dexe-mcp 0.19.0 → 0.20.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +38 -0
- package/README.md +126 -228
- package/dexe-plugin/skills/dexe-create-dao/SKILL.md +3 -1
- package/dist/lib/avatarImage.d.ts +22 -0
- package/dist/lib/avatarImage.d.ts.map +1 -0
- package/dist/lib/avatarImage.js +199 -0
- package/dist/lib/avatarImage.js.map +1 -0
- package/dist/lib/imageSniff.d.ts +44 -0
- package/dist/lib/imageSniff.d.ts.map +1 -0
- package/dist/lib/imageSniff.js +145 -0
- package/dist/lib/imageSniff.js.map +1 -0
- package/dist/tools/daoCreate.d.ts.map +1 -1
- package/dist/tools/daoCreate.js +10 -0
- package/dist/tools/daoCreate.js.map +1 -1
- package/dist/tools/ipfs.d.ts +1 -0
- package/dist/tools/ipfs.d.ts.map +1 -1
- package/dist/tools/ipfs.js +49 -42
- package/dist/tools/ipfs.js.map +1 -1
- package/package.json +2 -1
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,43 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## 0.20.0 — 2026-07-06
|
|
4
|
+
|
|
5
|
+
### Avatars: real JPEG generation + magic-byte validation (bug #34)
|
|
6
|
+
|
|
7
|
+
`dexe_dao_generate_avatar` pinned **SVG bytes under an `avatar.jpeg` name**.
|
|
8
|
+
The DeXe serving chain makes that unrenderable: the Go `ipfs-cache` service
|
|
9
|
+
copies avatar bytes to R2 as `<descCid>.jpeg` with a hardcoded `image/jpeg`
|
|
10
|
+
content-type (no byte inspection), the app.dexe.io `<img>` has no error
|
|
11
|
+
fallback after a successful GET, and browsers never content-sniff SVG — so
|
|
12
|
+
every generated avatar showed as a permanently broken image (hit live on the
|
|
13
|
+
Generative Collective DAO, `0x3910…d622`).
|
|
14
|
+
|
|
15
|
+
- **`dexe_dao_generate_avatar` now renders a real JPEG** (`src/lib/avatarImage.ts`):
|
|
16
|
+
pixel initials (embedded 8x8 font, public-domain font8x8) over the same
|
|
17
|
+
hash-coloured diagonal gradient, encoded with `jpeg-js` (pure JS, no native
|
|
18
|
+
deps). Colour hash unchanged (djb2), so re-generated avatars keep their
|
|
19
|
+
palette. Deterministic: same `daoName` → byte-identical file.
|
|
20
|
+
- **Magic-byte validation on every avatar upload path**
|
|
21
|
+
(`src/lib/imageSniff.ts`): only real rasters — JPEG/PNG/WebP/GIF — are
|
|
22
|
+
accepted; SVG, HTML, and unrecognized bytes are rejected with an actionable
|
|
23
|
+
error. Applied to `dexe_ipfs_upload_avatar` (which now also pins with the
|
|
24
|
+
*sniffed* MIME, not the caller's claim, and returns `detectedFormat`) and to
|
|
25
|
+
`dexe_ipfs_upload_file` on its `.jpeg`-normalized (avatar-contract) path —
|
|
26
|
+
`normalizeImageExt: false` is the escape hatch for generic image attachments
|
|
27
|
+
(e.g. a legitimate SVG logo pinned as `image/svg+xml`).
|
|
28
|
+
- **By-reference avatar CIDs are validated too.** `dexe_ipfs_upload_dao_metadata`,
|
|
29
|
+
`dexe_ipfs_update_dao_metadata`, and `dexe_dao_create` accept an `avatarCID`
|
|
30
|
+
pinned elsewhere; they now fetch the first KB of `<cid>/<fileName>` off the
|
|
31
|
+
gateway chain and sniff it — confirmed non-raster bytes hard-block, an
|
|
32
|
+
unreachable pin (fresh, not yet propagated) proceeds with a warning.
|
|
33
|
+
- Docs: `docs/PROFILE.md` gains a troubleshooting entry for the
|
|
34
|
+
"HTTP 200 but broken image" case; `docs/TOOLS.md` rows updated.
|
|
35
|
+
- New dep: `jpeg-js@0.4.4`. Tool count unchanged.
|
|
36
|
+
|
|
37
|
+
Existing DAOs with an SVG avatar stay broken until rotated: re-generate with
|
|
38
|
+
v0.20.0+, then `dexe_ipfs_update_dao_metadata` → `modify_dao_profile`
|
|
39
|
+
proposal → vote + execute.
|
|
40
|
+
|
|
3
41
|
## 0.19.0 — 2026-07-06
|
|
4
42
|
|
|
5
43
|
### DAO creation: governance coherence guards + frontend parity
|
package/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
<p align="center">
|
|
2
2
|
<a href="https://www.npmjs.com/package/dexe-mcp">
|
|
3
|
-
<img src="./assets/hero.svg" alt="dexe-mcp
|
|
3
|
+
<img src="./assets/hero.svg" alt="dexe-mcp" width="100%"/>
|
|
4
4
|
</a>
|
|
5
5
|
</p>
|
|
6
6
|
|
|
@@ -9,133 +9,60 @@
|
|
|
9
9
|
<a href="https://nodejs.org"><img alt="node" src="https://img.shields.io/node/v/dexe-mcp.svg?style=flat-square&labelColor=0b0f1e&color=E07AFF"></a>
|
|
10
10
|
<a href="https://github.com/edward-arinin-web-dev/dexe-mcp/blob/main/LICENSE"><img alt="license" src="https://img.shields.io/npm/l/dexe-mcp.svg?style=flat-square&labelColor=0b0f1e&color=FFC878"></a>
|
|
11
11
|
<a href="https://modelcontextprotocol.io"><img alt="MCP-compatible" src="https://img.shields.io/badge/MCP-compatible-9BB4FF?style=flat-square&labelColor=0b0f1e"></a>
|
|
12
|
-
<a href="https://github.com/edward-arinin-web-dev/dexe-mcp"><img alt="tools" src="https://img.shields.io/badge/tools-159-7CF2D1?style=flat-square&labelColor=0b0f1e"></a>
|
|
13
|
-
<a href="https://github.com/edward-arinin-web-dev/dexe-mcp"><img alt="proposal types" src="https://img.shields.io/badge/proposal--types-33-E07AFF?style=flat-square&labelColor=0b0f1e"></a>
|
|
14
12
|
</p>
|
|
15
13
|
|
|
16
|
-
|
|
14
|
+
# dexe-mcp
|
|
17
15
|
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
16
|
+
An MCP (Model Context Protocol) server for [DeXe Protocol](https://dexe.io) governance on BNB Chain, with an additional generic surface for OpenZeppelin and Compound-Bravo Governor DAOs (Uniswap, Compound, Optimism).
|
|
17
|
+
|
|
18
|
+
It exposes 159 typed tools in 19 groups: DAO deployment, all 33 DeXe proposal types, voting, delegation, execution, OTC token sales, treasury and subgraph reads, IPFS metadata, transaction simulation, and diagnostics. Any MCP client can use it — Claude Code, Claude Desktop, Cursor, or a custom agent.
|
|
19
|
+
|
|
20
|
+
Writes are calldata-first: tools return a `{ to, data, value, chainId }` payload for your own wallet to sign. Broadcasting from the server is opt-in, either through WalletConnect (transactions are approved on your phone; no key on disk) or a private key you explicitly configure.
|
|
23
21
|
|
|
24
22
|
<p align="center">
|
|
25
|
-
<a href="#install-in-claude-code
|
|
26
|
-
<a href="#quickstart">Quickstart</a>
|
|
27
|
-
<a href="#
|
|
28
|
-
<a href="#
|
|
29
|
-
<a href="#tool-catalog">Tool catalog</a> ·
|
|
30
|
-
<a href="#swarm-test-harness">Swarm tests</a> ·
|
|
23
|
+
<a href="#install-in-claude-code">Install</a> ·
|
|
24
|
+
<a href="#quickstart-other-mcp-clients">Quickstart</a> ·
|
|
25
|
+
<a href="#tool-catalog">Tool catalog</a> ·
|
|
26
|
+
<a href="#environment-variables">Environment</a> ·
|
|
31
27
|
<a href="https://github.com/edward-arinin-web-dev/dexe-mcp/tree/main/docs">Docs</a>
|
|
32
28
|
</p>
|
|
33
29
|
|
|
34
30
|
---
|
|
35
31
|
|
|
36
|
-
## Install in Claude Code
|
|
32
|
+
## Install in Claude Code
|
|
37
33
|
|
|
38
|
-
Two
|
|
34
|
+
Two commands, typed inside Claude Code:
|
|
39
35
|
|
|
40
36
|
```
|
|
41
37
|
/plugin marketplace add edward-arinin-web-dev/dexe-mcp
|
|
42
38
|
/plugin install dexe@dexe-mcp
|
|
43
39
|
```
|
|
44
40
|
|
|
45
|
-
Then
|
|
46
|
-
|
|
47
|
-
> *"Show the treasury of `0x…` on BSC."*
|
|
48
|
-
|
|
49
|
-
Reads work with **zero setup** — on-chain data, subgraphs, the DeXe backend, and IPFS all run on public defaults out of the box, and WalletConnect signing is available immediately (connect a wallet with `dexe_wc_connect`). The governance skills (create DAO, create proposal, vote & execute, OTC) install with the plugin.
|
|
50
|
-
|
|
51
|
-
**Want to create DAOs or proposals, or broadcast transactions?** Type **`/dexe-setup`** and Claude walks you through adding your keys (a Pinata token for IPFS, a wallet for signing) — one guided step, nothing to hand-edit.
|
|
41
|
+
Then ask:
|
|
52
42
|
|
|
53
|
-
>
|
|
43
|
+
> "Show the treasury of `0x…` on BSC."
|
|
54
44
|
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
## The shift
|
|
58
|
-
|
|
59
|
-
For a decade, DAOs lived behind dashboards. Every action was a click. Every read was a tab. Every coordination loop needed a human at the keyboard.
|
|
60
|
-
|
|
61
|
-
That era is ending.
|
|
45
|
+
Reads work with no configuration: on-chain data, subgraphs, the DeXe backend, and IPFS all have public defaults, and WalletConnect signing is available immediately (`dexe_wc_connect`). The governance skills (create DAO, create proposal, vote and execute, OTC) install with the plugin.
|
|
62
46
|
|
|
63
|
-
|
|
47
|
+
To create DAOs or proposals, or to broadcast transactions, run `/dexe-setup` — it walks through the two keys that unlock those paths (a Pinata token for IPFS uploads, a signer) and writes them to `.env` for you.
|
|
64
48
|
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
| | What you get |
|
|
68
|
-
|-----|------|
|
|
69
|
-
| **Total protocol coverage** | All **33 proposal types**. Validator chamber. Expert delegation. OTC multi-tier sales with merkle whitelists. Internal config. Off-chain backend. Nothing hand-rolled. Nothing missing. |
|
|
70
|
-
| **Key-safe by default** | Every write returns `TxPayload = { to, data, value, chainId }`. Your wallet — MetaMask, Safe, Ledger, anything — signs. **No keys touch the MCP unless you explicitly set `DEXE_PRIVATE_KEY`.** |
|
|
71
|
-
| **Battle-tested on-chain** | **57 swarm-test scenarios** running on BSC testnet against real fixture DAOs. Every builder validated end-to-end — draft → IPFS → propose → vote → execute. Latest pass: 2026-05-12. |
|
|
72
|
-
| **AI-native, model-agnostic** | Tool names, argument schemas, and return shapes are tuned for LLM chaining. Works with Claude, GPT, Gemini, Mistral, Llama — anything that can call MCP tools. |
|
|
73
|
-
| **Open source, no middleman** | MIT. Your RPC. Your wallet. Your keys. Your rules. No telemetry. No SaaS gatekeeper. No rate limits. Run it on your laptop or behind your agent fleet. |
|
|
74
|
-
|
|
75
|
-
---
|
|
49
|
+
Using Cursor, ChatGPT, another MCP client, or the terminal? See [docs/INSTALL.md](./docs/INSTALL.md).
|
|
76
50
|
|
|
77
|
-
##
|
|
51
|
+
## Quickstart (other MCP clients)
|
|
78
52
|
|
|
79
|
-
|
|
53
|
+
Reads need no environment at all. The steps below set up uploads and signing.
|
|
80
54
|
|
|
81
|
-
|
|
82
|
-
- **Intent-driven proposal drafting** — *"Stream 50,000 USDT from treasury to the dev fund, vesting linearly over six months."* The agent picks the right builder (`_token_distribution`), assembles nested calldata, pins metadata to IPFS, returns one signable payload. What used to be a 14-field form is now a sentence.
|
|
83
|
-
- **AI delegates that reason** — agents that read every proposal, weigh it against a written mandate, vote, and publish their reasoning on-chain. Real accountability for delegated power.
|
|
84
|
-
- **24/7 autonomous treasury bots** — policy expressed as code, executed as proposals. Market triggers, runway thresholds, vesting schedules — all enforced without a human in the loop, every action a signed on-chain decision.
|
|
85
|
-
- **Multi-DAO coalition orchestration** — one agent coordinating votes across allied protocols, tracking quorums, building coalitions, executing in lockstep.
|
|
86
|
-
- **Conversational DAO frontends** — apps where there *is* no UI. The MCP server is the backend. The chat is the dashboard. The wallet is the only button.
|
|
87
|
-
- **Adversarial governance simulators** — spin up swarms of AI proposers, voters, and validators to red-team a parameter change *before* it hits mainnet. The swarm harness ships with this already (see [Swarm tests](#swarm-test-harness)).
|
|
88
|
-
- **OTC sale autopilots** — open multi-tier sales with merkle whitelists, manage buyer flows, fulfill vested payouts — all without a sale-management UI.
|
|
89
|
-
- **Forensics and compliance** — `dexe_decode_proposal` + `_decode_calldata` make any historic on-chain proposal human-readable. Agents narrate every governance decision for audits, postmortems, and research.
|
|
90
|
-
|
|
91
|
-
If you can describe a DeXe governance operation in a sentence, `dexe-mcp` has the tool.
|
|
92
|
-
|
|
93
|
-
---
|
|
94
|
-
|
|
95
|
-
## Built for what's next
|
|
96
|
-
|
|
97
|
-
The next generation of DAOs will be **operated by language, not by clicks.**
|
|
98
|
-
|
|
99
|
-
- **AI delegates will outvote human ones.** They read every proposal. They show their reasoning. They never miss a deadline.
|
|
100
|
-
- **Treasuries will defend themselves.** Policy bots react to market moves, rebalance, claim, redelegate — all through governance, never around it.
|
|
101
|
-
- **Cross-DAO coordination will be ambient.** Coalitions form in seconds via agent-to-agent negotiation, ratified by on-chain votes.
|
|
102
|
-
- **Governance frontends will collapse into chat.** The dashboard moves into the conversation. The UI is the prompt.
|
|
103
|
-
- **Every proposal will be simulated first.** Adversarial AI swarms stress-test changes before they reach mainnet.
|
|
104
|
-
- **Audit will run continuously.** Compliance agents decode and narrate every historical decision in real time.
|
|
105
|
-
|
|
106
|
-
`dexe-mcp` is the connective tissue. Bring your model. Bring your wallet. Bring your DAO.
|
|
107
|
-
|
|
108
|
-
---
|
|
109
|
-
|
|
110
|
-
## Quickstart
|
|
111
|
-
|
|
112
|
-
> **In Claude Code?** Skip this — use the [two-line plugin install](#install-in-claude-code-no-terminal) above. The steps below are for **other MCP clients** (Cursor, ChatGPT, custom agents) and terminal/manual setups. Reads need no env at all; env is only for IPFS uploads and broadcasting.
|
|
113
|
-
|
|
114
|
-
**Fastest path — wizard + diagnostic:**
|
|
55
|
+
**Wizard path:**
|
|
115
56
|
|
|
116
57
|
```bash
|
|
117
58
|
npm install -g dexe-mcp
|
|
118
|
-
|
|
119
|
-
|
|
59
|
+
dexe-mcp init # interactive setup: network, Pinata, signer mode
|
|
60
|
+
dexe-mcp doctor # verifies RPC, Pinata, IPFS gateway, subgraph
|
|
120
61
|
```
|
|
121
62
|
|
|
122
|
-
|
|
123
|
-
snippet to paste. Then `doctor` walks every recognized `DEXE_*` var and
|
|
124
|
-
returns a pass/warn/fail report with paste-ready remediation hints. See
|
|
125
|
-
[`docs/SETUP.md`](./docs/SETUP.md) for the full runbook,
|
|
126
|
-
[`docs/DOCTOR.md`](./docs/DOCTOR.md) for the check reference, and
|
|
127
|
-
[`docs/MIGRATION.md`](./docs/MIGRATION.md) if you are upgrading from
|
|
128
|
-
0.7.x.
|
|
129
|
-
|
|
130
|
-
**Manual path:**
|
|
63
|
+
`init` writes `.env` and prints a client-config snippet to paste. `doctor` checks every recognized `DEXE_*` variable and reports pass/warn/fail with remediation hints. Full runbook: [docs/SETUP.md](./docs/SETUP.md); check reference: [docs/DOCTOR.md](./docs/DOCTOR.md); upgrade notes: [docs/MIGRATION.md](./docs/MIGRATION.md).
|
|
131
64
|
|
|
132
|
-
**
|
|
133
|
-
|
|
134
|
-
```bash
|
|
135
|
-
npm install -g dexe-mcp
|
|
136
|
-
```
|
|
137
|
-
|
|
138
|
-
**2.** Register with your MCP client (`.mcp.json`, `claude_desktop_config.json`, Cursor settings, etc.):
|
|
65
|
+
**Manual path** — register with your MCP client (`.mcp.json`, `claude_desktop_config.json`, Cursor settings):
|
|
139
66
|
|
|
140
67
|
```json
|
|
141
68
|
{
|
|
@@ -143,30 +70,29 @@ npm install -g dexe-mcp
|
|
|
143
70
|
"dexe": {
|
|
144
71
|
"command": "dexe-mcp",
|
|
145
72
|
"env": {
|
|
146
|
-
"
|
|
147
|
-
"DEXE_CHAIN_ID": "56"
|
|
73
|
+
"DEXE_RPC_URL_MAINNET": "https://bsc-dataseed.binance.org"
|
|
148
74
|
}
|
|
149
75
|
}
|
|
150
76
|
}
|
|
151
77
|
}
|
|
152
78
|
```
|
|
153
79
|
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
>
|
|
157
|
-
>
|
|
158
|
-
> (Run `npm root -g` to get the absolute path.)
|
|
80
|
+
The `env` block is optional — without it the server falls back to a public BSC RPC, which is rate-limited and suitable for evaluation; set your own endpoint for production use.
|
|
81
|
+
|
|
82
|
+
> **Windows:** if your MCP client can't resolve the `dexe-mcp` shim on PATH, point it at the script directly:
|
|
83
|
+
> `{ "command": "node", "args": ["<npm root -g>/dexe-mcp/dist/index.js"] }`
|
|
159
84
|
|
|
160
|
-
**
|
|
85
|
+
**Example calls:**
|
|
161
86
|
|
|
162
87
|
```jsonc
|
|
163
|
-
//
|
|
88
|
+
// Enumerate every proposal type the server can build
|
|
164
89
|
dexe_proposal_catalog({ category: "all", implementedOnly: true })
|
|
165
90
|
|
|
166
|
-
//
|
|
91
|
+
// Resolve a DAO's contract layout: settings/userKeeper/validators addresses,
|
|
92
|
+
// NFT contracts, metadata CID, validator count
|
|
167
93
|
dexe_dao_info({ govPool: "0x..." })
|
|
168
94
|
|
|
169
|
-
//
|
|
95
|
+
// Build a token-transfer proposal; returns ready-to-sign calldata
|
|
170
96
|
dexe_proposal_build_token_transfer({
|
|
171
97
|
govPool: "0x...",
|
|
172
98
|
token: "0x...",
|
|
@@ -175,127 +101,108 @@ dexe_proposal_build_token_transfer({
|
|
|
175
101
|
})
|
|
176
102
|
```
|
|
177
103
|
|
|
178
|
-
|
|
104
|
+
Each write tool returns a `TxPayload` you pass to your wallet. To let the server broadcast instead, connect a wallet over WalletConnect (`dexe_wc_connect`) or set `DEXE_PRIVATE_KEY`; that enables the composite flows `dexe_proposal_create`, `dexe_proposal_vote_and_execute`, and `dexe_tx_send`.
|
|
179
105
|
|
|
180
|
-
|
|
106
|
+
## Requirements
|
|
181
107
|
|
|
182
|
-
|
|
108
|
+
- Node.js ≥ 20 with a working `npm`.
|
|
109
|
+
- Git — only for the optional dev toolset (`dexe_compile` / `dexe_test` / `dexe_lint`), which shallow-clones DeXe-Protocol on first use. Set `DEXE_PROTOCOL_PATH` to use an existing checkout. Reads, builders, and deploys do not use it.
|
|
183
110
|
|
|
184
|
-
##
|
|
111
|
+
## Features
|
|
185
112
|
|
|
186
|
-
-
|
|
187
|
-
-
|
|
113
|
+
- DeXe governance coverage: the 33 proposal types (24 external, 4 internal validator, 5 off-chain), validator chamber, expert delegation, multi-tier OTC sales with merkle whitelists.
|
|
114
|
+
- Calldata-first key model: no private key is required for any build tool. Broadcasting is a separate, explicit opt-in.
|
|
115
|
+
- Zero-config reads: public RPC, subgraph, backend, and IPFS gateway defaults let read tools work out of the box.
|
|
116
|
+
- External Governor support: 18 `dexe_gov_*` tools read, build, simulate, and decode against OpenZeppelin and Bravo Governors; new DAOs are a config entry.
|
|
117
|
+
- Tested on-chain: a 59-scenario multi-agent harness exercises the builders against BSC-testnet fixture DAOs — build-only checks for all proposal types, full propose → vote → execute lifecycles for the broadcast paths.
|
|
118
|
+
- MIT-licensed, no telemetry, no hosted dependency — requests go only to endpoints you configure.
|
|
188
119
|
|
|
189
|
-
##
|
|
120
|
+
## Example applications
|
|
190
121
|
|
|
191
|
-
|
|
122
|
+
- A governance copilot that lists unvoted proposals across your DAOs (`dexe_user_inbox`), summarizes them, and drafts votes for you to sign.
|
|
123
|
+
- Proposal drafting from intent: "transfer 50k USDT from treasury to the dev fund" resolves to a builder call, pinned metadata, and one signable payload.
|
|
124
|
+
- Delegate agents that read every proposal, vote according to a written mandate, and record their reasoning.
|
|
125
|
+
- Treasury automation: recurring claims, vesting, and rebalancing executed as governance proposals.
|
|
126
|
+
- Pre-mainnet rehearsal: simulate a proposal (`dexe_sim_proposal`) or replay a parameter change on a testnet fixture DAO before it goes live.
|
|
192
127
|
|
|
193
|
-
|
|
128
|
+
## Tool catalog
|
|
129
|
+
|
|
130
|
+
159 tools in 19 groups. Full per-tool reference with required env vars: [docs/TOOLS.md](https://github.com/edward-arinin-web-dev/dexe-mcp/blob/main/docs/TOOLS.md).
|
|
131
|
+
|
|
132
|
+
A default session loads the `core,proposals` profile (~72 tools) to keep the MCP tool list small. Set `DEXE_TOOLSETS=full` for everything, or add profiles (`read`, `vote`, `governor`, `dev`) as needed — see [Toolset profiles](https://github.com/edward-arinin-web-dev/dexe-mcp/blob/main/docs/TOOLS.md#toolset-profiles). Call `dexe_context` first in a session: it returns the signer, active chain, env readiness, and DAOs/proposals recorded in prior sessions.
|
|
133
|
+
|
|
134
|
+
| Group | Tools | Summary |
|
|
135
|
+
|-------|-------|---------|
|
|
136
|
+
| Dev tooling | 4 | Hardhat lifecycle for the DeXe-Protocol workspace: `dexe_compile`, `_test`, `_coverage`, `_lint`. |
|
|
137
|
+
| Contract introspection | 10 | List contracts, fetch ABIs, look up selectors, read NatSpec and source, decode calldata and proposal payloads. |
|
|
138
|
+
| DAO reads | 30 | DAO info, proposal state/list/voters, voting power, treasury, settings, validators, staking, distributions, risk assessment, plus subgraph queries (DAO list, members, experts, delegation map, user activity). |
|
|
139
|
+
| IPFS | 9 | Pinata uploads for files, avatars, and DAO/proposal metadata; metadata updates; JPEG avatar generation; gateway-fallback fetch; local CID computation. |
|
|
140
|
+
| DAO deploy | 2 | `dexe_dao_create` (one-call composite with pre-flight revert guards) and `dexe_dao_build_deploy` (full `deployGovPool` struct encoder). |
|
|
141
|
+
| Proposal catalog and primitives | 5 | `dexe_proposal_catalog` plus generic `_build_external`, `_build_internal`, `_build_custom_abi`, `_build_offchain`. |
|
|
142
|
+
| External proposal wrappers | 20 | Named builders: token transfer/distribution/sale, treasury withdraw, validators, experts, staking tiers, blacklist, profile changes, voting settings, and more. |
|
|
143
|
+
| Internal validator wrappers | 4 | Validator-chamber proposals: balances, settings, monthly withdraw, off-chain internal. |
|
|
144
|
+
| Off-chain wrappers and auth | 8 | DeXe backend integration: SIWE login, off-chain proposal creation and voting. |
|
|
145
|
+
| Vote, stake, delegate, execute, claim builders | 26 | Direct EOA writes on `GovPool` and `Validators`: deposit, vote, delegate, execute, claim, staking, token-sale buy/claim, multicall. |
|
|
146
|
+
| Composite signing flows | 6 | `dexe_proposal_create`, `dexe_proposal_vote_and_execute`, `dexe_tx_send`, `dexe_tx_status`, `dexe_get_config`, `dexe_context`. |
|
|
147
|
+
| Merkle utility | 2 | `dexe_merkle_build` and `dexe_merkle_proof`, compatible with OZ `StandardMerkleTree`. |
|
|
148
|
+
| OTC composites | 4 | Open a multi-tier sale, check buyer status, buy (native or with merkle proof), claim vested payouts. [docs/OTC.md](./docs/OTC.md) |
|
|
149
|
+
| Safe multisig | 2 | Queue transactions in the Safe Transaction Service instead of broadcasting. [docs/SAFE.md](./docs/SAFE.md) |
|
|
150
|
+
| Simulator | 3 | `eth_call` preflight with decoded revert reasons: `_sim_calldata`, `_sim_proposal`, `_sim_buy`. [docs/SIMULATOR.md](./docs/SIMULATOR.md) |
|
|
151
|
+
| Multi-DAO inbox + forecast | 2 | Pending items across N DAOs (`dexe_user_inbox`) and quorum-projection pass-rate forecasts. [docs/INBOX.md](./docs/INBOX.md) |
|
|
152
|
+
| External Governor DAOs | 18 | `dexe_gov_*`: family-aware propose/vote/queue/execute/delegate, dry-runs, vote receipts, decoding for OZ and Bravo Governors. [docs/GOVERNOR.md](./docs/GOVERNOR.md) |
|
|
153
|
+
| WalletConnect | 3 | `dexe_wc_connect` (pairing QR), `dexe_wc_status`, `dexe_wc_disconnect`. Transactions sign on your phone. [docs/WALLETCONNECT.md](./docs/WALLETCONNECT.md) |
|
|
154
|
+
| Diagnostics | 1 | `dexe_doctor`: runs reachability checks across the configured environment and prints remediation hints. |
|
|
194
155
|
|
|
195
156
|
## Environment variables
|
|
196
157
|
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
| Variable |
|
|
200
|
-
|
|
201
|
-
| `
|
|
202
|
-
| `
|
|
203
|
-
| `
|
|
204
|
-
| `
|
|
205
|
-
| `
|
|
206
|
-
| `
|
|
207
|
-
| `
|
|
208
|
-
| `
|
|
209
|
-
| `
|
|
210
|
-
| `
|
|
211
|
-
| `
|
|
212
|
-
| `
|
|
213
|
-
| `
|
|
214
|
-
|
|
215
|
-
|
|
158
|
+
No variable is required to start the server; tools that need a missing one fail with a message naming what to set. Full matrix: [docs/ENVIRONMENT.md](./docs/ENVIRONMENT.md).
|
|
159
|
+
|
|
160
|
+
| Variable | Used for | Notes |
|
|
161
|
+
|----------|----------|-------|
|
|
162
|
+
| `DEXE_RPC_URL_MAINNET` / `DEXE_RPC_URL_TESTNET` / `DEXE_RPC_URL_<chainId>` | all on-chain tools | Per-chain JSON-RPC endpoints. Without any, a public BSC RPC is used (rate-limited). `DEXE_RPC_URL` still works as a legacy single-chain alias. |
|
|
163
|
+
| `DEXE_DEFAULT_CHAIN_ID` | chain selection | Default `56` (BSC mainnet); `97` for testnet. |
|
|
164
|
+
| `DEXE_DISABLE_PUBLIC_RPC` | hardening | Set `1` to turn off the public RPC fallback. |
|
|
165
|
+
| `DEXE_PINATA_JWT` | IPFS uploads | Required for DAO/proposal creation (metadata pinning). |
|
|
166
|
+
| `DEXE_IPFS_GATEWAY` | IPFS reads | Dedicated gateway (Pinata, Filebase, self-hosted). Without one, public gateways (ipfs.io, dweb.link) are used. |
|
|
167
|
+
| `DEXE_PINATA_GATEWAY_TOKEN` | IPFS reads | Gateway key for restricted Pinata dedicated gateways. |
|
|
168
|
+
| `DEXE_IPFS_DISABLE_PUBLIC_FALLBACK` | hardening | Set `1` to disable public gateway fallback. |
|
|
169
|
+
| `DEXE_WALLETCONNECT_PROJECT_ID` | WalletConnect signing | A shared default ships; set your own project ID for production use. |
|
|
170
|
+
| `DEXE_PRIVATE_KEY` | broadcast mode | Hot-key signing. Opt-in; prefer WalletConnect. Never required for build tools. |
|
|
171
|
+
| `DEXE_TOOLSETS` | tool gating | Comma list of profiles; default `core,proposals`. |
|
|
172
|
+
| `DEXE_SUBGRAPH_POOLS_URL` / `_VALIDATORS_URL` / `_INTERACTIONS_URL` | subgraph reads | The Graph endpoints; defaults target the decentralized network. |
|
|
173
|
+
| `DEXE_GRAPH_API_KEY` | subgraph reads | Only when the URL doesn't embed the key. |
|
|
174
|
+
| `DEXE_BACKEND_API_URL` | off-chain proposals | DeXe backend, e.g. `https://api.dexe.io`. |
|
|
175
|
+
| `DEXE_STATE_PATH` | persistence | Overrides the session-state file (`~/.dexe-mcp/state.json`). |
|
|
176
|
+
| `DEXE_PROTOCOL_PATH` | dev toolset | Existing DeXe-Protocol checkout; disables auto-clone. |
|
|
216
177
|
|
|
217
178
|
## Documentation
|
|
218
179
|
|
|
219
|
-
|
|
220
|
-
|
|
221
|
-
- [
|
|
222
|
-
- [
|
|
223
|
-
- [
|
|
224
|
-
- [
|
|
225
|
-
- [
|
|
226
|
-
- [
|
|
227
|
-
- [
|
|
228
|
-
- [
|
|
229
|
-
- [
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
## Tool catalog
|
|
234
|
-
|
|
235
|
-
**159 tools, 19 groups.** Run `dexe_proposal_catalog` at runtime for the live proposal-type map. Full per-tool reference → [`docs/TOOLS.md`](https://github.com/edward-arinin-web-dev/dexe-mcp/blob/main/docs/TOOLS.md).
|
|
236
|
-
|
|
237
|
-
> **Toolset profiles (v0.13.0):** a default session loads a slim **~72 tools** (`DEXE_TOOLSETS=core,proposals`), not all 159 — cutting `tools/list` ~46%. Add profiles (`read`, `vote`, `governor`, `dev`) or set `DEXE_TOOLSETS=full` to restore everything; `DEXE_TOOLSETS=core` is the deepest cut (~76%). `dexe_doctor` shows the active profile. See [TOOLS.md § Toolset profiles](https://github.com/edward-arinin-web-dev/dexe-mcp/blob/main/docs/TOOLS.md#toolset-profiles).
|
|
238
|
-
>
|
|
239
|
-
> **Persistent context (v0.14.0):** `dexe_context` (call first) returns your signer, active chain, env readiness, and the DAOs/proposals recorded in prior sessions (state at `~/.dexe-mcp/state.json`, override `DEXE_STATE_PATH`).
|
|
240
|
-
|
|
241
|
-
| Group | # | What it gives you |
|
|
242
|
-
|-------|---|------|
|
|
243
|
-
| **Dev tooling** | 4 | One-command Hardhat lifecycle for the DeXe-Protocol monorepo — `dexe_compile`, `_test`, `_coverage`, `_lint`. Auto-clones the repo on first call. |
|
|
244
|
-
| **Contract introspection** | 10 | Ask the protocol about itself — list contracts, fetch ABIs, look up selectors, read NatSpec, view source, decode arbitrary calldata or full proposal payloads. The agent's reverse-engineer toolkit. |
|
|
245
|
-
| **DAO reads** | 20 | Everything you'd see on a DAO dashboard, returned as JSON — `dao_info`, predicted helper addresses, proposal state/list/voters, voting power, treasury, settings, validators, staking, distributions, privacy policy, plus `dexe_proposal_risk_assess` (treasury-safety risk readout). |
|
|
246
|
-
| **IPFS** | 9 | Pinata uploads for files / avatars / DAO + proposal metadata, smart metadata updates, deterministic identicon generation, gateway-fallback fetch, CID computation without uploading. |
|
|
247
|
-
| **DAO deploy** | 2 | `dexe_dao_create` — one-call composite: DAO profile → IPFS → deploy with the four revert-guards pre-flighted, signs when configured. `dexe_dao_build_deploy` — the lower-level encoder for the full nested `PoolFactory.deployGovPool` struct with predicted helper addresses pre-wired. |
|
|
248
|
-
| **Proposal catalog + primitives** | 5 | `dexe_proposal_catalog` enumerates **all 33** proposal types with metadata + gating. Primitives `_build_external`, `_build_internal`, `_build_custom_abi`, `_build_offchain` cover anything not in a named wrapper. |
|
|
249
|
-
| **External proposal wrappers** | 20 | Named builders for every common action: token transfer / distribution / sale (single + multi-tier), treasury withdraw, validators, experts, staking tier, math model, blacklist, reward multiplier, apply to DAO, modify profile, change voting settings, new proposal type, whitelist, and more. |
|
|
250
|
-
| **Internal validator wrappers** | 4 | Validator-chamber proposals: `_change_validator_balances`, `_change_validator_settings`, `_monthly_withdraw`, `_offchain_internal_proposal`. |
|
|
251
|
-
| **Off-chain backend** | 8 | Full DeXe-backend integration — nonce + SIWE login, off-chain proposal creation (single-option / multi-option / for-against / settings), off-chain vote + cancel. |
|
|
252
|
-
| **Vote / stake / delegate / execute / claim** | 26 | Every direct EOA write on `GovPool` and `Validators` — deposit, vote, delegate, undelegate, execute, claim rewards, micropool rewards, staking flows, token-sale buy/claim/vesting, distribution claim, NFT multiplier lock/unlock, privacy policy signing, multicall. |
|
|
253
|
-
| **Composite flows + diagnostics** | 7 | High-level flows + orientation: `_context` (call first — signer/chain/known-DAOs from prior sessions), `_proposal_create`, `_proposal_vote_and_execute`, `_tx_send`, `_tx_status`, `_get_config`, `_doctor`. Signing tools opt-in via `DEXE_PRIVATE_KEY`. |
|
|
254
|
-
| **Subgraph reads** | 7 | The Graph queries: DAO list, members, experts, validator list, user activity, delegation map, OTC sale tiers. Decentralized-network endpoints + RPC fallback. |
|
|
255
|
-
| **Merkle utility** | 2 | `dexe_merkle_build`, `dexe_merkle_proof` — OZ `StandardMerkleTree`-compatible. For whitelisted sales and airdrops. |
|
|
256
|
-
| **OTC composites** | 4 | Full project-owner + buyer flows over `TokenSaleProposal`: open multi-tier sale, check buyer status, buy native or with merkle proof, claim vested payouts. See [`docs/OTC.md`](https://github.com/edward-arinin-web-dev/dexe-mcp/blob/main/docs/OTC.md). |
|
|
257
|
-
| **Safe multisig** | 2 | Queue a tx in the Safe Transaction Service for owners to co-sign instead of broadcasting — `dexe_safe_info` (on-chain nonce/threshold/owners + endpoint), `dexe_safe_propose_tx` (compute `safeTxHash`, sign as owner, POST to the queue; dry-run by default). See [`docs/SAFE.md`](https://github.com/edward-arinin-web-dev/dexe-mcp/blob/main/docs/SAFE.md). |
|
|
258
|
-
| **WalletConnect** | 3 | `dexe_wc_status` (resolved config + live session state), `dexe_wc_connect` (start a session, returns a pairing URI to scan as a QR), `dexe_wc_disconnect` (tear down). Broadcast convenience without a hot key — every tx is signed and broadcast on the operator's phone, the key never enters the MCP. See [`docs/WALLETCONNECT.md`](https://github.com/edward-arinin-web-dev/dexe-mcp/blob/main/docs/WALLETCONNECT.md). |
|
|
259
|
-
| **Simulator** | 3 | `eth_call`-based preflight with decoded revert reasons — `_sim_calldata`, `_sim_proposal`, `_sim_buy`. Catch reverts before you pay gas. See [`docs/SIMULATOR.md`](https://github.com/edward-arinin-web-dev/dexe-mcp/blob/main/docs/SIMULATOR.md). |
|
|
260
|
-
| **Multi-DAO inbox + forecast** | 2 | `dexe_user_inbox` aggregates pending items (unvoted proposals, claimable rewards, locked deposits) across N DAOs. `_proposal_forecast` predicts pass rate with quorum projection + risk flags. See [`docs/INBOX.md`](https://github.com/edward-arinin-web-dev/dexe-mcp/blob/main/docs/INBOX.md). |
|
|
261
|
-
| **External Governor DAOs** | 18 | `dexe_gov_*` — read, build, simulate, and decode against OpenZeppelin Governor + Compound Bravo DAOs. Tier-1: Uniswap, Compound, Optimism. Config-only addition for new DAOs. Family-aware (OZ vs Bravo) propose / castVote / queue / execute / cancel / delegate. Eth-call dry-run + vote-impact projection. vote-receipt check (family-aware) + state + hashProposal + decode + descriptionHash utilities. Tally state-enum parity harness. See [`docs/GOVERNOR.md`](https://github.com/edward-arinin-web-dev/dexe-mcp/blob/main/docs/GOVERNOR.md). |
|
|
262
|
-
|
|
263
|
-
---
|
|
180
|
+
- [docs/TOOLS.md](./docs/TOOLS.md) — all 159 tools, grouped, with one-line descriptions and required env vars.
|
|
181
|
+
- [docs/USAGE.md](./docs/USAGE.md) — ten worked examples with copy-pasteable JSON.
|
|
182
|
+
- [docs/ENVIRONMENT.md](./docs/ENVIRONMENT.md) — full env-var reference and common pitfalls.
|
|
183
|
+
- [docs/INSTALL.md](./docs/INSTALL.md) — install instructions per MCP client.
|
|
184
|
+
- [docs/SETUP.md](./docs/SETUP.md) / [docs/DOCTOR.md](./docs/DOCTOR.md) — setup wizard and diagnostic reference.
|
|
185
|
+
- [docs/SKILLS.md](./docs/SKILLS.md) — the Claude Code skills shipped with the package.
|
|
186
|
+
- [docs/GOVERNOR.md](./docs/GOVERNOR.md) — the external OZ/Bravo Governor surface.
|
|
187
|
+
- [docs/WALLETCONNECT.md](./docs/WALLETCONNECT.md) — phone-approved signing without a hot key.
|
|
188
|
+
- [docs/OTC.md](./docs/OTC.md) — multi-tier OTC sale flows for owners and buyers.
|
|
189
|
+
- [docs/PROFILE.md](./docs/PROFILE.md) — DAO profile and avatar pipeline.
|
|
190
|
+
- [docs/SIMULATOR.md](./docs/SIMULATOR.md) — preflight simulation with revert decoding.
|
|
191
|
+
- [docs/INBOX.md](./docs/INBOX.md) — cross-DAO inbox and proposal forecast.
|
|
192
|
+
- [docs/MIGRATION.md](./docs/MIGRATION.md) — per-version upgrade notes.
|
|
264
193
|
|
|
265
194
|
## Swarm test harness
|
|
266
195
|
|
|
267
|
-
[`tests/swarm/`](
|
|
268
|
-
|
|
269
|
-
It's also a reference implementation of one of the futures we described above — **adversarial AI agents stress-testing a DAO before it ships.**
|
|
270
|
-
|
|
271
|
-
**57 scenarios shipped.** Coverage:
|
|
272
|
-
|
|
273
|
-
- **Reset + delegation chains** — S00, S01, S06, S14
|
|
274
|
-
- **Validator chamber** — pass / veto / full lifecycle (S02, S03, S07)
|
|
275
|
-
- **Read-only snapshots** — expert state, participation, validators, cross-DAO, catalog, multi-proposal state, user activity (S04, S05, S09–S15)
|
|
276
|
-
- **Cancel-vote + decode-and-introspect** — S08, S12
|
|
277
|
-
- **Build-only sanity for every proposal type** in `dexe_proposal_catalog` — token transfer, blacklist, withdraw treasury, apply to DAO, token distribution, token sale + recover, manage validators, change validator balances/settings, monthly withdraw, add/remove expert (local + global), delegate/revoke from expert, reward multiplier (4 modes), change voting settings, new proposal type, change math model, custom ABI, manual calldata, create staking tier, off-chain validator + for/against + settings (S16–S40)
|
|
278
|
-
- **OTC multi-tier sale flows** — open sale, buyer buy native + merkle (S41–S46)
|
|
279
|
-
- **Simulator + inbox + per-DAO reads** — S47, S48, S50, S51
|
|
280
|
-
- **Broadcast lifecycle (v0.5.6 builder rewrites)** — `withdraw_treasury`, `apply_to_dao`, `reward_multiplier mint` (S52–S54)
|
|
281
|
-
- **Broadcast lifecycle (most-used proposal types)** — `token_transfer`, `blacklist`, `add_expert` (S55–S57)
|
|
196
|
+
[`tests/swarm/`](./tests/swarm) is a multi-agent harness that exercises the tool surface against real BSC-testnet DAOs: 59 JSON scenarios covering delegation chains, the validator chamber, build-only checks for every proposal type, OTC flows, and full broadcast lifecycles. The orchestrator resolves agent wallets and runs each step through an inline ethers dispatcher or the dexe-mcp stdio bridge.
|
|
282
197
|
|
|
283
198
|
```bash
|
|
284
|
-
|
|
285
|
-
|
|
286
|
-
|
|
287
|
-
|
|
288
|
-
npm run swarm:preflight # red/green table per wallet
|
|
289
|
-
npm run swarm:fund -- --confirm # broadcast top-ups from funder
|
|
290
|
-
npm run swarm:run # full sweep, all scenarios
|
|
291
|
-
npm run swarm:run -- --scenarios=S00-reset,S01-delegation-chain-3hop --dry-run
|
|
199
|
+
npm run swarm:preflight # per-wallet readiness table
|
|
200
|
+
npm run swarm:fund -- --confirm # top up agent wallets from the funder
|
|
201
|
+
npm run swarm:run # full sweep
|
|
202
|
+
npm run swarm:run -- --scenarios=S00-reset --dry-run
|
|
292
203
|
```
|
|
293
204
|
|
|
294
|
-
|
|
295
|
-
- Scenario schema → [`tests/swarm/scenarios/_schema.md`](https://github.com/edward-arinin-web-dev/dexe-mcp/blob/main/tests/swarm/scenarios/_schema.md)
|
|
296
|
-
- Per-role agent prompts → [`tests/swarm/prompts/`](https://github.com/edward-arinin-web-dev/dexe-mcp/tree/main/tests/swarm/prompts)
|
|
297
|
-
|
|
298
|
-
---
|
|
205
|
+
Setup runbook: [tests/swarm/README.md](./tests/swarm/README.md) · scenario schema: [tests/swarm/scenarios/_schema.md](./tests/swarm/scenarios/_schema.md) · agent prompts: [tests/swarm/prompts/](./tests/swarm/prompts).
|
|
299
206
|
|
|
300
207
|
## Contributing
|
|
301
208
|
|
|
@@ -304,36 +211,27 @@ git clone https://github.com/edward-arinin-web-dev/dexe-mcp.git
|
|
|
304
211
|
cd dexe-mcp
|
|
305
212
|
npm install
|
|
306
213
|
npm run build
|
|
307
|
-
npm
|
|
214
|
+
npm test
|
|
308
215
|
npm run dev # watch mode
|
|
309
216
|
```
|
|
310
217
|
|
|
311
|
-
Issues, PRs, and proposal-type requests
|
|
218
|
+
Issues, PRs, and proposal-type requests: [GitHub issues](https://github.com/edward-arinin-web-dev/dexe-mcp/issues).
|
|
312
219
|
|
|
313
220
|
## Security
|
|
314
221
|
|
|
315
|
-
|
|
316
|
-
|
|
317
|
-
- **Signed release tags.** Every release tag is GPG-signed and `release.yml` runs `git verify-tag` before publishing — an unsigned or untrusted tag aborts the release. Verify any tag yourself after cloning:
|
|
318
|
-
|
|
319
|
-
```bash
|
|
320
|
-
gpg --recv-keys <MAINTAINER_KEY_ID> # import maintainer key once
|
|
321
|
-
git verify-tag v0.5.9 # or the shorthand: git tag -v v0.5.9
|
|
322
|
-
```
|
|
222
|
+
See [SECURITY.md](./SECURITY.md) for the threat model, policy, and how to report a vulnerability. In short:
|
|
323
223
|
|
|
324
|
-
|
|
325
|
-
-
|
|
326
|
-
-
|
|
327
|
-
-
|
|
328
|
-
- **Audit remediation (v0.9.0).** Closes the MCP-fixable findings from an independent red-team audit — numeric-input guards, RPC-key redaction, untrusted-data sanitization, recursive decode, exact-amount approvals, per-chain nonce serialization, IPFS content-hash verification, and an `--ignore-scripts` bootstrap. Per-finding detail in [`CHANGELOG.md`](https://github.com/edward-arinin-web-dev/dexe-mcp/blob/main/CHANGELOG.md).
|
|
224
|
+
- Release tags are GPG-signed; `release.yml` runs `git verify-tag` before publishing. Verify locally with `git verify-tag <tag>` (e.g. `v0.19.0`) after importing the maintainer key.
|
|
225
|
+
- npm releases publish with `--provenance`; verify with `npm audit signatures`.
|
|
226
|
+
- CI installs strictly from the committed lockfile and fails on drift.
|
|
227
|
+
- CodeQL, OSSF Scorecard, and Dependency Review run on PRs and on a schedule.
|
|
329
228
|
|
|
330
229
|
## License
|
|
331
230
|
|
|
332
|
-
MIT. See [LICENSE](
|
|
231
|
+
MIT. See [LICENSE](./LICENSE).
|
|
333
232
|
|
|
334
233
|
---
|
|
335
234
|
|
|
336
235
|
<p align="center">
|
|
337
|
-
<
|
|
338
|
-
<sub>Built for the DeXe Protocol governance stack on BNB Chain. Not affiliated with DeXe Network — independent open-source integration.</sub>
|
|
236
|
+
<sub>Independent open-source integration for the DeXe Protocol governance stack. Not affiliated with DeXe Network.</sub>
|
|
339
237
|
</p>
|
|
@@ -48,7 +48,9 @@ asking.
|
|
|
48
48
|
DAOs you already deployed.
|
|
49
49
|
1. **Env:** ensure the target chain is 97 and `DEXE_PINATA_JWT` is set (metadata).
|
|
50
50
|
2. **(Optional) avatar:** `dexe_dao_generate_avatar` / `dexe_ipfs_upload_avatar`
|
|
51
|
-
→ pass the `cid` as `avatarCID
|
|
51
|
+
→ pass the `cid` as `avatarCID`. Since v0.20.0 both enforce real raster
|
|
52
|
+
bytes (generate renders a true JPEG; upload rejects SVG/HTML by magic-byte
|
|
53
|
+
check), so any CID they return is safe to use.
|
|
52
54
|
3. **Preview:** call `dexe_dao_create` with just the essentials:
|
|
53
55
|
|
|
54
56
|
```jsonc
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Deterministic raster avatar renderer.
|
|
3
|
+
*
|
|
4
|
+
* Replaces the old SVG identicon: the DeXe serving chain (Go ipfs-cache →
|
|
5
|
+
* R2 `<descCid>.jpeg` with hardcoded image/jpeg) only renders real raster
|
|
6
|
+
* bytes, so we rasterize the same design — 1–2 initials over a hash-coloured
|
|
7
|
+
* diagonal gradient — and encode an actual JPEG. Pure JS: RGBA buffer +
|
|
8
|
+
* embedded 8x8 bitmap font + jpeg-js. No canvas, no native deps.
|
|
9
|
+
*
|
|
10
|
+
* Same daoName → byte-identical output (all constants fixed, no randomness).
|
|
11
|
+
*/
|
|
12
|
+
/** djb2-style hash → unsigned 32-bit. Kept identical to the legacy SVG identicon so re-generated avatars keep their colours. */
|
|
13
|
+
export declare function hashString(s: string): number;
|
|
14
|
+
/** First 1–2 alphanumeric characters of the DAO name, uppercased ("?" fallback). */
|
|
15
|
+
export declare function avatarInitials(daoName: string): string;
|
|
16
|
+
/**
|
|
17
|
+
* Render the avatar and encode as JPEG. `size` is the output square in px.
|
|
18
|
+
* Renders at 2x and box-downscales, so glyph edges pick up light smoothing
|
|
19
|
+
* when the pixel scale is odd.
|
|
20
|
+
*/
|
|
21
|
+
export declare function renderAvatarJpeg(daoName: string, size?: number): Buffer;
|
|
22
|
+
//# sourceMappingURL=avatarImage.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"avatarImage.d.ts","sourceRoot":"","sources":["../../src/lib/avatarImage.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAIH,gIAAgI;AAChI,wBAAgB,UAAU,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,CAI5C;AAED,oFAAoF;AACpF,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAGtD;AAqED;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,SAAM,GAAG,MAAM,CAqGpE"}
|