globodai-mcp-payment-manager 1.0.1

package/src/tools/lock-cards.ts

@@ -0,0 +1,31 @@
+/**
+ * Lock cards (clear PIN from memory)
+ */
+
+import { z } from "zod";
+import { lock, getStatus } from "../lib/pin-manager";
+
+export const name = "lock_cards";
+
+export const description = "Lock your cards immediately. Clears the PIN from memory. You'll need to unlock again to make payments.";
+
+export const parameters = z.object({});
+
+export async function execute(_args: z.infer<typeof parameters>) {
+  const status = getStatus();
+  
+  if (!status.unlocked) {
+    return {
+      success: true,
+      message: "Cards are already locked",
+    };
+  }
+  
+  lock();
+  
+  return {
+    success: true,
+    message: "Cards locked. PIN cleared from memory.",
+    note: "Use unlock_cards to unlock again when needed.",
+  };
+}

package/src/tools/prepare-crypto-tx.ts

@@ -0,0 +1,108 @@
+/**
+ * Prepare a crypto transaction for confirmation
+ * 
+ * Creates a pending transaction that must be signed and broadcast.
+ * For hardware wallets, signing happens on the device.
+ */
+
+import { z } from "zod";
+import { randomUUID } from "crypto";
+import { getWallet, logCryptoTransaction, CHAIN_CONFIG } from "../lib/wallets";
+import type { CryptoTransaction } from "../lib/wallets";
+
+export const name = "prepare_crypto_tx";
+
+export const description = `Prepare a crypto transaction for signing. This creates a PENDING transaction that must be confirmed with sign_crypto_tx before broadcast.
+
+Supports:
+- Native token transfers (ETH, MATIC, etc.)
+- ERC20/token transfers
+- Contract interactions`;
+
+export const parameters = z.object({
+  wallet_id: z.string().describe("ID of the wallet to send from"),
+  to: z.string().describe("Recipient address"),
+  // Native or token
+  amount: z.string().optional().describe("Amount to send (in human readable units, e.g., '0.5' for 0.5 ETH)"),
+  token_address: z.string().optional().describe("Token contract address (omit for native currency)"),
+  token_symbol: z.string().optional().describe("Token symbol (e.g., 'USDC')"),
+  // Or raw contract call
+  data: z.string().optional().describe("Raw transaction data (hex) for contract calls"),
+  // Gas settings
+  gas_limit: z.string().optional().describe("Gas limit (default: estimated)"),
+  max_fee_per_gas: z.string().optional().describe("Max fee per gas in gwei"),
+  max_priority_fee: z.string().optional().describe("Max priority fee in gwei"),
+  // Description
+  description: z.string().describe("What this transaction is for"),
+});
+
+export async function execute(args: z.infer<typeof parameters>) {
+  // Get wallet
+  const wallet = await getWallet(args.wallet_id);
+  
+  if (!wallet) {
+    return { success: false, error: "Wallet not found" };
+  }
+  
+  if (!wallet.enabled) {
+    return { success: false, error: "Wallet is disabled" };
+  }
+  
+  if (!wallet.allowedOperations.includes("send")) {
+    return { success: false, error: "This wallet is not allowed to send transactions" };
+  }
+  
+  // Validate recipient address (basic check)
+  const chainConfig = CHAIN_CONFIG[wallet.chain];
+  
+  // Determine transaction type
+  let txType: CryptoTransaction["type"] = "send";
+  if (args.data) {
+    txType = "contract";
+  }
+  
+  // Create pending transaction
+  const txId = randomUUID();
+  const transaction: CryptoTransaction = {
+    id: txId,
+    walletId: wallet.id,
+    chain: wallet.chain,
+    type: txType,
+    status: "pending",
+    from: wallet.address,
+    to: args.to,
+    value: args.amount,
+    tokenAddress: args.token_address,
+    tokenSymbol: args.token_symbol,
+    gasLimit: args.gas_limit,
+    maxFeePerGas: args.max_fee_per_gas,
+    maxPriorityFeePerGas: args.max_priority_fee,
+    description: args.description,
+    createdAt: new Date().toISOString(),
+  };
+  
+  await logCryptoTransaction(transaction);
+  
+  const amountDisplay = args.token_symbol 
+    ? `${args.amount} ${args.token_symbol}`
+    : `${args.amount} ${chainConfig?.nativeCurrency ?? "tokens"}`;
+  
+  return {
+    success: true,
+    transaction_id: txId,
+    status: "pending",
+    summary: {
+      from: `${wallet.nickname} (${wallet.address.slice(0, 10)}...)`,
+      to: `${args.to.slice(0, 10)}...${args.to.slice(-8)}`,
+      amount: amountDisplay,
+      chain: chainConfig?.name ?? wallet.chain,
+      type: txType,
+      description: args.description,
+    },
+    wallet_type: wallet.type,
+    next_step: wallet.type === "hardware" 
+      ? "Connect your hardware wallet and call sign_crypto_tx to sign on device"
+      : "Call sign_crypto_tx to sign and broadcast the transaction",
+    warning: "NO TRANSACTION has been broadcast yet. You must sign to proceed.",
+  };
+}

package/src/tools/prepare-payment.ts

@@ -0,0 +1,108 @@
+/**
+ * Prepare a payment for confirmation
+ * 
+ * This creates a pending transaction that must be confirmed before execution.
+ * Security: User must explicitly confirm with CVV before any charge.
+ */
+
+import { z } from "zod";
+import { randomUUID } from "crypto";
+import { getCard, logTransaction } from "../lib/cards";
+import type { Transaction, CardUsage } from "../lib/cards";
+import { isUnlocked, isPinConfigured } from "../lib/pin-manager";
+
+export const name = "prepare_payment";
+
+export const description = "Prepare a payment for a booking (flight, train, hotel, etc.). This creates a PENDING transaction that must be confirmed with confirm_payment before any charge is made.";
+
+export const parameters = z.object({
+  card_id: z.string().describe("ID of the card to use"),
+  amount: z.number().describe("Amount to charge"),
+  currency: z.string().describe("Currency code (EUR, USD, etc.)"),
+  type: z.enum(["flight", "train", "hotel", "general"]).describe("Type of purchase"),
+  description: z.string().describe("What is being purchased (e.g., 'Paris-London Eurostar 15 Feb')"),
+  provider: z.string().describe("Booking provider (e.g., 'Trainline', 'Air France', 'Booking.com')"),
+  details: z.record(z.unknown()).optional().describe("Additional booking details"),
+});
+
+export async function execute(args: z.infer<typeof parameters>) {
+  // Check cards are unlocked
+  if (!isPinConfigured()) {
+    return {
+      success: false,
+      error: "Master PIN not configured. Use setup_pin first.",
+    };
+  }
+  
+  if (!isUnlocked()) {
+    return {
+      success: false,
+      error: "Cards are locked. Use unlock_cards with your PIN first.",
+    };
+  }
+  
+  // Verify card exists and is enabled
+  const card = await getCard(args.card_id);
+  
+  if (!card) {
+    return {
+      success: false,
+      error: "Card not found",
+    };
+  }
+  
+  if (!card.enabled) {
+    return {
+      success: false,
+      error: "Card is disabled",
+    };
+  }
+  
+  // Check usage restrictions
+  if (!card.allowedUsage.includes("all") && !card.allowedUsage.includes(args.type)) {
+    return {
+      success: false,
+      error: `Card "${card.nickname}" is not allowed for ${args.type} purchases. Allowed: ${card.allowedUsage.join(", ")}`,
+    };
+  }
+  
+  // Check limits
+  if (card.limits?.perTransaction && args.amount > card.limits.perTransaction) {
+    return {
+      success: false,
+      error: `Amount exceeds per-transaction limit of ${card.limits.perTransaction} ${card.limits.currency}`,
+    };
+  }
+  
+  // Create pending transaction
+  const txId = randomUUID();
+  const transaction: Transaction = {
+    id: txId,
+    cardId: card.id,
+    type: args.type,
+    amount: args.amount,
+    currency: args.currency,
+    description: args.description,
+    provider: args.provider,
+    status: "pending",
+    createdAt: new Date().toISOString(),
+    details: args.details,
+  };
+  
+  await logTransaction(transaction);
+  
+  return {
+    success: true,
+    transaction_id: txId,
+    status: "pending",
+    summary: {
+      card: `${card.nickname} (****${card.lastFourDigits})`,
+      amount: `${args.amount} ${args.currency}`,
+      type: args.type,
+      description: args.description,
+      provider: args.provider,
+    },
+    next_step: "Call confirm_payment with this transaction_id and the card CVV to complete the payment",
+    warning: "NO CHARGE has been made yet. You must confirm to proceed.",
+  };
+}

package/src/tools/remove-card.ts

@@ -0,0 +1,46 @@
+/**
+ * Remove a payment card
+ */
+
+import { z } from "zod";
+import { removeCard, getCard } from "../lib/cards";
+
+export const name = "remove_card";
+
+export const description = "Remove a saved payment card. This action is irreversible.";
+
+export const parameters = z.object({
+  card_id: z.string().describe("ID of the card to remove"),
+  confirm: z.boolean().describe("Must be true to confirm deletion"),
+});
+
+export async function execute(args: z.infer<typeof parameters>) {
+  if (!args.confirm) {
+    return {
+      success: false,
+      error: "You must set confirm=true to delete a card",
+    };
+  }
+  
+  const card = await getCard(args.card_id);
+  if (!card) {
+    return {
+      success: false,
+      error: "Card not found",
+    };
+  }
+  
+  const removed = await removeCard(args.card_id);
+  
+  if (removed) {
+    return {
+      success: true,
+      message: `Card "${card.nickname}" (****${card.lastFourDigits}) has been removed`,
+    };
+  } else {
+    return {
+      success: false,
+      error: "Failed to remove card",
+    };
+  }
+}

package/src/tools/remove-wallet.ts

@@ -0,0 +1,47 @@
+/**
+ * Remove a crypto wallet
+ */
+
+import { z } from "zod";
+import { removeWallet, getWallet } from "../lib/wallets";
+
+export const name = "remove_wallet";
+
+export const description = "Remove a saved crypto wallet. This deletes the stored keys (if any). This action is irreversible.";
+
+export const parameters = z.object({
+  wallet_id: z.string().describe("ID of the wallet to remove"),
+  confirm: z.boolean().describe("Must be true to confirm deletion"),
+});
+
+export async function execute(args: z.infer<typeof parameters>) {
+  if (!args.confirm) {
+    return {
+      success: false,
+      error: "You must set confirm=true to delete a wallet",
+    };
+  }
+  
+  const wallet = await getWallet(args.wallet_id);
+  if (!wallet) {
+    return {
+      success: false,
+      error: "Wallet not found",
+    };
+  }
+  
+  const removed = await removeWallet(args.wallet_id);
+  
+  if (removed) {
+    return {
+      success: true,
+      message: `Wallet "${wallet.nickname}" (${wallet.address.slice(0, 10)}...) has been removed`,
+      warning: wallet.type === "hot" ? "Private key has been deleted" : undefined,
+    };
+  } else {
+    return {
+      success: false,
+      error: "Failed to remove wallet",
+    };
+  }
+}

package/src/tools/setup-pin.ts

@@ -0,0 +1,39 @@
+/**
+ * Set up master PIN for card access
+ */
+
+import { z } from "zod";
+import { setupPin, isPinConfigured } from "../lib/pin-manager";
+
+export const name = "setup_pin";
+
+export const description = "Set up a master PIN (4-8 characters) for card access. This PIN encrypts your CVVs and must be entered to unlock cards for payments. Choose something you'll remember!";
+
+export const parameters = z.object({
+  pin: z.string().describe("Your master PIN (4-8 characters). This will encrypt your CVVs."),
+});
+
+export async function execute(args: z.infer<typeof parameters>) {
+  if (isPinConfigured()) {
+    return {
+      success: false,
+      error: "PIN already configured. Use change_pin to modify it.",
+    };
+  }
+  
+  const result = setupPin(args.pin);
+  
+  if (result.success) {
+    return {
+      success: true,
+      message: "Master PIN configured! Cards are now unlocked.",
+      note: "Your PIN encrypts all CVVs. Without it, cards cannot be used.",
+      session_timeout: "30 minutes of inactivity will lock cards automatically",
+    };
+  } else {
+    return {
+      success: false,
+      error: result.error,
+    };
+  }
+}

package/src/tools/sign-crypto-tx.ts

@@ -0,0 +1,90 @@
+/**
+ * Sign and broadcast a prepared crypto transaction
+ */
+
+import { z } from "zod";
+import { getWallet, getCryptoTransactions, updateCryptoTransaction, CHAIN_CONFIG } from "../lib/wallets";
+
+export const name = "sign_crypto_tx";
+
+export const description = `Sign and broadcast a prepared crypto transaction.
+
+For hot wallets: signs with the stored private key.
+For hardware wallets: requires the device to be connected (integration needed).
+For watch-only: not allowed.`;
+
+export const parameters = z.object({
+  transaction_id: z.string().describe("ID of the pending transaction to sign"),
+  confirm: z.boolean().describe("Must be true to confirm you want to sign and broadcast"),
+});
+
+export async function execute(args: z.infer<typeof parameters>) {
+  if (!args.confirm) {
+    return {
+      success: false,
+      error: "You must set confirm=true to sign and broadcast the transaction",
+    };
+  }
+  
+  // Find the pending transaction
+  const transactions = await getCryptoTransactions(100);
+  const tx = transactions.find((t) => t.id === args.transaction_id);
+  
+  if (!tx) {
+    return { success: false, error: "Transaction not found" };
+  }
+  
+  if (tx.status !== "pending") {
+    return { success: false, error: `Transaction is already ${tx.status}` };
+  }
+  
+  // Get the wallet
+  const wallet = await getWallet(tx.walletId);
+  if (!wallet) {
+    return { success: false, error: "Wallet no longer exists" };
+  }
+  
+  if (wallet.type === "watch-only") {
+    return { success: false, error: "Watch-only wallets cannot sign transactions" };
+  }
+  
+  const chainConfig = CHAIN_CONFIG[wallet.chain];
+  
+  // Here we would:
+  // 1. For hot wallets: sign with ethers.js/viem using the private key
+  // 2. For hardware wallets: prompt for Ledger/Trezor connection
+  // 3. Broadcast to the network
+  
+  // For now, mark as signed and return what would be needed
+  await updateCryptoTransaction(tx.id, {
+    status: "signed",
+    signedAt: new Date().toISOString(),
+  });
+  
+  const amountDisplay = tx.tokenSymbol 
+    ? `${tx.value} ${tx.tokenSymbol}`
+    : `${tx.value} ${chainConfig?.nativeCurrency ?? "tokens"}`;
+  
+  return {
+    success: true,
+    status: "signed",
+    transaction_id: tx.id,
+    message: wallet.type === "hardware" 
+      ? "Transaction prepared for hardware signing"
+      : "Transaction signed (ready for broadcast)",
+    summary: {
+      from: wallet.nickname,
+      to: tx.to,
+      amount: amountDisplay,
+      chain: chainConfig?.name ?? wallet.chain,
+    },
+    // In production, this would return the actual tx hash
+    note: "Integration with ethers.js/viem needed for actual signing and broadcast",
+    next_steps: [
+      "Integrate with ethers.js or viem for transaction signing",
+      "Add RPC endpoint configuration for each chain",
+      "For hardware wallets, integrate with @ledgerhq/hw-transport or similar",
+    ],
+    explorer: chainConfig?.explorerUrl,
+  };
+}

package/src/tools/unlock-cards.ts

@@ -0,0 +1,48 @@
+/**
+ * Unlock cards with master PIN
+ */
+
+import { z } from "zod";
+import { unlock, isPinConfigured, getStatus } from "../lib/pin-manager";
+
+export const name = "unlock_cards";
+
+export const description = "Unlock your cards by entering your master PIN. Required before making any payment. Cards stay unlocked for 30 minutes of activity.";
+
+export const parameters = z.object({
+  pin: z.string().describe("Your master PIN"),
+});
+
+export async function execute(args: z.infer<typeof parameters>) {
+  if (!isPinConfigured()) {
+    return {
+      success: false,
+      error: "No PIN configured. Use setup_pin first.",
+    };
+  }
+  
+  const status = getStatus();
+  if (status.unlocked) {
+    return {
+      success: true,
+      message: "Cards already unlocked",
+      remaining_minutes: status.remainingMinutes,
+    };
+  }
+  
+  const result = unlock(args.pin);
+  
+  if (result.success) {
+    return {
+      success: true,
+      message: "Cards unlocked! You can now make payments.",
+      session_expires_in: `${result.expiresIn} minutes`,
+      tip: "Cards will auto-lock after 30 minutes of inactivity",
+    };
+  } else {
+    return {
+      success: false,
+      error: result.error,
+    };
+  }
+}

package/tsconfig.json

@@ -0,0 +1,19 @@
+{
+  "compilerOptions": {
+    "target": "ES2022",
+    "module": "ESNext",
+    "moduleResolution": "bundler",
+    "allowSyntheticDefaultImports": true,
+    "esModuleInterop": true,
+    "allowJs": true,
+    "strict": true,
+    "skipLibCheck": true,
+    "forceConsistentCasingInFileNames": true,
+    "declaration": true,
+    "outDir": "./dist",
+    "rootDir": "./src",
+    "resolveJsonModule": true
+  },
+  "include": ["src/**/*"],
+  "exclude": ["node_modules", "dist"]
+}