npm - auramaxx - Versions diffs - 1.0.0-alpha.4 - Mend

auramaxx 1.0.0-alpha.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (363) hide show

package/LICENSE +26 -0
package/README.md +112 -0
package/bin/aurawallet.js +121 -0
package/docs/ADAPTERS.md +467 -0
package/docs/API.md +2679 -0
package/docs/APPS.md +198 -0
package/docs/ARCHITECTURE.md +350 -0
package/docs/AUTH.md +698 -0
package/docs/BEST-PRACTICES.md +121 -0
package/docs/CLI.md +61 -0
package/docs/DEVELOPING-APPS.md +452 -0
package/docs/EXTENSION.md +97 -0
package/docs/JOBS.md +33 -0
package/docs/MCP.md +76 -0
package/docs/PROTOCOL.md +142 -0
package/docs/SETUP.md +219 -0
package/docs/WORKSPACE.md +672 -0
package/docs/agent-auth.md +63 -0
package/docs/aura-file.md +48 -0
package/docs/credentials.md +53 -0
package/docs/external/getting-started.md +65 -0
package/docs/external/overview.md +45 -0
package/docs/external/use-cases.md +48 -0
package/docs/external/why-aura.md +35 -0
package/docs/jobs/connect-agent.md +77 -0
package/docs/jobs/migrate-from-dotenv.md +79 -0
package/docs/jobs/recover-from-lockout.md +72 -0
package/docs/jobs/secure-ci.md +63 -0
package/docs/oauth2.md +42 -0
package/docs/passkeys.md +60 -0
package/docs/security.md +540 -0
package/docs/specs/aura-open-protocol.md +61 -0
package/docs/specs/aura-provider-plugin.md +24 -0
package/docs/specs/aura-registry-model.md +31 -0
package/docs/specs/fixtures/invalid-bad-key.aura +1 -0
package/docs/specs/fixtures/invalid-bad-unicode-escape.aura +1 -0
package/docs/specs/fixtures/invalid-duplicate-key.aura +2 -0
package/docs/specs/fixtures/valid-basic.aura +4 -0
package/docs/specs/fixtures/valid-provider-ref.aura +1 -0
package/docs/specs/fixtures/valid-quoted-escapes.aura +2 -0
package/docs/templates/RELEASE_NOTES_TEMPLATE.md +22 -0
package/docs/totp.md +40 -0
package/docs/wallet/AI.md +508 -0
package/docs/wallet/DEVELOPING-STRATEGIES.md +713 -0
package/docs/wallet/README.md +47 -0
package/docs/wallet/STRATEGY.md +89 -0
package/next.config.ts +21 -0
package/package.json +151 -0
package/postcss.config.mjs +8 -0
package/prisma/migrations/20260214170000_baseline/migration.sql +511 -0
package/prisma/migrations/20260216214537_add_passkey_model/migration.sql +18 -0
package/prisma/migrations/20260217150500_add_credential_access_audit/migration.sql +31 -0
package/prisma/migrations/migration_lock.toml +3 -0
package/prisma/schema.prisma +447 -0
package/public/logo-chevron.svg +31 -0
package/public/logo-concentric.svg +31 -0
package/public/logo-crosshatch.svg +39 -0
package/public/logo-dashed.svg +39 -0
package/public/logo-horizontal.svg +31 -0
package/public/logo-m56.svg +64 -0
package/public/logo.webp +0 -0
package/scripts/add-app.js +245 -0
package/scripts/init.sh +57 -0
package/scripts/migrate-apikeys-to-credentials.ts +35 -0
package/scripts/sandbox-agent-flow.sh +235 -0
package/scripts/sandbox.sh +175 -0
package/scripts/validate-job-docs.mjs +125 -0
package/server/abi/SwapHelper.json +438 -0
package/server/cli/approval.ts +447 -0
package/server/cli/commands/app.ts +204 -0
package/server/cli/commands/cron.ts +24 -0
package/server/cli/commands/doctor.ts +1007 -0
package/server/cli/commands/env.ts +456 -0
package/server/cli/commands/init.ts +752 -0
package/server/cli/commands/mcp.ts +125 -0
package/server/cli/commands/restore.ts +314 -0
package/server/cli/commands/shell-hook.ts +468 -0
package/server/cli/commands/start.ts +62 -0
package/server/cli/commands/status.ts +59 -0
package/server/cli/commands/stop.ts +14 -0
package/server/cli/commands/token.ts +180 -0
package/server/cli/commands/unlock.ts +49 -0
package/server/cli/commands/vault.ts +417 -0
package/server/cli/index.ts +328 -0
package/server/cli/lib/aura-parser.ts +64 -0
package/server/cli/lib/credential-create.ts +74 -0
package/server/cli/lib/credential-resolve.ts +254 -0
package/server/cli/lib/dotenv-migrate.ts +116 -0
package/server/cli/lib/dotenv-parser.ts +146 -0
package/server/cli/lib/http.ts +91 -0
package/server/cli/lib/init-steps.ts +76 -0
package/server/cli/lib/local-agent-trust.ts +45 -0
package/server/cli/lib/process.ts +136 -0
package/server/cli/lib/prompt.ts +85 -0
package/server/cli/lib/theme.ts +240 -0
package/server/cli/socket.ts +570 -0
package/server/cli/transport-client.ts +50 -0
package/server/cron/index.ts +137 -0
package/server/cron/job.ts +31 -0
package/server/cron/jobs/balance-sync.ts +436 -0
package/server/cron/jobs/incoming-scan.ts +506 -0
package/server/cron/jobs/native-price.ts +70 -0
package/server/cron/jobs/orphan-cleanup.ts +40 -0
package/server/cron/jobs/strategy-runner.ts +175 -0
package/server/cron/scheduler.ts +125 -0
package/server/index.ts +406 -0
package/server/lib/adapters/factory.ts +110 -0
package/server/lib/adapters/index.ts +19 -0
package/server/lib/adapters/router.ts +297 -0
package/server/lib/adapters/telegram.ts +645 -0
package/server/lib/adapters/types.ts +89 -0
package/server/lib/adapters/webhook.ts +95 -0
package/server/lib/address.ts +49 -0
package/server/lib/agent-auth/contracts.ts +1194 -0
package/server/lib/agent-profiles.ts +328 -0
package/server/lib/ai.ts +285 -0
package/server/lib/api-registry/contracts.ts +86 -0
package/server/lib/api-registry/validation.ts +172 -0
package/server/lib/apikey-migration.ts +189 -0
package/server/lib/app-installer.ts +505 -0
package/server/lib/app-tokens.ts +247 -0
package/server/lib/auth.ts +314 -0
package/server/lib/batch.ts +242 -0
package/server/lib/cold.ts +874 -0
package/server/lib/config.ts +381 -0
package/server/lib/credential-access-audit.ts +85 -0
package/server/lib/credential-access-policy.ts +110 -0
package/server/lib/credential-health.ts +343 -0
package/server/lib/credential-import.ts +487 -0
package/server/lib/credential-scope.ts +87 -0
package/server/lib/credential-shares.ts +190 -0
package/server/lib/credential-transport.ts +342 -0
package/server/lib/credential-vault.ts +77 -0
package/server/lib/credentials.ts +333 -0
package/server/lib/crypto.ts +8 -0
package/server/lib/db.ts +15 -0
package/server/lib/defaults.ts +366 -0
package/server/lib/dex/index.ts +80 -0
package/server/lib/dex/relay.ts +235 -0
package/server/lib/dex/types.ts +59 -0
package/server/lib/dex/uniswap.ts +370 -0
package/server/lib/e2e-agent/artifacts.ts +36 -0
package/server/lib/e2e-agent/contracts.ts +112 -0
package/server/lib/e2e-agent/validation.ts +135 -0
package/server/lib/encrypt.ts +128 -0
package/server/lib/error.ts +20 -0
package/server/lib/events.ts +205 -0
package/server/lib/hot.ts +357 -0
package/server/lib/key-fingerprint.ts +28 -0
package/server/lib/logger.ts +331 -0
package/server/lib/network.ts +137 -0
package/server/lib/notifications.ts +219 -0
package/server/lib/oauth2-refresh.ts +241 -0
package/server/lib/oursecret.ts +54 -0
package/server/lib/passkey-credential.ts +360 -0
package/server/lib/passkey.ts +68 -0
package/server/lib/permissions.ts +248 -0
package/server/lib/pino.ts +24 -0
package/server/lib/policy-preview.ts +138 -0
package/server/lib/price.ts +338 -0
package/server/lib/prices.ts +34 -0
package/server/lib/project-scope.ts +239 -0
package/server/lib/resolve-action.ts +427 -0
package/server/lib/resolve.ts +36 -0
package/server/lib/sessions.ts +632 -0
package/server/lib/solana/connection.ts +26 -0
package/server/lib/solana/jupiter.ts +128 -0
package/server/lib/solana/transfer.ts +108 -0
package/server/lib/solana/wallet.ts +136 -0
package/server/lib/strategy/emits.ts +21 -0
package/server/lib/strategy/engine.ts +1305 -0
package/server/lib/strategy/executor.ts +115 -0
package/server/lib/strategy/hook-context.ts +158 -0
package/server/lib/strategy/hooks.ts +990 -0
package/server/lib/strategy/index.ts +28 -0
package/server/lib/strategy/installer.ts +305 -0
package/server/lib/strategy/loader.ts +256 -0
package/server/lib/strategy/message.ts +235 -0
package/server/lib/strategy/repository.ts +218 -0
package/server/lib/strategy/session-logger.ts +693 -0
package/server/lib/strategy/sources.ts +288 -0
package/server/lib/strategy/state.ts +189 -0
package/server/lib/strategy/templates.ts +403 -0
package/server/lib/strategy/tick.ts +404 -0
package/server/lib/strategy/types.ts +230 -0
package/server/lib/swap.ts +3 -0
package/server/lib/temp.ts +86 -0
package/server/lib/token-metadata.ts +86 -0
package/server/lib/token-safety.ts +200 -0
package/server/lib/token-search.ts +444 -0
package/server/lib/totp.ts +194 -0
package/server/lib/transactions.ts +123 -0
package/server/lib/transport.ts +75 -0
package/server/lib/txhistory/decoder.ts +262 -0
package/server/lib/txhistory/enricher.ts +652 -0
package/server/lib/txhistory/index.ts +391 -0
package/server/lib/txhistory/signatures.ts +59 -0
package/server/lib/verified-summary.ts +421 -0
package/server/mcp/profile-policy.ts +30 -0
package/server/mcp/server.ts +619 -0
package/server/mcp/tools.ts +523 -0
package/server/middleware/auth.ts +119 -0
package/server/middleware/requestLogger.ts +84 -0
package/server/routes/actions.ts +459 -0
package/server/routes/adapters.ts +703 -0
package/server/routes/addressbook.ts +113 -0
package/server/routes/ai.ts +34 -0
package/server/routes/apikeys.ts +295 -0
package/server/routes/apps.ts +601 -0
package/server/routes/auth.ts +457 -0
package/server/routes/backup.ts +340 -0
package/server/routes/batch.ts +270 -0
package/server/routes/bookmarks.ts +162 -0
package/server/routes/credential-shares.ts +198 -0
package/server/routes/credential-vaults.ts +154 -0
package/server/routes/credentials.ts +1290 -0
package/server/routes/dashboard.ts +71 -0
package/server/routes/defaults.ts +124 -0
package/server/routes/fund.ts +229 -0
package/server/routes/import.ts +352 -0
package/server/routes/launch.ts +665 -0
package/server/routes/lock.ts +54 -0
package/server/routes/logs.ts +68 -0
package/server/routes/nuke.ts +111 -0
package/server/routes/passkey-credentials.ts +99 -0
package/server/routes/passkey.ts +346 -0
package/server/routes/portfolio.ts +217 -0
package/server/routes/price.ts +63 -0
package/server/routes/resolve.ts +31 -0
package/server/routes/security.ts +45 -0
package/server/routes/send-evm.ts +241 -0
package/server/routes/send-solana.ts +281 -0
package/server/routes/send.ts +178 -0
package/server/routes/setup.ts +210 -0
package/server/routes/strategy.ts +894 -0
package/server/routes/swap-evm.ts +353 -0
package/server/routes/swap-solana.ts +177 -0
package/server/routes/swap.ts +356 -0
package/server/routes/token.ts +247 -0
package/server/routes/unlock.ts +403 -0
package/server/routes/wallet-assets.ts +361 -0
package/server/routes/wallet-transactions.ts +515 -0
package/server/routes/wallet.ts +710 -0
package/server/types.ts +146 -0
package/skills/aurawallet/SKILL.md +739 -0
package/skills/aurawallet-setup/SKILL.md +74 -0
package/skills/security-review/SKILL.md +148 -0
package/src/app/api/agent-requests/route.ts +30 -0
package/src/app/api/apps/install/route.ts +126 -0
package/src/app/api/apps/manifests/route.ts +16 -0
package/src/app/api/apps/static/[...path]/route.ts +57 -0
package/src/app/api/events/route.ts +92 -0
package/src/app/api/page.tsx +212 -0
package/src/app/api/workspace/[id]/apps/[wid]/route.ts +119 -0
package/src/app/api/workspace/[id]/apps/route.ts +81 -0
package/src/app/api/workspace/[id]/export/route.ts +67 -0
package/src/app/api/workspace/[id]/route.ts +168 -0
package/src/app/api/workspace/auth.ts +34 -0
package/src/app/api/workspace/config/route.ts +106 -0
package/src/app/api/workspace/import/route.ts +127 -0
package/src/app/api/workspace/route.ts +116 -0
package/src/app/app/page.tsx +2122 -0
package/src/app/apple-icon.png +0 -0
package/src/app/docs/page.tsx +178 -0
package/src/app/favicon.ico +0 -0
package/src/app/globals.css +572 -0
package/src/app/health/page.tsx +5 -0
package/src/app/hello/page.tsx +15 -0
package/src/app/icon.png +0 -0
package/src/app/layout.tsx +34 -0
package/src/app/page.tsx +986 -0
package/src/app/providers.tsx +90 -0
package/src/app/share/[token]/page.tsx +295 -0
package/src/components/ChainSelector.tsx +144 -0
package/src/components/HumanActionBar.tsx +695 -0
package/src/components/NotificationDrawer.tsx +129 -0
package/src/components/apps/AgentKeysApp.tsx +490 -0
package/src/components/apps/App.tsx +153 -0
package/src/components/apps/AppGrid.tsx +15 -0
package/src/components/apps/DetailedAddressDrawer.tsx +325 -0
package/src/components/apps/DraggableApp.tsx +562 -0
package/src/components/apps/IFrameApp.tsx +73 -0
package/src/components/apps/LogsApp.tsx +360 -0
package/src/components/apps/SendApp.tsx +394 -0
package/src/components/apps/SetupWizardApp.tsx +1004 -0
package/src/components/apps/SystemDefaultsApp.tsx +845 -0
package/src/components/apps/ThirdPartyApp.tsx +428 -0
package/src/components/apps/TokenApp.tsx +319 -0
package/src/components/apps/TransactionsApp.tsx +438 -0
package/src/components/apps/WalletDetailApp.tsx +1505 -0
package/src/components/apps/index.ts +13 -0
package/src/components/design-system/Button.tsx +53 -0
package/src/components/design-system/ChainIndicator.tsx +65 -0
package/src/components/design-system/ChainSelector.tsx +137 -0
package/src/components/design-system/ConfirmationModal.tsx +106 -0
package/src/components/design-system/ConfirmationPopover.tsx +81 -0
package/src/components/design-system/Drawer.tsx +123 -0
package/src/components/design-system/FilterDropdown.tsx +72 -0
package/src/components/design-system/Modal.tsx +206 -0
package/src/components/design-system/Popover.tsx +142 -0
package/src/components/design-system/TextInput.tsx +85 -0
package/src/components/design-system/Toggle.tsx +58 -0
package/src/components/design-system/index.ts +11 -0
package/src/components/docs/DocsThemeToggle.tsx +49 -0
package/src/components/health/CredentialHealthDashboard.tsx +214 -0
package/src/components/icons/ChainIcons.tsx +72 -0
package/src/components/layout/AppStoreDrawer.tsx +369 -0
package/src/components/layout/ContentArea.tsx +21 -0
package/src/components/layout/TabBar.tsx +278 -0
package/src/components/layout/WalletSidebar.tsx +1033 -0
package/src/components/layout/index.ts +4 -0
package/src/components/marketing/AuraWalletSpecOverlay.tsx +635 -0
package/src/components/marketing/DeviceMorphExperience.tsx +216 -0
package/src/components/vault/ApiKeysConsole.tsx +1080 -0
package/src/components/vault/AuditConsole.tsx +584 -0
package/src/components/vault/CredentialDetail.tsx +455 -0
package/src/components/vault/CredentialEmpty.tsx +55 -0
package/src/components/vault/CredentialField.tsx +361 -0
package/src/components/vault/CredentialForm.tsx +1212 -0
package/src/components/vault/CredentialList.tsx +165 -0
package/src/components/vault/CredentialRow.tsx +97 -0
package/src/components/vault/CredentialShareModal.tsx +178 -0
package/src/components/vault/CredentialVault.tsx +754 -0
package/src/components/vault/CredentialWalletWidget.tsx +103 -0
package/src/components/vault/ImportCredentialsModal.tsx +515 -0
package/src/components/vault/LargeTypeModal.tsx +64 -0
package/src/components/vault/PasswordGenerator.tsx +224 -0
package/src/components/vault/TOTPDisplay.tsx +123 -0
package/src/components/vault/VaultSidebar.tsx +413 -0
package/src/components/vault/types.ts +54 -0
package/src/context/AuthContext.tsx +337 -0
package/src/context/PriceContext.tsx +113 -0
package/src/context/ThemeContext.tsx +164 -0
package/src/context/WebSocketContext.tsx +269 -0
package/src/context/WorkspaceContext.tsx +668 -0
package/src/hooks/index.ts +3 -0
package/src/hooks/useAgentActions.ts +368 -0
package/src/hooks/useBalance.ts +103 -0
package/src/hooks/useBalances.ts +129 -0
package/src/instrumentation.ts +12 -0
package/src/lib/api.ts +449 -0
package/src/lib/app-loader.ts +148 -0
package/src/lib/app-registry.ts +178 -0
package/src/lib/app-sdk.ts +157 -0
package/src/lib/audit-console-adapter.ts +151 -0
package/src/lib/auth-client.ts +75 -0
package/src/lib/config.ts +74 -0
package/src/lib/crypto.ts +112 -0
package/src/lib/db.ts +21 -0
package/src/lib/docs.ts +390 -0
package/src/lib/events.ts +361 -0
package/src/lib/pino.ts +24 -0
package/src/lib/theme-handlers.ts +168 -0
package/src/lib/theme.ts +351 -0
package/src/lib/tokenData.ts +378 -0
package/src/lib/vault-crypto.ts +129 -0
package/src/lib/websocket-server.ts +302 -0
package/src/lib/websocket-setup.ts +79 -0
package/src/lib/wordlist.ts +2050 -0
package/src/lib/workspace-handlers.ts +285 -0
package/start.sh +80 -0
package/tailwind.config.ts +99 -0
package/tsconfig.json +42 -0

package/server/cli/approval.ts ADDED Viewed

@@ -0,0 +1,447 @@
+/**
+ * Terminal Approval Interface
+ *
+ * Connects to the WebSocket server to receive ACTION_CREATED events
+ * and presents an interactive terminal UI for approve/reject decisions.
+ */
+import * as readline from 'readline';
+import { WebSocket } from 'ws';
+import { getErrorMessage } from '../lib/error';
+interface HumanAction {
+  id: string;
+  type: string;
+  agentId: string;
+  limit: number;
+  permissions: string[];
+  ttl: number;
+  createdAt: number;
+}
+interface ApprovalManagerOptions {
+  serverUrl: string;
+  getToken: () => string | null;
+  autoApprove?: boolean;
+  headless?: boolean; // Skip terminal interface (for --password-stdin mode)
+}
+export class ApprovalManager {
+  private ws: WebSocket | null = null;
+  private pendingRequests: Map<string, HumanAction> = new Map();
+  private rl: readline.Interface | null = null;
+  private options: ApprovalManagerOptions;
+  private reconnectTimeout: NodeJS.Timeout | null = null;
+  private isRunning = false;
+  constructor(options: ApprovalManagerOptions) {
+    this.options = options;
+  }
+  /**
+   * Start the approval manager
+   */
+  async start(): Promise<void> {
+    this.isRunning = true;
+    // Fetch any existing pending requests
+    await this.fetchPendingRequests();
+    // Connect to WebSocket
+    this.connectWebSocket();
+    // Set up terminal interface (skip in headless mode)
+    if (!this.options.headless) {
+      this.setupTerminalInterface();
+    }
+  }
+  /**
+   * Stop the approval manager
+   */
+  stop(): void {
+    this.isRunning = false;
+    if (this.reconnectTimeout) {
+      clearTimeout(this.reconnectTimeout);
+      this.reconnectTimeout = null;
+    }
+    if (this.ws) {
+      this.ws.close();
+      this.ws = null;
+    }
+    if (this.rl) {
+      this.rl.close();
+      this.rl = null;
+    }
+  }
+  /**
+   * Fetch existing pending requests from the server
+   */
+  private async fetchPendingRequests(): Promise<void> {
+    try {
+      const token = this.options.getToken();
+      if (!token) return;
+      const response = await fetch(`${this.options.serverUrl}/actions/pending`, {
+        headers: { Authorization: `Bearer ${token}` }
+      });
+      if (response.ok) {
+        const data = await response.json() as { success?: boolean; actions?: HumanAction[] };
+        const requests = data.actions || [];
+        for (const req of requests) {
+          this.addRequest(req);
+        }
+        if (requests.length > 0) {
+          console.log(`\nFound ${requests.length} pending request(s).`);
+          this.displayQueue();
+        }
+      }
+    } catch {
+      // Silently ignore - will get requests via WebSocket
+    }
+  }
+  /**
+   * Connect to the WebSocket server
+   */
+  private connectWebSocket(): void {
+    const wsUrl = process.env.WS_URL || 'ws://localhost:4748';
+    try {
+      this.ws = new WebSocket(wsUrl);
+      this.ws.on('open', () => {
+        console.log('WebSocket connected - listening for events');
+      });
+      this.ws.on('message', (data: Buffer) => {
+        try {
+          const event = JSON.parse(data.toString());
+          this.handleEvent(event);
+        } catch {
+          // Ignore malformed messages
+        }
+      });
+      this.ws.on('close', () => {
+        if (this.isRunning) {
+          console.log('WebSocket disconnected, reconnecting in 3s...');
+          this.reconnectTimeout = setTimeout(() => {
+            this.connectWebSocket();
+          }, 3000);
+        }
+      });
+      this.ws.on('error', (error) => {
+        console.error('WebSocket error:', error.message);
+      });
+    } catch (error) {
+      console.error('Failed to connect WebSocket:', error);
+      if (this.isRunning) {
+        this.reconnectTimeout = setTimeout(() => {
+          this.connectWebSocket();
+        }, 3000);
+      }
+    }
+  }
+  /**
+   * Handle incoming WebSocket event
+   */
+  private handleEvent(event: { type: string; data: unknown }): void {
+    switch (event.type) {
+      case 'action:created':
+        this.handleRequestCreated(event.data as HumanAction);
+        break;
+      case 'action:resolved':
+        this.handleRequestResolved((event.data as { id: string }).id);
+        break;
+    }
+  }
+  /**
+   * Handle new request created
+   */
+  private handleRequestCreated(request: HumanAction): void {
+    this.addRequest(request);
+    console.log('\n┌─────────────────────────────────────────────────────────────┐');
+    console.log('│  NEW AGENT REQUEST                                          │');
+    console.log('├─────────────────────────────────────────────────────────────┤');
+    console.log(`│  ID:          ${request.id.substring(0, 40).padEnd(45)}│`);
+    console.log(`│  Agent:       ${request.agentId.substring(0, 40).padEnd(45)}│`);
+    console.log(`│  Type:        ${request.type.padEnd(45)}│`);
+    console.log(`│  Limit:       ${(request.limit + ' ETH').padEnd(45)}│`);
+    console.log(`│  Permissions: ${request.permissions.slice(0, 3).join(', ').substring(0, 40).padEnd(45)}│`);
+    console.log(`│  TTL:         ${(request.ttl + 's').padEnd(45)}│`);
+    console.log('└─────────────────────────────────────────────────────────────┘');
+    if (this.options.autoApprove) {
+      console.log('Auto-approving (--auto-approve enabled)...');
+      this.resolveAction(request.id, true);
+    } else {
+      console.log('\nEnter request number to review, or:');
+      console.log('  a <id> - approve    r <id> - reject    l - list pending\n');
+    }
+  }
+  /**
+   * Handle request resolved (approved or rejected)
+   */
+  private handleRequestResolved(requestId: string): void {
+    this.pendingRequests.delete(requestId);
+  }
+  /**
+   * Add request to pending queue
+   */
+  private addRequest(request: HumanAction): void {
+    this.pendingRequests.set(request.id, {
+      ...request,
+      createdAt: Date.now()
+    });
+  }
+  /**
+   * Display the pending request queue
+   */
+  private displayQueue(): void {
+    const requests = Array.from(this.pendingRequests.values());
+    if (requests.length === 0) {
+      console.log('\nNo pending requests.\n');
+      return;
+    }
+    console.log('\n┌─────────────────────────────────────────────────────────────┐');
+    console.log('│  PENDING REQUESTS                                           │');
+    console.log('├─────────────────────────────────────────────────────────────┤');
+    requests.forEach((req, index) => {
+      const shortId = req.id.substring(0, 8);
+      const agent = req.agentId.substring(0, 20).padEnd(20);
+      const type = req.type.substring(0, 15).padEnd(15);
+      console.log(`│  ${(index + 1).toString().padStart(2)}. [${shortId}] ${agent} ${type} ${req.limit} ETH │`);
+    });
+    console.log('└─────────────────────────────────────────────────────────────┘');
+    console.log('\nCommands: a <id> approve, r <id> reject, <num> review, l list\n');
+  }
+  /**
+   * Set up terminal interface for user input
+   */
+  private setupTerminalInterface(): void {
+    this.rl = readline.createInterface({
+      input: process.stdin,
+      output: process.stdout,
+      prompt: 'aura> '
+    });
+    this.rl.on('line', (line) => {
+      this.handleCommand(line.trim());
+      this.rl?.prompt();
+    });
+    this.rl.on('close', () => {
+      // Interface closed
+    });
+    // Initial prompt
+    this.rl.prompt();
+  }
+  /**
+   * Handle user command
+   */
+  private handleCommand(input: string): void {
+    if (!input) return;
+    const parts = input.split(/\s+/);
+    const cmd = parts[0].toLowerCase();
+    const arg = parts[1];
+    switch (cmd) {
+      case 'l':
+      case 'list':
+        this.displayQueue();
+        break;
+      case 'a':
+      case 'approve':
+        if (arg) {
+          this.approveByIdOrNumber(arg);
+        } else {
+          console.log('Usage: a <id or number>');
+        }
+        break;
+      case 'r':
+      case 'reject':
+        if (arg) {
+          this.rejectByIdOrNumber(arg);
+        } else {
+          console.log('Usage: r <id or number>');
+        }
+        break;
+      case 'h':
+      case 'help':
+        this.showHelp();
+        break;
+      case 'q':
+      case 'quit':
+        console.log('Use Ctrl+C to exit.');
+        break;
+      default:
+        // Check if it's a number (review by index)
+        const num = parseInt(cmd, 10);
+        if (!isNaN(num)) {
+          this.reviewByNumber(num);
+        } else {
+          console.log(`Unknown command: ${cmd}. Type 'h' for help.`);
+        }
+    }
+  }
+  /**
+   * Show help
+   */
+  private showHelp(): void {
+    console.log(`
+Commands:
+  l, list           List all pending requests
+  a, approve <id>   Approve request by ID or number
+  r, reject <id>    Reject request by ID or number
+  <number>          Review request details by queue number
+  h, help           Show this help
+  Ctrl+C            Exit CLI
+`);
+  }
+  /**
+   * Review request by queue number
+   */
+  private reviewByNumber(num: number): void {
+    const requests = Array.from(this.pendingRequests.values());
+    const index = num - 1;
+    if (index < 0 || index >= requests.length) {
+      console.log(`Invalid number. Use 1-${requests.length}`);
+      return;
+    }
+    const req = requests[index];
+    console.log(`
+┌─────────────────────────────────────────────────────────────┐
+│  REQUEST DETAILS                                            │
+├─────────────────────────────────────────────────────────────┤
+│  ID:          ${req.id}
+│  Agent:       ${req.agentId}
+│  Type:        ${req.type}
+│  Limit:       ${req.limit} ETH
+│  Permissions: ${req.permissions.join(', ')}
+│  TTL:         ${req.ttl}s (${Math.round(req.ttl / 60)} minutes)
+└─────────────────────────────────────────────────────────────┘
+  a ${num}  - approve    r ${num}  - reject
+`);
+  }
+  /**
+   * Approve by ID or queue number
+   */
+  private approveByIdOrNumber(arg: string): void {
+    const id = this.resolveRequestId(arg);
+    if (id) {
+      this.resolveAction(id, true);
+    }
+  }
+  /**
+   * Reject by ID or queue number
+   */
+  private rejectByIdOrNumber(arg: string): void {
+    const id = this.resolveRequestId(arg);
+    if (id) {
+      this.resolveAction(id, false);
+    }
+  }
+  /**
+   * Resolve argument to request ID
+   */
+  private resolveRequestId(arg: string): string | null {
+    // Try as number first
+    const num = parseInt(arg, 10);
+    if (!isNaN(num)) {
+      const requests = Array.from(this.pendingRequests.values());
+      const index = num - 1;
+      if (index >= 0 && index < requests.length) {
+        return requests[index].id;
+      }
+      console.log(`Invalid number. Use 1-${requests.length}`);
+      return null;
+    }
+    // Try as ID (partial match)
+    const matching = Array.from(this.pendingRequests.keys()).filter(
+      id => id.startsWith(arg) || id.includes(arg)
+    );
+    if (matching.length === 1) {
+      return matching[0];
+    } else if (matching.length > 1) {
+      console.log('Ambiguous ID, matches:', matching.map(id => id.substring(0, 12)).join(', '));
+      return null;
+    } else {
+      console.log('Request not found:', arg);
+      return null;
+    }
+  }
+  /**
+   * Resolve an action (approve or reject)
+   */
+  private async resolveAction(requestId: string, approved: boolean): Promise<void> {
+    const token = this.options.getToken();
+    if (!token) {
+      console.log('Error: No admin token available');
+      return;
+    }
+    try {
+      const response = await fetch(`${this.options.serverUrl}/actions/${requestId}/resolve`, {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json',
+          Authorization: `Bearer ${token}`
+        },
+        body: JSON.stringify({ approved })
+      });
+      const data = await response.json() as { success?: boolean; error?: string; agentId?: string; token?: string };
+      if (response.ok && data.success) {
+        if (approved) {
+          console.log(`✓ Request approved. Token created for ${data.agentId}`);
+        } else {
+          console.log(`✓ Request rejected`);
+        }
+        this.pendingRequests.delete(requestId);
+      } else {
+        console.log(`✗ Failed to ${approved ? 'approve' : 'reject'}: ${data.error || 'Unknown error'}`);
+      }
+    } catch (error) {
+      const message = getErrorMessage(error);
+      console.log(`✗ Error ${approved ? 'approving' : 'rejecting'} request: ${message}`);
+    }
+  }
+}

package/server/cli/commands/app.ts ADDED Viewed

@@ -0,0 +1,204 @@
+/**
+ * aurawallet app — Manage installed apps
+ *
+ * Usage:
+ *   npx aurawallet app install <source> [--name <id>] [--force]
+ *   npx aurawallet app remove <id> [--yes]
+ *   npx aurawallet app list
+ *   npx aurawallet app update <id>
+ */
+import {
+  installApp,
+  removeApp,
+  listApps,
+  updateApp,
+} from '../../lib/app-installer';
+import { promptConfirm } from '../lib/prompt';
+import { getErrorMessage } from '../../lib/error';
+const args = process.argv.slice(2);
+function getFlag(name: string): boolean {
+  return args.includes(`--${name}`);
+}
+function getFlagValue(name: string): string | undefined {
+  const idx = args.indexOf(`--${name}`);
+  if (idx === -1 || idx + 1 >= args.length) return undefined;
+  return args[idx + 1];
+}
+function showHelp() {
+  console.log(`
+  aurawallet app — Manage installed apps
+  Usage:
+    npx aurawallet app install <source> [--name <id>] [--force]
+    npx aurawallet app remove <id> [--yes]
+    npx aurawallet app list
+    npx aurawallet app update <id>
+  Sources:
+    Local path       ./path/to/app or /absolute/path
+    Git repo         github.com/user/repo
+    Tarball          https://example.com/app.tar.gz
+    Zip              https://example.com/app.zip
+    Subdirectory     github.com/user/repo#path=apps/my-app
+  Options:
+    --name <id>      Override the app folder name
+    --force          Overwrite existing app with same ID
+    --yes            Skip removal confirmation
+  Examples:
+    npx aurawallet app install github.com/user/my-app
+    npx aurawallet app install ./my-local-app --name custom-id
+    npx aurawallet app list
+    npx aurawallet app remove my-app
+    npx aurawallet app update my-app
+`);
+}
+async function main() {
+  const subcommand = args[0];
+  if (!subcommand || subcommand === '--help' || subcommand === '-h') {
+    showHelp();
+    process.exit(0);
+  }
+  switch (subcommand) {
+    case 'install': {
+      const source = args[1];
+      if (!source || source.startsWith('--')) {
+        console.error('  Error: Missing source argument\n');
+        console.error('  Usage: npx aurawallet app install <source> [--name <id>] [--force]');
+        process.exit(1);
+      }
+      const name = getFlagValue('name');
+      const force = getFlag('force');
+      console.log(`\n  Installing app from: ${source}`);
+      if (name) console.log(`  App ID: ${name}`);
+      if (force) console.log(`  Force: overwrite existing`);
+      console.log('');
+      try {
+        const result = installApp(source, { name, force });
+        console.log(`  ┌─────────────────────────────────────────┐`);
+        console.log(`  │ App installed successfully            │`);
+        console.log(`  ├─────────────────────────────────────────┤`);
+        console.log(`  │ ID:     ${result.id.padEnd(32)}│`);
+        console.log(`  │ Name:   ${result.name.padEnd(32)}│`);
+        console.log(`  │ Source: ${result.source.type.padEnd(32)}│`);
+        console.log(`  │ Path:   apps/${result.id.padEnd(23)}│`);
+        console.log(`  └─────────────────────────────────────────┘`);
+        console.log('');
+        console.log('  App will appear in the App Store under INSTALLED.');
+        console.log('  Restart the server or use the dashboard to load it.\n');
+      } catch (err) {
+        const msg = getErrorMessage(err);
+        console.error(`  Error: ${msg}\n`);
+        process.exit(1);
+      }
+      break;
+    }
+    case 'remove': {
+      const id = args[1];
+      if (!id || id.startsWith('--')) {
+        console.error('  Error: Missing app ID\n');
+        console.error('  Usage: npx aurawallet app remove <id> [--yes]');
+        process.exit(1);
+      }
+      const skipConfirm = getFlag('yes');
+      if (!skipConfirm) {
+        const confirmed = await promptConfirm(`  Remove app "${id}"?`);
+        if (!confirmed) {
+          console.log('  Cancelled.\n');
+          process.exit(0);
+        }
+      }
+      try {
+        removeApp(id);
+        console.log(`\n  App "${id}" removed.\n`);
+        console.log('  Note: App token will be revoked on next server restart.\n');
+      } catch (err) {
+        const msg = getErrorMessage(err);
+        console.error(`  Error: ${msg}\n`);
+        process.exit(1);
+      }
+      break;
+    }
+    case 'list': {
+      const apps = listApps();
+      if (apps.length === 0) {
+        console.log('\n  No apps installed.\n');
+        console.log('  Install a app:');
+        console.log('    npx aurawallet app install <source>\n');
+        process.exit(0);
+      }
+      console.log(`\n  Installed Apps (${apps.length})\n`);
+      for (const w of apps) {
+        const sourceLabel = w.source
+          ? `${w.source.type} — ${w.source.url}`
+          : 'local (no .source.json)';
+        const perms = w.permissions.length > 0
+          ? w.permissions.join(', ')
+          : 'none';
+        console.log(`  ┌ ${w.name} (${w.id})`);
+        console.log(`  │ ${w.description || '(no description)'}`);
+        console.log(`  │ Permissions: ${perms}`);
+        console.log(`  │ Source: ${sourceLabel}`);
+        if (w.source?.installedAt) {
+          console.log(`  │ Installed: ${w.source.installedAt}`);
+        }
+        console.log(`  └──`);
+        console.log('');
+      }
+      break;
+    }
+    case 'update': {
+      const id = args[1];
+      if (!id || id.startsWith('--')) {
+        console.error('  Error: Missing app ID\n');
+        console.error('  Usage: npx aurawallet app update <id>');
+        process.exit(1);
+      }
+      console.log(`\n  Updating app "${id}"...\n`);
+      try {
+        const result = updateApp(id);
+        console.log(`  App "${result.id}" updated from ${result.source.type} source.`);
+        console.log(`  Restart the server to load changes.\n`);
+      } catch (err) {
+        const msg = getErrorMessage(err);
+        console.error(`  Error: ${msg}\n`);
+        process.exit(1);
+      }
+      break;
+    }
+    default:
+      console.error(`  Unknown subcommand: ${subcommand}\n`);
+      showHelp();
+      process.exit(1);
+  }
+}
+main().catch((error) => {
+  console.error('Error:', getErrorMessage(error));
+  process.exit(1);
+});

package/server/cli/commands/cron.ts ADDED Viewed

@@ -0,0 +1,24 @@
+/**
+ * aurawallet cron — Run the cron server standalone
+ * Useful for development or running cron separately from the main server.
+ */
+import { findProjectRoot } from '../lib/process';
+import { execFileSync } from 'child_process';
+import path from 'path';
+const root = findProjectRoot();
+const cronEntry = path.join(root, 'server', 'cron', 'index.ts');
+console.log('Starting AuraWallet Cron Server...\n');
+try {
+  execFileSync('npx', ['tsx', cronEntry], {
+    cwd: root,
+    stdio: 'inherit',
+    env: process.env,
+  });
+} catch (error: unknown) {
+  const exitCode = (error as { status?: number }).status || 1;
+  process.exit(exitCode);
+}