npm - cronos-agent-wallet - Versions diffs - 1.2.3 → 1.2.5 - Mend

cronos-agent-wallet 1.2.3 → 1.2.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/README.md CHANGED Viewed

@@ -90,9 +90,32 @@ async function main() {
 | `chainId` | `number` | Yes | Chain ID (e.g., 338). Sent to backend for negotiation. |
 | `usdcAddress` | `string` | Yes | ERC20 Token Address used for payment. |
 | `dailyLimit` | `number` | No | Max USDC allowed to spend per 24h. Default: 1.0 |
+| `strictPolicy` | `boolean` | No | If `true`, Agent crashes if local config hash != on-chain hash. Default: `true`. |
+| `anchors` | `object` | No | On-chain registry addresses. Auto-filled for Cronos Testnet. |
+| `analyticsUrl` | `string` | No | URL for centralized logging of payment decisions (e.g. `https://api.myapp.com/analytics`). |
 | `allowedMerchants` | `string[]` | No | List of Merchant IDs to trust. If empty, allows all. |
 | `trustedFacilitators` | `string[]` | No | List of Gateway URLs to trust (e.g., localhost). |
+## 🛡️ Security Workflow (Strict Mode)
+When `strictPolicy` is `true` (default), you must register your configuration hash on-chain whenever you change limits.
+1.  **Define Limits**: Set `dailyLimit` in your code.
+2.  **Seal Policy**: Use the Admin helper to write the hash to the chain.
+```typescript
+import { AgentAdmin } from "@cronos-merchant/sdk";
+await AgentAdmin.setPolicy({
+  privateKey: process.env.AGENT_KEY
+}, {
+  dailyLimit: 0.5,
+  maxPerTransaction: 0.5
+});
+```
+3.  **Run Agent**: The Agent checks `Local Limit == On-Chain Limit` before spending.
 ## API Reference
 ### `agent.fetch<T>(url, options): Promise<T>`

package/dist/AgentAdmin.d.ts ADDED Viewed

@@ -0,0 +1,18 @@
+export interface AdminConfig {
+    privateKey: string;
+    rpcUrl?: string;
+}
+export declare class AgentAdmin {
+    /**
+     * Sets the on-chain policy anchor for an agent.
+     * Use this to "Seal" your local configuration.
+     */
+    static setPolicy(config: AdminConfig, limits: {
+        dailyLimit: number;
+        maxPerTransaction: number;
+    }): Promise<string>;
+    /**
+     * Registers a new merchant ID on-chain.
+     */
+    static registerMerchant(config: AdminConfig, merchantId: string): Promise<string>;
+}

package/dist/AgentAdmin.js ADDED Viewed

@@ -0,0 +1,63 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AgentAdmin = void 0;
+const ethers_1 = require("ethers");
+const config_1 = require("./config");
+// Minimal ABIs required for setup
+const POLICY_REGISTRY_ABI = [
+    "function setPolicy(uint256 dailySpendLimit, uint256 maxPerTransaction, bytes32 policyHash) external",
+    "function getPolicy(address agentAddress) external view returns (uint256, uint256, bytes32, bool, uint256)"
+];
+const MERCHANT_REGISTRY_ABI = [
+    "function registerMerchant(string calldata merchantId, string calldata metadataURI) external",
+    "function getMerchant(string calldata merchantId) external view returns (address, bool, string)"
+];
+class AgentAdmin {
+    /**
+     * Sets the on-chain policy anchor for an agent.
+     * Use this to "Seal" your local configuration.
+     */
+    static async setPolicy(config, limits) {
+        const rpc = config.rpcUrl || "https://evm-t3.cronos.org";
+        const provider = new ethers_1.ethers.JsonRpcProvider(rpc);
+        const wallet = new ethers_1.ethers.Wallet(config.privateKey, provider);
+        const registry = new ethers_1.ethers.Contract(config_1.AGENT_CONFIG_DEFAULTS.anchors.agentPolicyRegistry, POLICY_REGISTRY_ABI, wallet);
+        // 1. Calculate Hash (Must match AgentWallet logic)
+        const policyData = {
+            dailyLimit: limits.dailyLimit || 0,
+            maxPerTransaction: limits.maxPerTransaction || 0
+        };
+        const policyHash = ethers_1.ethers.keccak256(ethers_1.ethers.toUtf8Bytes(JSON.stringify(policyData)));
+        // 2. Prepare visual limits (18 decimals for display)
+        const dailyLimitFn = BigInt(Math.floor(limits.dailyLimit * 1e18));
+        const maxPerTxFn = BigInt(Math.floor(limits.maxPerTransaction * 1e18));
+        console.log(`[AgentAdmin] Setting Policy for ${wallet.address}...`);
+        console.log(`[AgentAdmin] Hash: ${policyHash}`);
+        const tx = await registry.setPolicy(dailyLimitFn, maxPerTxFn, policyHash);
+        console.log(`[AgentAdmin] Tx Sent: ${tx.hash}`);
+        await tx.wait();
+        console.log(`[AgentAdmin] ✅ Policy Secured.`);
+        return tx.hash;
+    }
+    /**
+     * Registers a new merchant ID on-chain.
+     */
+    static async registerMerchant(config, merchantId) {
+        const rpc = config.rpcUrl || "https://evm-t3.cronos.org";
+        const provider = new ethers_1.ethers.JsonRpcProvider(rpc);
+        const wallet = new ethers_1.ethers.Wallet(config.privateKey, provider);
+        const registry = new ethers_1.ethers.Contract(config_1.AGENT_CONFIG_DEFAULTS.anchors.merchantRegistry, MERCHANT_REGISTRY_ABI, wallet);
+        console.log(`[AgentAdmin] Registering Merchant '${merchantId}'...`);
+        // Check exist
+        const existing = await registry.getMerchant(merchantId);
+        if (existing[0] !== ethers_1.ethers.ZeroAddress) {
+            throw new Error(`Merchant '${merchantId}' is already registered to ${existing[0]}`);
+        }
+        const tx = await registry.registerMerchant(merchantId, "ipfs://placeholder");
+        console.log(`[AgentAdmin] Tx Sent: ${tx.hash}`);
+        await tx.wait();
+        console.log(`[AgentAdmin] ✅ Merchant Registered.`);
+        return tx.hash;
+    }
+}
+exports.AgentAdmin = AgentAdmin;

package/dist/config.d.ts CHANGED Viewed

@@ -23,4 +23,5 @@ export declare const AGENT_CONFIG_DEFAULTS: {
         agentPolicyRegistry: string;
         policyVerifier: string;
     };
+    strictPolicy: boolean;
 };

package/dist/config.js CHANGED Viewed

@@ -7,5 +7,6 @@ exports.AGENT_CONFIG_DEFAULTS = {
         merchantRegistry: "0x1948175dDB81DA08a4cf17BE4E0C95B97dD11F5c",
         agentPolicyRegistry: "0xce3b58c9ae8CA4724d6FA8684d2Cb89546FF4E43",
         policyVerifier: "0xFCb2D2279256B62A1E4E07BCDed26B6546bBc33b"
-    }
+    },
+    strictPolicy: true // 🛡️ ENFORCE: Agent will fail if policy hash mismatches chain
 };

package/dist/index.d.ts CHANGED Viewed

@@ -1,3 +1,5 @@
 export { AgentClient } from "./AgentClient";
 export type { AgentConfig } from "./config";
+export { AGENT_CONFIG_DEFAULTS } from "./config";
 export { AgentError } from "./errors";
+export { AgentAdmin } from "./AgentAdmin";

package/dist/index.js CHANGED Viewed

@@ -1,7 +1,11 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.AgentError = exports.AgentClient = void 0;
+exports.AgentAdmin = exports.AgentError = exports.AGENT_CONFIG_DEFAULTS = exports.AgentClient = void 0;
 var AgentClient_1 = require("./AgentClient");
 Object.defineProperty(exports, "AgentClient", { enumerable: true, get: function () { return AgentClient_1.AgentClient; } });
+var config_1 = require("./config");
+Object.defineProperty(exports, "AGENT_CONFIG_DEFAULTS", { enumerable: true, get: function () { return config_1.AGENT_CONFIG_DEFAULTS; } });
 var errors_1 = require("./errors");
 Object.defineProperty(exports, "AgentError", { enumerable: true, get: function () { return errors_1.AgentError; } });
+var AgentAdmin_1 = require("./AgentAdmin");
+Object.defineProperty(exports, "AgentAdmin", { enumerable: true, get: function () { return AgentAdmin_1.AgentAdmin; } });

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "cronos-agent-wallet",
-  "version": "1.2.3",
+  "version": "1.2.5",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "files": [