hedgequantx 2.5.24 → 2.5.25

package/README.md

@@ -6,7 +6,7 @@
 
 ### Prop Futures Algo Trading CLI
 
-*Connect to 37+ prop firms and automate your futures trading*
+*Connect to 38+ prop firms and automate your futures trading with AI supervision*
 
 [![Website](https://img.shields.io/badge/Website-hedgequantx.com-00D4AA?style=for-the-badge&logo=google-chrome&logoColor=white)](https://hedgequantx.com)
 [![npm version](https://img.shields.io/npm/v/hedgequantx?style=for-the-badge&logo=npm&logoColor=white&color=CB3837)](https://www.npmjs.com/package/hedgequantx)
@@ -21,10 +21,11 @@
 
 [![Futures](https://img.shields.io/badge/Futures-Trading-F7931A?style=flat-square&logo=bitcoin&logoColor=white)](https://hedgequantx.com)
 [![Algo](https://img.shields.io/badge/Algo-Trading-00D4AA?style=flat-square&logo=probot&logoColor=white)](https://hedgequantx.com)
-[![Prop Firms](https://img.shields.io/badge/37+-Prop%20Firms-8B5CF6?style=flat-square&logo=building&logoColor=white)](https://hedgequantx.com)
+[![AI Powered](https://img.shields.io/badge/AI-Powered-8B5CF6?style=flat-square&logo=openai&logoColor=white)](https://hedgequantx.com)
+[![Prop Firms](https://img.shields.io/badge/38+-Prop%20Firms-8B5CF6?style=flat-square&logo=building&logoColor=white)](https://hedgequantx.com)
 [![Secure](https://img.shields.io/badge/AES--256-Encrypted-EF4444?style=flat-square&logo=shield&logoColor=white)](https://hedgequantx.com)
 
-[Website](https://hedgequantx.com) | [Installation](#installation) | [Features](#features) | [Algo Trading](#algo-trading) | [Discord](https://discord.gg/UBKCERctZu)
+[Website](https://hedgequantx.com) | [Installation](#installation) | [Features](#features) | [AI Integration](#ai-integration) | [Algo Trading](#algo-trading) | [Discord](https://discord.gg/UBKCERctZu)
 
 </div>
 
@@ -34,12 +35,13 @@
 
 | Feature | Description |
 |---------|-------------|
-| **Multi-Platform** | ProjectX & Rithmic APIs |
-| **37+ Prop Firms** | TopStep, Apex, Bulenox, and more |
+| **Multi-Platform** | ProjectX, Rithmic & Tradovate APIs |
+| **38+ Prop Firms** | TopStep, Apex, Bulenox, and more |
 | **Multi-Account** | Connect multiple accounts simultaneously |
 | **Real-Time Stats** | Balance, P&L, positions, orders |
 | **Algo Trading** | One Account & Copy Trading modes |
-| **Algo Trading** | Proprietary HQX Strategy |
+| **AI Supervision** | Claude, GPT, Gemini, and 15+ providers |
+| **Claude Pro/Max OAuth** | Login with your Claude subscription |
 | **Market Hours** | Auto-blocks when market closed |
 | **Local Execution** | Direct API trading, no server needed |
 | **Secure Storage** | AES-256-GCM encrypted sessions |
@@ -95,6 +97,55 @@ hqx --version
 
 ---
 
+## AI Integration
+
+HedgeQuantX integrates with leading AI providers for intelligent trading supervision.
+
+### Supported AI Providers
+
+| Provider | Authentication | Models |
+|----------|---------------|--------|
+| **Anthropic Claude** | OAuth (Pro/Max) or API Key | Claude 4, Sonnet, Haiku, Opus |
+| **OpenAI** | API Key | GPT-4o, GPT-4, GPT-3.5 |
+| **Google Gemini** | API Key | Gemini Pro, Gemini Flash |
+| **OpenRouter** | API Key | 100+ models (unified API) |
+| **DeepSeek** | API Key | DeepSeek Chat, Coder |
+| **Groq** | API Key | Llama, Mixtral (fast inference) |
+| **xAI** | API Key | Grok |
+| **Mistral** | API Key | Mistral Large, Medium, Small |
+| **Perplexity** | API Key | Sonar models |
+| **Together AI** | API Key | Open source models |
+| **Ollama** | Local | Any local model |
+| **LM Studio** | Local | Any local model |
+
+### Claude Pro/Max OAuth Login
+
+If you have a Claude Pro or Max subscription, you can login directly without an API key:
+
+```
+1. AI Agent Menu -> [+] Add Agent
+2. Select DIRECT PROVIDERS -> CLAUDE (ANTHROPIC)
+3. Choose "CLAUDE PRO/MAX (OAUTH)"
+4. Browser opens -> Login to claude.ai
+5. Copy the authorization code
+6. Paste in terminal -> Connected!
+```
+
+Benefits:
+- No API key needed
+- Use your existing subscription
+- Unlimited usage with your plan
+- Tokens auto-refresh
+
+### AI Features
+
+- **Trading Analysis**: Real-time position and risk analysis
+- **Multi-Agent Support**: Connect multiple AI providers simultaneously
+- **Auto Token Scanner**: Detects existing AI sessions from VS Code, Cursor, Claude CLI
+- **Token Auto-Refresh**: OAuth tokens refresh automatically when expired
+
+---
+
 ## Algo Trading
 
 ### One Account Mode
@@ -107,12 +158,18 @@ Trade on a single account with HQX algo strategy.
 
 ### Copy Trading Mode
 
-Mirror trades from Lead to Follower accounts.
+Mirror trades from Lead to Follower accounts with real execution.
 
 <div align="center">
 <img src="assets/copy-trading.png" alt="HQX Copy Trading" width="800">
 </div>
 
+Features:
+- Real order execution via API
+- Position synchronization
+- Multi-account support
+- Configurable lot multiplier
+
 ---
 
 ## Supported Prop Firms
@@ -151,13 +208,27 @@ Mirror trades from Lead to Follower accounts.
 | Rate Limiting | API protection |
 | File Permissions | 0600 (owner only) |
 | Credentials | Never stored in plain text |
+| OAuth Tokens | Secure PKCE flow |
 
 ---
 
 ## Changelog
 
 <details>
-<summary><b>v1.8.x (Current)</b></summary>
+<summary><b>v2.5.x (Current)</b></summary>
+
+- **AI Integration**: Multi-provider AI supervision
+- **Claude OAuth**: Login with Pro/Max subscription (no API key needed)
+- **Token Scanner**: Auto-detect AI sessions from VS Code, Cursor, Claude CLI
+- **Real API Models**: Fetch models from provider APIs (no hardcoded lists)
+- **Copy Trading**: Real order execution via API
+- **Multi-Agent**: Connect multiple AI providers simultaneously
+- **Auto Token Refresh**: OAuth tokens refresh automatically
+
+</details>
+
+<details>
+<summary><b>v1.8.x</b></summary>
 
 - Separate UI for One Account and Copy Trading
 - Market hours validation
@@ -194,12 +265,14 @@ Mirror trades from Lead to Follower accounts.
 
 | Done | Done | Coming Soon |
 |------|------|-------------|
-| :white_check_mark: ProjectX integration | :white_check_mark: One Account mode | :hourglass: Tradovate integration |
-| :white_check_mark: Rithmic integration | :white_check_mark: Copy Trading mode | :hourglass: Telegram alerts |
-| :white_check_mark: 38+ prop firms | :white_check_mark: HQX Server | :hourglass: Multi-symbol trading |
-| :white_check_mark: Multi-account | :white_check_mark: Market hours check | :hourglass: Performance analytics |
-| :white_check_mark: Trailing SL & BE | :white_check_mark: Session summary | :hourglass: Trade journal export |
-| :white_check_mark: Encrypted sessions | :white_check_mark: Auto-update | :hourglass: Web dashboard |
+| :white_check_mark: ProjectX integration | :white_check_mark: One Account mode | :hourglass: Telegram alerts |
+| :white_check_mark: Rithmic integration | :white_check_mark: Copy Trading mode | :hourglass: Multi-symbol trading |
+| :white_check_mark: 38+ prop firms | :white_check_mark: HQX Server | :hourglass: Performance analytics |
+| :white_check_mark: Multi-account | :white_check_mark: Market hours check | :hourglass: Trade journal export |
+| :white_check_mark: Trailing SL & BE | :white_check_mark: Session summary | :hourglass: Web dashboard |
+| :white_check_mark: Encrypted sessions | :white_check_mark: Auto-update | :hourglass: Advanced AI strategies |
+| :white_check_mark: AI Integration | :white_check_mark: Claude OAuth | :hourglass: Voice commands |
+| :white_check_mark: Multi-AI Agents | :white_check_mark: Token Scanner | |
 
 ---
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "hedgequantx",
-  "version": "2.5.24",
+  "version": "2.5.25",
   "description": "HedgeQuantX - Prop Futures Trading CLI",
   "main": "src/app.js",
   "bin": {

package/src/menus/ai-agent.js

@@ -10,7 +10,6 @@ const { getLogoWidth, drawBoxHeader, drawBoxHeaderContinue, drawBoxFooter, displ
 const { prompts } = require('../utils');
 const aiService = require('../services/ai');
 const { getCategories, getProvidersByCategory } = require('../services/ai/providers');
-const tokenScanner = require('../services/ai/token-scanner');
 const oauthAnthropic = require('../services/ai/oauth-anthropic');
 
 /**
@@ -118,7 +117,7 @@ const aiAgentMenu = async () => {
   
   switch (input) {
     case '+':
-      return await showExistingTokens();
+      return await selectCategory();
     case 's':
       if (agentCount > 1) {
         return await selectActiveAgent();
@@ -367,178 +366,6 @@ const selectAgentToRemove = async () => {
   return await aiAgentMenu();
 };
 
-// Cache for scanned tokens (avoid multiple Keychain prompts)
-let cachedTokens = null;
-let cacheTimestamp = 0;
-const CACHE_TTL = 60000; // 1 minute cache
-
-/**
- * Show existing tokens found on the system
- */
-const showExistingTokens = async () => {
-  const boxWidth = getLogoWidth();
-  const W = boxWidth - 2;
-  
-  const makeLine = (content) => {
-    const plainLen = content.replace(/\x1b\[[0-9;]*m/g, '').length;
-    const padding = W - plainLen;
-    return chalk.cyan('║') + ' ' + content + ' '.repeat(Math.max(0, padding - 1)) + chalk.cyan('║');
-  };
-  
-  // Check cache first
-  const now = Date.now();
-  let tokens;
-  
-  if (cachedTokens && (now - cacheTimestamp) < CACHE_TTL) {
-    tokens = cachedTokens;
-  } else {
-    console.clear();
-    displayBanner();
-    drawBoxHeaderContinue('SCANNING FOR EXISTING SESSIONS...', boxWidth);
-    console.log(makeLine(''));
-    console.log(makeLine(chalk.gray('CHECKING VS CODE, CURSOR, CLAUDE CLI, OPENCODE...')));
-    console.log(makeLine(''));
-    drawBoxFooter(boxWidth);
-    
-    // Scan for tokens and cache
-    tokens = tokenScanner.scanAllSources();
-    cachedTokens = tokens;
-    cacheTimestamp = now;
-  }
-  
-  if (tokens.length === 0) {
-    // No tokens found, go directly to category selection
-    return await selectCategory();
-  }
-  
-  // Show found tokens
-  console.clear();
-  displayBanner();
-  drawBoxHeaderContinue('EXISTING SESSIONS FOUND', boxWidth);
-  
-  console.log(makeLine(chalk.green(`FOUND ${tokens.length} EXISTING SESSION(S)`)));
-  console.log(makeLine(''));
-  
-  const formatted = tokenScanner.formatResults(tokens);
-  
-  for (const t of formatted) {
-    const providerColor = t.provider.includes('CLAUDE') ? chalk.magenta : 
-                          t.provider.includes('OPENAI') ? chalk.green :
-                          t.provider.includes('OPENROUTER') ? chalk.yellow : chalk.cyan;
-    
-    console.log(makeLine(
-      chalk.white(`[${t.index}] `) + 
-      providerColor(t.provider) + 
-      chalk.gray(` (${t.type})`)
-    ));
-    console.log(makeLine(
-      chalk.gray(`    ${t.icon} ${t.source} - ${t.lastUsed}`)
-    ));
-    console.log(makeLine(
-      chalk.gray(`    TOKEN: ${t.tokenPreview}`)
-    ));
-    console.log(makeLine(''));
-  }
-  
-  console.log(chalk.cyan('╠' + '═'.repeat(W) + '╣'));
-  console.log(makeLine(chalk.cyan('[N] CONNECT NEW PROVIDER')));
-  console.log(makeLine(chalk.gray('[<] BACK')));
-  
-  drawBoxFooter(boxWidth);
-  
-  const choice = await prompts.textInput(chalk.cyan('SELECT (1-' + tokens.length + '/N/<):'));
-  
-  if (choice === '<' || choice?.toLowerCase() === 'b') {
-    return await aiAgentMenu();
-  }
-  
-  if (choice?.toLowerCase() === 'n') {
-    return await selectCategory();
-  }
-  
-  const index = parseInt(choice) - 1;
-  if (isNaN(index) || index < 0 || index >= tokens.length) {
-    return await showExistingTokens();
-  }
-  
-  // Use selected token
-  const selectedToken = tokens[index];
-  
-  const spinner = ora({ text: 'VALIDATING TOKEN...', color: 'cyan' }).start();
-  
-  try {
-    // Validate the token - include metadata from scanner
-    const credentials = { 
-      apiKey: selectedToken.token,
-      sessionKey: selectedToken.token,
-      accessToken: selectedToken.token,
-      fromKeychain: selectedToken.sourceId === 'secureStorage' || selectedToken.sourceId === 'keychain',
-      subscriptionType: selectedToken.subscriptionType,
-      refreshToken: selectedToken.refreshToken,
-      expiresAt: selectedToken.expiresAt
-    };
-    const validation = await aiService.validateConnection(selectedToken.provider, selectedToken.type, credentials);
-    
-    if (!validation.valid) {
-      spinner.fail(`TOKEN INVALID OR EXPIRED: ${validation.error}`);
-      await prompts.waitForEnter();
-      return await showExistingTokens();
-    }
-    
-    // Get provider info
-    const { getProvider } = require('../services/ai/providers');
-    const provider = getProvider(selectedToken.provider);
-    
-    if (!provider) {
-      spinner.fail('PROVIDER NOT SUPPORTED');
-      await prompts.waitForEnter();
-      return await showExistingTokens();
-    }
-    
-    spinner.text = 'FETCHING AVAILABLE MODELS...';
-    
-    // Fetch models from API with the token
-    const { fetchAnthropicModels, fetchOpenAIModels } = require('../services/ai/client');
-    
-    let models = null;
-    if (selectedToken.provider === 'anthropic') {
-      models = await fetchAnthropicModels(credentials.apiKey);
-    } else {
-      models = await fetchOpenAIModels(provider.endpoint, credentials.apiKey);
-    }
-    
-    if (!models || models.length === 0) {
-      spinner.fail('COULD NOT FETCH MODELS FROM API');
-      await prompts.waitForEnter();
-      return await showExistingTokens();
-    }
-    
-    spinner.succeed(`FOUND ${models.length} MODELS`);
-    
-    // Let user select model
-    const selectedModel = await selectModelFromList(models, provider.name);
-    if (!selectedModel) {
-      return await showExistingTokens();
-    }
-    
-    // Add agent with selected model
-    const agentName = `${provider.name} (${selectedToken.source})`;
-    await aiService.addAgent(selectedToken.provider, 'api_key', credentials, selectedModel, agentName);
-    
-    console.log(chalk.green(`\n  AGENT ADDED: ${provider.name}`));
-    console.log(chalk.gray(`  SOURCE: ${selectedToken.source}`));
-    console.log(chalk.gray(`  MODEL: ${selectedModel}`));
-    
-    await prompts.waitForEnter();
-    return await aiAgentMenu();
-    
-  } catch (error) {
-    spinner.fail(`CONNECTION FAILED: ${error.message}`);
-    await prompts.waitForEnter();
-    return await showExistingTokens();
-  }
-};
-
 /**
  * Select provider category
  */
@@ -937,16 +764,18 @@ const setupOAuthConnection = async (provider) => {
     spinner.succeed(`FOUND ${models.length} MODELS`);
   }
   
+  if (!models || models.length === 0) {
+    spinner.fail('COULD NOT FETCH MODELS FROM API');
+    console.log(chalk.gray('  OAuth authentication may not support model listing.'));
+    console.log(chalk.gray('  Please use API KEY authentication instead.'));
+    await prompts.waitForEnter();
+    return await selectProviderOption(provider);
+  }
+  
+  spinner.succeed(`FOUND ${models.length} MODELS`);
+  
   // Let user select model
-  const availableModels = models && models.length > 0 ? models : [
-    'claude-sonnet-4-20250514',
-    'claude-sonnet-4-5-20250514',
-    'claude-3-5-sonnet-20241022',
-    'claude-3-5-haiku-20241022',
-    'claude-3-opus-20240229'
-  ];
-  
-  const selectedModel = await selectModelFromList(availableModels, 'CLAUDE PRO/MAX');
+  const selectedModel = await selectModelFromList(models, 'CLAUDE PRO/MAX');
   if (!selectedModel) {
     return await selectProviderOption(provider);
   }
@@ -1173,13 +1002,24 @@ const selectModel = async (agent) => {
   drawBoxFooter(boxWidth);
   
   // Fetch models from real API
-  const { fetchAnthropicModels, fetchOpenAIModels } = require('../services/ai/client');
+  const { fetchAnthropicModels, fetchAnthropicModelsOAuth, fetchOpenAIModels } = require('../services/ai/client');
   
   let models = null;
   const agentCredentials = aiService.getAgentCredentials(agent.id);
   
   if (agent.providerId === 'anthropic') {
-    models = await fetchAnthropicModels(agentCredentials?.apiKey);
+    // Check if OAuth credentials or OAuth-like token (sk-ant-oat...)
+    const token = agentCredentials?.apiKey || agentCredentials?.accessToken || agentCredentials?.sessionKey;
+    const isOAuthToken = agentCredentials?.oauth?.access || (token && token.startsWith('sk-ant-oat'));
+    
+    if (isOAuthToken) {
+      // Use OAuth endpoint with Bearer token
+      const accessToken = agentCredentials?.oauth?.access || token;
+      models = await fetchAnthropicModelsOAuth(accessToken);
+    } else {
+      // Standard API key
+      models = await fetchAnthropicModels(token);
+    }
   } else {
     // OpenAI-compatible providers
     const endpoint = agentCredentials?.endpoint || agent.provider?.endpoint;

package/src/services/ai/client.js

@@ -357,11 +357,12 @@ const fetchAnthropicModelsOAuth = async (accessToken) => {
   try {
     const response = await makeRequest(url, { method: 'GET', headers, timeout: 10000 });
     if (response.data && Array.isArray(response.data)) {
-      return response.data.map(m => m.id).filter(Boolean);
+      const models = response.data.map(m => m.id).filter(Boolean);
+      if (models.length > 0) return models;
     }
     return null;
   } catch (error) {
-    // OAuth may not support /models endpoint, return null to use defaults
+    // OAuth token may not support /models endpoint
     return null;
   }
 };

package/src/services/ai/index.js

@@ -374,58 +374,28 @@ const validateConnection = async (providerId, optionId, credentials) => {
 const validateAnthropic = async (credentials) => {
   try {
     const token = credentials.apiKey || credentials.sessionKey || credentials.accessToken;
+    if (!token) return { valid: false, error: 'No API key provided' };
     
-    // Check if it's an OAuth token (sk-ant-oat...) vs API key (sk-ant-api...)
-    const isOAuthToken = token && token.startsWith('sk-ant-oat');
-    
-    if (isOAuthToken) {
-      // OAuth tokens (from Claude Max/Pro subscription) cannot be validated via public API
-      // They use a different authentication flow through claude.ai
-      // Trust them if they have the correct format (sk-ant-oatXX-...)
-      if (token.length > 50 && /^sk-ant-oat\d{2}-[a-zA-Z0-9_-]+$/.test(token)) {
-        return { 
-          valid: true, 
-          tokenType: 'oauth', 
-          subscriptionType: credentials.subscriptionType || 'max',
-          trusted: credentials.fromKeychain || false
-        };
-      }
-      
-      return { valid: false, error: 'Invalid OAuth token format' };
-    }
-    
-    // Standard API key validation (sk-ant-api...)
-    const response = await fetch('https://api.anthropic.com/v1/messages', {
-      method: 'POST',
+    // Validate by fetching models from API - this proves the token works
+    const response = await fetch('https://api.anthropic.com/v1/models', {
+      method: 'GET',
       headers: {
-        'Content-Type': 'application/json',
         'x-api-key': token,
         'anthropic-version': '2023-06-01'
-      },
-      body: JSON.stringify({
-        model: 'claude-sonnet-4-5-20250929',
-        max_tokens: 10,
-        messages: [{ role: 'user', content: 'Hi' }]
-      })
+      }
     });
     
     if (response.ok) {
-      return { valid: true, tokenType: 'api_key' };
+      const data = await response.json();
+      if (data.data && Array.isArray(data.data) && data.data.length > 0) {
+        return { valid: true, tokenType: 'api_key' };
+      }
+      return { valid: false, error: 'API returned no models' };
     }
     
     const error = await response.json();
     return { valid: false, error: error.error?.message || 'Invalid API key' };
   } catch (e) {
-    // Network error - if it's an OAuth token, still accept it (can't validate anyway)
-    const token = credentials.apiKey || credentials.sessionKey || credentials.accessToken;
-    if (token && token.startsWith('sk-ant-oat') && token.length > 50) {
-      return { 
-        valid: true, 
-        tokenType: 'oauth', 
-        subscriptionType: credentials.subscriptionType || 'max',
-        warning: 'Could not validate online (network error), but token format is valid'
-      };
-    }
     return { valid: false, error: e.message };
   }
 };

package/src/services/ai/providers/index.js

@@ -10,17 +10,8 @@ const PROVIDERS = {
     name: 'OPENROUTER (RECOMMENDED)',
     description: '1 API key for 100+ models',
     category: 'unified',
-    models: [
-      'anthropic/claude-sonnet-4',
-      'anthropic/claude-3-opus',
-      'openai/gpt-4o',
-      'openai/gpt-4-turbo',
-      'google/gemini-pro-1.5',
-      'meta-llama/llama-3-70b',
-      'mistralai/mistral-large',
-      'deepseek/deepseek-chat'
-    ],
-    defaultModel: 'anthropic/claude-sonnet-4',
+    models: [], // Fetched from API at runtime
+    defaultModel: null, // Will use first model from API
     options: [
       {
         id: 'api_key',