gnoman 0.1.0

package/gnoman2.0/backend/controllers/walletController.ts

@@ -0,0 +1,151 @@
+import asyncHandler from 'express-async-handler';
+import type { Request, Response } from 'express';
+import * as walletService from '../services/walletService';
+import {
+  cancelVanityJob,
+  getVanityJob,
+  listVanityJobs,
+  startVanityJob
+} from '../services/vanityService';
+import { getSecureSetting, setSecureSetting } from '../services/secureSettingsService';
+
+export const listWallets = asyncHandler(async (_req: Request, res: Response) => {
+  const wallets = await walletService.listWalletMetadata();
+  res.json(wallets);
+});
+
+export const getWalletDetails = asyncHandler(async (req: Request, res: Response) => {
+  const wallet = await walletService.getWalletDetails(req.params.address);
+  res.json(wallet);
+});
+
+export const generateWallet = asyncHandler(async (req: Request, res: Response) => {
+  const { alias, password, hidden } = req.body as { alias?: string; password?: string; hidden?: boolean };
+  const wallet = await walletService.createRandomWallet({ alias, password, hidden: Boolean(hidden) });
+  res.json(wallet);
+});
+
+export const importMnemonic = asyncHandler(async (req: Request, res: Response) => {
+  const { mnemonic, alias, password, path, derivationPath, hidden } = req.body as {
+    mnemonic: string;
+    alias?: string;
+    password?: string;
+    path?: string;
+    derivationPath?: string;
+    hidden?: boolean;
+  };
+  const wallet = await walletService.importWalletFromMnemonic({
+    mnemonic,
+    alias,
+    password,
+    derivationPath: derivationPath ?? path,
+    hidden: Boolean(hidden)
+  });
+  res.json(wallet);
+});
+
+export const importPrivateKey = asyncHandler(async (req: Request, res: Response) => {
+  const { privateKey, alias, password, hidden } = req.body as {
+    privateKey: string;
+    alias?: string;
+    password?: string;
+    hidden?: boolean;
+  };
+  const wallet = await walletService.importWalletFromPrivateKey({
+    privateKey,
+    alias,
+    password,
+    hidden: Boolean(hidden)
+  });
+  res.json(wallet);
+});
+
+export const generateVanity = asyncHandler(async (req: Request, res: Response) => {
+  const { prefix, suffix, regex, derivationPath, maxAttempts, label, progressInterval } = req.body as {
+    prefix?: string;
+    suffix?: string;
+    regex?: string;
+    derivationPath?: string;
+    maxAttempts?: number;
+    label?: string;
+    progressInterval?: number;
+  };
+  const job = startVanityJob({ prefix, suffix, regex, derivationPath, maxAttempts, label, progressInterval });
+  res.status(202).json(job);
+});
+
+export const pollVanity = asyncHandler(async (req: Request, res: Response) => {
+  const job = getVanityJob(req.params.id);
+  if (!job) {
+    res.status(404).json({ message: 'Vanity job not found' });
+    return;
+  }
+  res.json(job);
+});
+
+export const cancelVanity = asyncHandler(async (req: Request, res: Response) => {
+  const job = cancelVanityJob(req.params.id);
+  if (!job) {
+    res.status(404).json({ message: 'Vanity job not found' });
+    return;
+  }
+  res.json(job);
+});
+
+export const listVanityJobsHandler = asyncHandler(async (_req: Request, res: Response) => {
+  res.json(listVanityJobs());
+});
+
+export const exportWalletHandler = asyncHandler(async (req: Request, res: Response) => {
+  const { password } = req.body as { password: string };
+  const { address } = req.params;
+  const exported = await walletService.exportWallet(address, password);
+  res.json(exported);
+});
+
+export const sendWalletTransaction = asyncHandler(async (req: Request, res: Response) => {
+  const { address } = req.params;
+  const { password, to, value, data } = req.body as {
+    password: string;
+    to: string;
+    value?: string;
+    data?: string;
+  };
+  const result = await walletService.sendWalletTransaction({ address, password, to, value, data });
+  res.json(result);
+});
+
+export const removeWallet = asyncHandler(async (req: Request, res: Response) => {
+  const { address } = req.params;
+  const result = await walletService.removeWallet(address);
+  res.json(result);
+});
+
+interface HoldSettingsPayload {
+  enabled: boolean;
+  holdHours?: number;
+}
+
+const HOLD_KEY = 'SAFE_TX_HOLD_ENABLED';
+
+export const getTransactionHoldSettings = asyncHandler(async (_req: Request, res: Response) => {
+  const settings = await getSecureSetting(HOLD_KEY, { enabled: true, holdHours: 24 });
+  res.json(settings);
+});
+
+export const updateTransactionHoldSettings = asyncHandler(async (req: Request, res: Response) => {
+  const { enabled, holdHours = 24 } = req.body as HoldSettingsPayload;
+  if (typeof enabled !== 'boolean') {
+    res.status(400).json({ message: 'enabled must be a boolean' });
+    return;
+  }
+  const numericHours = Number(holdHours);
+  if (!Number.isFinite(numericHours)) {
+    res.status(400).json({ message: 'holdHours must be a number' });
+    return;
+  }
+  const normalizedHours = Math.max(1, Math.min(Math.round(numericHours), 24 * 14));
+  const payload = { enabled, holdHours: normalizedHours };
+  await setSecureSetting(HOLD_KEY, payload);
+  res.json(payload);
+});

package/gnoman2.0/backend/index.ts

@@ -0,0 +1,133 @@
+import express from 'express';
+import cors from 'cors';
+import walletRouter from './routes/walletRoutes';
+import safeRouter from './routes/safeRoutes';
+import sandboxRouter from './routes/sandboxRoutes';
+import licenseRouter from './routes/licenseRoutes';
+import settingsRouter from './routes/settingsRoutes';
+import keyringRouter from './routes/keyringRoutes';
+import contractRouter from './routes/contractRoutes';
+import historyRouter from './routes/historyRoutes';
+import robinhoodRouter from './routes/robinhoodRoutes';
+import etherscanRouter from './routes/etherscanRoutes';
+import runtimeRouter from './routes/runtimeRoutes';
+import devToolsRouter from './routes/devToolsRoutes';
+import { secretsResolver } from './utils/secretsResolver';
+import { runtimeTelemetry } from './services/runtimeTelemetryService';
+
+const app = express();
+const port = process.env.PORT ?? 4399;
+
+const logBootEnvironment = () => {
+  const etherscanEnabledFlag = process.env.ETHERSCAN_ENABLED !== 'false';
+  const etherscanKeyPresent = Boolean(process.env.ETHERSCAN_API_KEY?.trim());
+  const chainId = Number.parseInt(process.env.ETHERSCAN_CHAIN_ID ?? '1', 10);
+  const etherscanReason = !etherscanEnabledFlag
+    ? 'disabled_flag'
+    : !etherscanKeyPresent
+      ? 'missing_key'
+      : !Number.isFinite(chainId) || chainId <= 0
+        ? 'unsupported_chain'
+        : 'ok';
+
+  const robinhoodEnabled = process.env.ENABLE_ROBINHOOD_CRYPTO === 'true';
+  const robinhoodCredsPresent = Boolean(
+    process.env.ROBINHOOD_CRYPTO_API_KEY?.trim() && process.env.ROBINHOOD_CRYPTO_PRIVATE_KEY?.trim()
+  );
+  const robinhoodReason = !robinhoodEnabled ? 'disabled' : robinhoodCredsPresent ? 'ok' : 'missing_creds';
+
+  console.info(
+    JSON.stringify({
+      event: 'PROCESS_ENV_SNAPSHOT',
+      uid: typeof process.getuid === 'function' ? process.getuid() : null,
+      gid: typeof process.getgid === 'function' ? process.getgid() : null,
+      cwd: process.cwd(),
+      env: {
+        SAFE_CONFIG_PATH: Boolean(process.env.SAFE_CONFIG_PATH),
+        ETHERSCAN_API_KEY: etherscanKeyPresent,
+        ETHERSCAN_ENABLED: process.env.ETHERSCAN_ENABLED ?? '(unset)',
+        ROBINHOOD_CRYPTO_API_KEY: Boolean(process.env.ROBINHOOD_CRYPTO_API_KEY),
+        ROBINHOOD_CRYPTO_PRIVATE_KEY: Boolean(process.env.ROBINHOOD_CRYPTO_PRIVATE_KEY),
+        ENABLE_ROBINHOOD_CRYPTO: process.env.ENABLE_ROBINHOOD_CRYPTO ?? '(unset)'
+      }
+    })
+  );
+  console.info(JSON.stringify({ event: `ETHERSCAN: enabled=${etherscanReason === 'ok'} (reason=${etherscanReason})` }));
+  console.info(JSON.stringify({ event: `ROBINHOOD: enabled=${robinhoodReason === 'ok'} (reason=${robinhoodReason})` }));
+  runtimeTelemetry.setRobinhoodEnabled(robinhoodEnabled);
+};
+
+app.use(cors());
+app.use(express.json());
+
+app.get('/', (_req, res) => {
+  res.json({
+    service: 'GNOMAN 2.0 API',
+    status: 'ok',
+    health: '/api/health'
+  });
+});
+
+void auditSecretsAtBoot([
+  { key: 'GNOMAN_RPC_URL', required: false },
+  { key: 'RPC_URL', required: false },
+  { key: 'ETHERSCAN_API_KEY', required: false },
+  { key: 'ROBINHOOD_CRYPTO_API_KEY', required: false },
+  { key: 'ROBINHOOD_CRYPTO_PRIVATE_KEY', required: false },
+  { key: 'DISCORD_WEBHOOK_URL', required: false }
+]);
+
+app.get('/api/health', (_req, res) => {
+  res.json({ status: 'ok', timestamp: new Date().toISOString() });
+});
+
+app.use('/api/wallets', walletRouter);
+app.use('/api/safes', safeRouter);
+app.use('/api/sandbox', sandboxRouter);
+app.use('/api/license', licenseRouter);
+app.use('/api/settings', settingsRouter);
+app.use('/api/keyring', keyringRouter);
+app.use('/api/contracts', contractRouter);
+app.use('/api/history', historyRouter);
+app.use('/api/brokers/robinhood', robinhoodRouter);
+app.use('/api/etherscan', etherscanRouter);
+app.use('/api/runtime', runtimeRouter);
+app.use('/api/dev-tools', devToolsRouter);
+
+app.use((err: Error, _req: express.Request, res: express.Response, _next: express.NextFunction) => {
+  console.error('Unhandled backend error:', err);
+  res.status(500).json({ message: err.message });
+});
+
+if (require.main === module) {
+  logBootEnvironment();
+  void secretsResolver.initialize().then(async () => {
+    await Promise.all([
+      secretsResolver.resolve('GNOMAN_RPC_URL', { required: false, failClosed: false }),
+      secretsResolver.resolve('ETHERSCAN_API_KEY', { required: false, failClosed: false }),
+      secretsResolver.resolve('ROBINHOOD_CRYPTO_API_KEY', { required: false, failClosed: false })
+    ]);
+    secretsResolver.logBootSummary(['GNOMAN_RPC_URL', 'ETHERSCAN_API_KEY', 'ROBINHOOD_CRYPTO_API_KEY']);
+    logBootEnvironment();
+  });
+  app.listen(port, () => {
+    console.log(`GNOMAN 2.0 API listening on port ${port}`);
+  });
+}
+
+export default app;
+
+async function auditSecretsAtBoot(items: { key: string; required: boolean }[]) {
+  const results = await Promise.all(
+    items.map(async (item) => {
+      const resolved = await secretsResolver.resolve(item.key, { required: item.required, failClosed: false });
+      return {
+        key: item.key,
+        required: item.required,
+        present: Boolean(resolved)
+      };
+    })
+  );
+
+  console.info(JSON.stringify({ event: 'BOOT_SECRET_AUDIT', results }));
+}

package/gnoman2.0/backend/licenses/license_public.pem

@@ -0,0 +1,3 @@
+-----BEGIN PUBLIC KEY-----
+MCowBQYDK2VwAyEAk116c/9I86qNne20ndOj7nAwrfLWCogjy8fGJcKmJKc=
+-----END PUBLIC KEY-----

package/gnoman2.0/backend/licenses/verify_license.py

@@ -0,0 +1,43 @@
+import base64
+import time
+from pathlib import Path
+from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PublicKey
+from cryptography.hazmat.primitives import serialization
+
+
+def b64u_decode(value):
+    pad = "=" * ((4 - len(value) % 4) % 4)
+    return base64.urlsafe_b64decode(value + pad)
+
+
+REPO_ROOT = Path(__file__).resolve().parents[2]
+
+
+def resolve_repo_path(path):
+    candidate = Path(path)
+    if not candidate.is_absolute():
+        candidate = REPO_ROOT / candidate
+    return candidate
+
+
+def verify_token(pub_path, token, expected_product=None, expected_version=None):
+    try:
+        payload_b64, sig_b64 = token.split(".")
+        payload = b64u_decode(payload_b64)
+        sig = b64u_decode(sig_b64)
+        pub_file = resolve_repo_path(pub_path)
+        with pub_file.open("rb") as handle:
+            pub = serialization.load_pem_public_key(handle.read())
+        if not isinstance(pub, Ed25519PublicKey):
+            raise TypeError("Expected an Ed25519 public key")
+        pub.verify(sig, payload)
+        identifier, product, version, expiry = payload.decode().split("|")
+        if expected_product and product != expected_product:
+            return False
+        if expected_version and version != expected_version:
+            return False
+        if int(expiry) < time.time():
+            return False
+        return True
+    except Exception:
+        return False

package/gnoman2.0/backend/routes/contractRoutes.ts

@@ -0,0 +1,11 @@
+import { Router } from 'express';
+import * as contractController from '../controllers/contractController';
+
+const router = Router();
+
+router.get('/', contractController.listContractsHandler);
+router.post('/', contractController.addContractHandler);
+router.post('/abi/resolve', contractController.resolveContractAbiHandler);
+router.delete('/:id', contractController.removeContractHandler);
+
+export default router;

package/gnoman2.0/backend/routes/devToolsRoutes.ts

@@ -0,0 +1,11 @@
+import { Router } from 'express';
+import * as devToolsController from '../controllers/devToolsController';
+
+const router = Router();
+
+router.post('/discover', devToolsController.discoverContractHandler);
+router.post('/gas/estimate', devToolsController.estimateGasHandler);
+router.post('/scanner/scan', devToolsController.scanContractHandler);
+router.post('/decoder/decode', devToolsController.decodeHandler);
+
+export default router;

package/gnoman2.0/backend/routes/etherscanRoutes.ts

@@ -0,0 +1,11 @@
+import { Router } from 'express';
+import * as etherscanController from '../controllers/etherscanController';
+
+const router = Router();
+
+router.post('/abi/resolve', etherscanController.resolveContractAbi);
+router.get('/abi/:address/file', etherscanController.resolveContractAbiFile);
+router.get('/tx/:address', etherscanController.getAddressTxHistory);
+router.get('/gas', etherscanController.getCurrentGasOracle);
+
+export default router;

package/gnoman2.0/backend/routes/historyRoutes.ts

@@ -0,0 +1,8 @@
+import { Router } from 'express';
+import * as historyController from '../controllers/historyController';
+
+const router = Router();
+
+router.get('/', historyController.listHistory);
+
+export default router;

package/gnoman2.0/backend/routes/keyringRoutes.ts

@@ -0,0 +1,25 @@
+import { Router } from 'express';
+import {
+  deleteSecret,
+  getBackend,
+  getSecret,
+  listSecrets,
+  setSecret,
+  switchBackend
+} from '../controllers/keyringController';
+
+const router = Router();
+
+router.get('/', listSecrets);
+router.get('/list', listSecrets);
+router.get('/backend', getBackend);
+router.post('/backend/:name', switchBackend);
+router.post('/switch', switchBackend);
+router.post('/get', getSecret);
+router.post('/set', setSecret);
+router.delete('/remove', deleteSecret);
+router.get('/:key', getSecret);
+router.post('/:key', setSecret);
+router.delete('/:key', deleteSecret);
+
+export default router;

package/gnoman2.0/backend/routes/licenseRoutes.ts

@@ -0,0 +1,35 @@
+import express from 'express';
+import asyncHandler from 'express-async-handler';
+import { licenseService } from '../services/licenseService';
+
+const router = express.Router();
+
+router.get(
+  '/',
+  asyncHandler(async (_req, res) => {
+    const status = licenseService.getStatus();
+    res.json(status);
+  })
+);
+
+router.post(
+  '/',
+  asyncHandler(async (req, res) => {
+    const { token } = req.body as { token?: string };
+
+    if (!token) {
+      res.status(400).json({ message: 'A license token is required.' });
+      return;
+    }
+
+    try {
+      const status = licenseService.applyLicense(token);
+      res.status(201).json(status);
+    } catch (error) {
+      const message = error instanceof Error ? error.message : 'Unable to apply license token.';
+      res.status(400).json({ message });
+    }
+  })
+);
+
+export default router;

package/gnoman2.0/backend/routes/robinhoodRoutes.ts

@@ -0,0 +1,22 @@
+import { Router } from 'express';
+import {
+  cancelCryptoOrder,
+  getCryptoAccounts,
+  getCryptoCredentialsStatus,
+  getCryptoMarketData,
+  getCryptoOrderStatus,
+  placeCryptoCashOrder,
+  setCryptoCredentials
+} from '../controllers/robinhoodController';
+
+const router = Router();
+
+router.get('/crypto/credentials', getCryptoCredentialsStatus);
+router.post('/crypto/credentials', setCryptoCredentials);
+router.get('/crypto/accounts', getCryptoAccounts);
+router.get('/crypto/market-data', getCryptoMarketData);
+router.post('/crypto/orders', placeCryptoCashOrder);
+router.get('/crypto/orders/:orderId', getCryptoOrderStatus);
+router.post('/crypto/orders/:orderId/cancel', cancelCryptoOrder);
+
+export default router;

package/gnoman2.0/backend/routes/runtimeRoutes.ts

@@ -0,0 +1,29 @@
+import { Router } from 'express';
+import { runtimeTelemetry } from '../services/runtimeTelemetryService';
+import { safeConfigRepository } from '../services/safeConfigRepository';
+import { secretsResolver } from '../utils/secretsResolver';
+
+const router = Router();
+
+router.get('/telemetry', (_req, res) => {
+  res.json(runtimeTelemetry.getSnapshot());
+});
+
+router.get('/capabilities', (_req, res) => {
+  const safeEnabled = true;
+  const etherscanEnabled = process.env.ETHERSCAN_ENABLED !== 'false' && Boolean(process.env.ETHERSCAN_API_KEY?.trim());
+  const robinhoodEnabled = process.env.ENABLE_ROBINHOOD_CRYPTO === 'true' && Boolean(process.env.ROBINHOOD_CRYPTO_API_KEY?.trim()) && Boolean(process.env.ROBINHOOD_CRYPTO_PRIVATE_KEY?.trim());
+  res.json({
+    safe: { enabled: safeEnabled, reason: safeEnabled ? 'ok' : 'disabled' },
+    etherscan: {
+      enabled: etherscanEnabled,
+      reason: process.env.ETHERSCAN_ENABLED === 'false' ? 'disabled_flag' : process.env.ETHERSCAN_API_KEY?.trim() ? 'ok' : 'missing_key'
+    },
+    robinhood: {
+      enabled: robinhoodEnabled,
+      reason: process.env.ENABLE_ROBINHOOD_CRYPTO !== 'true' ? 'disabled' : robinhoodEnabled ? 'ok' : 'missing_creds'
+    }
+  });
+});
+
+export default router;

package/gnoman2.0/backend/routes/safeRoutes.ts

@@ -0,0 +1,28 @@
+import { Router } from 'express';
+import * as safeController from '../controllers/safeController';
+
+const router = Router();
+
+router.post('/load', safeController.loadSafe);
+router.get('/policies', safeController.listHoldPolicies);
+router.get('/:address/details', safeController.getSafeDetails);
+router.post('/:address/sync', safeController.syncSafeState);
+router.get('/:address/hold', safeController.getHoldPolicy);
+router.get('/:address/owners', safeController.listOwners);
+router.post('/:address/owners', safeController.addOwner);
+router.delete('/:address/owners/:ownerAddress', safeController.removeOwner);
+router.post('/:address/threshold', safeController.changeThreshold);
+router.post('/:address/modules', safeController.enableModule);
+router.delete('/:address/modules/:moduleAddress', safeController.disableModule);
+router.post('/:address/delegates', safeController.addDelegate);
+router.delete('/:address/delegates/:delegateAddress', safeController.removeDelegate);
+router.post('/:address/fallback', safeController.updateFallbackHandler);
+router.post('/:address/guard', safeController.updateGuard);
+router.post('/:address/transactions', safeController.proposeTransaction);
+router.post('/:address/transactions/:txHash/execute', safeController.executeTransaction);
+router.post('/:address/transactions/:txHash/release', safeController.releaseTransactionHold);
+router.post('/:address/hold/toggle', safeController.toggleHold);
+router.post('/:address/hold', safeController.toggleHold);
+router.get('/:address/transactions/held', safeController.listHeldTransactions);
+
+export default router;

package/gnoman2.0/backend/routes/sandboxRoutes.ts

@@ -0,0 +1,17 @@
+import { Router } from 'express';
+import * as sandboxController from '../controllers/sandboxController';
+
+const router = Router();
+
+router.post('/call-static', sandboxController.callStaticSimulation);
+router.post('/contract/simulate', sandboxController.contractSimulation);
+router.post('/contract/safe', sandboxController.safeSimulation);
+router.post('/contract/abi', sandboxController.loadAbiHandler);
+router.get('/contract/abis', sandboxController.listAbisHandler);
+router.get('/contract/history', sandboxController.historyHandler);
+router.delete('/contract/history', sandboxController.clearHistoryHandler);
+router.post('/fork/start', sandboxController.startForkHandler);
+router.post('/fork/stop', sandboxController.stopForkHandler);
+router.get('/fork/status', sandboxController.forkStatusHandler);
+
+export default router;

package/gnoman2.0/backend/routes/settingsRoutes.ts

@@ -0,0 +1,14 @@
+import { Router } from 'express';
+import {
+  getTransactionHoldSettings,
+  updateTransactionHoldSettings,
+  getRuntimeObservability
+} from '../controllers/settingsController';
+
+const router = Router();
+
+router.get('/transaction-hold', getTransactionHoldSettings);
+router.post('/transaction-hold', updateTransactionHoldSettings);
+router.get('/runtime-observability', getRuntimeObservability);
+
+export default router;

package/gnoman2.0/backend/routes/walletRoutes.ts

@@ -0,0 +1,21 @@
+import { Router } from 'express';
+import * as walletController from '../controllers/walletController';
+
+const router = Router();
+
+router.get('/', walletController.listWallets);
+router.post('/generate', walletController.generateWallet);
+router.post('/import/mnemonic', walletController.importMnemonic);
+router.post('/import/private-key', walletController.importPrivateKey);
+router.post('/vanity', walletController.generateVanity);
+router.get('/vanity', walletController.listVanityJobsHandler);
+router.get('/vanity/:id', walletController.pollVanity);
+router.delete('/vanity/:id', walletController.cancelVanity);
+router.get('/settings/hold', walletController.getTransactionHoldSettings);
+router.post('/settings/hold', walletController.updateTransactionHoldSettings);
+router.get('/:address/details', walletController.getWalletDetails);
+router.post('/:address/export', walletController.exportWalletHandler);
+router.post('/:address/transactions', walletController.sendWalletTransaction);
+router.delete('/:address', walletController.removeWallet);
+
+export default router;

package/gnoman2.0/backend/services/chainlinkService.ts

@@ -0,0 +1,65 @@
+import { Contract, JsonRpcProvider, isAddress } from 'ethers';
+
+const AGGREGATOR_V3_ABI = [
+  'function latestRoundData() view returns (uint80 roundId, int256 answer, uint256 startedAt, uint256 updatedAt, uint80 answeredInRound)',
+  'function decimals() view returns (uint8)'
+];
+
+export type ChainlinkPrice = {
+  roundId: bigint;
+  answer: bigint;
+  startedAt: bigint;
+  updatedAt: bigint;
+  answeredInRound: bigint;
+  decimals: number;
+};
+
+const requireRpcUrl = () => {
+  const rpc = process.env.RPC_URL?.trim() || process.env.GNOMAN_RPC_URL?.trim() || process.env.SAFE_RPC_URL?.trim();
+  if (!rpc) {
+    throw new Error('RPC_URL (or GNOMAN_RPC_URL / SAFE_RPC_URL) is required for Chainlink reads.');
+  }
+  return rpc;
+};
+
+const requireAddress = (label: string, value?: string | null) => {
+  if (!value?.trim()) {
+    throw new Error(`${label} is required.`);
+  }
+  if (!isAddress(value)) {
+    throw new Error(`${label} is not a valid Ethereum address: ${value}`);
+  }
+  return value;
+};
+
+export const getLatestPriceFeedData = async (feedAddressInput: string): Promise<ChainlinkPrice> => {
+  const feedAddress = requireAddress('feedAddress', feedAddressInput);
+  const provider = new JsonRpcProvider(requireRpcUrl());
+  const contract = new Contract(feedAddress, AGGREGATOR_V3_ABI, provider);
+  const [roundId, answer, startedAt, updatedAt, answeredInRound] = await contract.latestRoundData();
+  const decimals = Number(await contract.decimals());
+  return { roundId, answer, startedAt, updatedAt, answeredInRound, decimals };
+};
+
+export type ChainlinkRuntimeConfig = {
+  nodeUrl: string;
+  jobId: string;
+  operatorAddress: string;
+  linkToken: string;
+};
+
+export const getChainlinkRuntimeConfig = (): ChainlinkRuntimeConfig => {
+  const nodeUrl = process.env.CHAINLINK_NODE_URL?.trim();
+  const jobId = process.env.CHAINLINK_JOB_ID?.trim();
+  const operatorAddress = requireAddress('CHAINLINK_OPERATOR_ADDRESS', process.env.CHAINLINK_OPERATOR_ADDRESS ?? null);
+  const linkToken = requireAddress('CHAINLINK_LINK_TOKEN', process.env.CHAINLINK_LINK_TOKEN ?? null);
+
+  if (!nodeUrl) {
+    throw new Error('CHAINLINK_NODE_URL is required.');
+  }
+  if (!jobId) {
+    throw new Error('CHAINLINK_JOB_ID is required.');
+  }
+
+  return { nodeUrl, jobId, operatorAddress, linkToken };
+};