auramaxx 1.0.0-alpha.4

package/server/cli/lib/local-agent-trust.ts

@@ -0,0 +1,45 @@
+import type { LocalAgentProfileMode } from '../../lib/agent-profiles';
+import { fetchJson } from './http';
+
+export interface LocalAgentTrustDefaults {
+  profile: LocalAgentProfileMode;
+  profileVersion: 'v1';
+  autoApprove: boolean;
+}
+
+export function resolveLocalAgentModeChoice(input: string): LocalAgentProfileMode {
+  const normalized = input.trim().toLowerCase();
+  if (normalized === '2' || normalized === 'strict') return 'strict';
+  if (normalized === '3' || normalized === 'admin') return 'admin';
+  return 'dev';
+}
+
+export function toLocalAgentTrustDefaults(profile: LocalAgentProfileMode): LocalAgentTrustDefaults {
+  return {
+    profile,
+    profileVersion: 'v1',
+    autoApprove: profile !== 'strict',
+  };
+}
+
+export async function persistLocalAgentTrustDefaults(token: string, profile: LocalAgentProfileMode): Promise<LocalAgentTrustDefaults> {
+  const defaults = toLocalAgentTrustDefaults(profile);
+
+  await fetchJson('/defaults/trust.localProfile', {
+    method: 'PATCH',
+    body: { value: defaults.profile },
+    token,
+  });
+  await fetchJson('/defaults/trust.localProfileVersion', {
+    method: 'PATCH',
+    body: { value: defaults.profileVersion },
+    token,
+  });
+  await fetchJson('/defaults/trust.localAutoApprove', {
+    method: 'PATCH',
+    body: { value: defaults.autoApprove },
+    token,
+  });
+
+  return defaults;
+}

package/server/cli/lib/process.ts

@@ -0,0 +1,136 @@
+/**
+ * Process management for CLI commands
+ */
+
+import { spawn, ChildProcess, execSync } from 'child_process';
+import { randomBytes } from 'crypto';
+import * as path from 'path';
+import * as fs from 'fs';
+
+/**
+ * Find the project root by walking up from __dirname to find package.json with name "aurawallet"
+ */
+export function findProjectRoot(): string {
+  let dir = __dirname;
+  for (let i = 0; i < 10; i++) {
+    const pkgPath = path.join(dir, 'package.json');
+    if (fs.existsSync(pkgPath)) {
+      try {
+        const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf8'));
+        if (pkg.name === 'aurawallet') return dir;
+      } catch {
+        // Not valid JSON, keep going
+      }
+    }
+    const parent = path.dirname(dir);
+    if (parent === dir) break;
+    dir = parent;
+  }
+  throw new Error('Could not find aurawallet project root');
+}
+
+/**
+ * Stop any running AuraWallet server processes
+ */
+export function stopServer(): void {
+  // In sandbox mode, don't kill other processes — the sandbox script manages its own
+  if (process.env.SANDBOX_MODE) return;
+
+  const patterns = [
+    'tsx server/index.ts',
+    'tsx watch server/index.ts',
+    'tsx server/cron/index.ts',
+    'next dev -p 4747',
+    'next start -p 4747',
+  ];
+
+  for (const pattern of patterns) {
+    try {
+      execSync(`pkill -f "${pattern}" 2>/dev/null`, { stdio: 'ignore' });
+    } catch {
+      // Process not found, that's fine
+    }
+  }
+
+  // Give processes a moment to die
+  try {
+    execSync('sleep 0.5', { stdio: 'ignore' });
+  } catch {
+    // Ignore
+  }
+}
+
+/**
+ * Start the AuraWallet server processes
+ * Returns child processes for cleanup
+ */
+export function startServer(opts: { headless?: boolean } = {}): ChildProcess[] {
+  const root = findProjectRoot();
+  const children: ChildProcess[] = [];
+
+  // Set BYPASS_RATE_LIMIT for local dev
+  // Generate a shared secret so the cron server can authenticate with the wallet server's internal endpoints.
+  // Regenerated every start, so it's ephemeral like the SIGNING_KEY.
+  const cronSecret = randomBytes(32).toString('hex');
+  const env = { ...process.env, BYPASS_RATE_LIMIT: 'true', STRATEGY_CRON_SHARED_SECRET: cronSecret };
+  const useNodeTsxLoader = process.env.SANDBOX_MODE === 'true' || process.env.AURA_FORCE_NODE_TSX === '1';
+  const tsRunnerCmd = useNodeTsxLoader ? process.execPath : 'npx';
+  const tsRunnerArgs = (entryFile: string) =>
+    useNodeTsxLoader ? ['--import', 'tsx', entryFile] : ['tsx', entryFile];
+
+  // Start Express server
+  const server = spawn(tsRunnerCmd, tsRunnerArgs('server/index.ts'), {
+    cwd: root,
+    env,
+    stdio: 'ignore',
+    detached: true,
+  });
+  server.unref();
+  children.push(server);
+
+  // Start cron server
+  const cron = spawn(tsRunnerCmd, tsRunnerArgs('server/cron/index.ts'), {
+    cwd: root,
+    env,
+    stdio: 'ignore',
+    detached: true,
+  });
+  cron.unref();
+  children.push(cron);
+
+  // Start Next.js dashboard unless headless
+  if (!opts.headless) {
+    const dashboardPort = process.env.DASHBOARD_PORT || '4747';
+    const dashboard = spawn('npx', ['next', 'dev', '-p', dashboardPort], {
+      cwd: root,
+      env,
+      stdio: 'ignore',
+      detached: true,
+    });
+    dashboard.unref();
+    children.push(dashboard);
+  }
+
+  return children;
+}
+
+/**
+ * Clean up temp files (lock files, socket files)
+ */
+export function cleanupTempFiles(): void {
+  const uid = process.getuid?.() ?? 'unknown';
+  const files = [
+    `/tmp/aura-cli-${uid}.lock`,
+    `/tmp/aura-cli-${uid}.sock`,
+  ];
+
+  for (const file of files) {
+    try {
+      if (fs.existsSync(file)) {
+        fs.unlinkSync(file);
+      }
+    } catch {
+      // Ignore cleanup errors
+    }
+  }
+}

package/server/cli/lib/prompt.ts

@@ -0,0 +1,85 @@
+/**
+ * Interactive prompts for CLI commands
+ */
+
+import * as readline from 'readline';
+
+/**
+ * Prompt for a password with hidden input
+ */
+export async function promptPassword(label: string = 'Password'): Promise<string> {
+  return new Promise((resolve) => {
+    const rl = readline.createInterface({
+      input: process.stdin,
+      output: process.stdout,
+    });
+
+    process.stdout.write(`${label}: `);
+
+    const stdin = process.stdin;
+    const wasRaw = stdin.isRaw;
+
+    if (stdin.isTTY) {
+      stdin.setRawMode(true);
+    }
+
+    let password = '';
+
+    const onData = (char: Buffer) => {
+      const c = char.toString();
+
+      if (c === '\n' || c === '\r') {
+        stdin.removeListener('data', onData);
+        if (stdin.isTTY) {
+          stdin.setRawMode(wasRaw ?? false);
+        }
+        process.stdout.write('\n');
+        rl.close();
+        resolve(password);
+      } else if (c === '\u0003') {
+        // Ctrl+C
+        process.stdout.write('\n');
+        process.exit(1);
+      } else if (c === '\u007f' || c === '\b') {
+        if (password.length > 0) {
+          password = password.slice(0, -1);
+        }
+      } else {
+        password += c;
+      }
+    };
+
+    stdin.on('data', onData);
+  });
+}
+
+/**
+ * Prompt for visible text input
+ */
+export async function promptInput(label: string): Promise<string> {
+  return new Promise((resolve) => {
+    const rl = readline.createInterface({
+      input: process.stdin,
+      output: process.stdout,
+    });
+    rl.question(`${label}: `, (answer) => {
+      rl.close();
+      resolve(answer.trim());
+    });
+  });
+}
+
+/**
+ * Prompt for yes/no confirmation
+ */
+export async function promptConfirm(msg: string): Promise<boolean> {
+  const answer = await promptInput(`${msg} (y/n)`);
+  return answer.toLowerCase() === 'y' || answer.toLowerCase() === 'yes';
+}
+
+/**
+ * Wait for the user to press Enter
+ */
+export async function waitForEnter(msg: string = 'Press Enter to continue...'): Promise<void> {
+  await promptInput(msg);
+}

package/server/cli/lib/theme.ts

@@ -0,0 +1,240 @@
+/**
+ * Aura CLI Theme — Medical / Industrial / Tyvek
+ *
+ * Shared visual primitives for all CLI commands.
+ * Inspired by the AuraWallet SVG logo system: registration corner marks,
+ * three diagonal stripes at 45° (aura_logo.svg), dot micro-textures, monochrome fills.
+ *
+ * All output degrades safely in non-TTY / NO_COLOR / CI / TERM=dumb.
+ */
+
+// ── ANSI ─────────────────────────────────────────────────────
+
+const ANSI = {
+  reset:   '\x1b[0m',
+  bold:    '\x1b[1m',
+  dim:     '\x1b[2m',
+  italic:  '\x1b[3m',
+  fgCyan:  '\x1b[36m',
+  fgGreen: '\x1b[32m',
+  fgRed:   '\x1b[31m',
+  fgYellow:'\x1b[33m',
+  fgGray:  '\x1b[90m',
+} as const;
+
+export function supportsColor(): boolean {
+  if (!process.stdout.isTTY) return false;
+  if (process.env.NO_COLOR) return false;
+  if (process.env.CI === 'true') return false;
+  return process.env.TERM !== 'dumb';
+}
+
+const USE_COLOR = supportsColor();
+
+export function paint(text: string, ...codes: string[]): string {
+  if (!USE_COLOR) return text;
+  return `${codes.join('')}${text}${ANSI.reset}`;
+}
+
+// ── Constants ────────────────────────────────────────────────
+
+const W = 62; // content width (fits 80-col with 2-char indent + padding)
+
+export const SEPARATOR = '  ' + '- '.repeat(Math.floor(W / 2));
+
+const CORNER_TL = paint('.-', ANSI.fgGray);
+const CORNER_TR = paint('-.', ANSI.fgGray);
+const CORNER_BL = paint("'-", ANSI.fgGray);
+const CORNER_BR = paint("-'", ANSI.fgGray);
+
+// ── Banner ───────────────────────────────────────────────────
+
+/**
+ * Print the Aura branded banner.
+ *
+ * Left side: three diagonal stripes at 45° inside a bordered square —
+ * matching the canonical Aura logo (website/public/aura_logo.svg:
+ * three rotated rects clipped to a square with corner marks).
+ * Right side: AURA wordmark + subtitle.
+ * Outer frame: crop-mark corners (from all SVG logos).
+ */
+export function printBanner(subtitle?: string): void {
+  const sub = subtitle ? subtitle.toUpperCase() : '';
+
+  const P = paint('|', ANSI.fgGray);    // outer pipe
+  const LP = paint('|', ANSI.fgGray);   // logo pipe
+  const S = (t: string) => paint(t, ANSI.bold);  // stripe chars
+
+  // Logo box borders (dashed, matching Tyvek style)
+  const LT = paint('.', ANSI.fgGray) + paint('----------', ANSI.dim) + paint('.', ANSI.fgGray);
+  const LB = paint("'", ANSI.fgGray) + paint('----------', ANSI.dim) + paint("'", ANSI.fgGray);
+
+  // Three diagonal stripes inside a 12×5 square (≈ square at 2:1 char ratio)
+  // Row 1: |//  //  //|   Row 2: | //  //  /|   Row 3: |  //  //  |
+  const r1 = `${LP}${S('//')}  ${S('//')}  ${S('//')}${LP}`;
+  const r2 = `${LP} ${S('//')}  ${S('//')}  ${S('/')}${LP}`;
+  const r3 = `${LP}  ${S('//')}  ${S('//')}  ${LP}`;
+
+  console.log('');
+  console.log(`  ${CORNER_TL}${paint(' '.repeat(W - 4), ANSI.dim)}${CORNER_TR}`);
+  console.log(`  ${P}   ${LT}${' '.repeat(W - 19)}${P}`);
+  console.log(`  ${P}   ${r1}    ${paint('A U R A', ANSI.bold)}${' '.repeat(W - 30)}${P}`);
+  console.log(`  ${P}   ${r2}    ${paint('W A L L E T', ANSI.dim)}${' '.repeat(W - 34)}${P}`);
+  console.log(`  ${P}   ${r3}    ${sub ? paint(sub, ANSI.fgCyan) : ''}${' '.repeat(Math.max(0, W - 23 - sub.length))}${P}`);
+  console.log(`  ${P}   ${LB}${' '.repeat(W - 19)}${P}`);
+  console.log(`  ${CORNER_BL}${paint(' '.repeat(W - 4), ANSI.dim)}${CORNER_BR}`);
+  console.log('');
+}
+
+// ── Section ──────────────────────────────────────────────────
+
+/**
+ * Print a section header with Tyvek-style framing.
+ *
+ * Output:
+ *   - - - - - - - - - - - - - - - - - - -
+ *   [ SECTION TITLE ]
+ *   Optional subtitle
+ */
+export function printSection(title: string, subtitle?: string): void {
+  console.log('');
+  console.log(SEPARATOR);
+  console.log(`  ${paint(`[ ${title.toUpperCase()} ]`, ANSI.bold)}`);
+  if (subtitle) {
+    console.log(`  ${paint(subtitle, ANSI.dim)}`);
+  }
+  console.log('');
+}
+
+// ── Box ──────────────────────────────────────────────────────
+
+/**
+ * Print a framed box with crop-mark corners.
+ * Replaces the old ╔═══╗ double-line Unicode boxes.
+ *
+ * Output:
+ *   .- - - - - - - - - - - - - - - - -.
+ *   |  Line 1                          |
+ *   |  Line 2                          |
+ *   '- - - - - - - - - - - - - - - - -'
+ */
+export function printBox(lines: string[]): void {
+  const inner = W - 4; // account for "| " and " |"
+  const dashes = '- '.repeat(Math.floor((W - 2) / 2));
+
+  console.log(`  ${CORNER_TL}${paint(dashes.slice(0, W - 4), ANSI.dim)}${CORNER_TR}`);
+  for (const line of lines) {
+    // Strip ANSI to measure visible length for padding
+    const visible = line.replace(/\x1b\[[0-9;]*m/g, '');
+    const pad = Math.max(0, inner - visible.length);
+    console.log(`  ${paint('|', ANSI.fgGray)}  ${line}${' '.repeat(pad)}${paint('|', ANSI.fgGray)}`);
+  }
+  console.log(`  ${CORNER_BL}${paint(dashes.slice(0, W - 4), ANSI.dim)}${CORNER_BR}`);
+}
+
+// ── Status line ──────────────────────────────────────────────
+
+/**
+ * Print a key/value status line.
+ *
+ * Output:
+ *     Label:        value
+ *     Label:    [ok] value
+ */
+export function printStatus(label: string, value: string, ok?: boolean): void {
+  const paddedLabel = label.padEnd(16);
+  let indicator = '';
+  if (ok === true) indicator = paint('[ok]', ANSI.fgGreen) + ' ';
+  else if (ok === false) indicator = paint('[--]', ANSI.fgRed) + ' ';
+  console.log(`    ${paint(paddedLabel, ANSI.dim)}${indicator}${value}`);
+}
+
+// ── Check result (for doctor) ────────────────────────────────
+
+export type CheckBadge = 'pass' | 'warn' | 'fail';
+
+/**
+ * Format a diagnostic check badge in Tyvek style.
+ */
+export function checkBadge(status: CheckBadge): string {
+  switch (status) {
+    case 'pass': return paint('[PASS]', ANSI.fgGreen, ANSI.bold);
+    case 'warn': return paint('[WARN]', ANSI.fgYellow, ANSI.bold);
+    case 'fail': return paint('[FAIL]', ANSI.fgRed, ANSI.bold);
+  }
+}
+
+// ── Completion ───────────────────────────────────────────────
+
+/**
+ * Print a branded completion message.
+ */
+export function printComplete(message: string): void {
+  console.log('');
+  console.log(SEPARATOR);
+  console.log(`  ${paint('[ok]', ANSI.fgGreen)} ${paint(message, ANSI.bold)}`);
+  console.log('');
+}
+
+// ── Seed phrase box (security-critical) ──────────────────────
+
+/**
+ * Display a seed phrase in a clearly framed box.
+ * This is security-critical — readability is paramount.
+ */
+export function printSeedPhrase(mnemonic: string): void {
+  const words = mnemonic.split(' ');
+  const inner = 46;
+
+  console.log('');
+  console.log(`  ${CORNER_TL}${paint('-'.repeat(inner), ANSI.dim)}${CORNER_TR}`);
+  console.log(`  ${paint('|', ANSI.fgGray)}  ${paint('SEED PHRASE', ANSI.bold)}${' '.repeat(inner - 14)}${paint('|', ANSI.fgGray)}`);
+  console.log(`  ${paint('|', ANSI.fgGray)}  ${paint('Write this down. Store it safely.', ANSI.dim)}${' '.repeat(inner - 36)}${paint('|', ANSI.fgGray)}`);
+  console.log(`  ${paint('|', ANSI.fgGray)}${' '.repeat(inner + 2)}${paint('|', ANSI.fgGray)}`);
+  for (let i = 0; i < words.length; i += 4) {
+    const line = words.slice(i, i + 4)
+      .map((w, j) => `${String(i + j + 1).padStart(2)}. ${w.padEnd(10)}`)
+      .join('');
+    const pad = Math.max(0, inner - 2 - line.length);
+    console.log(`  ${paint('|', ANSI.fgGray)}  ${line}${' '.repeat(pad)}${paint('|', ANSI.fgGray)}`);
+  }
+  console.log(`  ${paint('|', ANSI.fgGray)}${' '.repeat(inner + 2)}${paint('|', ANSI.fgGray)}`);
+  console.log(`  ${paint('|', ANSI.fgGray)}  ${paint('It cannot be recovered.', ANSI.fgRed)}${' '.repeat(inner - 27)}${paint('|', ANSI.fgGray)}`);
+  console.log(`  ${CORNER_BL}${paint('-'.repeat(inner), ANSI.dim)}${CORNER_BR}`);
+  console.log('');
+}
+
+// ── Help formatter ───────────────────────────────────────────
+
+/**
+ * Print a branded help screen.
+ */
+export function printHelp(
+  title: string,
+  usage: string,
+  commands: Array<{ name: string; desc: string }>,
+  extras?: string[],
+): void {
+  printBanner(title);
+
+  console.log(`  ${paint('Usage:', ANSI.bold)} ${usage}`);
+  console.log('');
+
+  if (commands.length > 0) {
+    console.log(`  ${paint('Commands:', ANSI.bold)}`);
+    const maxName = Math.max(...commands.map(c => c.name.length));
+    for (const cmd of commands) {
+      console.log(`    ${paint(cmd.name.padEnd(maxName + 2), ANSI.fgCyan)}${cmd.desc}`);
+    }
+    console.log('');
+  }
+
+  if (extras) {
+    for (const line of extras) {
+      console.log(`  ${line}`);
+    }
+    console.log('');
+  }
+}
+
+export { ANSI, USE_COLOR, W };