globodai-mcp-payment-manager 1.0.1

package/dist/lib/blockchain.d.ts

@@ -0,0 +1,50 @@
+/**
+ * Blockchain API Client
+ *
+ * Fetches balances and transactions from various blockchains.
+ * Uses public RPC endpoints and explorer APIs.
+ */
+import { type Chain } from "./wallets";
+export interface WalletBalance {
+    address: string;
+    chain: Chain;
+    nativeBalance: string;
+    nativeBalanceFormatted: string;
+    nativeCurrency: string;
+    usdValue?: number;
+    tokens?: TokenBalance[];
+}
+export interface TokenBalance {
+    symbol: string;
+    name: string;
+    balance: string;
+    balanceFormatted: string;
+    contractAddress: string;
+    decimals: number;
+    usdValue?: number;
+}
+export interface WalletTransaction {
+    hash: string;
+    from: string;
+    to: string;
+    value: string;
+    valueFormatted: string;
+    timestamp: number;
+    blockNumber: number;
+    isIncoming: boolean;
+    status: "success" | "failed" | "pending";
+    fee?: string;
+    tokenSymbol?: string;
+}
+/**
+ * Get wallet balance
+ */
+export declare function getWalletBalance(address: string, chain: Chain): Promise<WalletBalance>;
+/**
+ * Get wallet transactions
+ */
+export declare function getWalletTransactions(address: string, chain: Chain, limit?: number): Promise<WalletTransaction[]>;
+/**
+ * Get USD price for a currency (simple coingecko fetch)
+ */
+export declare function getUsdPrice(currency: string): Promise<number | null>;

package/dist/lib/blockchain.js

@@ -0,0 +1,287 @@
+/**
+ * Blockchain API Client
+ *
+ * Fetches balances and transactions from various blockchains.
+ * Uses public RPC endpoints and explorer APIs.
+ */
+import { CHAIN_CONFIG } from "./wallets";
+// Default public RPC endpoints (can be overridden via env vars)
+const DEFAULT_RPC = {
+    ethereum: "https://eth.llamarpc.com",
+    polygon: "https://polygon-rpc.com",
+    arbitrum: "https://arb1.arbitrum.io/rpc",
+    optimism: "https://mainnet.optimism.io",
+    base: "https://mainnet.base.org",
+    avalanche: "https://api.avax.network/ext/bc/C/rpc",
+    bsc: "https://bsc-dataseed.binance.org",
+    bitcoin: "", // Needs special handling
+    solana: "https://api.mainnet-beta.solana.com",
+    starknet: "https://starknet-mainnet.public.blastapi.io",
+};
+// Explorer APIs for transactions
+const EXPLORER_API = {
+    ethereum: "https://api.etherscan.io/api",
+    polygon: "https://api.polygonscan.com/api",
+    arbitrum: "https://api.arbiscan.io/api",
+    optimism: "https://api-optimistic.etherscan.io/api",
+    base: "https://api.basescan.org/api",
+    bsc: "https://api.bscscan.com/api",
+};
+/**
+ * Get RPC URL for a chain
+ */
+function getRpcUrl(chain) {
+    const envVar = CHAIN_CONFIG[chain]?.rpcEnvVar;
+    if (envVar && process.env[envVar]) {
+        return process.env[envVar];
+    }
+    return DEFAULT_RPC[chain] || "";
+}
+/**
+ * Get explorer API key (optional, for higher rate limits)
+ */
+function getExplorerApiKey(chain) {
+    const keyMap = {
+        ethereum: "ETHERSCAN_API_KEY",
+        polygon: "POLYGONSCAN_API_KEY",
+        arbitrum: "ARBISCAN_API_KEY",
+        bsc: "BSCSCAN_API_KEY",
+    };
+    const envVar = keyMap[chain];
+    return envVar ? process.env[envVar] : undefined;
+}
+/**
+ * Make JSON-RPC call
+ */
+async function rpcCall(chain, method, params) {
+    const url = getRpcUrl(chain);
+    if (!url) {
+        throw new Error(`No RPC URL configured for ${chain}`);
+    }
+    const response = await fetch(url, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({
+            jsonrpc: "2.0",
+            id: 1,
+            method,
+            params,
+        }),
+    });
+    const data = await response.json();
+    if (data.error) {
+        throw new Error(data.error.message || "RPC error");
+    }
+    return data.result;
+}
+/**
+ * Format wei to ETH (or equivalent)
+ */
+function formatWei(wei, decimals = 18) {
+    const weiNum = BigInt(wei);
+    const divisor = BigInt(10 ** decimals);
+    const whole = weiNum / divisor;
+    const fraction = weiNum % divisor;
+    const fractionStr = fraction.toString().padStart(decimals, "0").slice(0, 6);
+    return `${whole}.${fractionStr}`.replace(/\.?0+$/, "") || "0";
+}
+/**
+ * Get native balance for EVM chains
+ */
+async function getEvmBalance(address, chain) {
+    const result = await rpcCall(chain, "eth_getBalance", [address, "latest"]);
+    const config = CHAIN_CONFIG[chain];
+    return {
+        address,
+        chain,
+        nativeBalance: result,
+        nativeBalanceFormatted: formatWei(result),
+        nativeCurrency: config?.nativeCurrency || "ETH",
+    };
+}
+/**
+ * Get Solana balance
+ */
+async function getSolanaBalance(address) {
+    const url = getRpcUrl("solana");
+    const response = await fetch(url, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({
+            jsonrpc: "2.0",
+            id: 1,
+            method: "getBalance",
+            params: [address],
+        }),
+    });
+    const data = await response.json();
+    const lamports = data.result?.value || 0;
+    return {
+        address,
+        chain: "solana",
+        nativeBalance: lamports.toString(),
+        nativeBalanceFormatted: (lamports / 1e9).toFixed(4),
+        nativeCurrency: "SOL",
+    };
+}
+/**
+ * Get Bitcoin balance via public API
+ */
+async function getBitcoinBalance(address) {
+    // Using blockchain.info API
+    const response = await fetch(`https://blockchain.info/balance?active=${address}`);
+    const data = await response.json();
+    const satoshis = data[address]?.final_balance || 0;
+    return {
+        address,
+        chain: "bitcoin",
+        nativeBalance: satoshis.toString(),
+        nativeBalanceFormatted: (satoshis / 1e8).toFixed(8),
+        nativeCurrency: "BTC",
+    };
+}
+/**
+ * Get wallet balance
+ */
+export async function getWalletBalance(address, chain) {
+    switch (chain) {
+        case "bitcoin":
+            return getBitcoinBalance(address);
+        case "solana":
+            return getSolanaBalance(address);
+        default:
+            // All EVM chains
+            return getEvmBalance(address, chain);
+    }
+}
+/**
+ * Get EVM transactions via explorer API
+ */
+async function getEvmTransactions(address, chain, limit = 20) {
+    const apiUrl = EXPLORER_API[chain];
+    if (!apiUrl) {
+        return []; // No explorer API for this chain
+    }
+    const apiKey = getExplorerApiKey(chain);
+    const url = new URL(apiUrl);
+    url.searchParams.set("module", "account");
+    url.searchParams.set("action", "txlist");
+    url.searchParams.set("address", address);
+    url.searchParams.set("sort", "desc");
+    url.searchParams.set("page", "1");
+    url.searchParams.set("offset", limit.toString());
+    if (apiKey) {
+        url.searchParams.set("apikey", apiKey);
+    }
+    const response = await fetch(url.toString());
+    const data = await response.json();
+    if (data.status !== "1" || !Array.isArray(data.result)) {
+        return [];
+    }
+    const config = CHAIN_CONFIG[chain];
+    return data.result.map((tx) => ({
+        hash: tx.hash,
+        from: tx.from,
+        to: tx.to,
+        value: tx.value,
+        valueFormatted: `${formatWei(tx.value)} ${config?.nativeCurrency || "ETH"}`,
+        timestamp: parseInt(tx.timeStamp) * 1000,
+        blockNumber: parseInt(tx.blockNumber),
+        isIncoming: tx.to.toLowerCase() === address.toLowerCase(),
+        status: tx.isError === "0" ? "success" : "failed",
+        fee: formatWei((BigInt(tx.gasUsed) * BigInt(tx.gasPrice)).toString()),
+    }));
+}
+/**
+ * Get Solana transactions
+ */
+async function getSolanaTransactions(address, limit = 20) {
+    const url = getRpcUrl("solana");
+    // Get signatures
+    const sigResponse = await fetch(url, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({
+            jsonrpc: "2.0",
+            id: 1,
+            method: "getSignaturesForAddress",
+            params: [address, { limit }],
+        }),
+    });
+    const sigData = await sigResponse.json();
+    const signatures = sigData.result || [];
+    return signatures.map((sig) => ({
+        hash: sig.signature,
+        from: address,
+        to: "",
+        value: "0",
+        valueFormatted: "N/A",
+        timestamp: sig.blockTime ? sig.blockTime * 1000 : Date.now(),
+        blockNumber: sig.slot,
+        isIncoming: false,
+        status: sig.err ? "failed" : "success",
+    }));
+}
+/**
+ * Get Bitcoin transactions
+ */
+async function getBitcoinTransactions(address, limit = 20) {
+    const response = await fetch(`https://blockchain.info/rawaddr/${address}?limit=${limit}`);
+    const data = await response.json();
+    if (!data.txs)
+        return [];
+    return data.txs.map((tx) => {
+        const isIncoming = tx.out.some((o) => o.addr === address);
+        const value = tx.out
+            .filter((o) => (isIncoming ? o.addr === address : o.addr !== address))
+            .reduce((sum, o) => sum + o.value, 0);
+        return {
+            hash: tx.hash,
+            from: tx.inputs[0]?.prev_out?.addr || "coinbase",
+            to: tx.out[0]?.addr || "",
+            value: value.toString(),
+            valueFormatted: `${(value / 1e8).toFixed(8)} BTC`,
+            timestamp: tx.time * 1000,
+            blockNumber: tx.block_height || 0,
+            isIncoming,
+            status: "success",
+        };
+    });
+}
+/**
+ * Get wallet transactions
+ */
+export async function getWalletTransactions(address, chain, limit = 20) {
+    switch (chain) {
+        case "bitcoin":
+            return getBitcoinTransactions(address, limit);
+        case "solana":
+            return getSolanaTransactions(address, limit);
+        default:
+            return getEvmTransactions(address, chain, limit);
+    }
+}
+/**
+ * Get USD price for a currency (simple coingecko fetch)
+ */
+export async function getUsdPrice(currency) {
+    const coinIds = {
+        ETH: "ethereum",
+        BTC: "bitcoin",
+        SOL: "solana",
+        MATIC: "matic-network",
+        AVAX: "avalanche-2",
+        BNB: "binancecoin",
+    };
+    const coinId = coinIds[currency.toUpperCase()];
+    if (!coinId)
+        return null;
+    try {
+        const response = await fetch(`https://api.coingecko.com/api/v3/simple/price?ids=${coinId}&vs_currencies=usd`);
+        const data = await response.json();
+        return data[coinId]?.usd || null;
+    }
+    catch {
+        return null;
+    }
+}

package/dist/lib/cards.d.ts

@@ -0,0 +1,83 @@
+/**
+ * Payment Card Management
+ *
+ * Secure storage for payment cards with encryption at rest.
+ * Uses the same crypto system as mail-manager for consistency.
+ *
+ * Security model:
+ * - Card numbers stored encrypted (only last 4 digits visible in plaintext)
+ * - CVV encrypted with PIN-derived key (requires unlock to use)
+ * - Expiration dates encrypted
+ * - All sensitive operations require explicit confirmation
+ */
+export type CardType = "visa" | "mastercard" | "amex" | "discover" | "other";
+export type CardUsage = "flight" | "train" | "hotel" | "general" | "all";
+export interface PaymentCard {
+    id: string;
+    nickname: string;
+    cardType: CardType;
+    lastFourDigits: string;
+    cardNumber: string;
+    expirationDate: string;
+    cvv?: string;
+    cardholderName: string;
+    billingAddress?: {
+        street: string;
+        city: string;
+        postalCode: string;
+        country: string;
+    };
+    allowedUsage: CardUsage[];
+    enabled: boolean;
+    limits?: {
+        perTransaction?: number;
+        daily?: number;
+        monthly?: number;
+        currency: string;
+    };
+    addedAt: string;
+    lastUsedAt?: string;
+}
+export interface Transaction {
+    id: string;
+    cardId: string;
+    type: "flight" | "train" | "hotel" | "general";
+    amount: number;
+    currency: string;
+    description: string;
+    provider: string;
+    status: "pending" | "confirmed" | "completed" | "failed" | "refunded";
+    createdAt: string;
+    confirmedAt?: string;
+    completedAt?: string;
+    reference?: string;
+    details?: Record<string, unknown>;
+}
+/**
+ * Detect card type from number
+ */
+export declare function detectCardType(cardNumber: string): CardType;
+/**
+ * Validate card number using Luhn algorithm
+ */
+export declare function validateCardNumber(cardNumber: string): boolean;
+/**
+ * Validate expiration date
+ */
+export declare function validateExpiration(expiration: string): boolean;
+export declare function getCards(): Promise<PaymentCard[]>;
+export declare function getCard(id: string): Promise<PaymentCard | null>;
+/**
+ * Get cards without sensitive data (for listing)
+ */
+export declare function getCardsSafe(): Promise<Omit<PaymentCard, "cardNumber" | "expirationDate" | "cvv">[]>;
+/**
+ * Get decrypted CVV for a card (requires PIN unlock)
+ */
+export declare function getCardCvv(cardId: string): Promise<string | null>;
+export declare function addCard(card: PaymentCard): Promise<void>;
+export declare function removeCard(id: string): Promise<boolean>;
+export declare function updateCardUsage(id: string): Promise<void>;
+export declare function getTransactions(limit?: number): Promise<Transaction[]>;
+export declare function logTransaction(tx: Transaction): Promise<void>;
+export declare function updateTransaction(id: string, updates: Partial<Transaction>): Promise<void>;

package/dist/lib/cards.js

@@ -0,0 +1,276 @@
+/**
+ * Payment Card Management
+ *
+ * Secure storage for payment cards with encryption at rest.
+ * Uses the same crypto system as mail-manager for consistency.
+ *
+ * Security model:
+ * - Card numbers stored encrypted (only last 4 digits visible in plaintext)
+ * - CVV encrypted with PIN-derived key (requires unlock to use)
+ * - Expiration dates encrypted
+ * - All sensitive operations require explicit confirmation
+ */
+import { existsSync, readFileSync, writeFileSync, mkdirSync } from "fs";
+import { homedir } from "os";
+import { join } from "path";
+import { encrypt, decrypt, isEncrypted } from "./crypto";
+import { decryptCvv } from "./cvv-crypto";
+import { isUnlocked } from "./pin-manager";
+// Fields that must be encrypted with system key
+const SENSITIVE_FIELDS = ["cardNumber", "expirationDate"];
+const CONFIG_DIR = join(homedir(), ".mcp-ecosystem");
+const CARDS_FILE = join(CONFIG_DIR, "payment-cards.json");
+const TRANSACTIONS_FILE = join(CONFIG_DIR, "payment-transactions.json");
+/**
+ * Detect card type from number
+ */
+export function detectCardType(cardNumber) {
+    const cleaned = cardNumber.replace(/\D/g, "");
+    if (/^4/.test(cleaned))
+        return "visa";
+    if (/^5[1-5]/.test(cleaned) || /^2[2-7]/.test(cleaned))
+        return "mastercard";
+    if (/^3[47]/.test(cleaned))
+        return "amex";
+    if (/^6(?:011|5)/.test(cleaned))
+        return "discover";
+    return "other";
+}
+/**
+ * Validate card number using Luhn algorithm
+ */
+export function validateCardNumber(cardNumber) {
+    const cleaned = cardNumber.replace(/\D/g, "");
+    if (cleaned.length < 13 || cleaned.length > 19)
+        return false;
+    let sum = 0;
+    let isEven = false;
+    for (let i = cleaned.length - 1; i >= 0; i--) {
+        let digit = parseInt(cleaned[i], 10);
+        if (isEven) {
+            digit *= 2;
+            if (digit > 9)
+                digit -= 9;
+        }
+        sum += digit;
+        isEven = !isEven;
+    }
+    return sum % 10 === 0;
+}
+/**
+ * Validate expiration date
+ */
+export function validateExpiration(expiration) {
+    const match = expiration.match(/^(\d{2})\/(\d{2})$/);
+    if (!match)
+        return false;
+    const month = parseInt(match[1], 10);
+    const year = parseInt(match[2], 10) + 2000;
+    if (month < 1 || month > 12)
+        return false;
+    const now = new Date();
+    const expDate = new Date(year, month, 0); // Last day of expiration month
+    return expDate > now;
+}
+function ensureConfigDir() {
+    if (!existsSync(CONFIG_DIR)) {
+        mkdirSync(CONFIG_DIR, { recursive: true });
+    }
+}
+/**
+ * Decrypt sensitive fields in a card
+ */
+async function decryptCard(card) {
+    const decrypted = { ...card };
+    for (const field of SENSITIVE_FIELDS) {
+        const value = decrypted[field];
+        if (value && typeof value === "string" && isEncrypted(value)) {
+            try {
+                decrypted[field] = await decrypt(value);
+            }
+            catch (err) {
+                console.error(`[cards] Failed to decrypt ${field} for card ${card.nickname}`);
+            }
+        }
+    }
+    return decrypted;
+}
+/**
+ * Encrypt sensitive fields in a card
+ */
+async function encryptCard(card) {
+    const encrypted = { ...card };
+    for (const field of SENSITIVE_FIELDS) {
+        const value = encrypted[field];
+        if (value && typeof value === "string" && !isEncrypted(value)) {
+            encrypted[field] = await encrypt(value);
+        }
+    }
+    return encrypted;
+}
+// ============================================================================
+// Card CRUD
+// ============================================================================
+export async function getCards() {
+    ensureConfigDir();
+    if (!existsSync(CARDS_FILE)) {
+        return [];
+    }
+    try {
+        const data = readFileSync(CARDS_FILE, "utf-8");
+        const cards = JSON.parse(data);
+        return Promise.all(cards.map(decryptCard));
+    }
+    catch {
+        return [];
+    }
+}
+export async function getCard(id) {
+    const cards = await getCards();
+    return cards.find((c) => c.id === id) ?? null;
+}
+/**
+ * Get cards without sensitive data (for listing)
+ */
+export async function getCardsSafe() {
+    const cards = await getCards();
+    return cards.map(({ cardNumber, expirationDate, cvv, ...safe }) => safe);
+}
+/**
+ * Get decrypted CVV for a card (requires PIN unlock)
+ */
+export async function getCardCvv(cardId) {
+    if (!isUnlocked()) {
+        return null; // Must be unlocked
+    }
+    // Read raw card to get encrypted CVV
+    if (!existsSync(CARDS_FILE)) {
+        return null;
+    }
+    try {
+        const rawCards = JSON.parse(readFileSync(CARDS_FILE, "utf-8"));
+        const card = rawCards.find((c) => c.id === cardId);
+        if (!card?.cvv) {
+            return null;
+        }
+        return decryptCvv(card.cvv);
+    }
+    catch {
+        return null;
+    }
+}
+export async function addCard(card) {
+    ensureConfigDir();
+    // Validate card
+    if (!validateCardNumber(card.cardNumber)) {
+        throw new Error("Invalid card number");
+    }
+    if (!validateExpiration(card.expirationDate)) {
+        throw new Error("Card is expired or invalid expiration date");
+    }
+    // Set derived fields
+    card.cardType = detectCardType(card.cardNumber);
+    card.lastFourDigits = card.cardNumber.replace(/\D/g, "").slice(-4);
+    card.addedAt = new Date().toISOString();
+    // Load existing (raw/encrypted)
+    let rawCards = [];
+    if (existsSync(CARDS_FILE)) {
+        try {
+            rawCards = JSON.parse(readFileSync(CARDS_FILE, "utf-8"));
+        }
+        catch {
+            rawCards = [];
+        }
+    }
+    // Encrypt and save
+    const encryptedCard = await encryptCard(card);
+    const existingIndex = rawCards.findIndex((c) => c.id === card.id);
+    if (existingIndex >= 0) {
+        rawCards[existingIndex] = encryptedCard;
+    }
+    else {
+        rawCards.push(encryptedCard);
+    }
+    writeFileSync(CARDS_FILE, JSON.stringify(rawCards, null, 2), { mode: 0o600 });
+    console.error(`[cards] Saved card ${card.nickname} (****${card.lastFourDigits}) - encrypted`);
+}
+export async function removeCard(id) {
+    if (!existsSync(CARDS_FILE)) {
+        return false;
+    }
+    let rawCards = [];
+    try {
+        rawCards = JSON.parse(readFileSync(CARDS_FILE, "utf-8"));
+    }
+    catch {
+        return false;
+    }
+    const filtered = rawCards.filter((c) => c.id !== id);
+    if (filtered.length === rawCards.length) {
+        return false;
+    }
+    writeFileSync(CARDS_FILE, JSON.stringify(filtered, null, 2), { mode: 0o600 });
+    console.error(`[cards] Removed card ${id}`);
+    return true;
+}
+export async function updateCardUsage(id) {
+    const cards = await getCards();
+    const card = cards.find((c) => c.id === id);
+    if (card) {
+        card.lastUsedAt = new Date().toISOString();
+        // Re-encrypt and save all
+        const encrypted = await Promise.all(cards.map(encryptCard));
+        writeFileSync(CARDS_FILE, JSON.stringify(encrypted, null, 2), { mode: 0o600 });
+    }
+}
+// ============================================================================
+// Transaction Log
+// ============================================================================
+export async function getTransactions(limit = 50) {
+    ensureConfigDir();
+    if (!existsSync(TRANSACTIONS_FILE)) {
+        return [];
+    }
+    try {
+        const data = readFileSync(TRANSACTIONS_FILE, "utf-8");
+        const transactions = JSON.parse(data);
+        return transactions.slice(-limit);
+    }
+    catch {
+        return [];
+    }
+}
+export async function logTransaction(tx) {
+    ensureConfigDir();
+    let transactions = [];
+    if (existsSync(TRANSACTIONS_FILE)) {
+        try {
+            transactions = JSON.parse(readFileSync(TRANSACTIONS_FILE, "utf-8"));
+        }
+        catch {
+            transactions = [];
+        }
+    }
+    transactions.push(tx);
+    // Keep last 1000 transactions
+    if (transactions.length > 1000) {
+        transactions = transactions.slice(-1000);
+    }
+    writeFileSync(TRANSACTIONS_FILE, JSON.stringify(transactions, null, 2), { mode: 0o600 });
+}
+export async function updateTransaction(id, updates) {
+    if (!existsSync(TRANSACTIONS_FILE))
+        return;
+    let transactions = [];
+    try {
+        transactions = JSON.parse(readFileSync(TRANSACTIONS_FILE, "utf-8"));
+    }
+    catch {
+        return;
+    }
+    const idx = transactions.findIndex((t) => t.id === id);
+    if (idx >= 0) {
+        transactions[idx] = { ...transactions[idx], ...updates };
+        writeFileSync(TRANSACTIONS_FILE, JSON.stringify(transactions, null, 2), { mode: 0o600 });
+    }
+}