+        chainId: zod_1.z.number(),
+        rpcUrl: zod_1.z.string(),
+        signer: zod_1.z.any(),
+        policy: zod_1.z.string(),
+        createdAt: zod_1.z.string(),
+        updatedAt: zod_1.z.string(),
+    })),
+});
+exports.batchStepSchema = zod_1.z.object({
+    id: zod_1.z.string().min(1),
+    command: zod_1.z.string().min(1),
+    dependsOn: zod_1.z.array(zod_1.z.string()).optional(),
+    args: zod_1.z.record(zod_1.z.union([zod_1.z.string(), zod_1.z.number(), zod_1.z.boolean()])).optional(),
+    continueOnError: zod_1.z.boolean().optional(),
+});
+exports.batchPlanSchema = zod_1.z.object({
+    version: zod_1.z.literal(1),
+    profile: zod_1.z.string().optional(),
+    mode: zod_1.z.enum(["agent", "human"]).optional(),
+    continueOnError: zod_1.z.boolean().optional(),
+    steps: zod_1.z.array(exports.batchStepSchema).min(1),
+});

package/dist/signer.js

@@ -0,0 +1,348 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseSigner = parseSigner;
+exports.resolveSignerRuntime = resolveSignerRuntime;
+const child_process_1 = require("child_process");
+const viem_1 = require("viem");
+const accounts_1 = require("viem/accounts");
+const errors_1 = require("./errors");
+const keychain_1 = require("./keychain");
+const REMOTE_SIGN_ADDRESS_PATH = "/address";
+const REMOTE_SIGN_TX_PATH = "/sign-transaction";
+function parsePrivateKey(value, hint) {
+    if (!/^0x[0-9a-fA-F]{64}$/.test(value)) {
+        throw new errors_1.CliError("INVALID_PRIVATE_KEY", `${hint} is not a valid private key.`, 2);
+    }
+    return value;
+}
+function ensureAddress(value, hint) {
+    if (!value || !/^0x[a-fA-F0-9]{40}$/.test(value)) {
+        throw new errors_1.CliError("INVALID_ARGUMENT", `${hint} must be a valid EVM address.`, 2, {
+            value,
+        });
+    }
+    return value.toLowerCase();
+}
+function parseTxHash(value) {
+    if (typeof value === "string" && /^0x[a-fA-F0-9]{64}$/.test(value)) {
+        return value;
+    }
+    return undefined;
+}
+function parseRawTx(value) {
+    if (typeof value === "string" && /^0x[a-fA-F0-9]+$/.test(value)) {
+        return value;
+    }
+    return undefined;
+}
+function addDefaultPaths(url, pathSuffix) {
+    return `${url.replace(/\/+$/, "")}${pathSuffix}`;
+}
+async function fetchJson(url, init) {
+    let response;
+    try {
+        response = await fetch(url, init);
+    }
+    catch (error) {
+        throw new errors_1.CliError("REMOTE_SIGNER_UNREACHABLE", "Failed to connect to remote signer service.", 2, {
+            url,
+            message: error instanceof Error ? error.message : String(error),
+        });
+    }
+    if (!response.ok) {
+        throw new errors_1.CliError("REMOTE_SIGNER_HTTP_ERROR", `Remote signer responded with HTTP ${response.status}.`, 2, {
+            url,
+            status: response.status,
+        });
+    }
+    try {
+        return (await response.json());
+    }
+    catch {
+        throw new errors_1.CliError("REMOTE_SIGNER_PROTOCOL_ERROR", "Remote signer did not return valid JSON.", 2, {
+            url,
+        });
+    }
+}
+function buildRemoteHeaders(signer) {
+    const headers = {
+        "content-type": "application/json",
+    };
+    if (signer.authEnvVar) {
+        const token = process.env[signer.authEnvVar];
+        if (!token) {
+            throw new errors_1.CliError("MISSING_SIGNER_SECRET", `Missing environment variable '${signer.authEnvVar}'.`, 2);
+        }
+        headers.authorization = `Bearer ${token}`;
+    }
+    return headers;
+}
+async function resolveRemoteAddress(signer, headers) {
+    if (signer.address) {
+        return ensureAddress(signer.address, "remote signer address");
+    }
+    const response = (await fetchJson(addDefaultPaths(signer.url, REMOTE_SIGN_ADDRESS_PATH), {
+        method: "GET",
+        headers,
+    }));
+    return ensureAddress(response.address, "remote signer address response");
+}
+function runLedgerBridge(bridgeCommand, payload) {
+    const result = (0, child_process_1.spawnSync)(bridgeCommand, {
+        shell: true,
+        encoding: "utf8",
+        input: JSON.stringify(payload),
+    });
+    if (result.error) {
+        throw new errors_1.CliError("LEDGER_BRIDGE_FAILED", "Ledger bridge execution failed.", 2, {
+            message: result.error.message,
+        });
+    }
+    if (result.status !== 0) {
+        throw new errors_1.CliError("LEDGER_BRIDGE_FAILED", "Ledger bridge returned non-zero exit code.", 2, {
+            status: result.status,
+            stderr: result.stderr,
+        });
+    }
+    const stdout = result.stdout.trim();
+    if (!stdout) {
+        throw new errors_1.CliError("LEDGER_BRIDGE_FAILED", "Ledger bridge returned empty output.", 2);
+    }
+    try {
+        return JSON.parse(stdout);
+    }
+    catch {
+        throw new errors_1.CliError("LEDGER_BRIDGE_FAILED", "Ledger bridge output was not valid JSON.", 2, {
+            stdout,
+        });
+    }
+}
+async function resolveBalanceSummary(signerType, publicClient, address) {
+    const [nonce, balance] = await Promise.all([
+        publicClient.getTransactionCount({ address, blockTag: "pending" }),
+        publicClient.getBalance({ address }),
+    ]);
+    return {
+        signerType,
+        address,
+        nonce,
+        balanceWei: balance.toString(),
+        canSign: true,
+        backendStatus: "ready",
+    };
+}
+function parseSignerRemoteSpec(value) {
+    const body = value.slice("remote:".length).trim();
+    const [urlPart, addressPart, authPart] = body.split("|").map((entry) => entry.trim());
+    if (!/^https?:\/\//i.test(urlPart || "")) {
+        throw new errors_1.CliError("INVALID_SIGNER_SPEC", `Invalid remote signer format '${value}'.`, 2);
+    }
+    const signer = {
+        type: "remote",
+        url: urlPart,
+    };
+    if (addressPart) {
+        signer.address = ensureAddress(addressPart, "remote signer address");
+    }
+    if (authPart) {
+        if (!/^[A-Z_][A-Z0-9_]*$/.test(authPart)) {
+            throw new errors_1.CliError("INVALID_SIGNER_SPEC", `Invalid remote signer auth env var in '${value}'.`, 2);
+        }
+        signer.authEnvVar = authPart;
+    }
+    return signer;
+}
+function parseSignerLedgerSpec(value) {
+    if (value === "ledger") {
+        return { type: "ledger" };
+    }
+    const body = value.slice("ledger:".length);
+    const [derivationPath, addressPart, bridgeEnvPart] = body.split("|").map((entry) => entry.trim());
+    const signer = {
+        type: "ledger",
+    };
+    if (derivationPath) {
+        signer.derivationPath = derivationPath;
+    }
+    if (addressPart) {
+        signer.address = ensureAddress(addressPart, "ledger signer address");
+    }
+    if (bridgeEnvPart) {
+        if (!/^[A-Z_][A-Z0-9_]*$/.test(bridgeEnvPart)) {
+            throw new errors_1.CliError("INVALID_SIGNER_SPEC", `Invalid ledger bridge env var in '${value}'.`, 2);
+        }
+        signer.bridgeCommandEnvVar = bridgeEnvPart;
+    }
+    return signer;
+}
+function parseSigner(value) {
+    if (!value || value === "readonly") {
+        return { type: "readonly" };
+    }
+    if (value.startsWith("env:")) {
+        const envVar = value.slice(4);
+        if (!/^[A-Z_][A-Z0-9_]*$/.test(envVar)) {
+            throw new errors_1.CliError("INVALID_SIGNER_SPEC", `Invalid env signer format '${value}'.`, 2);
+        }
+        return {
+            type: "env",
+            envVar,
+        };
+    }
+    if (value.startsWith("keychain:")) {
+        const accountId = value.slice("keychain:".length).trim();
+        if (!accountId) {
+            throw new errors_1.CliError("INVALID_SIGNER_SPEC", `Invalid keychain signer format '${value}'.`, 2);
+        }
+        return {
+            type: "keychain",
+            accountId,
+        };
+    }
+    if (value === "ledger" || value.startsWith("ledger:")) {
+        return parseSignerLedgerSpec(value);
+    }
+    if (value.startsWith("remote:")) {
+        return parseSignerRemoteSpec(value);
+    }
+    throw new errors_1.CliError("INVALID_SIGNER_SPEC", `Unsupported signer '${value}'. Use readonly, env:<ENV_VAR>, keychain:<id>, ledger[:path|address|bridgeEnv], or remote:<url|address|authEnv>.`, 2);
+}
+async function resolveSignerRuntime(signer, publicClient, rpcUrl, chain, customHome) {
+    if (signer.type === "readonly") {
+        return {
+            summary: {
+                signerType: "readonly",
+                canSign: false,
+                backendStatus: "ready",
+            },
+        };
+    }
+    if (signer.type === "env") {
+        const privateKeyRaw = process.env[signer.envVar];
+        if (!privateKeyRaw) {
+            throw new errors_1.CliError("MISSING_SIGNER_SECRET", `Missing environment variable '${signer.envVar}'.`, 2);
+        }
+        const privateKey = parsePrivateKey(privateKeyRaw, `Environment variable '${signer.envVar}'`);
+        const account = (0, accounts_1.privateKeyToAccount)(privateKey);
+        const walletClient = (0, viem_1.createWalletClient)({
+            account,
+            chain,
+            transport: (0, viem_1.http)(rpcUrl),
+        });
+        const summary = await resolveBalanceSummary("env", publicClient, account.address);
+        return {
+            summary,
+            sendTransaction: async (request) => walletClient.sendTransaction({
+                account,
+                chain: request.chain,
+                to: request.to,
+                data: request.data,
+                value: request.value,
+                gas: request.gas,
+                nonce: request.nonce,
+                ...(request.maxFeePerGas ? { maxFeePerGas: request.maxFeePerGas } : {}),
+                ...(request.maxPriorityFeePerGas ? { maxPriorityFeePerGas: request.maxPriorityFeePerGas } : {}),
+            }),
+        };
+    }
+    if (signer.type === "keychain") {
+        const resolved = (0, keychain_1.keychainResolvePrivateKey)(signer.accountId, customHome);
+        const account = (0, accounts_1.privateKeyToAccount)(resolved.privateKey);
+        const walletClient = (0, viem_1.createWalletClient)({
+            account,
+            chain,
+            transport: (0, viem_1.http)(rpcUrl),
+        });
+        const summary = await resolveBalanceSummary("keychain", publicClient, account.address);
+        return {
+            summary,
+            sendTransaction: async (request) => walletClient.sendTransaction({
+                account,
+                chain: request.chain,
+                to: request.to,
+                data: request.data,
+                value: request.value,
+                gas: request.gas,
+                nonce: request.nonce,
+                ...(request.maxFeePerGas ? { maxFeePerGas: request.maxFeePerGas } : {}),
+                ...(request.maxPriorityFeePerGas ? { maxPriorityFeePerGas: request.maxPriorityFeePerGas } : {}),
+            }),
+        };
+    }
+    if (signer.type === "remote") {
+        const headers = buildRemoteHeaders(signer);
+        const address = await resolveRemoteAddress(signer, headers);
+        const summary = await resolveBalanceSummary("remote", publicClient, address);
+        return {
+            summary,
+            sendTransaction: async (request) => {
+                const payload = {
+                    chainId: request.chain.id,
+                    tx: {
+                        to: request.to,
+                        data: request.data,
+                        valueWei: request.value?.toString() || "0",
+                        gas: request.gas.toString(),
+                        nonce: request.nonce,
+                        maxFeePerGasWei: request.maxFeePerGas?.toString(),
+                        maxPriorityFeePerGasWei: request.maxPriorityFeePerGas?.toString(),
+                    },
+                };
+                const response = (await fetchJson(addDefaultPaths(signer.url, REMOTE_SIGN_TX_PATH), {
+                    method: "POST",
+                    headers,
+                    body: JSON.stringify(payload),
+                }));
+                const txHash = parseTxHash(response.txHash);
+                if (txHash) {
+                    return txHash;
+                }
+                const rawTransaction = parseRawTx(response.rawTransaction) || parseRawTx(response.signedTransaction);
+                if (rawTransaction) {
+                    return publicClient.sendRawTransaction({
+                        serializedTransaction: rawTransaction,
+                    });
+                }
+                throw new errors_1.CliError("REMOTE_SIGNER_PROTOCOL_ERROR", "Remote signer response missing txHash/rawTransaction.", 2);
+            },
+        };
+    }
+    const bridgeEnvVar = signer.bridgeCommandEnvVar || "AGCLI_LEDGER_BRIDGE_CMD";
+    const bridgeCommand = process.env[bridgeEnvVar];
+    if (!bridgeCommand) {
+        throw new errors_1.CliError("SIGNER_BACKEND_UNAVAILABLE", `Set ${bridgeEnvVar} for ledger signer bridge command.`, 2);
+    }
+    const ledgerAddress = ensureAddress(signer.address || process.env.AGCLI_LEDGER_ADDRESS, "ledger signer address");
+    const summary = await resolveBalanceSummary("ledger", publicClient, ledgerAddress);
+    return {
+        summary,
+        sendTransaction: async (request) => {
+            const payload = {
+                chainId: request.chain.id,
+                derivationPath: signer.derivationPath,
+                from: ledgerAddress,
+                tx: {
+                    to: request.to,
+                    data: request.data,
+                    valueWei: request.value?.toString() || "0",
+                    gas: request.gas.toString(),
+                    nonce: request.nonce,
+                    maxFeePerGasWei: request.maxFeePerGas?.toString(),
+                    maxPriorityFeePerGasWei: request.maxPriorityFeePerGas?.toString(),
+                },
+            };
+            const response = runLedgerBridge(bridgeCommand, payload);
+            const txHash = parseTxHash(response.txHash);
+            if (txHash) {
+                return txHash;
+            }
+            const rawTransaction = parseRawTx(response.rawTransaction) || parseRawTx(response.signedTransaction);
+            if (rawTransaction) {
+                return publicClient.sendRawTransaction({
+                    serializedTransaction: rawTransaction,
+                });
+            }
+            throw new errors_1.CliError("LEDGER_BRIDGE_FAILED", "Ledger bridge output missing txHash/rawTransaction.", 2);
+        },
+    };
+}