ethagent 3.2.0 → 3.3.1

package/src/identity/ens/agentRecords.ts

@@ -1,51 +1,79 @@
-export const AGENT_RECORD_KEYS = {
-  token: 'org.ethagent.token',
-} as const
+import type { Address } from 'viem'
+import { encodeInteroperableAddress } from './erc7930.js'
 
-type AgentRecordKey = typeof AGENT_RECORD_KEYS[keyof typeof AGENT_RECORD_KEYS]
+export const AGENT_TOKEN_RECORD_KEY = 'org.ethagent.token'
 
-export const AGENT_RECORD_KEY_LIST: readonly AgentRecordKey[] = [
-  AGENT_RECORD_KEYS.token,
-] as const
-
-export const AGENT_RECORD_READ_KEY_LIST: readonly string[] = AGENT_RECORD_KEY_LIST
-
-export type AgentEnsRecords = {
-  token?: string
-}
-
-export type AgentEnsRecordState = AgentEnsRecords
+export type AgentEnsRecords = Record<string, string>
+export type AgentEnsRecordState = Record<string, string>
 
 export type AgentRecordDiff = {
-  key: AgentRecordKey
-  field: keyof AgentEnsRecordState
+  key: string
   current: string
   next: string
   changed: boolean
 }
 
-const FIELD_FOR_KEY: Record<AgentRecordKey, keyof AgentEnsRecords> = {
-  [AGENT_RECORD_KEYS.token]: 'token',
+export type Ensip25KeyArgs = {
+  chainId: number
+  identityRegistryAddress: Address | string
+  agentId: string | bigint
+}
+
+export function buildEnsip25Key(args: Ensip25KeyArgs): string {
+  const agentIdStr = typeof args.agentId === 'bigint' ? args.agentId.toString() : args.agentId.trim()
+  if (!agentIdStr) throw new Error('agentId is required to build the ENSIP-25 record key')
+  if (agentIdStr.includes('[') || agentIdStr.includes(']')) {
+    throw new Error('agentId must not contain square brackets per ENSIP-25')
+  }
+  const registry = encodeInteroperableAddress({
+    chainId: args.chainId,
+    address: args.identityRegistryAddress as Address,
+  })
+  return `agent-registration[${registry}][${agentIdStr}]`
 }
 
-const LABEL_FOR_FIELD: Record<keyof AgentEnsRecordState, string> = {
-  token: 'Agent token',
+export function buildAgentTokenReferenceValue(args: Ensip25KeyArgs): string {
+  const agentIdStr = typeof args.agentId === 'bigint' ? args.agentId.toString() : args.agentId.trim()
+  return `eip155:${args.chainId}:${(args.identityRegistryAddress as string).toLowerCase()}:${agentIdStr}`
 }
 
-export function recordsFromTextMap(text: Record<string, string>): AgentEnsRecordState {
+export function buildAgentEnsRecords(args: {
+  chainId: number
+  identityRegistryAddress: Address | string
+  agentId: string | bigint | undefined
+}): AgentEnsRecords {
+  if (args.agentId === undefined || args.agentId === '') return {}
+  const ensip25Key = buildEnsip25Key({
+    chainId: args.chainId,
+    identityRegistryAddress: args.identityRegistryAddress,
+    agentId: args.agentId,
+  })
+  const tokenValue = buildAgentTokenReferenceValue({
+    chainId: args.chainId,
+    identityRegistryAddress: args.identityRegistryAddress,
+    agentId: args.agentId,
+  })
   return {
-    token: text[AGENT_RECORD_KEYS.token] ?? '',
+    [ensip25Key]: '1',
+    [AGENT_TOKEN_RECORD_KEY]: tokenValue,
   }
 }
 
+export function recordsFromTextMap(text: Record<string, string>): AgentEnsRecordState {
+  const out: AgentEnsRecordState = {}
+  for (const [key, value] of Object.entries(text)) {
+    if (value) out[key] = value
+  }
+  return out
+}
+
 export function diffRecords(current: AgentEnsRecordState, next: AgentEnsRecords): AgentRecordDiff[] {
-  return AGENT_RECORD_KEY_LIST.map(key => {
-    const field = FIELD_FOR_KEY[key]
-    const currentValue = (current[field] ?? '').trim()
-    const nextValue = (next[field] ?? '').trim()
+  const keys = new Set<string>([...Object.keys(current), ...Object.keys(next)])
+  return Array.from(keys).map(key => {
+    const currentValue = (current[key] ?? '').trim()
+    const nextValue = (next[key] ?? '').trim()
     return {
       key,
-      field,
       current: currentValue,
       next: nextValue,
       changed: currentValue !== nextValue,
@@ -61,22 +89,10 @@ export function changedRecords(current: AgentEnsRecordState, next: AgentEnsRecor
   return out
 }
 
-export function recordLabel(field: keyof AgentEnsRecordState): string {
-  return LABEL_FOR_FIELD[field]
-}
-
-export function formatRecordValue(_field: keyof AgentEnsRecordState, value: string): string {
-  return value
-}
-
-export function buildAgentEnsRecords(args: {
-  chainId: number
-  identityRegistryAddress: string
-  agentId: string | undefined
-}): AgentEnsRecords {
-  const records: AgentEnsRecords = {}
-  if (args.agentId) {
-    records.token = `eip155:${args.chainId}:${args.identityRegistryAddress.toLowerCase()}:${args.agentId}`
+export function clearedRecords(current: AgentEnsRecordState): AgentEnsRecords {
+  const out: AgentEnsRecords = {}
+  for (const key of Object.keys(current)) {
+    out[key] = ''
   }
-  return records
+  return out
 }

package/src/identity/ens/ensAutomation/read.ts

@@ -9,7 +9,6 @@ import {
 } from 'viem'
 import { mainnet } from 'viem/chains'
 import {
-  AGENT_RECORD_READ_KEY_LIST,
   recordsFromTextMap,
   type AgentEnsRecordState,
 } from '../agentRecords.js'
@@ -81,9 +80,14 @@ export async function readAddressRecord(client: EnsAutomationReadClient, resolve
   }
 }
 
-export async function readTextRecords(client: EnsAutomationReadClient, resolverAddress: Address, node: Hex): Promise<AgentEnsRecordState> {
+export async function readTextRecords(
+  client: EnsAutomationReadClient,
+  resolverAddress: Address,
+  node: Hex,
+  keys: readonly string[],
+): Promise<AgentEnsRecordState> {
   const text: Record<string, string> = {}
-  for (const key of AGENT_RECORD_READ_KEY_LIST) {
+  for (const key of keys) {
     try {
       const value = await client.readContract({
         address: resolverAddress,
@@ -105,10 +109,3 @@ export function isZero(address: Address): boolean {
 export function sameAddress(a: Address, b: Address): boolean {
   return a.toLowerCase() === b.toLowerCase()
 }
-
-export function normalizeAgentRecords(records: AgentEnsRecordState): AgentEnsRecordState {
-  return {
-    ...records,
-    ...(records.token ? { token: records.token.toLowerCase() } : {}),
-  }
-}

package/src/identity/ens/ensAutomation/setup.ts

@@ -1,6 +1,8 @@
 import { getAddress, namehash, type Address } from 'viem'
 import {
+  AGENT_TOKEN_RECORD_KEY,
   buildAgentEnsRecords,
+  buildEnsip25Key,
   diffRecords,
 } from '../agentRecords.js'
 import { normalizeEthDomain, splitSubdomainName } from '../ensLookup.js'
@@ -12,7 +14,6 @@ import {
 import {
   createEnsAutomationClient,
   isZero,
-  normalizeAgentRecords,
   readAddressRecord,
   readOwner,
   readResolver,
@@ -225,26 +226,19 @@ export async function preflightEnsSetup(args: EnsSetupPreflightArgs): Promise<En
   }
 
   const currentAddress = isZero(childResolver) ? null : await readAddressRecord(client, resolverAddress, fullNode)
-  const currentRecords = normalizeAgentRecords(isZero(childResolver) ? {} : await readTextRecords(client, resolverAddress, fullNode))
+  const ensip25Key = buildEnsip25Key({
+    chainId: args.registry.chainId,
+    identityRegistryAddress: args.registry.identityRegistryAddress,
+    agentId: String(args.agentId),
+  })
+  const currentRecords = isZero(childResolver)
+    ? {}
+    : await readTextRecords(client, resolverAddress, fullNode, [ensip25Key, AGENT_TOKEN_RECORD_KEY])
   const nextRecords = buildAgentEnsRecords({
     chainId: args.registry.chainId,
     identityRegistryAddress: args.registry.identityRegistryAddress,
     agentId: String(args.agentId),
   })
-  if (currentRecords.token && nextRecords.token && currentRecords.token !== nextRecords.token) {
-    return manual(args, {
-      rootName,
-      label,
-      fullName,
-      operatorAddress,
-      ownerAddress,
-      resolverAddress,
-      reason: 'token-record-collision',
-      detail: `${fullName} already points to another ERC-8004 token`,
-      currentRecords,
-      nextRecords,
-    })
-  }
 
   const recordDiffs = diffRecords(currentRecords, nextRecords)
   const addressChanged = !currentAddress || !sameAddress(currentAddress, ownerAddress)

package/src/identity/ens/ensAutomation/types.ts

@@ -56,7 +56,6 @@ export type EnsSetupBlockedPlan = {
     | 'operator-matches-owner'
     | 'token-owner-mismatch'
     | 'token-owner-lookup-failed'
-    | 'token-record-collision'
     | 'lookup-failed'
   detail: string
   currentRecords?: AgentEnsRecordState

package/src/identity/ens/ensAutomation.ts

@@ -24,6 +24,7 @@ export {
   encodeEnsRecordsTransaction,
   encodeEnsRegistryTransaction,
 } from './ensAutomation/transactions.js'
+export { readAddressRecord } from './ensAutomation/read.js'
 export { isRootEthName } from './ensAutomation/names.js'
 export { preflightDeleteSubdomain } from './ensAutomation/delete.js'
 export { compareOperatorSets } from './ensAutomation/operators.js'

package/src/identity/ens/ensLookup/records.ts

@@ -11,7 +11,7 @@ export type EncodedEnsRecordTransaction = {
   calls: Hex[]
 }
 
-export async function encodeSetEthagentTextRecords(
+export async function encodeSetEnsip25TextRecord(
   fullName: string,
   records: Record<string, string>,
   opts: DiscoverOptions = {},

package/src/identity/ens/ensLookup.ts

@@ -16,4 +16,4 @@ export { resolveEnsAddress, readEthagentTextRecords, readResolverAddress } from
 export { parseAgentTokenReference } from './ensLookup/tokenReference.js'
 export { discoverOwnedEnsNameDetails, discoverOwnedEnsNames } from './ensLookup/discovery.js'
 export { validateAgentEnsLink } from './ensLookup/validation.js'
-export { encodeSetEthagentTextRecords } from './ensLookup/records.js'
+export { encodeSetEnsip25TextRecord } from './ensLookup/records.js'

package/src/identity/ens/erc7930.ts

@@ -0,0 +1,48 @@
+import type { Address } from 'viem'
+
+const VERSION = 1
+const CHAIN_TYPE_EIP155 = 0
+const ADDRESS_BYTE_LENGTH = 20
+
+export type InteroperableAddressArgs = {
+  chainId: number
+  address: Address
+}
+
+export function encodeInteroperableAddress(args: InteroperableAddressArgs): `0x${string}` {
+  if (!Number.isInteger(args.chainId) || args.chainId <= 0) {
+    throw new Error(`invalid chainId for ERC-7930: ${args.chainId}`)
+  }
+  const addressHex = args.address.toLowerCase().replace(/^0x/, '')
+  if (!/^[0-9a-f]{40}$/.test(addressHex)) {
+    throw new Error(`invalid address for ERC-7930: ${args.address}`)
+  }
+  const chainRefBytes = minimalBigEndianBytes(BigInt(args.chainId))
+  if (chainRefBytes.length > 0xff) {
+    throw new Error(`chainId too large for ERC-7930 single-byte length prefix: ${args.chainId}`)
+  }
+  return `0x${uint16Hex(VERSION)}${uint16Hex(CHAIN_TYPE_EIP155)}${uint8Hex(chainRefBytes.length)}${bytesHex(chainRefBytes)}${uint8Hex(ADDRESS_BYTE_LENGTH)}${addressHex}` as `0x${string}`
+}
+
+function uint16Hex(n: number): string {
+  return n.toString(16).padStart(4, '0')
+}
+
+function uint8Hex(n: number): string {
+  return n.toString(16).padStart(2, '0')
+}
+
+function minimalBigEndianBytes(value: bigint): Uint8Array {
+  if (value === 0n) return new Uint8Array([0])
+  const bytes: number[] = []
+  let remaining = value
+  while (remaining > 0n) {
+    bytes.unshift(Number(remaining & 0xffn))
+    remaining >>= 8n
+  }
+  return new Uint8Array(bytes)
+}
+
+function bytesHex(bytes: Uint8Array): string {
+  return Array.from(bytes).map(b => b.toString(16).padStart(2, '0')).join('')
+}

package/src/identity/hub/OperationalRoutes.tsx

@@ -9,6 +9,7 @@ import {
   runPublicProfileStorageSubmit,
 } from './profile/effects.js'
 import { resolveVaultAddress } from './custody/transactions.js'
+import { readCustodyMode } from './custody/state.js'
 import { WalletApprovalScreen } from './shared/components/WalletApprovalScreen.js'
 import { RebackupStorageScreen } from './continuity/RebackupStorageScreen.js'
 import { BusyScreen } from './shared/components/BusyScreen.js'
@@ -280,7 +281,6 @@ export const IdentityHubOperationalRoutes: React.FC<IdentityHubOperationalRoutes
         onWalletReady={setWalletSession}
         onTriggerRebackup={triggerRebackup}
         onTriggerPublicProfileSave={triggerPublicProfileSave}
-        onWithdrawTokenForEns={currentStep => custodyFlow.beginWithdrawToken(currentStep, currentStep, 'ens')}
       />
     )
   }
@@ -321,12 +321,14 @@ export const IdentityHubOperationalRoutes: React.FC<IdentityHubOperationalRoutes
 
   if (step.kind === 'rebackup-signing') {
     const approval = rebackupWalletApprovalView(step.identity, step.profileUpdates)
+    const vaultRouted = Boolean(step.vaultAddress)
+      && readCustodyMode(step.identity.state as Record<string, unknown> | undefined) === 'advanced'
     return (
       <WalletApprovalScreen
         title={approval.title}
         subtitle={custodyFlow.renderRebackupSubtitle(
           approval.subtitle,
-          Boolean(step.vaultAddress),
+          vaultRouted,
         )}
         walletSession={walletSession}
         label={approval.label}

package/src/identity/hub/Routes.tsx

@@ -83,7 +83,7 @@ export const IdentityHubRoutes: React.FC<{ controller: IdentityHubController }>
           <Select<'ens' | 'skip'>
             options={[
               { value: 'ens', role: 'section', label: 'Set Up Now' },
-              { value: 'ens', label: 'Set Up ENS Name', hint: 'Walks you through Root, Name, Review, and Apply' },
+              { value: 'ens', label: 'Set Up ENS Name', hint: 'Root → Name → Review → Apply' },
               { value: 'skip', role: 'section', label: 'Skip' },
               { value: 'skip', label: 'Skip For Now', hint: 'Continue to model setup; add ENS later', role: 'utility' },
             ]}

package/src/identity/hub/continuity/effects.ts

@@ -6,17 +6,11 @@ import {
   prepareSyncedIdentityMarkdownScaffold,
   prepareSyncedSkillsTree,
   readContinuityFiles,
-  readPublicSkillsFile,
   writeIdentityMarkdownScaffold,
   type IdentityMarkdownScaffold,
 } from '../../continuity/storage.js'
 import {
-  appendPublicSkillEntries,
-  defaultPublicSkillsProfile as basePublicSkillsProfile,
-} from '../../continuity/publicSkills.js'
-import {
-  derivePublicSkillEntries,
-  syncPublicSkillsManifest,
+  syncAgentCardManifest,
 } from '../../continuity/skills/publicSkillsSync.js'
 import {
   createWalletRestoreAccessChallenge,
@@ -25,12 +19,8 @@ import {
   type ContinuitySkillsTree,
   type WalletChallengePurpose,
 } from '../../continuity/envelope.js'
-import {
-  createAgentCard,
-  defaultPublicSkillsProfile,
-  serializeAgentCard,
-} from '../../continuity/publicSkills.js'
 import { recordPublishedContinuitySnapshot } from '../../continuity/snapshots.js'
+import { readCustodyMode } from '../custody/state.js'
 import { addToIpfs, DEFAULT_IPFS_API_URL, isPinataUploadUrl } from '../../storage/ipfs.js'
 import {
   createErc8004PublicClient,
@@ -83,19 +73,19 @@ import {
 } from './completion.js'
 
 type BackupMetadata = NonNullable<EthagentIdentity['backup']>
-type PublicSkillsMetadata = NonNullable<EthagentIdentity['publicSkills']>
+type AgentCardMetadata = NonNullable<EthagentIdentity['agentCard']>
 
 type RebackupPreparedTransaction = {
   ownerAddress: Address
   agentUri: string
   metadataCid: string
   backup: BackupMetadata
-  publicSkills: PublicSkillsMetadata
+  agentCard: AgentCardMetadata
   identity: EthagentIdentity
   markdownScaffold?: IdentityMarkdownScaffold
   publishedSources: {
     privateFiles: ContinuityFiles
-    publicSkills: string
+    agentCard: string
     skills: ContinuitySkillsTree
   }
 }
@@ -197,8 +187,9 @@ async function runRebackupSigningInner(
     return
   }
   const snapshotOwner = ownerAddressForSnapshotSave(step.identity, step.profileUpdates)
+  const isAdvanced = readCustodyMode(step.identity.state as Record<string, unknown> | undefined) === 'advanced'
   const purpose: WalletPurpose = step.walletPurpose
-    ?? (step.vaultAddress ? 'rotate-agent-uri-vault-owner' : rebackupWalletPurpose(step.identity, step.profileUpdates))
+    ?? (step.vaultAddress && isAdvanced ? 'rotate-agent-uri-vault-owner' : rebackupWalletPurpose(step.identity, step.profileUpdates))
   const challengePurpose: WalletChallengePurpose = 'restore-owner'
   const walletAccess = walletRestoreAccessContext(step.identity, step.registry, step.profileUpdates, snapshotOwner)
   if (!walletAccess) throw new Error('Cannot back up: missing wallet restore access context')
@@ -244,20 +235,8 @@ async function runRebackupSigningInner(
       const continuityFiles = markdownScaffold
         ? { 'SOUL.md': markdownScaffold['SOUL.md'], 'MEMORY.md': markdownScaffold['MEMORY.md'] }
         : await readContinuityFiles(nextIdentityForFiles)
-      const publicSkillsJson = await syncPublicSkillsManifest(nextIdentityForFiles)
-      const publicSkillsPin = await addToIpfs(DEFAULT_IPFS_API_URL, publicSkillsJson, fetch, { pinataJwt: step.pinataJwt })
-      assertVerifiedPin(publicSkillsPin)
-      const publicSkillEntries = await derivePublicSkillEntries(nextIdentityForFiles)
-      const augmentedPublicProfile = appendPublicSkillEntries(
-        basePublicSkillsProfile(nextIdentityForFiles),
-        publicSkillEntries,
-      )
-      const agentCardPin = await addToIpfs(
-        DEFAULT_IPFS_API_URL,
-        serializeAgentCard(createAgentCard(augmentedPublicProfile)),
-        fetch,
-        { pinataJwt: step.pinataJwt },
-      )
+      const agentCardJson = await syncAgentCardManifest(nextIdentityForFiles)
+      const agentCardPin = await addToIpfs(DEFAULT_IPFS_API_URL, agentCardJson, fetch, { pinataJwt: step.pinataJwt })
       assertVerifiedPin(agentCardPin)
       const skillsTree = await prepareSyncedSkillsTree(nextIdentityForFiles)
       const envelope = createContinuityEnvelopeForSave({
@@ -287,9 +266,8 @@ async function runRebackupSigningInner(
         identityRegistryAddress: step.registry.identityRegistryAddress,
         agentId: sourceAgentId,
       }
-      const publicSkills: PublicSkillsMetadata = {
-        cid: publicSkillsPin.cid,
-        agentCardCid: agentCardPin.cid,
+      const agentCard: AgentCardMetadata = {
+        cid: agentCardPin.cid,
         updatedAt: envelope.createdAt,
         status: 'pinned',
       }
@@ -300,7 +278,7 @@ async function runRebackupSigningInner(
         ...(uploadedImageUri ? { image: uploadedImageUri } : {}),
       }, {
         backup: { cid, envelopeVersion: envelope.envelopeVersion, createdAt: envelope.createdAt },
-        publicDiscovery: { skillsCid: publicSkills.cid, agentCardCid: publicSkills.agentCardCid, updatedAt: publicSkills.updatedAt },
+        publicDiscovery: { agentCardCid: agentCard.cid, updatedAt: agentCard.updatedAt },
         registration: { chainId: step.registry.chainId, identityRegistryAddress: step.registry.identityRegistryAddress, agentId: sourceAgentId },
         ensName: nextEnsName,
         operators: operatorsPointerFromState(state, nextEnsName),
@@ -332,12 +310,12 @@ async function runRebackupSigningInner(
             agentUri,
             metadataCid,
             backup: { ...backup, metadataCid, agentUri },
-            publicSkills,
+            agentCard,
             identity: { ...step.identity, state },
             ...(markdownScaffold ? { markdownScaffold } : {}),
             publishedSources: {
               privateFiles: continuityFiles,
-              publicSkills: publicSkillsJson,
+              agentCard: agentCardJson,
               skills: skillsTree,
             },
           },
@@ -357,12 +335,12 @@ async function runRebackupSigningInner(
           agentUri,
           metadataCid,
           backup: { ...backup, metadataCid, agentUri },
-          publicSkills,
+          agentCard,
           identity: { ...step.identity, state },
           ...(markdownScaffold ? { markdownScaffold } : {}),
           publishedSources: {
             privateFiles: continuityFiles,
-            publicSkills: publicSkillsJson,
+            agentCard: agentCardJson,
             skills: skillsTree,
           },
         },
@@ -388,7 +366,7 @@ async function runRebackupSigningInner(
     agentUri: result.prepared.agentUri,
     metadataCid: result.prepared.metadataCid,
     backup: { ...result.prepared.backup, txHash: result.txHash },
-    publicSkills: result.prepared.publicSkills,
+    agentCard: result.prepared.agentCard,
   }
   if (result.prepared.markdownScaffold) {
     await writeIdentityMarkdownScaffold(nextIdentity, result.prepared.markdownScaffold)

package/src/identity/hub/continuity/skills/NewSkillVisibilityScreen.tsx

@@ -33,8 +33,8 @@ export const NewSkillVisibilityScreen: React.FC<NewSkillVisibilityScreenProps> =
     <Box marginTop={1}>
       <Select<SkillVisibility | 'back'>
         options={[
-          { value: 'private', label: 'Private', hint: 'Local-only. Not in skills.json.' },
-          { value: 'public', label: 'Public', hint: 'Default. Indexed in skills.json and Agent Card.' },
+          { value: 'private', label: 'Private', hint: 'Local-only. Not in the Agent Card.' },
+          { value: 'public', label: 'Public', hint: 'Default. Listed in the Agent Card.' },
           { value: 'back', role: 'section', label: 'Navigation' },
           { value: 'back', label: 'Back', hint: 'Return to the name step', role: 'utility' },
         ]}

package/src/identity/hub/continuity/skills/SkillActionsScreen.tsx

@@ -140,8 +140,8 @@ function visibilityOption(level: SkillVisibility, current?: SkillVisibility): Se
 }
 
 function visibilityHint(level: SkillVisibility): string {
-  if (level === 'private') return 'Local-only. Not in skills.json.'
-  return 'Default. Indexed with description and Agent Card link.'
+  if (level === 'private') return 'Local-only. Not in the Agent Card.'
+  return 'Default. Listed in the Agent Card.'
 }
 
 function capitalize(value: string): string {

package/src/identity/hub/continuity/state.ts

@@ -27,7 +27,7 @@ export function changedContinuitySnapshotFiles(
   const result: string[] = []
   if (changed('SOUL.md')) result.push('SOUL.md')
   if (changed('MEMORY.md')) result.push('MEMORY.md')
-  if (changed('skills.json') || changed('private-skills')) result.push('Skills')
+  if (changed('agent-card.json') || changed('private-skills')) result.push('Skills')
   return result
 }