aport-cli 0.2.0 → 0.3.0

package/dist/cli.js

@@ -2,24 +2,23 @@
 /**
  * aport — A-port command-line client for AI agents.
  *
- * A thin HTTP client over the A-port API. Agents create an identity, then
- * publish, search, buy, and subscribe — all from the terminal.
+ * Multiple identities on one machine:
+ *   aport keygen creator                # create a named identity
+ *   aport keygen fan
+ *   aport accounts                      # list identities, show active
+ *   aport use creator                   # switch active account
+ *   export APORT_ACCOUNT=fan            # bind an account to a shell/Hermes session
+ *   aport --account fan publish ...     # per-command override
  *
- *   npx aport-cli keygen                       # create your identity (address)
- *   npx aport-cli search "btc on-chain flows"  # read (no identity needed)
- *   npx aport-cli publish --ns "<addr>.topic.test" --desc "..." --price 5 --file ./c.txt
- *   npx aport-cli buy --id <uuid>
- *   npx aport-cli subscribe --ns "crypto_sentinel.event.flashcrash"
- *
- * Writes (publish/buy) are signed with your key in ~/.aport/key.
- * Target API base URL: --url, or APORT_API_URL, or the hosted default.
+ * Then: search / publish / buy / subscribe over the signed HTTP API.
+ * Target API: --url, or APORT_API_URL, or the hosted default.
  */
 import { readFile } from "node:fs/promises";
 import { Command } from "commander";
-import { generate, keyExists, keyPath, load, signRequest } from "./identity.js";
+import { accountExists, addressForName, generate, getActiveName, keyPath, listAccountNames, load, setActive, signRequest, } from "./identity.js";
 const DEFAULT_API_URL = "https://a-port.vercel.app";
 /* --------------------------------------------------------------------------- */
-/* tiny ANSI helpers (no dependency)                                           */
+/* tiny ANSI helpers                                                           */
 /* --------------------------------------------------------------------------- */
 const useColor = process.stdout.isTTY;
 const paint = (code, s) => (useColor ? `\x1b[${code}m${s}\x1b[0m` : s);
@@ -35,6 +34,17 @@ function baseUrl(opts) {
     const url = opts.url ?? process.env.APORT_API_URL ?? DEFAULT_API_URL;
     return url.replace(/\/+$/, "");
 }
+/** Load the identity for this command, or print an error + exit. */
+function loadOrExit(g) {
+    try {
+        return load(g.account);
+    }
+    catch (err) {
+        console.error(red(err instanceof Error ? err.message : String(err)));
+        process.exitCode = 1;
+        return null;
+    }
+}
 async function fetchJson(url, init) {
     let res;
     try {
@@ -60,16 +70,8 @@ function errorMessage(json, fallback) {
     }
     return fallback;
 }
-function requireKey() {
-    if (keyExists())
-        return true;
-    console.error(red("no identity found — run `aport keygen` first"));
-    process.exitCode = 1;
-    return false;
-}
-/** POST a signed JSON request. Returns the parsed response. */
-async function signedPost(g, path, bodyObject) {
-    const id = await load();
+/** POST a signed JSON request as the given identity. */
+async function signedPost(g, id, path, bodyObject) {
     const body = JSON.stringify(bodyObject);
     const headers = {
         "Content-Type": "application/json",
@@ -92,14 +94,14 @@ function renderTable(rows) {
         console.log(row(cols.map((c) => c.get(r))));
 }
 /* --------------------------------------------------------------------------- */
-/* SSE subscription (manual parse over fetch — Node has no global EventSource) */
+/* SSE subscription                                                            */
 /* --------------------------------------------------------------------------- */
 function handleSseFrame(frame, ns) {
     let event = "message";
     const dataLines = [];
     for (const line of frame.split("\n")) {
         if (line.startsWith(":"))
-            continue; // keep-alive comment
+            continue;
         if (line.startsWith("event:"))
             event = line.slice(6).trim();
         else if (line.startsWith("data:"))
@@ -118,7 +120,7 @@ function handleSseFrame(frame, ns) {
         rendered = JSON.stringify(JSON.parse(data), null, 2);
     }
     catch {
-        /* not JSON — print raw */
+        /* not JSON */
     }
     console.log(green(`[${ts}] ▶ ${event.toUpperCase()} @ ${ns}`));
     console.log(rendered);
@@ -146,10 +148,9 @@ async function streamSse(url, ns) {
         buffer += decoder.decode(value, { stream: true });
         const frames = buffer.split("\n\n");
         buffer = frames.pop() ?? "";
-        for (const frame of frames) {
+        for (const frame of frames)
             if (frame.trim())
                 handleSseFrame(frame, ns);
-        }
     }
     console.log(dim("-- stream ended --"));
 }
@@ -159,36 +160,69 @@ async function streamSse(url, ns) {
 const program = new Command();
 program
     .name("aport")
-    .description("A-port CLI — identity, publish, search, buy, and subscribe as an AI agent.")
-    .version("0.2.0")
-    .option("-u, --url <url>", "API base URL (default APORT_API_URL or the hosted A-port)");
+    .description("A-port CLI — multi-account identity, publish, search, buy, subscribe.")
+    .version("0.3.0")
+    .option("-u, --url <url>", "API base URL (default APORT_API_URL or the hosted A-port)")
+    .option("--account <name>", "use this account (overrides $APORT_ACCOUNT / active)");
+/* ---- identity / accounts ---- */
 program
     .command("keygen")
-    .description("Create a local agent identity (keypair) and print your address.")
-    .option("--force", "overwrite an existing key (this changes your address!)")
-    .action(async (opts) => {
-    if (keyExists() && !opts.force) {
-        const id = await load();
-        console.error(red("identity already exists: ") + cyan(id.address));
-        console.error(dim(`  ${keyPath()} — pass --force to overwrite (you will lose this address)`));
+    .description("Create a local agent identity (keypair) and print its address.")
+    .argument("[name]", "account name", "default")
+    .option("--force", "overwrite an existing account (you lose its address)")
+    .action((name, opts) => {
+    if (accountExists(name) && !opts.force) {
+        console.error(red(`account "${name}" already exists: `) + cyan(addressForName(name)));
+        console.error(dim(`  ${keyPath(name)} — use --force to overwrite`));
         process.exitCode = 1;
         return;
     }
-    const id = await generate();
-    console.log(green("✓ new identity created"));
+    const id = generate(name);
+    console.log(green(`✓ identity "${id.name}" created`));
     console.log(`  address: ${cyan(id.address)}`);
-    console.log(`  saved:   ${keyPath()}  (chmod 600)`);
-    console.log(dim("  back up this file — it IS your identity and your authorship."));
+    console.log(`  saved:   ${keyPath(name)}  (chmod 600 — back this up!)`);
+    if (getActiveName() === name)
+        console.log(dim("  (now the active account)"));
 });
 program
-    .command("whoami")
-    .description("Print your agent address.")
-    .action(async () => {
-    if (!requireKey())
+    .command("accounts")
+    .description("List local identities and show the active one.")
+    .action(() => {
+    const names = listAccountNames();
+    if (names.length === 0) {
+        console.log(dim("no accounts — run `aport keygen`"));
         return;
-    const id = await load();
-    console.log(id.address);
+    }
+    const active = getActiveName();
+    for (const n of names) {
+        const marker = n === active ? green(" * ") : "   ";
+        console.log(`${marker}${n.padEnd(16)} ${dim(addressForName(n))}`);
+    }
 });
+program
+    .command("use")
+    .description("Switch the active account.")
+    .argument("<name>", "account name")
+    .action((name) => {
+    try {
+        setActive(name);
+    }
+    catch (err) {
+        console.error(red(err instanceof Error ? err.message : String(err)));
+        process.exitCode = 1;
+        return;
+    }
+    console.log(green(`✓ active account → ${name}`) + dim(`  ${addressForName(name)}`));
+});
+program
+    .command("whoami")
+    .description("Print the active account's address.")
+    .action((_opts, command) => {
+    const id = loadOrExit(command.optsWithGlobals());
+    if (id)
+        console.log(id.address);
+});
+/* ---- marketplace ---- */
 program
     .command("publish")
     .description("Publish an article from a file under your namespace (signed).")
@@ -197,9 +231,10 @@ program
     .requiredOption("--file <path>", "path to the content file")
     .option("--price <usd>", "price in USD", "0")
     .action(async (opts, command) => {
-    if (!requireKey())
-        return;
     const g = command.optsWithGlobals();
+    const id = loadOrExit(g);
+    if (!id)
+        return;
     let body;
     try {
         body = await readFile(opts.file, "utf8");
@@ -209,7 +244,7 @@ program
         process.exitCode = 1;
         return;
     }
-    const { res, json } = await signedPost(g, "/api/articles/publish", {
+    const { res, json } = await signedPost(g, id, "/api/articles/publish", {
         namespace: opts.ns,
         description: opts.desc,
         body,
@@ -221,9 +256,8 @@ program
         return;
     }
     const data = json;
-    console.log(green("✓ published"));
+    console.log(green(`✓ published as ${id.name}`));
     console.log(`  namespace : ${cyan(data.namespace)}`);
-    console.log(`  author    : ${data.author}`);
     console.log(`  article_id: ${data.id}`);
     console.log(`  price     : $${Number(opts.price).toFixed(2)}  (${body.length} bytes)`);
 });
@@ -253,10 +287,11 @@ program
     .description("Buy an article and print the decrypted content (signed).")
     .requiredOption("--id <uuid>", "article id to buy")
     .action(async (opts, command) => {
-    if (!requireKey())
-        return;
     const g = command.optsWithGlobals();
-    const { res, json } = await signedPost(g, "/api/payment/checkout", {
+    const id = loadOrExit(g);
+    if (!id)
+        return;
+    const { res, json } = await signedPost(g, id, "/api/payment/checkout", {
         articleId: opts.id,
     });
     if (!res.ok) {
@@ -265,12 +300,10 @@ program
         return;
     }
     const data = json;
-    const me = await load();
     console.log(green(data.alreadyOwned ? "✓ already owned — access granted" : "✓ payment confirmed"));
-    console.log(`  buyer     : ${me.address}`);
+    console.log(`  buyer     : ${id.name} (${id.address})`);
     console.log(`  namespace : ${cyan(data.namespace ?? "(none)")}`);
     console.log(`  paid      : $${Number(data.pricePaidUsd).toFixed(2)}`);
-    console.log(`  purchase  : ${data.purchaseId}`);
     console.log(dim("\n──────── DECRYPTED CONTENT ────────"));
     console.log(data.content);
     console.log(dim("───────────────────────────────────"));
@@ -281,8 +314,7 @@ program
     .requiredOption("--ns <namespace>", "namespace to listen on")
     .action(async (opts, command) => {
     const g = command.optsWithGlobals();
-    const url = `${baseUrl(g)}/api/events/listen?ns=${encodeURIComponent(opts.ns)}`;
-    await streamSse(url, opts.ns);
+    await streamSse(`${baseUrl(g)}/api/events/listen?ns=${encodeURIComponent(opts.ns)}`, opts.ns);
 });
 program.parseAsync(process.argv).catch((err) => {
     console.error(red(err instanceof Error ? err.message : String(err)));

package/dist/identity.js

@@ -1,18 +1,21 @@
 /**
- * Agent identity — ed25519 keypair stored locally, address derived from pubkey.
+ * Agent identity — multiple named ed25519 keypairs, switchable.
  *
- *   address = "aport1" + base58( sha256(pubkey)[0..20] )
+ *   ~/.aport/accounts/<name>.key   one PEM key per account
+ *   ~/.aport/active                name of the active account
+ *   ~/.aport/key                   legacy single key (auto-adopted as "default")
  *
- * No blockchain, no registration: the key IS the identity. Each write request
- * is signed; the server verifies the signature and derives the same address.
+ * Which account a command uses:  --account <name>  >  $APORT_ACCOUNT  >  active.
+ * address = "aport1" + base58( sha256(pubkey)[0..20] ).
  */
 import { createHash, createPrivateKey, createPublicKey, generateKeyPairSync, randomBytes, sign, } from "node:crypto";
-import { existsSync } from "node:fs";
-import { chmod, mkdir, readFile, writeFile } from "node:fs/promises";
+import { chmodSync, copyFileSync, existsSync, mkdirSync, readFileSync, readdirSync, writeFileSync, } from "node:fs";
 import { homedir } from "node:os";
 import { join } from "node:path";
 const DIR = join(homedir(), ".aport");
-const KEY_PATH = join(DIR, "key");
+const ACCOUNTS_DIR = join(DIR, "accounts");
+const ACTIVE_FILE = join(DIR, "active");
+const LEGACY_KEY = join(DIR, "key");
 const B58 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
 export function base58(buf) {
     let x = BigInt("0x" + (buf.toString("hex") || "0"));
@@ -37,31 +40,94 @@ export function addressFromRaw(rawPub) {
     const h = createHash("sha256").update(rawPub).digest();
     return "aport1" + base58(h.subarray(0, 20));
 }
-export function keyPath() {
-    return KEY_PATH;
+function keyPathForName(name) {
+    return join(ACCOUNTS_DIR, `${name}.key`);
 }
-export function keyExists() {
-    return existsSync(KEY_PATH);
+export function keyPath(name) {
+    return keyPathForName(name);
 }
-export async function generate() {
-    const { privateKey } = generateKeyPairSync("ed25519");
-    await mkdir(DIR, { recursive: true });
-    const pem = privateKey.export({ format: "pem", type: "pkcs8" });
-    await writeFile(KEY_PATH, pem, { mode: 0o600 });
-    await chmod(KEY_PATH, 0o600);
-    const raw = rawPublicKey(createPublicKey(privateKey));
-    return { privateKey, publicKeyRaw: raw, address: addressFromRaw(raw) };
+/** One-time: adopt a legacy ~/.aport/key as account "default". */
+function bootstrap() {
+    if (existsSync(LEGACY_KEY) && !existsSync(keyPathForName("default"))) {
+        mkdirSync(ACCOUNTS_DIR, { recursive: true });
+        copyFileSync(LEGACY_KEY, keyPathForName("default"));
+        chmodSync(keyPathForName("default"), 0o600);
+        if (!existsSync(ACTIVE_FILE))
+            writeFileSync(ACTIVE_FILE, "default\n");
+    }
+}
+export function listAccountNames() {
+    bootstrap();
+    if (!existsSync(ACCOUNTS_DIR))
+        return [];
+    return readdirSync(ACCOUNTS_DIR)
+        .filter((f) => f.endsWith(".key"))
+        .map((f) => f.slice(0, -4))
+        .sort();
+}
+export function accountExists(name) {
+    return existsSync(keyPathForName(name));
+}
+export function getActiveName() {
+    if (existsSync(ACTIVE_FILE)) {
+        const n = readFileSync(ACTIVE_FILE, "utf8").trim();
+        if (n)
+            return n;
+    }
+    return null;
+}
+export function setActive(name) {
+    if (!accountExists(name))
+        throw new Error(`account "${name}" not found`);
+    mkdirSync(DIR, { recursive: true });
+    writeFileSync(ACTIVE_FILE, name + "\n");
 }
-export async function load() {
-    const pem = await readFile(KEY_PATH, "utf8");
+/** Resolve which account name to use. */
+export function resolveAccountName(explicit) {
+    bootstrap();
+    return (explicit ??
+        (process.env.APORT_ACCOUNT || undefined) ??
+        getActiveName() ??
+        (accountExists("default") ? "default" : null));
+}
+function loadFromPath(path, name) {
+    const pem = readFileSync(path, "utf8");
     const privateKey = createPrivateKey(pem);
     const raw = rawPublicKey(createPublicKey(privateKey));
-    return { privateKey, publicKeyRaw: raw, address: addressFromRaw(raw) };
+    return { name, privateKey, publicKeyRaw: raw, address: addressFromRaw(raw) };
+}
+export function addressForName(name) {
+    return loadFromPath(keyPathForName(name), name).address;
+}
+/** Load the identity for a command (respects --account / env / active). */
+export function load(explicit) {
+    const name = resolveAccountName(explicit);
+    if (!name) {
+        throw new Error("no identity — run `aport keygen` (or `aport keygen --account <name>`)");
+    }
+    if (!accountExists(name)) {
+        throw new Error(`account "${name}" not found — run \`aport keygen --account ${name}\``);
+    }
+    return loadFromPath(keyPathForName(name), name);
+}
+/** Create a new named identity. Returns it. */
+export function generate(name) {
+    bootstrap();
+    mkdirSync(ACCOUNTS_DIR, { recursive: true });
+    const { privateKey } = generateKeyPairSync("ed25519");
+    const path = keyPathForName(name);
+    writeFileSync(path, privateKey.export({ type: "pkcs8", format: "pem" }), {
+        mode: 0o600,
+    });
+    chmodSync(path, 0o600);
+    if (!getActiveName())
+        setActive(name); // first account becomes active
+    return loadFromPath(path, name);
 }
 export function canonical(method, path, bodyHashHex, ts, nonce) {
     return ["APORT-AUTH-v1", method.toUpperCase(), path, bodyHashHex, ts, nonce].join("\n");
 }
-/** Build the signed auth headers for a request (method + path + body). */
+/** Build the signed auth headers for a request. */
 export function signRequest(id, method, path, body) {
     const ts = Date.now().toString();
     const nonce = randomBytes(16).toString("hex");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "aport-cli",
-  "version": "0.2.0",
+  "version": "0.3.0",
   "description": "A-port CLI — publish, search, buy, and subscribe to the A-port knowledge marketplace for AI agents.",
   "type": "module",
   "bin": {