eigen-skills 1.1.2 → 1.1.4

package/.env

@@ -0,0 +1,5 @@
+# EigenCloud Skills — Environment Variables
+# NEVER commit this file to git
+
+PRIVATE_KEY= cc3071c6fc7f35b0ba595b67cb5cace750dd88c0ee80970a14d846afc3347ed2
+EIGEN_API_KEY=

package/index.js

@@ -1,23 +1,11 @@
 /**
- * eigen-skills — EigenLayer data & infra skills for AI agents
+ * eigencloud-skills — EigenCompute TEE deployment skills for AI agents
  *
- * Install:  npx skills add zeeshan8281/eigen-skills
+ * Install:  npm install eigen-skills
  * Usage:    Agents discover SKILL.md files in skills/ automatically.
  *           For programmatic use, require this module.
  */
 
-const EigenAPI = require('./skills/eigen-restaking/scripts/eigen-api');
-const AVSAPI = require('./skills/eigen-avs/scripts/avs-api');
-const RewardsAPI = require('./skills/eigen-rewards/scripts/rewards-api');
-const DelegationAPI = require('./skills/eigen-delegation/scripts/delegation-api');
 const EigenCompute = require('./skills/eigen-compute/scripts/compute-api');
-const EigenDA = require('./skills/eigen-da/scripts/da-api');
 
-module.exports = {
-    EigenAPI,
-    AVSAPI,
-    RewardsAPI,
-    DelegationAPI,
-    EigenCompute,
-    EigenDA,
-};
+module.exports = { EigenCompute };

package/package.json

@@ -1,7 +1,7 @@
 {
     "name": "eigen-skills",
-    "version": "1.1.2",
-    "description": "Agent Skills for EigenLayer — restaking, AVS, operators, rewards, delegation data powered by EigenExplorer API",
+    "version": "1.1.4",
+    "description": "EigenCompute TEE deployment skills for AI agents — encrypted memory, sealed secrets, cryptographic attestation",
     "main": "index.js",
     "agents": {
         "skills": "skills/"
@@ -27,7 +27,9 @@
     "license": "MIT",
     "dependencies": {
         "axios": "^1.7.0",
-        "dotenv": "^17.3.1",
+        "dotenv": "^17.3.1"
+    },
+    "devDependencies": {
         "express": "^5.2.1",
         "socket.io": "^4.8.3"
     }

package/skills/eigen-compute/SKILL.md

@@ -63,6 +63,7 @@ ecloud compute app create --name my-app --language typescript
 
 ### Deploy from Dockerfile (recommended)
 
+**Interactive deploy:**
 ```bash
 ecloud compute app deploy
 ```
@@ -70,8 +71,46 @@ ecloud compute app deploy
 - Choose **Linux/AMD64** (standard TEE architecture)
 - Estimated cost: ~0.008 ETH per deploy (Sepolia testnet)
 
+**Non-interactive deploy (for scripting / CI):**
+```bash
+ecloud compute app deploy \
+  --name my-app \
+  --skip-profile \
+  --image-ref my-app:latest \
+  --build-caddyfile
+```
+
+| Flag | Purpose |
+|------|---------|
+| `--name <name>` | App name (skips interactive prompt) |
+| `--skip-profile` | Skip machine profile selection (uses default) |
+| `--image-ref <ref>` | Docker image reference tag |
+| `--build-caddyfile` | **Auto-inject Caddy + TLS** — the CLI reads your `Caddyfile`, installs Caddy into the image, and wires up TLS certs automatically. You do NOT need to install Caddy in your Dockerfile or reference TLS cert paths. |
+
 **IMPORTANT:** "Deploy from registry" method is unreliable — apps often end up in `Status: Unknown` with no error. Always use "Build from Dockerfile".
 
+### TLS with `--build-caddyfile` (recommended)
+
+When you pass `--build-caddyfile`, the ecloud CLI handles all TLS setup. Your project only needs a minimal `Caddyfile` that reverse-proxies to your app:
+
+```caddyfile
+:80 {
+    reverse_proxy 127.0.0.1:3000
+}
+```
+
+The CLI automatically:
+- Installs Caddy into the Docker image
+- Mounts TLS certs from the TEE's `/run/tls/` directory
+- Sources sealed env vars via `compute-source-env.sh`
+- Configures HTTPS on the deployed domain
+
+**You do NOT need to:**
+- Add `RUN apk add caddy` (or equivalent) in your Dockerfile
+- Reference `/run/tls/fullchain.pem` or `/run/tls/privkey.pem` in your Caddyfile
+- Source `compute-source-env.sh` manually in your entrypoint
+- Expose ports 80 or 443 — only expose your app port (e.g., 3000)
+
 ### Check app status
 
 ```bash
@@ -125,6 +164,16 @@ Inside the TEE container, these are available:
 
 ### Entrypoint pattern for TEE
 
+**With `--build-caddyfile` (recommended)** — no manual env sourcing needed:
+
+```bash
+#!/bin/sh
+set -e
+node server.js
+```
+
+**Without `--build-caddyfile`** — you must source sealed secrets manually:
+
 ```bash
 #!/bin/bash
 # Source sealed secrets
@@ -138,13 +187,28 @@ node server.js
 
 ### Dockerfile pattern for TEE
 
+**With `--build-caddyfile` (recommended)** — minimal Dockerfile, only expose your app port:
+
 ```dockerfile
-FROM node:20-slim
+FROM --platform=linux/amd64 node:20-slim
 WORKDIR /app
 COPY package*.json ./
 RUN npm ci --production
 COPY . .
 EXPOSE 3000
+CMD ["./start.sh"]
+```
+
+**Without `--build-caddyfile`** — you must install Caddy and expose TLS ports yourself:
+
+```dockerfile
+FROM --platform=linux/amd64 node:20-slim
+WORKDIR /app
+RUN apt-get update && apt-get install -y caddy
+COPY package*.json ./
+RUN npm ci --production
+COPY . .
+EXPOSE 80 443 3000
 ENTRYPOINT ["bash", "entrypoint.sh"]
 ```
 

package/scripts/demo.js

@@ -1,93 +0,0 @@
-#!/usr/bin/env node
-
-/**
- * Demo — run all eigen-agent-skills to verify they work.
- *
- * Usage:
- *   EIGEN_API_KEY=your_key node scripts/demo.js
- */
-
-const EigenAPI = require('../skills/eigen-restaking/scripts/eigen-api');
-const AVSAPI = require('../skills/eigen-avs/scripts/avs-api');
-const RewardsAPI = require('../skills/eigen-rewards/scripts/rewards-api');
-const DelegationAPI = require('../skills/eigen-delegation/scripts/delegation-api');
-
-const API_KEY = process.env.EIGEN_API_KEY;
-
-if (!API_KEY) {
-    console.error('❌  Set EIGEN_API_KEY env var. Get a free key at https://developer.eigenexplorer.com');
-    process.exit(1);
-}
-
-async function run() {
-    console.log('\n🔄 ═════════════════════════════════════');
-    console.log('   Eigen Agent Skills — Demo');
-    console.log('═══════════════════════════════════════\n');
-
-    const eigen = new EigenAPI(API_KEY);
-    const avs = new AVSAPI(API_KEY);
-    const rewards = new RewardsAPI(API_KEY);
-    const delegation = new DelegationAPI(API_KEY);
-
-    // 1. Health check
-    console.log('📡 Health check...');
-    const health = await eigen.healthCheck();
-    console.log(`   Status: ${health.ok ? '✅ Healthy' : '❌ Failed'}`);
-    if (health.tvl) console.log(`   EigenLayer TVL: ${JSON.stringify(health.tvl)}`);
-    console.log('');
-
-    // 2. Ecosystem metrics
-    console.log('📊 Ecosystem Metrics...');
-    const metrics = await eigen.getMetrics();
-    console.log(`   ${JSON.stringify(metrics, null, 2).substring(0, 500)}`);
-    console.log('');
-
-    // 3. Top 5 operators by TVL
-    console.log('👥 Top 5 Operators by TVL...');
-    const ops = await eigen.getOperators({ sortByTvl: 'desc', take: 5 });
-    if (ops.data) {
-        ops.data.forEach((op, i) => {
-            console.log(`   ${i + 1}. ${op.metadataName || op.address} — TVL: ${JSON.stringify(op.tvl?.tvl || 'N/A')} — Stakers: ${op.totalStakers}`);
-        });
-    }
-    console.log('');
-
-    // 4. Top 5 AVS by TVL
-    console.log('🛡️  Top 5 AVS by TVL...');
-    const avsList = await avs.getAllAVS({ sortByTvl: 'desc', take: 5 });
-    if (avsList.data) {
-        avsList.data.forEach((a, i) => {
-            console.log(`   ${i + 1}. ${a.metadataName || a.address} — TVL: ${JSON.stringify(a.tvl?.tvl || 'N/A')}`);
-        });
-    }
-    console.log('');
-
-    // 5. Top 5 operators by APY
-    console.log('💰 Top 5 Operators by APY...');
-    const topApy = await rewards.getTopOperatorsByAPY(5);
-    if (topApy.data) {
-        topApy.data.forEach((op, i) => {
-            console.log(`   ${i + 1}. ${op.metadataName || op.address} — APY: ${op.maxApy || 'N/A'}`);
-        });
-    }
-    console.log('');
-
-    // 6. Top 5 operators by delegation
-    console.log('🤝 Top 5 Operators by Delegation (staker count)...');
-    const topDel = await delegation.getTopDelegatedOperators(5);
-    if (topDel.data) {
-        topDel.data.forEach((op, i) => {
-            console.log(`   ${i + 1}. ${op.metadataName || op.address} — Stakers: ${op.totalStakers} — AVS: ${op.totalAvs}`);
-        });
-    }
-    console.log('');
-
-    console.log('═══════════════════════════════════════');
-    console.log('   ✅ Demo complete');
-    console.log('═══════════════════════════════════════\n');
-}
-
-run().catch(err => {
-    console.error('Demo failed:', err.message);
-    process.exit(1);
-});

package/skills/eigen-avs/SKILL.md

@@ -1,92 +0,0 @@
----
-name: eigen-avs
-description: "Query EigenLayer AVS (Actively Validated Services) — list services, operators per AVS, stakers per AVS, registration events, and operator-sets"
-version: 1.0.0
-metadata:
-  emoji: "🛡️"
-  tags: ["eigenlayer", "avs", "services", "operators", "security"]
-user-invocable: true
----
-
-# EigenLayer AVS Skill
-
-Query live data about Actively Validated Services (AVS) on EigenLayer: service listings, operators securing each AVS, staker delegations, registration events, and operator-sets.
-
-## Data Source
-
-**EigenExplorer API** — `https://api.eigenexplorer.com`
-- Auth: `x-api-token` header (free key at https://developer.eigenexplorer.com)
-
-## When to use this skill
-
-Use when the user asks about:
-- AVS (Actively Validated Services) on EigenLayer
-- Which operators are securing a specific AVS
-- Stakers delegated to a specific AVS
-- AVS registration/deregistration events
-- Operator-sets for an AVS
-- Comparing AVS by TVL, staker count, or APY
-
-## How to query
-
-### Get all AVS (sorted by TVL)
-```bash
-curl -s "https://api.eigenexplorer.com/avs?withTvl=true&sortByTvl=desc&take=10" -H "x-api-token: $EIGEN_API_KEY"
-```
-
-### Search AVS by name
-```bash
-curl -s "https://api.eigenexplorer.com/avs?searchByText=eigenda&withTvl=true" -H "x-api-token: $EIGEN_API_KEY"
-```
-
-### Get a specific AVS
-```bash
-curl -s "https://api.eigenexplorer.com/avs/0xAVS_ADDRESS?withTvl=true" -H "x-api-token: $EIGEN_API_KEY"
-```
-
-### Get operators registered to an AVS
-```bash
-curl -s "https://api.eigenexplorer.com/avs/0xAVS_ADDRESS/operators?take=20" -H "x-api-token: $EIGEN_API_KEY"
-```
-
-### Get stakers for an AVS
-```bash
-curl -s "https://api.eigenexplorer.com/avs/0xAVS_ADDRESS/stakers?take=20" -H "x-api-token: $EIGEN_API_KEY"
-```
-
-### Get registration events for an AVS
-```bash
-curl -s "https://api.eigenexplorer.com/avs/0xAVS_ADDRESS/events/registration?take=20" -H "x-api-token: $EIGEN_API_KEY"
-```
-
-### Get operator-sets for an AVS
-```bash
-curl -s "https://api.eigenexplorer.com/avs/0xAVS_ADDRESS/operator-sets?take=20" -H "x-api-token: $EIGEN_API_KEY"
-```
-
-### Get all AVS addresses (lightweight)
-```bash
-curl -s "https://api.eigenexplorer.com/avs/addresses" -H "x-api-token: $EIGEN_API_KEY"
-```
-
-## Response Format
-
-Format results for the user with:
-- **Bold AVS names** and abbreviated addresses
-- TVL in human-readable form (e.g., "$500M")
-- Number of operators securing the AVS
-- Number of stakers
-- APY if available
-- Active/inactive status for operator registrations
-- Use bullet points, never tables in chat
-
-## Programmatic Usage
-
-```javascript
-const AVSAPI = require('eigen-agent-skills/skills/eigen-avs/scripts/avs-api');
-const api = new AVSAPI('YOUR_API_KEY');
-
-const allAVS = await api.getAllAVS({ sortByTvl: 'desc', take: 10 });
-const operators = await api.getAVSOperators('0xAVS_ADDRESS');
-const stakers = await api.getAVSStakers('0xAVS_ADDRESS');
-```

package/skills/eigen-avs/scripts/avs-api.js

@@ -1,117 +0,0 @@
-/**
- * EigenLayer AVS (Actively Validated Services) API Client
- *
- * Data source: EigenExplorer REST API
- * Covers: AVS listing, detail, operators per AVS, stakers per AVS, registration events
- */
-
-const axios = require('axios');
-
-const MAINNET = 'https://api.eigenexplorer.com';
-const HOLESKY = 'https://api-holesky.eigenexplorer.com';
-
-class AVSAPI {
-    constructor(apiKey, { network = 'mainnet' } = {}) {
-        if (!apiKey) throw new Error('EigenExplorer API key required. Get one free at https://developer.eigenexplorer.com');
-        this.client = axios.create({
-            baseURL: network === 'holesky' ? HOLESKY : MAINNET,
-            headers: {
-                'x-api-token': apiKey,
-                'Content-Type': 'application/json',
-            },
-            timeout: 30000,
-        });
-    }
-
-    // ─── AVS Listing ──────────────────────────────────────
-
-    /**
-     * Get all AVS with optional filtering and sorting.
-     * @param {object} opts
-     * @param {boolean} [opts.withTvl=true]
-     * @param {string}  [opts.searchByText] - search AVS by name
-     * @param {'asc'|'desc'} [opts.sortByTvl]
-     * @param {'asc'|'desc'} [opts.sortByApy]
-     * @param {'asc'|'desc'} [opts.sortByTotalStakers]
-     * @param {number} [opts.skip=0]
-     * @param {number} [opts.take=12]
-     */
-    async getAllAVS(opts = {}) {
-        const params = {
-            withTvl: opts.withTvl !== false ? 'true' : 'false',
-            skip: opts.skip || 0,
-            take: opts.take || 12,
-        };
-        if (opts.searchByText) params.searchByText = opts.searchByText;
-        if (opts.sortByTvl) params.sortByTvl = opts.sortByTvl;
-        if (opts.sortByApy) params.sortByApy = opts.sortByApy;
-        if (opts.sortByTotalStakers) params.sortByTotalStakers = opts.sortByTotalStakers;
-
-        const { data } = await this.client.get('/avs', { params });
-        return data;
-    }
-
-    /**
-     * Get AVS addresses only (lightweight).
-     */
-    async getAVSAddresses() {
-        const { data } = await this.client.get('/avs/addresses');
-        return data;
-    }
-
-    /**
-     * Get detailed info for a single AVS.
-     * @param {string} address - AVS contract address
-     * @param {boolean} [withTvl=true]
-     */
-    async getAVS(address, withTvl = true) {
-        const { data } = await this.client.get(`/avs/${address}`, {
-            params: { withTvl: withTvl ? 'true' : 'false' },
-        });
-        return data;
-    }
-
-    // ─── AVS ↔ Operators ─────────────────────────────────
-
-    /**
-     * Get operators registered to a specific AVS.
-     * @param {string} avsAddress
-     * @param {object} opts
-     */
-    async getAVSOperators(avsAddress, opts = {}) {
-        const { data } = await this.client.get(`/avs/${avsAddress}/operators`, {
-            params: { skip: opts.skip || 0, take: opts.take || 12 },
-        });
-        return data;
-    }
-
-    // ─── AVS ↔ Stakers ───────────────────────────────────
-
-    /**
-     * Get stakers delegated to a specific AVS.
-     * @param {string} avsAddress
-     * @param {object} opts
-     */
-    async getAVSStakers(avsAddress, opts = {}) {
-        const { data } = await this.client.get(`/avs/${avsAddress}/stakers`, {
-            params: { skip: opts.skip || 0, take: opts.take || 12 },
-        });
-        return data;
-    }
-
-    // ─── AVS Registration Events ──────────────────────────
-
-    /**
-     * Get registration/deregistration events for a specific AVS.
-     * @param {string} avsAddress
-     * @param {object} opts
-     */
-    async getAVSRegistrationEvents(avsAddress, opts = {}) {
-        const { data } = await this.client.get(`/avs/${avsAddress}/events/registration-status`, {
-            params: { skip: opts.skip || 0, take: opts.take || 12 },
-        });
-        return data;
-    }
-}
-
-module.exports = AVSAPI;

package/skills/eigen-da/SKILL.md

@@ -1,148 +0,0 @@
----
-name: eigen-da
-description: "Store and retrieve data blobs on EigenDA (Data Availability layer) — disperse blobs, retrieve by commitment, check status via proxy or direct API"
-version: 1.0.0
-metadata:
-  emoji: "📦"
-  tags: ["eigenlayer", "eigenda", "data-availability", "blobs", "storage"]
-user-invocable: true
----
-
-# EigenDA Skill
-
-Store and retrieve data blobs on EigenDA — EigenLayer's Data Availability layer. EigenDA provides high-throughput, low-cost data availability for rollups and applications.
-
-## What is EigenDA?
-
-EigenDA is a **data availability (DA) service** built on EigenLayer. It lets you:
-- **Store blobs** — submit arbitrary data, get back a cryptographic commitment
-- **Retrieve blobs** — fetch data using the commitment hash
-- **Verify** — KZG commitments prove data integrity
-
-## Architecture
-
-```
-Your App → EigenDA Proxy (localhost:3100) → EigenDA Disperser → EigenDA Operators
-```
-
-The **EigenDA Proxy** is a local REST server that handles encoding, KZG verification, and communication with the EigenDA disperser network.
-
-## Prerequisites
-
-Run the EigenDA Proxy locally via Docker:
-
-```bash
-docker run -d \
-  --name eigenda-proxy \
-  -p 3100:3100 \
-  ghcr.io/layr-labs/eigenda-proxy:latest \
-  --eigenda.disperser-rpc=disperser-sepolia.eigenda.xyz:443 \
-  --eigenda.service-manager-addr=0xD4A7E1Bd8015057293f0D0A557088c286942e84b \
-  --eigenda.eth-rpc=YOUR_SEPOLIA_RPC_URL \
-  --eigenda.status-query-timeout=45s \
-  --eigenda.signer-private-key-hex=YOUR_PRIVATE_KEY \
-  --memstore.enabled=false \
-  --eigenda.disable-tls=false
-```
-
-## When to use this skill
-
-Use when the user asks about:
-- Storing data on EigenDA
-- Retrieving data from EigenDA by commitment
-- Data availability for rollups
-- Blob storage and retrieval
-- EigenDA proxy setup
-- Verifying data commitments
-- EigenDA health/status checks
-
-## How to use
-
-### Store a blob via proxy
-
-```bash
-curl -s -X POST "http://127.0.0.1:3100/put?commitment_mode=standard" \
-  -H "Content-Type: application/json" \
-  -d '{"key": "value", "timestamp": "2025-01-01T00:00:00Z"}'
-```
-
-Returns: a hex commitment string (the blob's address on EigenDA).
-
-### Retrieve a blob via proxy
-
-```bash
-curl -s "http://127.0.0.1:3100/get/COMMITMENT_HASH?commitment_mode=standard"
-```
-
-Returns: the original JSON data.
-
-### Health check
-
-```bash
-curl -s "http://127.0.0.1:3100/health"
-```
-
-### View blob on explorer
-
-After storing, view the blob at:
-```
-https://blobs-sepolia.eigenda.xyz/blobs/COMMITMENT_HASH
-```
-
-## EigenDA v2 Disperser API (Direct)
-
-For direct access without the proxy (advanced):
-
-### Disperse a blob
-The v2 disperser uses gRPC at `disperser-sepolia.eigenda.xyz:443`:
-- `DisperseBlob()` — enqueue a blob for dispersal
-- `GetBlobStatus()` — poll dispersal status
-- `GetBlobCommitment()` — get the KZG commitment
-
-### Retrieve from relay
-The v2 Relay API provides:
-- `GetBlob(blob_key)` — retrieve blob from relay nodes
-
-## Configuration
-
-| Env Var | Default | Description |
-|---------|---------|-------------|
-| `EIGENDA_PROXY_URL` | `http://127.0.0.1:3100` | Proxy address |
-| `EIGENDA_COMMITMENT_MODE` | `standard` | `standard` or `optimistic` |
-| `EIGENDA_TIMEOUT` | `60000` | Timeout in ms |
-
-### Commitment modes
-
-- **standard** — full KZG commitment, highest security
-- **optimistic** — faster but with weaker guarantees
-
-## Networks
-
-| Network | Disperser RPC | Service Manager |
-|---------|---------------|-----------------|
-| Sepolia | `disperser-sepolia.eigenda.xyz:443` | `0xD4A7E1Bd8015057293f0D0A557088c286942e84b` |
-| Mainnet | `disperser.eigenda.xyz:443` | Check EigenLayer docs |
-
-## Programmatic Usage
-
-```javascript
-const EigenDA = require('eigen-skills/skills/eigen-da/scripts/da-api');
-
-const da = new EigenDA({
-  proxyUrl: 'http://127.0.0.1:3100',  // default
-  commitmentMode: 'standard',          // default
-  timeout: 60000,                      // default
-});
-
-// Store data
-const commitment = await da.store({ key: 'value', timestamp: new Date() });
-console.log('Commitment:', commitment);
-console.log('Explorer:', da.getExplorerUrl(commitment));
-
-// Retrieve data
-const data = await da.retrieve(commitment);
-console.log('Retrieved:', data);
-
-// Health check
-const healthy = await da.healthCheck();
-```