auramaxx 1.0.0-alpha.4

package/server/lib/temp.ts

@@ -0,0 +1,86 @@
+import { ethers, HDNodeWallet } from 'ethers';
+import { Keypair } from '@solana/web3.js';
+import { WalletInfo } from '../types';
+import { isSolanaChain } from './address';
+
+// Temp wallets: random, memory-only, no persistence, no expiry
+// Supports both EVM (HDNodeWallet) and Solana (Keypair)
+const tempWallets = new Map<string, { wallet: HDNodeWallet | Keypair; createdAt: string; chain: string }>();
+
+export function createTempWallet(chain?: string): WalletInfo {
+  const createdAt = new Date().toISOString();
+
+  if (chain && isSolanaChain(chain)) {
+    const keypair = Keypair.generate();
+    const address = keypair.publicKey.toBase58();
+    tempWallets.set(address, { wallet: keypair, createdAt, chain });
+    return {
+      address,
+      tier: 'temp',
+      chain,
+      createdAt
+    };
+  }
+
+  const wallet = ethers.Wallet.createRandom();
+  tempWallets.set(wallet.address.toLowerCase(), { wallet, createdAt, chain: chain || 'any' });
+
+  return {
+    address: wallet.address,
+    tier: 'temp',
+    chain: chain || 'any',
+    createdAt
+  };
+}
+
+export function getTempWallet(address: string): HDNodeWallet | null {
+  // Try lowercase first (EVM), then exact (Solana)
+  const entry = tempWallets.get(address.toLowerCase()) || tempWallets.get(address);
+  if (!entry) return null;
+  if (entry.wallet instanceof Keypair) return null; // Not an EVM wallet
+  return entry.wallet;
+}
+
+export function getTempSolanaKeypair(address: string): Keypair | null {
+  const entry = tempWallets.get(address);
+  if (!entry) return null;
+  if (!(entry.wallet instanceof Keypair)) return null;
+  return entry.wallet;
+}
+
+export function hasTempWallet(address: string): boolean {
+  return tempWallets.has(address.toLowerCase()) || tempWallets.has(address);
+}
+
+export function listTempWallets(): WalletInfo[] {
+  const wallets: WalletInfo[] = [];
+  tempWallets.forEach((entry, address) => {
+    wallets.push({
+      address,
+      tier: 'temp',
+      chain: entry.chain,
+      createdAt: entry.createdAt
+    });
+  });
+  return wallets;
+}
+
+export function burnTempWallet(address: string): boolean {
+  return tempWallets.delete(address.toLowerCase()) || tempWallets.delete(address);
+}
+
+export async function signWithTempWallet(
+  address: string,
+  transaction: ethers.TransactionRequest,
+  provider: ethers.Provider
+): Promise<string> {
+  const wallet = getTempWallet(address);
+  if (!wallet) {
+    throw new Error(`Temp wallet not found: ${address}`);
+  }
+
+  const connectedWallet = wallet.connect(provider);
+  const tx = await connectedWallet.sendTransaction(transaction);
+
+  return tx.hash;
+}

package/server/lib/token-metadata.ts

@@ -0,0 +1,86 @@
+/**
+ * Shared helper for upserting token metadata cache.
+ * Fire-and-forget — callers should not await.
+ *
+ * Enrichment strategy:
+ * 1. Use caller-provided metadata if available
+ * 2. Check in-memory search cache (free, instant)
+ * 3. If row is still a stub after upsert, fire-and-forget DexScreener enrichment
+ */
+import { prisma } from './db';
+import { lookupCachedToken } from './token-search';
+
+export function upsertTokenMetadata(
+  tokenAddress: string,
+  chain: string,
+  metadata?: { symbol?: string; name?: string; decimals?: number; icon?: string }
+): void {
+  // If no metadata provided, try the search cache (free, instant)
+  const resolved = metadata ?? lookupCachedToken(tokenAddress, chain);
+
+  const filtered: Record<string, unknown> = {};
+  if (resolved) {
+    if (resolved.symbol !== undefined) filtered.symbol = resolved.symbol;
+    if (resolved.name !== undefined) filtered.name = resolved.name;
+    if (resolved.icon !== undefined) filtered.icon = resolved.icon;
+  }
+  if (metadata?.decimals !== undefined) filtered.decimals = metadata.decimals;
+
+  prisma.tokenMetadata.upsert({
+    where: { tokenAddress_chain: { tokenAddress, chain } },
+    create: { tokenAddress, chain, ...filtered },
+    update: { ...filtered, lastAccessedAt: new Date() },
+  }).then((row) => {
+    // If still a stub (no symbol), try DexScreener enrichment
+    if (!row.symbol) {
+      enrichFromDexScreener(tokenAddress, chain).catch(() => {});
+    }
+  }).catch(() => {
+    // Silently ignore — metadata cache is best-effort
+  });
+}
+
+/** Fire-and-forget DexScreener enrichment for a single token */
+async function enrichFromDexScreener(tokenAddress: string, chain: string): Promise<void> {
+  const res = await fetch(
+    `https://api.dexscreener.com/latest/dex/tokens/${tokenAddress}`,
+    { signal: AbortSignal.timeout(5000) },
+  );
+  if (!res.ok) return;
+  const data = await res.json();
+  const pairs: any[] = data.pairs || [];
+  if (pairs.length === 0) return;
+
+  // Prefer a pair on the same chain
+  const chainPairs = pairs.filter((p: any) => p.chainId === chain);
+  const pair = chainPairs.length > 0 ? chainPairs[0] : pairs[0];
+
+  const symbol: string | undefined = pair.baseToken?.symbol;
+  const name: string | undefined = pair.baseToken?.name;
+  const icon: string | undefined = pair.info?.imageUrl;
+
+  if (!symbol && !name && !icon) return;
+
+  const update: Record<string, unknown> = {};
+  if (symbol) update.symbol = symbol;
+  if (name) update.name = name;
+  if (icon) update.icon = icon;
+
+  // Persist market data from DexScreener pair
+  if (pair.priceUsd) update.priceUsd = pair.priceUsd;
+  if (pair.marketCap != null) update.marketCap = pair.marketCap;
+  if (pair.fdv != null) update.fdv = pair.fdv;
+  if (pair.liquidity?.usd != null) update.liquidity = pair.liquidity.usd;
+  if (pair.volume?.h24 != null) update.volume24h = pair.volume.h24;
+  if (pair.dexId) update.dexId = pair.dexId;
+  if (pair.pairAddress) update.pairAddress = pair.pairAddress;
+  const websites = (pair.info?.websites || []).map((w: any) => w.url || w).filter(Boolean);
+  if (websites.length > 0) update.websites = JSON.stringify(websites);
+  const socials = (pair.info?.socials || []).filter((s: any) => s.url);
+  if (socials.length > 0) update.socials = JSON.stringify(socials);
+
+  await prisma.tokenMetadata.update({
+    where: { tokenAddress_chain: { tokenAddress, chain } },
+    data: update,
+  }).catch(() => {});
+}

package/server/lib/token-safety.ts

@@ -0,0 +1,200 @@
+/**
+ * Token safety check via GoPlusLabs.
+ *
+ * Free API, no key needed. Returns honeypot detection, tax analysis,
+ * holder data, LP info, and contract red flags.
+ *
+ * In-memory cache with 10-minute TTL. No DB writes.
+ */
+
+export interface TokenSafetyResult {
+  // Token basics
+  tokenName: string;
+  tokenSymbol: string;
+  totalSupply: string;
+
+  // Safety flags
+  isHoneypot: boolean;
+  isMintable: boolean;
+  isOpenSource: boolean;
+  isProxy: boolean;
+  isBlacklisted: boolean;
+  isAntiWhale: boolean;
+  hasHiddenOwner: boolean;
+  hasExternalCall: boolean;
+  hasSelfDestruct: boolean;
+  canTakeBackOwnership: boolean;
+  transferPausable: boolean;
+
+  // Tax
+  buyTax: string;
+  sellTax: string;
+
+  // Owner
+  ownerAddress: string;
+  creatorAddress: string;
+  creatorPercent: string;
+
+  // Holders
+  holderCount: number;
+  holders: TokenHolder[];
+
+  // LP
+  lpHolderCount: number;
+  lpTotalSupply: string;
+  lpHolders: LpHolder[];
+
+  // DEX listing
+  dexInfo: DexInfo[];
+}
+
+export interface TokenHolder {
+  address: string;
+  balance: string;
+  percent: string;
+  isLocked: boolean;
+  isContract: boolean;
+  tag: string;
+}
+
+export interface LpHolder {
+  address: string;
+  balance: string;
+  percent: string;
+  isLocked: boolean;
+  isContract: boolean;
+}
+
+export interface DexInfo {
+  name: string;
+  liquidity: string;
+  pair: string;
+}
+
+interface CacheEntry {
+  result: TokenSafetyResult;
+  fetchedAt: number;
+}
+
+const CACHE_TTL_MS = 10 * 60_000; // 10 minutes — safety data changes slowly
+
+const safetyCache = new Map<string, CacheEntry>();
+
+/** Clear cache — exposed for tests */
+export function clearTokenSafetyCache(): void {
+  safetyCache.clear();
+}
+
+// Our chain name → GoPlusLabs chain ID
+const GOPLUS_CHAIN_IDS: Record<string, string> = {
+  ethereum: '1',
+  base: '8453',
+  solana: 'solana',
+  polygon: '137',
+  arbitrum: '42161',
+  optimism: '10',
+  bsc: '56',
+  avalanche: '43114',
+};
+
+/**
+ * Get token safety report from GoPlusLabs.
+ * Returns null if the token/chain is not supported or GoPlus has no data.
+ */
+export async function getTokenSafety(
+  address: string,
+  chain: string,
+): Promise<TokenSafetyResult | null> {
+  const goplusChainId = GOPLUS_CHAIN_IDS[chain];
+  if (!goplusChainId) return null;
+
+  const cacheKey = `${chain}:${address.toLowerCase()}`;
+
+  // Check cache
+  const cached = safetyCache.get(cacheKey);
+  if (cached && Date.now() - cached.fetchedAt < CACHE_TTL_MS) {
+    return cached.result;
+  }
+
+  try {
+    const res = await fetch(
+      `https://api.gopluslabs.io/api/v1/token_security/${goplusChainId}?contract_addresses=${encodeURIComponent(address)}`,
+      { signal: AbortSignal.timeout(10000) },
+    );
+    if (!res.ok) return null;
+
+    const data = await res.json();
+    if (data.code !== 1 || !data.result) return null;
+
+    // GoPlus keys results by lowercase address
+    const key = Object.keys(data.result)[0];
+    if (!key) return null;
+
+    const token = data.result[key];
+    if (!token) return null;
+
+    const result = mapGoPlusResult(token);
+
+    safetyCache.set(cacheKey, { result, fetchedAt: Date.now() });
+    return result;
+  } catch {
+    return null;
+  }
+}
+
+function toBool(val: any): boolean {
+  return val === '1' || val === 1 || val === true;
+}
+
+function mapGoPlusResult(t: any): TokenSafetyResult {
+  return {
+    tokenName: t.token_name || '',
+    tokenSymbol: t.token_symbol || '',
+    totalSupply: t.total_supply || '0',
+
+    isHoneypot: toBool(t.is_honeypot),
+    isMintable: toBool(t.is_mintable),
+    isOpenSource: toBool(t.is_open_source),
+    isProxy: toBool(t.is_proxy),
+    isBlacklisted: toBool(t.is_blacklisted),
+    isAntiWhale: toBool(t.is_anti_whale),
+    hasHiddenOwner: toBool(t.hidden_owner),
+    hasExternalCall: toBool(t.external_call),
+    hasSelfDestruct: toBool(t.selfdestruct),
+    canTakeBackOwnership: toBool(t.can_take_back_ownership),
+    transferPausable: toBool(t.transfer_pausable),
+
+    buyTax: t.buy_tax || '0',
+    sellTax: t.sell_tax || '0',
+
+    ownerAddress: t.owner_address || '',
+    creatorAddress: t.creator_address || '',
+    creatorPercent: t.creator_percent || '0',
+
+    holderCount: parseInt(t.holder_count || '0', 10) || 0,
+    holders: (t.holders || []).map((h: any) => ({
+      address: h.address || '',
+      balance: h.balance || '0',
+      percent: h.percent || '0',
+      isLocked: toBool(h.is_locked),
+      isContract: toBool(h.is_contract),
+      tag: h.tag || '',
+    })),
+
+    lpHolderCount: parseInt(t.lp_holder_count || '0', 10) || 0,
+    lpTotalSupply: t.lp_total_supply || '0',
+    lpHolders: (t.lp_holders || []).map((h: any) => ({
+      address: h.address || '',
+      balance: h.balance || '0',
+      percent: h.percent || '0',
+      isLocked: toBool(h.is_locked),
+      isContract: toBool(h.is_contract),
+    })),
+
+    dexInfo: (t.dex || []).map((d: any) => ({
+      name: d.name || '',
+      liquidity: d.liquidity || '0',
+      pair: d.pair || d.pool_manager || '',
+    })),
+  };
+}