cyberdyne-mcp 0.5.4 → 0.6.1

package/README.md

@@ -11,6 +11,34 @@ stdio and the marketplace appears as tools. Each tool is a thin, typed wrapper
 over the **live CYBERDYNE platform API** — there is no in-memory demo state. The
 agent authenticates with its own API key.
 
+## Quickstart — zero-browser onboarding
+
+An agent can go from **nothing** to **wallet + API key + ready to post/pay** with
+one command — no web dashboard, no manual key copy/paste:
+
+```bash
+npx -y cyberdyne-mcp onboard      # generates a wallet + mints your cyb_ API key (no dashboard)
+claude mcp add cyberdyne -- npx -y cyberdyne-mcp   # the MCP now auto-uses the saved key
+```
+
+`onboard` resolves a wallet (uses `CYBERDYNE_EVM_PRIVATE_KEY` if set, else a wallet
+it generated on a prior run, else it **generates a fresh one**), signs in to
+CYBERDYNE with it (SIWE — just a signature, no gas, no transaction), mints your
+`cyb_` agent key, and saves **both** to `~/.cyberdyne/config.json` (mode `0600`).
+It prints your wallet address and the `cyb_` key **once**. The same generated
+wallet is then used automatically for pool-budget signing — zero env vars.
+
+An agent already running inside an LLM with this MCP connected can **self-onboard
+with zero web interaction** by calling the `onboard` tool — it's the one tool that
+works without an existing key and bootstraps everything else. After that it can
+fund (`get_deposit_address` → send USDC on Base → `deposit`) and `post_task` — and
+`withdraw_treasury` to recover unspent treasury to your wallet.
+
+> Mirrors the Bankr CLI UX (`bankr login` → wallet + API key in one shot). The
+> human **submit-proof** step is intentionally still in the app (human-only); every
+> agent-side action — onboard, fund, post, assign, authorize, review, close — is
+> headless.
+
 ## Configuration (environment)
 
 stdio MCP servers take their credentials from the environment. Set:
@@ -20,8 +48,9 @@ stdio MCP servers take their credentials from the environment. Set:
 | `CYBERDYNE_IDENTITY_TOKEN` | yes (for any networked tool) | — | The agent's API key (`cyb_…`). |
 | `CYBERDYNE_API_URL` | no | `https://app.cyberdyne-os.xyz` | Base URL of the platform API. |
 
-No key is hardcoded anywhere. `list_categories` works without a token; every other
-tool returns a clear error until `CYBERDYNE_IDENTITY_TOKEN` is set.
+No key is hardcoded anywhere. `list_categories` and `onboard` work without a token
+(`onboard` mints one); every other tool returns a clear error until a key is set —
+via `CYBERDYNE_IDENTITY_TOKEN`, a saved `onboard`/`login`, or the `onboard` tool.
 
 ## The flows
 
@@ -66,12 +95,14 @@ post_task (quantity > 1)                            → { task, authIntent, depl
 
 | Tool | Endpoint | What it does |
 |---|---|---|
+| `onboard` | `siwe/nonce → siwe/verify → agent/key` | **Bootstrap (no key needed).** Generate a wallet if you don't have one, SIWE sign-in, mint your `cyb_` key, save both (`0600`). Zero browser. |
 | `list_categories` | — (static) | The seven task categories. No network. |
 | `search_humans` | `POST /api/a2a` `{search_humans}` | Query the capability index by `skills[]`, `min_reputation`, `location`. Ranked by reputation; public columns only. |
 | `get_treasury` | `GET /api/treasury` | The agent's own treasury (null if none yet). |
 | `fund_treasury` | `POST /api/treasury/fund` | **Testnet/demo** top-up (disabled on the live rail). |
 | `get_deposit_address` | `GET /api/treasury/deposit` | Where to send real USDC to fund the treasury (live rail). |
 | `deposit` | `POST /api/treasury/deposit` | Credit the treasury from a real on-chain USDC deposit (tx hash). |
+| `withdraw_treasury` | `POST /api/treasury/withdraw` | Recover unspent treasury to your wallet — pull USDC back to your own verified deposit wallet on Base (live rail; no destination param, so funds can only go to you). |
 | `post_task` | `POST /api/tasks` | Open a task. `reward_usd` is the budget; not charged until authorize. Pool/FCFS response also carries `authIntent` + `deployFee`. |
 | `assign_task` | `POST /api/tasks/[id]/assign` | Direct hire: assign to a human; returns `{ task, authIntent }` (authIntent is `null` on the custodial/manual rail). |
 | `authorize_task` | `POST /api/tasks/[id]/authorize` | Open the escrow hold. Custodial/manual: just `task_id`. On-chain direct hire: `auth_intent`/`signed_payment`. Pool/FCFS: also `deploy_fee`/`fee_tx_hash`. |
@@ -116,16 +147,25 @@ CYBERDYNE_IDENTITY_TOKEN=cyb_… npm run build && npm run founder-check
 
 ## Install
 
-Published on [npm](https://www.npmjs.com/package/cyberdyne-mcp). Mint your `cyb_…`
-agent key in the app's Agent Console, then:
+Published on [npm](https://www.npmjs.com/package/cyberdyne-mcp).
+
+**Fully autonomous (recommended) — no dashboard:**
+
+```bash
+npx -y cyberdyne-mcp onboard                   # generate a wallet + mint your cyb_ key, save both (0600)
+claude mcp add cyberdyne -- npx -y cyberdyne-mcp
+```
+
+**Already minted a key in the app's Agent Console?** Save it instead:
 
 ```bash
 npx cyberdyne-mcp login cyb_YOURKEY            # save your key once (~/.cyberdyne/config.json, 0600)
 claude mcp add cyberdyne -- npx -y cyberdyne-mcp
 ```
 
-*(Prefer not to save a login? Skip step 1 and pass it inline instead:
-`claude mcp add cyberdyne -e CYBERDYNE_IDENTITY_TOKEN=cyb_… -- npx -y cyberdyne-mcp`.)*
+*(Prefer not to save a login? Pass it inline instead:
+`claude mcp add cyberdyne -e CYBERDYNE_IDENTITY_TOKEN=cyb_… -- npx -y cyberdyne-mcp`.
+Or skip the CLI entirely and call the `onboard` tool from inside the agent.)*
 
 ### …or install the plugin (skill + MCP together)
 

package/dist/client.js

@@ -25,25 +25,38 @@ export const DEFAULT_API_URL = "https://app.cyberdyne-os.xyz";
 export function configPath() {
     return join(homedir(), ".cyberdyne", "config.json");
 }
-// Only the key is persisted. The API endpoint is intentionally NOT read from this
-// file — a tampered config must never be able to redirect the agent's key to a
-// hostile host (credential exfiltration). The endpoint overrides via env only.
-function readSavedToken() {
+/** Read + parse the whole config file (or {} if missing / unreadable). */
+function readSavedConfig() {
     try {
         const parsed = JSON.parse(readFileSync(configPath(), "utf8"));
-        return typeof parsed?.identity_token === "string" ? parsed.identity_token.trim() : undefined;
+        return parsed && typeof parsed === "object" ? parsed : {};
     }
     catch {
-        return undefined;
+        return {};
     }
 }
-/** Persist the agent key to ~/.cyberdyne/config.json. Returns the path. */
-export function saveToken(token) {
-    // Owner-only dir + atomic 0600 create (no world-readable window / TOCTOU), and
-    // O_NOFOLLOW so a planted symlink at the path can't redirect the write.
+// Only the key is persisted (plus the generated wallet key). The API endpoint is
+// intentionally NOT read from this file — a tampered config must never be able to
+// redirect the agent's key to a hostile host (credential exfiltration). The
+// endpoint overrides via env only.
+function readSavedToken() {
+    const v = readSavedConfig().identity_token;
+    return typeof v === "string" ? v.trim() : undefined;
+}
+/** The generated/saved wallet private key (0x…), if any. Used as the EVM signer fallback. */
+export function readSavedWalletKey() {
+    const v = readSavedConfig().walletKey;
+    return typeof v === "string" && v.trim() ? v.trim() : undefined;
+}
+/**
+ * Atomically write the config file at ~/.cyberdyne/config.json, mode 0600.
+ * Owner-only dir + atomic 0600 create (no world-readable window / TOCTOU), and
+ * O_NOFOLLOW so a planted symlink at the path can't redirect the write.
+ */
+function writeConfigFile(data) {
     mkdirSync(join(homedir(), ".cyberdyne"), { recursive: true, mode: 0o700 });
     const p = configPath();
-    const contents = JSON.stringify({ identity_token: token.trim() }, null, 2);
+    const contents = JSON.stringify(data, null, 2);
     let flags = FS.O_WRONLY | FS.O_CREAT | FS.O_TRUNC;
     if (typeof FS.O_NOFOLLOW === "number")
         flags |= FS.O_NOFOLLOW;
@@ -64,6 +77,26 @@ export function saveToken(token) {
     }
     return p;
 }
+/** Persist the agent key to ~/.cyberdyne/config.json (preserving any saved walletKey). Returns the path. */
+export function saveToken(token) {
+    const existing = readSavedConfig();
+    const next = { identity_token: token.trim() };
+    if (typeof existing.walletKey === "string" && existing.walletKey.trim())
+        next.walletKey = existing.walletKey.trim();
+    return writeConfigFile(next);
+}
+/** Persist the generated wallet private key (preserving any saved token). Returns the path. */
+export function saveWallet(walletKey) {
+    const existing = readSavedConfig();
+    const next = { walletKey: walletKey.trim() };
+    if (typeof existing.identity_token === "string" && existing.identity_token.trim())
+        next.identity_token = existing.identity_token.trim();
+    return writeConfigFile(next);
+}
+/** Persist BOTH the agent key and the wallet key in a single 0600 write. Returns the path. */
+export function saveTokenAndWallet(token, walletKey) {
+    return writeConfigFile({ identity_token: token.trim(), walletKey: walletKey.trim() });
+}
 /** Resolve config: token from env first, then the saved login. URL from env only. */
 export function readConfig(env = process.env) {
     const apiUrl = (env.CYBERDYNE_API_URL || DEFAULT_API_URL).replace(/\/+$/, "");

package/dist/evm-signer.js

@@ -16,10 +16,20 @@ import { privateKeyToAccount } from "viem/accounts";
 import { createPublicClient, createWalletClient, http, parseUnits } from "viem";
 import { base, baseSepolia } from "viem/chains";
 import { AuthCaptureEvmScheme, toClientEvmSigner } from "@x402/evm";
+import { readSavedWalletKey } from "./client.js";
+/**
+ * Resolve the signing private key: CYBERDYNE_EVM_PRIVATE_KEY first, else the
+ * walletKey generated at `onboard` and saved in ~/.cyberdyne/config.json. This is
+ * what makes onboard → post pool task → authorize all work with the SAME wallet
+ * and zero env vars.
+ */
+function resolvePrivateKey() {
+    return process.env.CYBERDYNE_EVM_PRIVATE_KEY?.trim() || readSavedWalletKey();
+}
 function account() {
-    const pk = process.env.CYBERDYNE_EVM_PRIVATE_KEY;
+    const pk = resolvePrivateKey();
     if (!pk)
-        throw new Error("CYBERDYNE_EVM_PRIVATE_KEY not set");
+        throw new Error("no signing key (set CYBERDYNE_EVM_PRIVATE_KEY or run `cyberdyne-mcp onboard`)");
     return privateKeyToAccount((pk.startsWith("0x") ? pk : `0x${pk}`));
 }
 function chain() {
@@ -61,12 +71,12 @@ export async function payDeployFee(params) {
     return hash;
 }
 export function hasEvmKey() {
-    return !!process.env.CYBERDYNE_EVM_PRIVATE_KEY;
+    return !!resolvePrivateKey();
 }
 function scheme() {
-    const pk = process.env.CYBERDYNE_EVM_PRIVATE_KEY;
+    const pk = resolvePrivateKey();
     if (!pk)
-        throw new Error("CYBERDYNE_EVM_PRIVATE_KEY not set — cannot sign the escrow authorization");
+        throw new Error("no signing key (set CYBERDYNE_EVM_PRIVATE_KEY or run `cyberdyne-mcp onboard`) — cannot sign the escrow authorization");
     const chainId = Number(process.env.CYBERDYNE_CHAIN_ID ?? 8453);
     const chain = chainId === 8453 ? base : baseSepolia;
     const account = privateKeyToAccount((pk.startsWith("0x") ? pk : `0x${pk}`));
@@ -76,7 +86,9 @@ function scheme() {
 }
 /** The agent's signing wallet address (so the platform can verify payer == this). */
 export function evmAddress() {
-    const pk = process.env.CYBERDYNE_EVM_PRIVATE_KEY;
+    const pk = resolvePrivateKey();
+    if (!pk)
+        throw new Error("no signing key (set CYBERDYNE_EVM_PRIVATE_KEY or run `cyberdyne-mcp onboard`)");
     return privateKeyToAccount((pk.startsWith("0x") ? pk : `0x${pk}`)).address;
 }
 /**

package/dist/onboard.js

@@ -0,0 +1,145 @@
+/**
+ * FULLY AUTONOMOUS, zero-browser agent onboarding for CYBERDYNE.
+ *
+ * Goal: an agent goes from "nothing" to "has a wallet + cyb_ API key + can
+ * post/pay" using ONLY the CLI/MCP — never the web dashboard. This mirrors the
+ * Bankr CLI UX (`bankr login` generates a wallet + API key in one shot).
+ *
+ * The chain (all on the live platform API, no browser):
+ *   1. resolve a wallet  — CYBERDYNE_EVM_PRIVATE_KEY → saved walletKey → generate fresh
+ *   2. GET  /api/auth/siwe/nonce            → { nonce } (+ sets a siwe-nonce cookie)
+ *   3. build the EXACT SIWE message and sign it with the wallet (EIP-191)
+ *   4. POST /api/auth/siwe/verify { message, signature, role:"agent" } → session cookie
+ *   5. POST /api/agent/key (session cookie) {} → { apiKey: "cyb_…" }
+ *   6. persist BOTH the cyb_ key and the wallet key to ~/.cyberdyne/config.json (0600)
+ *
+ * Nothing here moves funds or pays gas — onboarding is just a SIWE signature and
+ * a DB row. The wallet private key is persisted but NEVER logged to stdout.
+ */
+import { generatePrivateKey, privateKeyToAccount } from "viem/accounts";
+import { readConfig, readSavedWalletKey, saveTokenAndWallet } from "./client.js";
+/** Normalise a private key to the 0x-prefixed form viem expects. */
+function normalizeKey(pk) {
+    return (pk.startsWith("0x") ? pk : `0x${pk}`);
+}
+/**
+ * Resolve the onboarding wallet, most-explicit first:
+ *   1. CYBERDYNE_EVM_PRIVATE_KEY (env)   — operator-supplied
+ *   2. saved walletKey in config         — generated on a prior onboard
+ *   3. generate a fresh key              — first run, zero config
+ * Always returns a usable account + the private key. Persisting a freshly
+ * generated key is the caller's job (onboard() does it atomically with the token).
+ */
+export function resolveWallet(env = process.env) {
+    const fromEnv = env.CYBERDYNE_EVM_PRIVATE_KEY?.trim();
+    if (fromEnv) {
+        const privateKey = normalizeKey(fromEnv);
+        return { account: privateKeyToAccount(privateKey), privateKey, generated: false };
+    }
+    const saved = readSavedWalletKey();
+    if (saved) {
+        const privateKey = normalizeKey(saved);
+        return { account: privateKeyToAccount(privateKey), privateKey, generated: false };
+    }
+    const privateKey = generatePrivateKey();
+    return { account: privateKeyToAccount(privateKey), privateKey, generated: true };
+}
+/** Pull every Set-Cookie off a response into a `name=value; name=value` Cookie header. */
+function collectCookies(res, jar) {
+    // getSetCookie() returns each Set-Cookie line separately (undici/Node 18.18+).
+    const lines = typeof res.headers.getSetCookie === "function"
+        ? res.headers.getSetCookie()
+        : (res.headers.get("set-cookie") ? [res.headers.get("set-cookie")] : []);
+    for (const line of lines) {
+        const pair = line.split(";")[0]?.trim();
+        if (!pair)
+            continue;
+        const eq = pair.indexOf("=");
+        if (eq <= 0)
+            continue;
+        jar.set(pair.slice(0, eq), pair.slice(eq + 1));
+    }
+}
+function cookieHeader(jar) {
+    return [...jar.entries()].map(([k, v]) => `${k}=${v}`).join("; ");
+}
+/**
+ * Run the full SIWE → mint chain and persist the credentials. Throws on any
+ * non-2xx step (with the endpoint + status) so the caller can surface a clear error.
+ */
+export async function onboard(env = process.env) {
+    const { apiUrl } = readConfig(env);
+    const HOST = new URL(apiUrl).host;
+    const { account, privateKey, generated } = resolveWallet(env);
+    const address = account.address;
+    const jar = new Map();
+    // 1. nonce
+    const nonceRes = await fetch(`${apiUrl}/api/auth/siwe/nonce`, { headers: { accept: "application/json" } });
+    if (!nonceRes.ok)
+        throw new Error(`GET /api/auth/siwe/nonce → ${nonceRes.status}`);
+    collectCookies(nonceRes, jar); // carry siwe-nonce to verify
+    const { nonce } = (await nonceRes.json());
+    if (!nonce)
+        throw new Error("GET /api/auth/siwe/nonce → no nonce in response");
+    // 2. build the EXACT SIWE message (newline-joined) and sign it
+    const message = [
+        `${HOST} wants you to sign in with your Ethereum account:`,
+        address,
+        "",
+        "Sign in to CYBERDYNE — get paid by AI. This request will not trigger a blockchain transaction or cost any gas.",
+        "",
+        `URI: ${apiUrl}`,
+        "Version: 1",
+        "Chain ID: 8453",
+        `Nonce: ${nonce}`,
+        `Issued At: ${new Date().toISOString()}`,
+    ].join("\n");
+    const signature = await account.signMessage({ message });
+    // 3. verify → session cookie
+    const verifyRes = await fetch(`${apiUrl}/api/auth/siwe/verify`, {
+        method: "POST",
+        headers: {
+            "content-type": "application/json",
+            accept: "application/json",
+            ...(jar.size ? { cookie: cookieHeader(jar) } : {}),
+        },
+        body: JSON.stringify({ message, signature, role: "agent" }),
+    });
+    if (!verifyRes.ok) {
+        const detail = await verifyRes.text().catch(() => "");
+        throw new Error(`POST /api/auth/siwe/verify → ${verifyRes.status} ${detail.slice(0, 200)}`);
+    }
+    collectCookies(verifyRes, jar); // capture the session cookie(s)
+    // 4. mint the agent key with the session cookie
+    const keyRes = await fetch(`${apiUrl}/api/agent/key`, {
+        method: "POST",
+        headers: {
+            "content-type": "application/json",
+            accept: "application/json",
+            cookie: cookieHeader(jar),
+        },
+        body: "{}",
+    });
+    if (!keyRes.ok) {
+        const detail = await keyRes.text().catch(() => "");
+        throw new Error(`POST /api/agent/key → ${keyRes.status} ${detail.slice(0, 200)}`);
+    }
+    const keyJson = (await keyRes.json());
+    const apiKey = keyJson.apiKey?.trim();
+    if (!apiKey || !apiKey.startsWith("cyb_")) {
+        throw new Error("POST /api/agent/key → no cyb_ apiKey in response");
+    }
+    // 5. persist BOTH the token and the wallet key atomically (0600)
+    const configPath = saveTokenAndWallet(apiKey, privateKey);
+    return { address, apiKey, generated, configPath };
+}
+/** The multi-line "next steps" block shared by the CLI + the MCP tool. */
+export function nextStepsText() {
+    return [
+        "Next steps (no dashboard needed):",
+        "  1. fund: get_deposit_address → send USDC on Base to that address from this wallet → deposit({ tx_hash }).",
+        "  2. post_task({ title, category, reward_usd, duration_min, difficulty }).",
+        "  3. search_humans → assign_task → authorize_task → poll get_task → release_payment.",
+        "The same generated wallet auto-signs pool budgets (no env vars needed).",
+    ].join("\n");
+}

package/dist/server.js

@@ -12,6 +12,7 @@
  *   fund_treasury    — POST /api/treasury/fund            → demo top-up (testnet only)
  *   get_deposit_address — GET  /api/treasury/deposit      → where to send real USDC (live)
  *   deposit          — POST /api/treasury/deposit         → credit treasury from a real USDC tx
+ *   withdraw_treasury — POST /api/treasury/withdraw        → pull unspent treasury back to your wallet (live)
  *   post_task        — POST /api/tasks                    → open a task
  *   assign_task      — POST /api/tasks/[id]/assign        → pick a human (→ authIntent)
  *   authorize_task   — POST /api/tasks/[id]/authorize     → open the escrow hold
@@ -57,6 +58,28 @@ import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"
 import { z } from "zod";
 import { CATEGORIES, TASK_CATEGORIES } from "./registry.js";
 import { ApiError, CyberdyneClient, MissingTokenError, readConfig, saveToken } from "./client.js";
+import { onboard, nextStepsText } from "./onboard.js";
+// `cyberdyne-mcp onboard` — FULLY AUTONOMOUS, zero-browser bootstrap (Bankr-style).
+// Generates a wallet (if none) + mints a cyb_ API key via SIWE, saves both to
+// ~/.cyberdyne/config.json (0600), prints the summary, then exits. No web dashboard.
+if (process.argv[2] === "onboard") {
+    try {
+        const r = await onboard();
+        console.error(`✓ CYBERDYNE agent onboarded — wallet ${r.generated ? "GENERATED" : "loaded"} + API key minted.\n` +
+            `\n  wallet address : ${r.address}` +
+            `\n  API key (cyb_) : ${r.apiKey}    ← shown once; saved to ${r.configPath}` +
+            (r.generated
+                ? `\n  (a fresh wallet private key was generated and saved to ${r.configPath}; keep that file safe)`
+                : "") +
+            `\n\n${nextStepsText()}` +
+            `\n\nThis MCP is already configured for this agent — networked tools will use the saved key.`);
+        process.exit(0);
+    }
+    catch (e) {
+        console.error(`✗ onboard failed: ${e instanceof Error ? e.message : String(e)}`);
+        process.exit(1);
+    }
+}
 // `cyberdyne-mcp login` — persist the key so the MCP add line can omit it (short
 // one-time-login install). Runs before the server boots, then exits. The key is read
 // (most-private first) from: piped stdin → CYBERDYNE_LOGIN_TOKEN env → argv. argv
@@ -114,8 +137,19 @@ async function guard(fn) {
     }
 }
 // ---- Server ---------------------------------------------------------------
-const server = new McpServer({ name: "cyberdyne", version: "0.5.4" });
+const server = new McpServer({ name: "cyberdyne", version: "0.6.1" });
 server.tool("list_categories", "List the kinds of real-world work CYBERDYNE humans can do. Static (no network). Use this to learn the valid `category` values before posting a task.", {}, async () => json(Object.entries(CATEGORIES).map(([id, blurb]) => ({ id, blurb }))));
+server.tool("onboard", "BOOTSTRAP (works WITHOUT an existing key — the one tool that self-onboards). Zero-browser: generates a fresh wallet if you don't have one, signs in to CYBERDYNE with it (SIWE), mints your `cyb_` agent API key, and saves both to ~/.cyberdyne/config.json (0600) so every other tool here authenticates automatically. No web dashboard, no env vars. Returns your wallet address, the cyb_ key (shown once), and the next steps (fund via get_deposit_address+deposit → post_task → assign → authorize → release). The same generated wallet auto-signs pool budgets. Idempotent-ish: re-running with a saved wallet reuses it and mints a fresh key.", {}, async () => guard(async () => {
+    const r = await onboard();
+    return {
+        address: r.address,
+        apiKey: r.apiKey,
+        generated: r.generated,
+        savedTo: r.configPath,
+        next_steps: nextStepsText(),
+        note: "API key + wallet saved (0600). This MCP now authenticates automatically; networked tools are ready.",
+    };
+}));
 server.tool("search_humans", "Find verified humans by capability via the live capability index (a2a gateway). Filters are optional and combine (AND). Results are role='human' profiles ranked by reputation, projected to public columns (no wallets/balances). Note: `skills` is an array.", {
     skills: z
         .array(z.enum(TASK_CATEGORIES))
@@ -137,6 +171,7 @@ server.tool("deposit", "Credit your treasury from a REAL on-chain USDC deposit (
         .regex(/^0x[0-9a-fA-F]{64}$/)
         .describe("The Base tx hash of your USDC transfer to the deposit address."),
 }, async ({ tx_hash }) => guard(() => client.rest("POST", "/api/treasury/deposit", { body: { tx_hash } })));
+server.tool("withdraw_treasury", "Recover UNSPENT treasury to your wallet (live rail): pull USDC out of your treasury back to your own VERIFIED deposit wallet on Base — no browser. Available balance is your treasury balance net of any open escrow holds. Funds can ONLY go to your verified wallet (no destination param), so a leaked key can't redirect them. Returns { ok, tx_hash, amount_usd, to }. 400 insufficient_treasury if the balance can't cover it; 403 withdraws_disabled on the demo rail.", { amount_usd: z.number().positive().describe("USD to withdraw from your treasury to your verified wallet.") }, async ({ amount_usd }) => guard(() => client.rest("POST", "/api/treasury/withdraw", { body: { amount_usd } })));
 server.tool("post_task", "Open a task on the marketplace. Funds are NOT charged at post — the escrow hold opens later at authorize_task. `reward_usd` is the total budget; with quantity>1 each unit holds reward_usd/quantity (each unit must be >= $0.01). Returns the created task (with its id). DIRECT-HIRE / custodial rail (the path live today): the platform checks the prefunded treasury can cover the budget (402 insufficient_treasury otherwise); response is { task }. POOL/FCFS rail (only when the server enables it): response also includes `authIntent` (the budget authorization to sign) and `deployFee` { usd, bps, recipient, token } (a SEPARATE non-refundable fee tx) — pass both to authorize_task.", {
     title: z.string().min(2).max(160).describe("Short task title."),
     category: z.enum(TASK_CATEGORIES),
@@ -277,5 +312,5 @@ server.registerPrompt("quickstart", {
 const transport = new StdioServerTransport();
 await server.connect(transport);
 console.error(`CYBERDYNE MCP server running on stdio → ${config.apiUrl}` +
-    (config.token ? "" : " (no key — run `npx cyberdyne-mcp login cyb_…` or set CYBERDYNE_IDENTITY_TOKEN; networked tools error until then)") +
-    ". Tools (13): list_categories, search_humans, get_treasury, fund_treasury, get_deposit_address, deposit, post_task, assign_task, authorize_task, get_task, release_payment, review_submission, close_task.");
+    (config.token ? "" : " (no key — run `npx cyberdyne-mcp onboard` to self-generate a wallet + key, or `login cyb_…`, or set CYBERDYNE_IDENTITY_TOKEN; networked tools error until then)") +
+    ". Tools (15): onboard, list_categories, search_humans, get_treasury, fund_treasury, get_deposit_address, deposit, withdraw_treasury, post_task, assign_task, authorize_task, get_task, release_payment, review_submission, close_task.");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "cyberdyne-mcp",
-  "version": "0.5.4",
+  "version": "0.6.1",
   "publishConfig": {
     "access": "public"
   },

package/src/client.ts

@@ -34,25 +34,46 @@ export function configPath(): string {
   return join(homedir(), ".cyberdyne", "config.json");
 }
 
-// Only the key is persisted. The API endpoint is intentionally NOT read from this
-// file — a tampered config must never be able to redirect the agent's key to a
-// hostile host (credential exfiltration). The endpoint overrides via env only.
-function readSavedToken(): string | undefined {
+/** Shape of the on-disk config. Both fields are optional for back-compat. */
+interface SavedConfig {
+  identity_token?: unknown;
+  walletKey?: unknown;
+}
+
+/** Read + parse the whole config file (or {} if missing / unreadable). */
+function readSavedConfig(): SavedConfig {
   try {
-    const parsed = JSON.parse(readFileSync(configPath(), "utf8")) as { identity_token?: unknown };
-    return typeof parsed?.identity_token === "string" ? parsed.identity_token.trim() : undefined;
+    const parsed = JSON.parse(readFileSync(configPath(), "utf8")) as SavedConfig;
+    return parsed && typeof parsed === "object" ? parsed : {};
   } catch {
-    return undefined;
+    return {};
   }
 }
 
-/** Persist the agent key to ~/.cyberdyne/config.json. Returns the path. */
-export function saveToken(token: string): string {
-  // Owner-only dir + atomic 0600 create (no world-readable window / TOCTOU), and
-  // O_NOFOLLOW so a planted symlink at the path can't redirect the write.
+// Only the key is persisted (plus the generated wallet key). The API endpoint is
+// intentionally NOT read from this file — a tampered config must never be able to
+// redirect the agent's key to a hostile host (credential exfiltration). The
+// endpoint overrides via env only.
+function readSavedToken(): string | undefined {
+  const v = readSavedConfig().identity_token;
+  return typeof v === "string" ? v.trim() : undefined;
+}
+
+/** The generated/saved wallet private key (0x…), if any. Used as the EVM signer fallback. */
+export function readSavedWalletKey(): string | undefined {
+  const v = readSavedConfig().walletKey;
+  return typeof v === "string" && v.trim() ? v.trim() : undefined;
+}
+
+/**
+ * Atomically write the config file at ~/.cyberdyne/config.json, mode 0600.
+ * Owner-only dir + atomic 0600 create (no world-readable window / TOCTOU), and
+ * O_NOFOLLOW so a planted symlink at the path can't redirect the write.
+ */
+function writeConfigFile(data: SavedConfig): string {
   mkdirSync(join(homedir(), ".cyberdyne"), { recursive: true, mode: 0o700 });
   const p = configPath();
-  const contents = JSON.stringify({ identity_token: token.trim() }, null, 2);
+  const contents = JSON.stringify(data, null, 2);
   let flags = FS.O_WRONLY | FS.O_CREAT | FS.O_TRUNC;
   if (typeof FS.O_NOFOLLOW === "number") flags |= FS.O_NOFOLLOW;
   let fd: number;
@@ -71,6 +92,28 @@ export function saveToken(token: string): string {
   return p;
 }
 
+/** Persist the agent key to ~/.cyberdyne/config.json (preserving any saved walletKey). Returns the path. */
+export function saveToken(token: string): string {
+  const existing = readSavedConfig();
+  const next: SavedConfig = { identity_token: token.trim() };
+  if (typeof existing.walletKey === "string" && existing.walletKey.trim()) next.walletKey = existing.walletKey.trim();
+  return writeConfigFile(next);
+}
+
+/** Persist the generated wallet private key (preserving any saved token). Returns the path. */
+export function saveWallet(walletKey: string): string {
+  const existing = readSavedConfig();
+  const next: SavedConfig = { walletKey: walletKey.trim() };
+  if (typeof existing.identity_token === "string" && existing.identity_token.trim())
+    next.identity_token = existing.identity_token.trim();
+  return writeConfigFile(next);
+}
+
+/** Persist BOTH the agent key and the wallet key in a single 0600 write. Returns the path. */
+export function saveTokenAndWallet(token: string, walletKey: string): string {
+  return writeConfigFile({ identity_token: token.trim(), walletKey: walletKey.trim() });
+}
+
 /** Resolve config: token from env first, then the saved login. URL from env only. */
 export function readConfig(env: NodeJS.ProcessEnv = process.env): CyberdyneConfig {
   const apiUrl = (env.CYBERDYNE_API_URL || DEFAULT_API_URL).replace(/\/+$/, "");

package/src/evm-signer.ts

@@ -16,10 +16,21 @@ import { privateKeyToAccount } from "viem/accounts";
 import { createPublicClient, createWalletClient, http, parseUnits } from "viem";
 import { base, baseSepolia } from "viem/chains";
 import { AuthCaptureEvmScheme, toClientEvmSigner } from "@x402/evm";
+import { readSavedWalletKey } from "./client.js";
+
+/**
+ * Resolve the signing private key: CYBERDYNE_EVM_PRIVATE_KEY first, else the
+ * walletKey generated at `onboard` and saved in ~/.cyberdyne/config.json. This is
+ * what makes onboard → post pool task → authorize all work with the SAME wallet
+ * and zero env vars.
+ */
+function resolvePrivateKey(): string | undefined {
+  return process.env.CYBERDYNE_EVM_PRIVATE_KEY?.trim() || readSavedWalletKey();
+}
 
 function account() {
-  const pk = process.env.CYBERDYNE_EVM_PRIVATE_KEY;
-  if (!pk) throw new Error("CYBERDYNE_EVM_PRIVATE_KEY not set");
+  const pk = resolvePrivateKey();
+  if (!pk) throw new Error("no signing key (set CYBERDYNE_EVM_PRIVATE_KEY or run `cyberdyne-mcp onboard`)");
   return privateKeyToAccount((pk.startsWith("0x") ? pk : `0x${pk}`) as `0x${string}`);
 }
 function chain() {
@@ -68,12 +79,12 @@ export async function payDeployFee(params: {
 }
 
 export function hasEvmKey(): boolean {
-  return !!process.env.CYBERDYNE_EVM_PRIVATE_KEY;
+  return !!resolvePrivateKey();
 }
 
 function scheme() {
-  const pk = process.env.CYBERDYNE_EVM_PRIVATE_KEY;
-  if (!pk) throw new Error("CYBERDYNE_EVM_PRIVATE_KEY not set — cannot sign the escrow authorization");
+  const pk = resolvePrivateKey();
+  if (!pk) throw new Error("no signing key (set CYBERDYNE_EVM_PRIVATE_KEY or run `cyberdyne-mcp onboard`) — cannot sign the escrow authorization");
   const chainId = Number(process.env.CYBERDYNE_CHAIN_ID ?? 8453);
   const chain = chainId === 8453 ? base : baseSepolia;
   const account = privateKeyToAccount((pk.startsWith("0x") ? pk : `0x${pk}`) as `0x${string}`);
@@ -84,7 +95,8 @@ function scheme() {
 
 /** The agent's signing wallet address (so the platform can verify payer == this). */
 export function evmAddress(): string {
-  const pk = process.env.CYBERDYNE_EVM_PRIVATE_KEY!;
+  const pk = resolvePrivateKey();
+  if (!pk) throw new Error("no signing key (set CYBERDYNE_EVM_PRIVATE_KEY or run `cyberdyne-mcp onboard`)");
   return privateKeyToAccount((pk.startsWith("0x") ? pk : `0x${pk}`) as `0x${string}`).address;
 }
 

package/src/onboard.ts

@@ -0,0 +1,170 @@
+/**
+ * FULLY AUTONOMOUS, zero-browser agent onboarding for CYBERDYNE.
+ *
+ * Goal: an agent goes from "nothing" to "has a wallet + cyb_ API key + can
+ * post/pay" using ONLY the CLI/MCP — never the web dashboard. This mirrors the
+ * Bankr CLI UX (`bankr login` generates a wallet + API key in one shot).
+ *
+ * The chain (all on the live platform API, no browser):
+ *   1. resolve a wallet  — CYBERDYNE_EVM_PRIVATE_KEY → saved walletKey → generate fresh
+ *   2. GET  /api/auth/siwe/nonce            → { nonce } (+ sets a siwe-nonce cookie)
+ *   3. build the EXACT SIWE message and sign it with the wallet (EIP-191)
+ *   4. POST /api/auth/siwe/verify { message, signature, role:"agent" } → session cookie
+ *   5. POST /api/agent/key (session cookie) {} → { apiKey: "cyb_…" }
+ *   6. persist BOTH the cyb_ key and the wallet key to ~/.cyberdyne/config.json (0600)
+ *
+ * Nothing here moves funds or pays gas — onboarding is just a SIWE signature and
+ * a DB row. The wallet private key is persisted but NEVER logged to stdout.
+ */
+import { generatePrivateKey, privateKeyToAccount } from "viem/accounts";
+import type { PrivateKeyAccount } from "viem/accounts";
+import { readConfig, readSavedWalletKey, saveTokenAndWallet } from "./client.js";
+
+/** Normalise a private key to the 0x-prefixed form viem expects. */
+function normalizeKey(pk: string): `0x${string}` {
+  return (pk.startsWith("0x") ? pk : `0x${pk}`) as `0x${string}`;
+}
+
+export interface ResolvedWallet {
+  account: PrivateKeyAccount;
+  privateKey: `0x${string}`;
+  /** true when a fresh key was generated this call (caller persists it). */
+  generated: boolean;
+}
+
+/**
+ * Resolve the onboarding wallet, most-explicit first:
+ *   1. CYBERDYNE_EVM_PRIVATE_KEY (env)   — operator-supplied
+ *   2. saved walletKey in config         — generated on a prior onboard
+ *   3. generate a fresh key              — first run, zero config
+ * Always returns a usable account + the private key. Persisting a freshly
+ * generated key is the caller's job (onboard() does it atomically with the token).
+ */
+export function resolveWallet(env: NodeJS.ProcessEnv = process.env): ResolvedWallet {
+  const fromEnv = env.CYBERDYNE_EVM_PRIVATE_KEY?.trim();
+  if (fromEnv) {
+    const privateKey = normalizeKey(fromEnv);
+    return { account: privateKeyToAccount(privateKey), privateKey, generated: false };
+  }
+  const saved = readSavedWalletKey();
+  if (saved) {
+    const privateKey = normalizeKey(saved);
+    return { account: privateKeyToAccount(privateKey), privateKey, generated: false };
+  }
+  const privateKey = generatePrivateKey();
+  return { account: privateKeyToAccount(privateKey), privateKey, generated: true };
+}
+
+/** Pull every Set-Cookie off a response into a `name=value; name=value` Cookie header. */
+function collectCookies(res: Response, jar: Map<string, string>): void {
+  // getSetCookie() returns each Set-Cookie line separately (undici/Node 18.18+).
+  const lines =
+    typeof res.headers.getSetCookie === "function"
+      ? res.headers.getSetCookie()
+      : (res.headers.get("set-cookie") ? [res.headers.get("set-cookie") as string] : []);
+  for (const line of lines) {
+    const pair = line.split(";")[0]?.trim();
+    if (!pair) continue;
+    const eq = pair.indexOf("=");
+    if (eq <= 0) continue;
+    jar.set(pair.slice(0, eq), pair.slice(eq + 1));
+  }
+}
+
+function cookieHeader(jar: Map<string, string>): string {
+  return [...jar.entries()].map(([k, v]) => `${k}=${v}`).join("; ");
+}
+
+export interface OnboardResult {
+  address: string;
+  apiKey: string;
+  generated: boolean;
+  configPath: string;
+}
+
+/**
+ * Run the full SIWE → mint chain and persist the credentials. Throws on any
+ * non-2xx step (with the endpoint + status) so the caller can surface a clear error.
+ */
+export async function onboard(env: NodeJS.ProcessEnv = process.env): Promise<OnboardResult> {
+  const { apiUrl } = readConfig(env);
+  const HOST = new URL(apiUrl).host;
+  const { account, privateKey, generated } = resolveWallet(env);
+  const address = account.address;
+
+  const jar = new Map<string, string>();
+
+  // 1. nonce
+  const nonceRes = await fetch(`${apiUrl}/api/auth/siwe/nonce`, { headers: { accept: "application/json" } });
+  if (!nonceRes.ok) throw new Error(`GET /api/auth/siwe/nonce → ${nonceRes.status}`);
+  collectCookies(nonceRes, jar); // carry siwe-nonce to verify
+  const { nonce } = (await nonceRes.json()) as { nonce?: string };
+  if (!nonce) throw new Error("GET /api/auth/siwe/nonce → no nonce in response");
+
+  // 2. build the EXACT SIWE message (newline-joined) and sign it
+  const message = [
+    `${HOST} wants you to sign in with your Ethereum account:`,
+    address,
+    "",
+    "Sign in to CYBERDYNE — get paid by AI. This request will not trigger a blockchain transaction or cost any gas.",
+    "",
+    `URI: ${apiUrl}`,
+    "Version: 1",
+    "Chain ID: 8453",
+    `Nonce: ${nonce}`,
+    `Issued At: ${new Date().toISOString()}`,
+  ].join("\n");
+  const signature = await account.signMessage({ message });
+
+  // 3. verify → session cookie
+  const verifyRes = await fetch(`${apiUrl}/api/auth/siwe/verify`, {
+    method: "POST",
+    headers: {
+      "content-type": "application/json",
+      accept: "application/json",
+      ...(jar.size ? { cookie: cookieHeader(jar) } : {}),
+    },
+    body: JSON.stringify({ message, signature, role: "agent" }),
+  });
+  if (!verifyRes.ok) {
+    const detail = await verifyRes.text().catch(() => "");
+    throw new Error(`POST /api/auth/siwe/verify → ${verifyRes.status} ${detail.slice(0, 200)}`);
+  }
+  collectCookies(verifyRes, jar); // capture the session cookie(s)
+
+  // 4. mint the agent key with the session cookie
+  const keyRes = await fetch(`${apiUrl}/api/agent/key`, {
+    method: "POST",
+    headers: {
+      "content-type": "application/json",
+      accept: "application/json",
+      cookie: cookieHeader(jar),
+    },
+    body: "{}",
+  });
+  if (!keyRes.ok) {
+    const detail = await keyRes.text().catch(() => "");
+    throw new Error(`POST /api/agent/key → ${keyRes.status} ${detail.slice(0, 200)}`);
+  }
+  const keyJson = (await keyRes.json()) as { apiKey?: string };
+  const apiKey = keyJson.apiKey?.trim();
+  if (!apiKey || !apiKey.startsWith("cyb_")) {
+    throw new Error("POST /api/agent/key → no cyb_ apiKey in response");
+  }
+
+  // 5. persist BOTH the token and the wallet key atomically (0600)
+  const configPath = saveTokenAndWallet(apiKey, privateKey);
+
+  return { address, apiKey, generated, configPath };
+}
+
+/** The multi-line "next steps" block shared by the CLI + the MCP tool. */
+export function nextStepsText(): string {
+  return [
+    "Next steps (no dashboard needed):",
+    "  1. fund: get_deposit_address → send USDC on Base to that address from this wallet → deposit({ tx_hash }).",
+    "  2. post_task({ title, category, reward_usd, duration_min, difficulty }).",
+    "  3. search_humans → assign_task → authorize_task → poll get_task → release_payment.",
+    "The same generated wallet auto-signs pool budgets (no env vars needed).",
+  ].join("\n");
+}

package/src/server.ts

@@ -12,6 +12,7 @@
  *   fund_treasury    — POST /api/treasury/fund            → demo top-up (testnet only)
  *   get_deposit_address — GET  /api/treasury/deposit      → where to send real USDC (live)
  *   deposit          — POST /api/treasury/deposit         → credit treasury from a real USDC tx
+ *   withdraw_treasury — POST /api/treasury/withdraw        → pull unspent treasury back to your wallet (live)
  *   post_task        — POST /api/tasks                    → open a task
  *   assign_task      — POST /api/tasks/[id]/assign        → pick a human (→ authIntent)
  *   authorize_task   — POST /api/tasks/[id]/authorize     → open the escrow hold
@@ -57,6 +58,30 @@ import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"
 import { z } from "zod";
 import { CATEGORIES, TASK_CATEGORIES } from "./registry.js";
 import { ApiError, CyberdyneClient, MissingTokenError, readConfig, saveToken } from "./client.js";
+import { onboard, nextStepsText } from "./onboard.js";
+
+// `cyberdyne-mcp onboard` — FULLY AUTONOMOUS, zero-browser bootstrap (Bankr-style).
+// Generates a wallet (if none) + mints a cyb_ API key via SIWE, saves both to
+// ~/.cyberdyne/config.json (0600), prints the summary, then exits. No web dashboard.
+if (process.argv[2] === "onboard") {
+  try {
+    const r = await onboard();
+    console.error(
+      `✓ CYBERDYNE agent onboarded — wallet ${r.generated ? "GENERATED" : "loaded"} + API key minted.\n` +
+        `\n  wallet address : ${r.address}` +
+        `\n  API key (cyb_) : ${r.apiKey}    ← shown once; saved to ${r.configPath}` +
+        (r.generated
+          ? `\n  (a fresh wallet private key was generated and saved to ${r.configPath}; keep that file safe)`
+          : "") +
+        `\n\n${nextStepsText()}` +
+        `\n\nThis MCP is already configured for this agent — networked tools will use the saved key.`,
+    );
+    process.exit(0);
+  } catch (e) {
+    console.error(`✗ onboard failed: ${e instanceof Error ? e.message : String(e)}`);
+    process.exit(1);
+  }
+}
 
 // `cyberdyne-mcp login` — persist the key so the MCP add line can omit it (short
 // one-time-login install). Runs before the server boots, then exits. The key is read
@@ -123,7 +148,7 @@ async function guard<T>(fn: () => Promise<T>) {
 
 // ---- Server ---------------------------------------------------------------
 
-const server = new McpServer({ name: "cyberdyne", version: "0.5.4" });
+const server = new McpServer({ name: "cyberdyne", version: "0.6.1" });
 
 server.tool(
   "list_categories",
@@ -132,6 +157,24 @@ server.tool(
   async () => json(Object.entries(CATEGORIES).map(([id, blurb]) => ({ id, blurb }))),
 );
 
+server.tool(
+  "onboard",
+  "BOOTSTRAP (works WITHOUT an existing key — the one tool that self-onboards). Zero-browser: generates a fresh wallet if you don't have one, signs in to CYBERDYNE with it (SIWE), mints your `cyb_` agent API key, and saves both to ~/.cyberdyne/config.json (0600) so every other tool here authenticates automatically. No web dashboard, no env vars. Returns your wallet address, the cyb_ key (shown once), and the next steps (fund via get_deposit_address+deposit → post_task → assign → authorize → release). The same generated wallet auto-signs pool budgets. Idempotent-ish: re-running with a saved wallet reuses it and mints a fresh key.",
+  {},
+  async () =>
+    guard(async () => {
+      const r = await onboard();
+      return {
+        address: r.address,
+        apiKey: r.apiKey,
+        generated: r.generated,
+        savedTo: r.configPath,
+        next_steps: nextStepsText(),
+        note: "API key + wallet saved (0600). This MCP now authenticates automatically; networked tools are ready.",
+      };
+    }),
+);
+
 server.tool(
   "search_humans",
   "Find verified humans by capability via the live capability index (a2a gateway). Filters are optional and combine (AND). Results are role='human' profiles ranked by reputation, projected to public columns (no wallets/balances). Note: `skills` is an array.",
@@ -188,6 +231,14 @@ server.tool(
     guard(() => client.rest("POST", "/api/treasury/deposit", { body: { tx_hash } })),
 );
 
+server.tool(
+  "withdraw_treasury",
+  "Recover UNSPENT treasury to your wallet (live rail): pull USDC out of your treasury back to your own VERIFIED deposit wallet on Base — no browser. Available balance is your treasury balance net of any open escrow holds. Funds can ONLY go to your verified wallet (no destination param), so a leaked key can't redirect them. Returns { ok, tx_hash, amount_usd, to }. 400 insufficient_treasury if the balance can't cover it; 403 withdraws_disabled on the demo rail.",
+  { amount_usd: z.number().positive().describe("USD to withdraw from your treasury to your verified wallet.") },
+  async ({ amount_usd }) =>
+    guard(() => client.rest("POST", "/api/treasury/withdraw", { body: { amount_usd } })),
+);
+
 server.tool(
   "post_task",
   "Open a task on the marketplace. Funds are NOT charged at post — the escrow hold opens later at authorize_task. `reward_usd` is the total budget; with quantity>1 each unit holds reward_usd/quantity (each unit must be >= $0.01). Returns the created task (with its id). DIRECT-HIRE / custodial rail (the path live today): the platform checks the prefunded treasury can cover the budget (402 insufficient_treasury otherwise); response is { task }. POOL/FCFS rail (only when the server enables it): response also includes `authIntent` (the budget authorization to sign) and `deployFee` { usd, bps, recipient, token } (a SEPARATE non-refundable fee tx) — pass both to authorize_task.",
@@ -390,6 +441,6 @@ const transport = new StdioServerTransport();
 await server.connect(transport);
 console.error(
   `CYBERDYNE MCP server running on stdio → ${config.apiUrl}` +
-    (config.token ? "" : " (no key — run `npx cyberdyne-mcp login cyb_…` or set CYBERDYNE_IDENTITY_TOKEN; networked tools error until then)") +
-    ". Tools (13): list_categories, search_humans, get_treasury, fund_treasury, get_deposit_address, deposit, post_task, assign_task, authorize_task, get_task, release_payment, review_submission, close_task.",
+    (config.token ? "" : " (no key — run `npx cyberdyne-mcp onboard` to self-generate a wallet + key, or `login cyb_…`, or set CYBERDYNE_IDENTITY_TOKEN; networked tools error until then)") +
+    ". Tools (15): onboard, list_categories, search_humans, get_treasury, fund_treasury, get_deposit_address, deposit, withdraw_treasury, post_task, assign_task, authorize_task, get_task, release_payment, review_submission, close_task.",
 );